Working Base Config for Taiga #1
9 changed files with 162 additions and 0 deletions
18
src/main/resources/taiga/ingress/certificate.yaml
Normal file
18
src/main/resources/taiga/ingress/certificate.yaml
Normal file
|
@ -0,0 +1,18 @@
|
|||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: c4k-common-cert
|
||||
labels:
|
||||
app.kubernetes.part-of: c4k-common-app
|
||||
namespace: default
|
||||
spec:
|
||||
secretName: c4k-common-cert
|
||||
commonName: FQDN
|
||||
duration: 2160h # 90d
|
||||
renewBefore: 720h # 30d
|
||||
dnsNames:
|
||||
- FQDN
|
||||
issuerRef:
|
||||
name: staging
|
||||
kind: ClusterIssuer
|
||||
|
10
src/main/resources/taiga/ingress/host-rule.yaml
Normal file
10
src/main/resources/taiga/ingress/host-rule.yaml
Normal file
|
@ -0,0 +1,10 @@
|
|||
host: FQDN
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: SERVICE_NAME
|
||||
port:
|
||||
number: SERVICE_PORT
|
27
src/main/resources/taiga/ingress/ingress.yaml
Normal file
27
src/main/resources/taiga/ingress/ingress.yaml
Normal file
|
@ -0,0 +1,27 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: c4k-common-https-ingress
|
||||
namespace: default
|
||||
labels:
|
||||
app.kubernetes.part-of: c4k-common-app
|
||||
annotations:
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: web, websecure
|
||||
traefik.ingress.kubernetes.io/router.middlewares: default-redirect-https@kubernetescrd
|
||||
metallb.universe.tf/address-pool: public
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- FQDN
|
||||
secretName: c4k-common-cert
|
||||
rules:
|
||||
- host: FQDN
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: SERVICE_NAME
|
||||
port:
|
||||
number: 80
|
12
src/main/resources/taiga/postgres/config-8gb.yaml
Normal file
12
src/main/resources/taiga/postgres/config-8gb.yaml
Normal file
|
@ -0,0 +1,12 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: postgres-config
|
||||
labels:
|
||||
app: postgres
|
||||
data:
|
||||
postgres-db: postgres
|
||||
postgresql.conf: |
|
||||
max_connections = 700
|
||||
work_mem = 3MB
|
||||
shared_buffers = 2048MB
|
51
src/main/resources/taiga/postgres/deployment.yaml
Normal file
51
src/main/resources/taiga/postgres/deployment.yaml
Normal file
|
@ -0,0 +1,51 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: postgresql
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: postgresql
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: postgresql
|
||||
spec:
|
||||
containers:
|
||||
- image: postgres
|
||||
name: postgresql
|
||||
env:
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-user
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-password
|
||||
- name: POSTGRES_DB
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: postgres-config
|
||||
key: postgres-db
|
||||
ports:
|
||||
- containerPort: 5432
|
||||
name: postgresql
|
||||
volumeMounts:
|
||||
- name: postgres-config-volume
|
||||
mountPath: /etc/postgresql/postgresql.conf
|
||||
subPath: postgresql.conf
|
||||
readOnly: true
|
||||
- name: postgre-data-volume
|
||||
mountPath: /var/lib/postgresql/data
|
||||
volumes:
|
||||
- name: postgres-config-volume
|
||||
configMap:
|
||||
name: postgres-config
|
||||
- name: postgre-data-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: postgres-claim
|
14
src/main/resources/taiga/postgres/persistent-volume.yaml
Normal file
14
src/main/resources/taiga/postgres/persistent-volume.yaml
Normal file
|
@ -0,0 +1,14 @@
|
|||
kind: PersistentVolume
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: postgres-pv-volume
|
||||
labels:
|
||||
type: local
|
||||
spec:
|
||||
storageClassName: manual
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
hostPath:
|
||||
path: "/var/postgres"
|
13
src/main/resources/taiga/postgres/pvc.yaml
Normal file
13
src/main/resources/taiga/postgres/pvc.yaml
Normal file
|
@ -0,0 +1,13 @@
|
|||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: postgres-claim
|
||||
labels:
|
||||
app: postgres
|
||||
spec:
|
||||
storageClassName: REPLACEME
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: REPLACEME
|
8
src/main/resources/taiga/postgres/secret.yaml
Normal file
8
src/main/resources/taiga/postgres/secret.yaml
Normal file
|
@ -0,0 +1,8 @@
|
|||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: postgres-secret
|
||||
type: Opaque
|
||||
data:
|
||||
postgres-user: "psql-user"
|
||||
postgres-password: "psql-pw"
|
9
src/main/resources/taiga/postgres/service.yaml
Normal file
9
src/main/resources/taiga/postgres/service.yaml
Normal file
|
@ -0,0 +1,9 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: postgresql-service
|
||||
spec:
|
||||
selector:
|
||||
app: postgresql
|
||||
ports:
|
||||
- port: 5432
|
Loading…
Reference in a new issue