Initial commit

tasks/main.yml

@@ -0,0 +1,285 @@
+#SPDX-License-Identifier: MIT-0
+---
+# tasks file for ansible-role-www
+- name: namespace
+  k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: Namespace
+      metadata:
+        name: www
+
+- name: pvc
+  k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: PersistentVolumeClaim
+      metadata:
+        name: data
+        namespace: www
+      spec:
+        accessModes:
+          - ReadWriteMany
+        resources:
+          requests:
+            storage: 8Ti
+
+- name: cronjob
+  k8s:
+    definition:
+      apiVersion: batch/v1
+      kind: CronJob
+      metadata:
+        name: mailsync
+        namespace: www
+      spec:
+        schedule: "{{ www_cron_schedule }}"
+        jobTemplate:
+          spec:
+            template:
+              spec:
+                containers:
+                  - name: python
+                    image: python:3
+                    imagePullPolicy: IfNotPresent
+                    command:
+                    - /bin/python
+                    - /usr/src/mailsync.py
+                    env:
+                      - name: USERNAME
+                        value: "{{ www_username }}"
+                      - name: PASSWORD
+                        value: "{{ www_password }}"
+                      - name: IMAP_SERVER
+                        value: "{{ www_imap_server}}"
+                      - name: SAVE_DIR
+                        value: "{{ www_save_dir }}"
+                    volumeMounts:
+                      - name: data
+                        mountPath: /data
+                    restartPolicy: OnFailure
+                volumes:
+                  - name: data
+                    persistentVolumeClaim:
+                      claimName: data
+
+- name: configmap for httpd.conf
+  k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: httpd
+        namespace: www
+      data:
+        httpd.conf: "{{ lookup('file', 'httpd.conf') }}"
+
+- name: configmap for httpd-gitweb.conf
+  k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: httpd-gitweb
+        namespace: www
+      data:
+        docker.motd: "{{ lookup('file', 'httpd-gitweb.conf') }}"
+
+- name: configmap for gitweb.conf
+  k8s:
+    state: present
+    definition:
+      apiVersion: v1
+      kind: ConfigMap
+      metadata:
+        name: gitweb
+        namespace: www
+      data:
+        docker.motd: "{{ lookup('file', 'gitweb.conf') }}"
+
+- name: deployment for gitweb
+  k8s:
+    definition:
+      apiVersion: v1
+      kind: Deployment
+      metadata:
+        name: gitweb
+        namespace: www
+      spec:
+        replicas: 1
+        selector:
+          matchLabels:
+            app: gitweb
+        template:
+          metadata:
+            labels:
+              app: gitweb
+          spec:
+            initContainers:
+              - name: init
+                image: bash
+                command:
+                  - /bin/bash
+                  - -c
+                  - "apt update -y && apt install -y git && git clone {{ www_repo_url }} /tmp/www && cp -r /tmp/www/* /data/"
+                volumeMounts:
+                  - name: data
+                    mountPath: /data
+            containers:
+              - name: gitweb
+                image: ericomeehan/gitweb
+                imagePullPolicy: IfNotPresent
+                ports:
+                  - containerPort: 80
+                volumeMounts:
+                  - name: data
+                    mountpath: /usr/local/apache2/htdocs
+                  - name: httpd
+                    mountPath: /usr/local/apache2/conf/httpd.conf
+                    subPath: httpd.conf
+                  - name: httpd-gitweb
+                    mountPath: /usr/local/apache2/conf/httpd-gitweb.conf
+                    subPath: httpd-gitweb.conf
+                  - name: gitweb
+                    mountPath: /etc/gitweb.conf
+                    subPath: gitweb.conf
+            volumes:
+              - name: data
+                persistentVolumeClaim:
+                  claimName: data
+              - name: httpd
+                configMap:
+                  name: httpd
+              - name: httpd-gitweb
+                configMap:
+                  name: httpd-gitweb
+              - name: gitweb
+                configMap:
+                  name: gitweb
+
+- name: service for gitweb
+  k8s:
+    definition:
+      apiVersion: v1
+      kind: Service
+      metadata:
+        name: gitweb
+        namespace: www
+      spec:
+        selector:
+          app: gitweb
+        ports:
+          - port: 80
+            name: http
+        type: LoadBalancer
+
+- name: onionservice
+  k8s:
+    definition:
+      apiVersion: tor.k8s.torproject.org/v1alpha2
+      kind: OnionService
+      metadata:
+        name: www
+        namespace: www
+      spec:
+        version: 3
+        rules:
+          - port:
+              number: 80
+            backend:
+              service:
+                name: www
+                port:
+                  number: 80
+
+- name: ingress
+  k8s:
+    state: present
+    definition:
+      apiVersion: networking.k8s.io/v1
+      kind: Ingress
+      metadata:
+        annotations:
+          cert-manager.io/cluster-issuer: ca-issuer
+        name: www
+        namespace: www
+      spec:
+        ingressClassName: nginx
+        rules:
+          - host: eom.dev
+            http:
+              paths:
+                - pathType: Prefix
+                  path: /
+                  backend:
+                    service:
+                      name: gitweb
+                      port:
+                        number: 80
+        tls:
+          - hosts:
+            - eom.dev
+            secretName: www
+
+- name: deployment for ftp
+  k8s:
+    definition:
+      apiVersion: v1
+      kind: Deployment
+      metadata:
+        name: ftp
+        namespace: www
+      spec:
+        replicas: 1
+        selector:
+          matchLabels:
+            app: ftp
+        template:
+          metadata:
+            labels:
+              app: ftp
+          spec:
+            containers:
+               - name: ftp
+                 image: bogem/ftp
+                 imagePullPolicy: IfNotPresent
+                 env:
+                   - name: FTP_USER
+                     value: "{{ www_ftp_user }}"
+                   - name: FTP_PASS
+                     value: "{{ www_ftp_password }}"
+                   - name: PASV_ADDRESS
+                     value: "{{ www_ftp_pasv_address }}"
+                 ports:
+                   - containerPort: 20
+                   - containerPort: 21
+                volumeMounts:
+                  - name: data
+                    mountpath: /home/vsftpd
+            volumes:
+              - name: data
+                persistentVolumeClaim:
+                  claimName: data
+
+- name: service for ftp
+  k8s:
+    definition:
+      apiVersion: v1
+      kind: Service
+      metadata:
+        name: ftp
+        namespace: www
+      spec:
+        selector:
+          app: ftp
+        ports:
+          - port: 20
+            name: ftpa
+          - port: 21
+            name: ftpb
+        type: LoadBalancer
+