imfreedom/k8s-cluster

Add a new deployment for moving the imf wiki to mkdocs

2022-04-10, Gary Kramlich
fc71e853c3aa
Add a new deployment for moving the imf wiki to mkdocs
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: d-pidgin-im-redirect
spec:
redirectRegex:
regex: ^https?:\/\/[^\/]+(.*)$
replacement: https://developer.pidgin.im${1}
permanent: true
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: developer-pidgin-im-http
spec:
entryPoints:
- http
routes:
- match: Host(`developer.pidgin.im`)
kind: Rule
services:
- name: trac-app
port: 80
middlewares:
- name: https-redirect
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: developer-pidgin-im
spec:
entryPoints:
- https
routes:
- match: Host(`developer.pidgin.im`)
kind: Rule
services:
- name: trac-app
port: 80
middlewares:
- name: common-headers
- name: hsts-headers
tls:
secretName: developer-pidgin-im-tls
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: d-pidgin-im-http
spec:
entryPoints:
- http
routes:
- match: Host(`d.pidgin.im`)
kind: Rule
services:
- name: trac-app
port: 80
middlewares:
- name: d-pidgin-im-redirect
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: d-pidgin-im
spec:
entryPoints:
- https
routes:
- match: Host(`d.pidgin.im`)
kind: Rule
services:
- name: trac-app
port: 80
middlewares:
- name: common-headers
- name: hsts-headers
- name: d-pidgin-im-redirect
tls:
secretName: developer-pidgin-im-tls
---
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: developer-pidgin-im
spec:
secretName: developer-pidgin-im-tls
issuerRef:
name: letsencrypt
commonName: developer.pidgin.im
dnsNames:
- developer.pidgin.im
- d.pidgin.im
---
apiVersion: v1
kind: Service
metadata:
name: trac-app
spec:
ports:
- port: 80
protocol: TCP
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: trac-app
spec:
replicas: 1
revisionHistoryLimit: 0
selector:
matchLabels:
app: trac
role: app
strategy:
type: Recreate
template:
metadata:
labels:
app: trac
role: app
spec:
initContainers:
- name: bootstrap
image: docker.io/rwgrim/trac-bootstrap:latest
imagePullPolicy: Always
env:
- name: DESTINATION
valueFrom:
secretKeyRef:
name: trac-env
key: destination
- name: GID
valueFrom:
secretKeyRef:
name: trac-env
key: gid
- name: S3_ACCESS_KEY
valueFrom:
secretKeyRef:
name: trac-env
key: s3_access_key
- name: S3_KEY
valueFrom:
secretKeyRef:
name: trac-env
key: s3_key
- name: S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: trac-env
key: s3_secret_key
- name: S3_URL
valueFrom:
secretKeyRef:
name: trac-env
key: s3_url
- name: TAR_ARGS
value: -J
- name: UID
valueFrom:
secretKeyRef:
name: trac-env
key: uid
volumeMounts:
- mountPath: /srv
name: trac-trac
readOnly: false
subPath: trac
containers:
- name: trac
image: docker.io/rwgrim/apache2-trac:latest
imagePullPolicy: Always
env:
resources:
limits:
cpu: 750m
memory: 256Mi
requests:
cpu: 500m
memory: 128Mi
ports:
- containerPort: 5432
volumeMounts:
- mountPath: /srv
name: trac-trac
readOnly: false
subPath: trac
- mountPath: /srv/trac/conf
name: trac-conf
readOnly: true
- mountPath: /srv/trac/log
name: trac-log
readOnly: false
- mountPath: /etc/apache2/sites-enabled/
name: trac-apache2-sites-enabled
readOnly: true
volumes:
- name: trac-trac
persistentVolumeClaim:
claimName: trac-trac
- name: trac-conf
secret:
secretName: trac-conf
- name: trac-apache2-sites-enabled
configMap:
name: trac-apache2-sites-enabled
- name: trac-log
emptyDir: {}
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: trac-trac
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
---
apiVersion: gemini.fairwinds.com/v1beta1
kind: SnapshotGroup
metadata:
name: trac-trac
spec:
persistentVolumeClaim:
claimName: trac-app
schedule:
- every: day
keep: 0
---