imfreedom/k8s-cluster
update a ton of stuff to the new traefik ingress controller as well as the new roost namespace
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/40-roost-middleware.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -0,0 +1,13 @@
+# This file contains common traefik middleware for the roost namespace. +apiVersion: traefik.containo.us/v1alpha1 + X-Frame-Options: SAMEORIGIN --- a/50-carrier.pidgin.im.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-carrier.pidgin.im.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,26 +1,36 @@
# carrier is a simple web app that handles web hooks for us and acts on them.
-apiVersion: extensions/v1beta1
+apiVersion: traefik.containo.us/v1alpha1 + - match: Host(`carrier.pidgin.im`) + secretName: carrier-tls +apiVersion: cert-manager.io/v1alpha2
- cert-manager.io/issuer: letsencrypt
- - host: carrier.pidgin.im
- secretName: carrier-tls
+ secretName: carrier-tls + commonName: carrier.pidgin.im @@ -54,7 +64,7 @@
--- a/50-docs.pidgin.im.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-docs.pidgin.im.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,57 +1,94 @@
# this manifest contains an ingress that does path based matching to route to
# individual services that are runnings the docs via a simple http server.
-apiVersion: extensions/v1beta1
+apiVersion: traefik.containo.us/v1alpha1 + name: docs-strip-prefix +apiVersion: traefik.containo.us/v1alpha1 + - match: Host(`docs.pidgin.im`) && PathPrefix(`/pidgin/2.x.y`) + - name: docs-pidgin-2-x-y + - name: docs-strip-prefix + - match: Host(`docs.pidgin.im`) && PathPrefix(`/gplugin/latest`) + - name: docs-gplugin-latest + - name: docs-strip-prefix + - match: Host(`docs.pidgin.im`) && PathPrefix(`/gplugin-gtk/latest`) + - name: docs-gplugin-gtk-latest + - name: docs-strip-prefix + - match: Host(`docs.pidgin.im`) && PathPrefix(`/libgnt/latest`) + - name: docs-libgnt-latest + - name: docs-strip-prefix + - match: Host(`docs.pidgin.im`) && PathPrefix(`/libgnt/next`) + - name: docs-libgnt-next + - name: docs-strip-prefix + - match: Host(`docs.pidgin.im`) && PathPrefix(`/talkatu/latest`) + - name: docs-talkatu-latest + - name: docs-strip-prefix +apiVersion: cert-manager.io/v1alpha2
- cert-manager.io/issuer: letsencrypt
- nginx.ingress.kubernetes.io/rewrite-target: /$2
- nginx.ingress.kubernetes.io/configuration-snippet: |
- more_set_headers "X-Frame-Options: SAMEORIGIN";
- rewrite ^(/gplugin/latest)$ $1/ redirect;
- rewrite ^(/gplugin-gtk/latest)$ $1/ redirect;
- rewrite ^(/libgnt/latest)$ $1/ redirect;
- rewrite ^(/libgnt/next)$ $1/ redirect;
- rewrite ^(/pidgin/2.x.y)$ $1/ redirect;
- rewrite ^(/talkatu/latest)$ $1/ redirect;
- serviceName: docs-gplugin-latest
- path: /gplugin/latest(/|$)(.*)
- serviceName: docs-gplugin-gtk-latest
- path: /gplugin-gtk/latest(/|$)(.*)
- serviceName: docs-libgnt-latest
- path: /libgnt/latest(/|$)(.*)
- serviceName: docs-libgnt-next
- path: /libgnt/next(/|$)(.*)
- serviceName: docs-pidgin-2-x-y
- path: /pidgin/2.x.y(/|$)(.*)
- serviceName: docs-talkatu-latest
- path: /talkatu/latest(/|$)(.*)
+ commonName: docs.pidgin.im @@ -89,7 +126,7 @@
@@ -181,7 +218,7 @@
@@ -273,7 +310,7 @@
@@ -365,7 +402,7 @@
@@ -457,7 +494,7 @@
@@ -549,7 +586,7 @@
--- a/50-gaim.pidgin.im.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-gaim.pidgin.im.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,28 +1,35 @@
-apiVersion: extensions/v1beta1
+apiVersion: traefik.containo.us/v1alpha1 + - match: Host(`gaim.pidgin.im`) +apiVersion: cert-manager.io/v1alpha2
