#SPDX-License-Identifier: MIT-0 --- # tasks file for ansible-role-mediawiki - name: namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: "{{ mediawiki_namespace }}" - name: configmap for settings when: mediawiki_deploy_localsettings k8s: state: present definition: apiVersion: v1 kind: ConfigMap metadata: name: config namespace: "{{ mediawiki_namespace }}" data: LocalSettings.php: "{{ lookup('file', 'LocalSettings.php') }}" - name: configmap for logo when: mediawiki_deploy_localsettings k8s: state: present definition: apiVersion: v1 kind: ConfigMap metadata: name: logo namespace: "{{ mediawiki_namespace }}" data: logo.svg: "{{ lookup('file', 'logo.svg') }}" - name: pvc for mediawiki archive k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: archive namespace: "{{ mediawiki_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ mediawiki_pvc_size_archive }}" - name: pvc for mediawiki data k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data namespace: "{{ mediawiki_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ mediawiki_pvc_size_data }}" - name: pvc for mariadb k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: db namespace: "{{ mediawiki_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ mediawiki_pvc_size_db }}" - name: deployment for mariadb k8s: definition: apiVersion: v1 kind: Deployment metadata: name: mariadb namespace: "{{ mediawiki_namespace }}" spec: replicas: 1 selector: matchLabels: app: mariadb template: metadata: labels: app: mariadb spec: containers: - name: mariadb image: mariadb env: - name: MYSQL_ROOT_PASSWORD value: "{{ mediawiki_mariadb_root_password }}" - name: MYSQL_USER value: "mediawiki" - name: MYSQL_PASSWORD value: "{{ mediawiki_mariadb_password }}" - name: MYSQL_DATABASE value: "mediawiki" volumeMounts: - name: data mountPath: /var/lib/mysql ports: - containerPort: 3306 volumes: - name: data persistentVolumeClaim: claimName: db - name: service for mariadb k8s: definition: apiVersion: v1 kind: Service metadata: name: mariadb namespace: "{{ mediawiki_namespace }}" spec: selector: app: mariadb ports: - port: 3306 name: mariadb type: ClusterIP - name: deployment for mediawiki when: mediawiki_deploy_localsettings k8s: definition: apiVersion: v1 kind: Deployment metadata: name: mediawiki namespace: "{{ mediawiki_namespace }}" spec: replicas: 1 selector: matchLabels: app: mediawiki template: metadata: labels: app: mediawiki spec: containers: - name: mediawiki image: mediawiki imagePullPolicy: IfNotPresent ports: - containerPort: 80 volumeMounts: - name: archive mountPath: /archive - name: config mountPath: /var/www/html/LocalSettings.php subPath: LocalSettings.php - name: data mountPath: /var/www/html/images - name: logo mountPath: /var/www/html/resources/assets/logo.svg subPath: logo.svg volumes: - name: config configMap: name: config - name: archive persistentVolumeClaim: claimName: archive - name: data persistentVolumeClaim: claimName: data - name: logo configMap: name: logo - name: deployment for mediawiki when: not mediawiki_deploy_localsettings k8s: definition: apiVersion: v1 kind: Deployment metadata: name: mediawiki namespace: "{{ mediawiki_namespace }}" spec: replicas: 1 selector: matchLabels: app: mediawiki template: metadata: labels: app: mediawiki spec: containers: - name: mediawiki image: mediawiki imagePullPolicy: IfNotPresent ports: - containerPort: 80 volumeMounts: - name: archive mountPath: /archive - name: data mountPath: /var/www/html/images volumes: - name: archive persistentVolumeClaim: claimName: archive - name: data persistentVolumeClaim: claimName: data - name: service for mediawiki k8s: definition: apiVersion: v1 kind: Service metadata: name: mediawiki namespace: "{{ mediawiki_namespace }}" spec: selector: app: mediawiki ports: - port: 80 name: http type: ClusterIP - name: Create Ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: mediawiki namespace: "{{ mediawiki_namespace }}" spec: ingressClassName: nginx rules: - host: "{{ mediawiki_hostname }}" http: paths: - pathType: Prefix path: / backend: service: name: mediawiki port: number: 80 tls: - hosts: - "{{ mediawiki_hostname }}" secretName: mediawiki - name: onionservice k8s: definition: apiVersion: tor.k8s.torproject.org/v1alpha2 kind: OnionService metadata: name: mediawiki namespace: "{{ mediawiki_namespace }}" spec: version: 3 rules: - port: number: 80 backend: service: name: mediawiki port: number: 80