badhouseplants/badhouseplants-net-old
Archived
4
0
Fork 0
Code Issues 7 Pull Requests 2 Actions Packages Projects Releases Activity

Start using ingress instead of virtual service

Browse Source
This commit is contained in:
Nikolai Rodionov
2024-05-27 09:34:42 +02:00
parent 76c4f57845
commit 5414085273
6 changed files with 183 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
.woodpecker.yml Normal file
View File

@@ -0,0 +1,93 @@
---
when:
event:
- push
steps:
- image: alpine/helm
name: Publish the Helm chart
commands:
- helm plugin install https://github.com/chartmuseum/helm-push
- helm package chart -d chart-package
- helm repo add --username allanger --password $GITEA_TOKEN badhouseplants-net https://git.badhouseplants.net/api/packages/badhouseplants/helm
- helm cm-push "./chart-package/$(ls chart-package)" badhouseplants-net
secrets:
- gitea_token
- name: Test a build
image: git.badhouseplants.net/badhouseplants/hugo-container
commands:
- hugo -s ./src
- name: Build and push the docker image
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
privileged: true
depends_on:
- Test a build
secrets:
- gitea_token
environment:
BUILDER_COMMIT: 2449b73b13a62ae916c6703778d096e5290157b3
commands:
- rm -rf $DRONE_WORKSPACE/src/assets/
- ./scripts/build-container.pl
backend_options:
kubernetes:
resources:
requests:
memory: 500Mi
cpu: 200m
limits:
memory: 1000Mi
cpu: 1000m
securityContext:
privileged: true
- name: Sync pictures from lfs to Minio
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
depends_on:
- Test a build
secrets:
- rclone_config_content
environment:
RCLONE_CONFIG: /tmp/rclone.conf
commands:
- echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG
- ./scripts/upload-media.pl
- name: Deploy the application
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
depends_on:
- Build and push the docker image
- Sync pictures from lfs to Minio
secrets:
- gitea_token
- argocd_auth_token
- argo_github_oauth_key
- argo_google_oauth_key
environment:
ARGOCD_SERVER: argo.badhouseplants.net:443
commands:
- ./scripts/deploy-app.pl
- name: Cleanup everything
image: git.badhouseplants.net/badhouseplants/badhouseplants-builder:9665015b44590b7ce2139f7acbad23af6628fff3
depends_on:
- Deploy the application
secrets:
- gitea_token
- argocd_auth_token
- rclone_config_content
environment:
ARGOCD_SERVER: argo.badhouseplants.net:443
RCLONE_CONFIG: /tmp/rclone.conf
commands:
- echo "$RCLONE_CONFIG_CONTENT" > $RCLONE_CONFIG
- ./scripts/cleanup.pl
- name: Spell-Checker
failure: ignore
image: node
commands:
- npm i markdown-spellcheck -g
- mdspell "src/content/**/*.md" -n -r

4
chart/Chart.yaml
View File

@@ -2,10 +2,10 @@ apiVersion: v2
name: badhouseplants-net
description: A Helm chart for Kubernetes
type: application
version: 0.8.6
version: 0.9.0
appVersion: "4.20.0"
dependencies:
- name: remark42
version: 0.5.5
version: 0.7.0
repository: https://groundhog2k.github.io/helm-charts/
condition: remark42.enabled

57
chart/templates/virtual-service.yaml
View File

@@ -1,57 +0,0 @@
{{- if .Values.istio.enabled -}}
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: {{ include "badhouseplants-net.fullname" . }}
labels:
{{- include "badhouseplants-net.labels" . | nindent 4 }}
{{- with .Values.istio.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
gateways:
- istio-system/badhouseplants-net
hosts:
{{- range .Values.istio.hosts}}
- {{ . }}
{{- end }}
http:
- match:
- uri:
prefix: {{ .Values.istio.prefix }}
route:
- destination:
host: {{ include "badhouseplants-net.fullname" . }}
port:
number: {{ .Values.service.port }}
{{- end }}
---
{{- if .Values.remark42.istio.enabled -}}
apiVersion: networking.istio.io/v1beta1
kind: VirtualService
metadata:
name: {{ include "remark42.fullname" . }}-remark42
labels:
{{- include "badhouseplants-net.labels" . | nindent 4 }}
{{- with .Values.remark42.istio.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
gateways:
- istio-system/badhouseplants-net
hosts:
{{- range .Values.remark42.istio.hosts}}
- {{ . }}
{{- end }}
http:
- match:
- uri:
prefix: {{ .Values.remark42.istio.prefix }}
route:
- destination:
host: {{ .Release.Name }}-remark42
port:
number: {{ .Values.remark42.service.port }}
{{- end }}