- cert-manager.io/issuer: letsencrypt
- nginx.ingress.kubernetes.io/configuration-snippet: |
- more_set_headers "X-Frame-Options: SAMEORIGIN";
+ commonName: gaim.pidgin.im @@ -56,7 +63,7 @@
--- a/50-imfreedom.org.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-imfreedom.org.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,84 +1,74 @@
-apiVersion: extensions/v1beta1
+apiVersion: traefik.containo.us/v1alpha1
- cert-manager.io/issuer: letsencrypt
- nginx.ingress.kubernetes.io/configuration-snippet: |
- more_set_headers "X-Frame-Options: SAMEORIGIN";
- - host: www.imfreedom.org
- - host: xmpp.imfreedom.org
- - host: conference.imfreedom.org
+ - match: Host(`imfreedom.org`) || Host(`www.imfreedom.org`) + - match: Host(`xmpp.imfreedom.org`) || Host(`conference.imfreedom.org`)
- - conference.imfreedom.org
+ secretName: imfreedom-tls +apiVersion: cert-manager.io/v1alpha2 + secretName: imfreedom-tls + commonName: imfreedom.org + - conference.imfreedom.org
@@ -89,11 +79,11 @@
topologyKey: failure-domain.beta.kubernetes.io/region
image: imfreedom/www:latest
--- a/50-keep.imfreedom.org.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-keep.imfreedom.org.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,33 +1,55 @@
-apiVersion: extensions/v1beta1
+apiVersion: traefik.containo.us/v1alpha1
- cert-manager.io/issuer: letsencrypt
- nginx.ingress.kubernetes.io/configuration-snippet: |
- more_set_headers "X-Frame-Options: SAMEORIGIN";
+apiVersion: traefik.containo.us/v1alpha1
- - host: keep.imfreedom.org
+ - match: Host(`keep.imfreedom.org`)
+apiVersion: cert-manager.io/v1alpha2 + commonName: keep.imfreedom.org
@@ -41,7 +63,7 @@
@@ -56,7 +78,7 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP/mCAuMfKq4ukgGufiERyddsPIj2/KNXzB+gDTjHBGl grim@spectre
@@ -64,7 +86,7 @@
apiVersion: networking.k8s.io/v1
@@ -79,7 +101,7 @@
@@ -90,7 +112,7 @@
@@ -178,7 +200,7 @@
kind: PersistentVolumeClaim
@@ -188,4 +210,5 @@
+ volumeName: pvc-fdabb9b0-68d2-4c13-9d6f-6a6dbcd34a38 --- a/50-nest.pidgin.im.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-nest.pidgin.im.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,3 +1,48 @@
+apiVersion: traefik.containo.us/v1alpha1 + regex: ^https?:\/\/[^\/]+(\/.+)? + replacement: https://pidgin.im${1} +apiVersion: traefik.containo.us/v1alpha1 + - match: Host(`nest.pidgin.im`) || Host(`pidg.in`) || Host(`www.pidg.in`) + secretName: nest-redirects-tls +apiVersion: cert-manager.io/v1alpha2 + name: nest-redirects-tls + secretName: nest-redirects-tls apiVersion: extensions/v1beta1
@@ -51,29 +96,6 @@
-apiVersion: extensions/v1beta1
- cert-manager.io/issuer: letsencrypt
- nginx.ingress.kubernetes.io/server-snippet: |
- return 301 https://pidgin.im$request_uri;
- secretName: nest-redirects-tls
----
@@ -106,7 +128,7 @@
@@ -188,7 +210,7 @@
--- a/50-xmpp.imfreedom.org.yaml Tue Feb 11 03:34:52 2020 -0600
+++ b/50-xmpp.imfreedom.org.yaml Tue Feb 11 03:35:54 2020 -0600
@@ -1,10 +1,40 @@
# Prosody is an xmpp server. This manifest creates a deployment for it. It
# handles virtualhosts for adium.im, imfreedom.org, as well as pidgin.im.
+apiVersion: traefik.containo.us/v1alpha1 +apiVersion: traefik.containo.us/v1alpha1
@@ -30,7 +60,7 @@
apiVersion: networking.k8s.io/v1
@@ -47,7 +77,7 @@
@@ -72,7 +102,7 @@
VirtualHost "imfreedom.org"
@@ -132,7 +162,7 @@
@@ -185,7 +215,7 @@
- mountPath: /etc/prosody/certs/imfreedom/
@@ -200,14 +230,14 @@
+ secretName: imfreedom-tls kind: PersistentVolumeClaim
@@ -218,11 +248,12 @@
+ volumeName: pvc-415a206e-5484-4cf0-a655-908d18339f62 apiVersion: monitoring.coreos.com/v1