8
chart/values.yaml
View File

@@ -39,14 +39,6 @@ hugo:
env:
HUGO_PARAMS_GITBRANCH: main
istio:
annotations: {}
enabled: true
hosts:
- badhouseplants.net
- www.badhouseplants.net
prefix: /
volumes:
# ----------------------------------------------
# -- An emptydir volume where hugo should

48
kube/values-main.yaml
View File

@@ -5,11 +5,33 @@ values: |
tag: $ARGO_APP_IMAGE_TAG
env:
HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG
istio:
ingress:
enabled: true
className: ~
annotations:
kubernetes.io/ingress.class: traefik
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
link.argocd.argoproj.io/env: https://badhouseplants.net/
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web
pathtype: ImplementationSpecific
hosts:
- host: badhouseplants.net
paths:
- path: /
pathType: ImplementationSpecific
- host: www.badhouseplants.net
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: badhp-tls
hosts:
- badhouseplants.net
- www.badhouseplants.net
remark42:
settings:
secret: $ARGO_REMARK_SECRET
@@ -26,3 +48,25 @@ values: |
secret: $ARGO_GOOGLE_OAUTH_KEY
storage:
requestedSize: 300Mi
ingress:
enabled: true
className: ~
annotations:
kubernetes.io/ingress.class: traefik
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
link.argocd.argoproj.io/remark42: https://remark42.badhouseplants.net/web
## Hosts
hosts:
- host: remark42.badhouseplants.net
paths:
- path: /
pathType: ImplementationSpecific
tls:
secretName: chart-example-tls
hosts:
- remark42.badhouseplants.net

49
kube/values-preview.yaml
View File

@@ -1,12 +1,27 @@
---
values: |
istio:
ingress:
enabled: true
className: ~
annotations:
kubernetes.io/ingress.class: traefik
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
link.argocd.argoproj.io/env: https://$ARGO_APP_HOSTNAME/
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
pathtype: ImplementationSpecific
hosts:
- host: $ARGO_APP_HOSTNAME
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: badhp-$ARGO_APP_BRANCH-tls
hosts:
- $ARGO_APP_HOSTNAME
annotations:
link.argocd.argoproj.io/env: https://$ARGO_APP_HOSTNAME/
link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/web
link.argocd.argoproj.io/build: $DRONE_BUILD_LINK
hugo:
image:
tag: $ARGO_APP_IMAGE_TAG
@@ -17,13 +32,31 @@ values: |
HUGO_PARAMS_COMMENTS_REMARK42_HOST: https://remark42-$ARGO_APP_HOSTNAME
HUGO_PARAMS_GITCOMMIT: $ARGO_APP_IMAGE_TAG
remark42:
istio:
hosts:
- remark42-$ARGO_APP_HOSTNAME
settings:
url: https://remark42-$ARGO_APP_HOSTNAME/
auth:
anonymous: true
secretKey: $ARGO_REMARK_SECRET
ingress:
enabled: true
className: ~
annotations:
kubernetes.io/ingress.class: traefik
kubernetes.io/tls-acme: "true"
kubernetes.io/ingress.allow-http: "false"
kubernetes.io/ingress.global-static-ip-name: ""
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
link.argocd.argoproj.io/remark42: https://remark42-$ARGO_APP_HOSTNAME/
## Hosts
hosts:
- host: remark42.badhouseplants.net
paths:
- path: /
pathType: ImplementationSpecific
tls:
secretName: remark-$ARGO_APP_BRANCH-tls
hosts:
- remark42-$ARGO_APP_HOSTNAME
rclone:
command: 'rclone copy -P badhouseplants-public:/badhouseplants-net/$ARGO_APP_IMAGE_TAG /static'