#SPDX-License-Identifier: MIT-0 --- # tasks file for ansible-role-www - name: namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: www - name: pvc k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data namespace: www spec: accessModes: - ReadWriteMany resources: requests: storage: 8Ti - name: cronjob k8s: definition: apiVersion: batch/v1 kind: CronJob metadata: name: mailsync namespace: www spec: schedule: "{{ www_cron_schedule }}" jobTemplate: spec: template: spec: containers: - name: python image: python:3 imagePullPolicy: IfNotPresent command: - /bin/python - /usr/src/mailsync.py env: - name: USERNAME value: "{{ www_username }}" - name: PASSWORD value: "{{ www_password }}" - name: IMAP_SERVER value: "{{ www_imap_server}}" - name: SAVE_DIR value: "{{ www_save_dir }}" volumeMounts: - name: data mountPath: /data restartPolicy: OnFailure volumes: - name: data persistentVolumeClaim: claimName: data - name: configmap for httpd.conf k8s: state: present definition: apiVersion: v1 kind: ConfigMap metadata: name: httpd namespace: www data: httpd.conf: "{{ lookup('file', 'httpd.conf') }}" - name: configmap for httpd-gitweb.conf k8s: state: present definition: apiVersion: v1 kind: ConfigMap metadata: name: httpd-gitweb namespace: www data: docker.motd: "{{ lookup('file', 'httpd-gitweb.conf') }}" - name: configmap for gitweb.conf k8s: state: present definition: apiVersion: v1 kind: ConfigMap metadata: name: gitweb namespace: www data: docker.motd: "{{ lookup('file', 'gitweb.conf') }}" - name: deployment for gitweb k8s: definition: apiVersion: v1 kind: Deployment metadata: name: gitweb namespace: www spec: replicas: 1 selector: matchLabels: app: gitweb template: metadata: labels: app: gitweb spec: initContainers: - name: init image: bash command: - /bin/bash - -c - "apt update -y && apt install -y git && git clone {{ www_repo_url }} /tmp/www && cp -r /tmp/www/* /data/" volumeMounts: - name: data mountPath: /data containers: - name: gitweb image: ericomeehan/gitweb imagePullPolicy: IfNotPresent ports: - containerPort: 80 volumeMounts: - name: data mountpath: /usr/local/apache2/htdocs - name: httpd mountPath: /usr/local/apache2/conf/httpd.conf subPath: httpd.conf - name: httpd-gitweb mountPath: /usr/local/apache2/conf/httpd-gitweb.conf subPath: httpd-gitweb.conf - name: gitweb mountPath: /etc/gitweb.conf subPath: gitweb.conf volumes: - name: data persistentVolumeClaim: claimName: data - name: httpd configMap: name: httpd - name: httpd-gitweb configMap: name: httpd-gitweb - name: gitweb configMap: name: gitweb - name: service for gitweb k8s: definition: apiVersion: v1 kind: Service metadata: name: gitweb namespace: www spec: selector: app: gitweb ports: - port: 80 name: http type: LoadBalancer - name: onionservice k8s: definition: apiVersion: tor.k8s.torproject.org/v1alpha2 kind: OnionService metadata: name: www namespace: www spec: version: 3 rules: - port: number: 80 backend: service: name: www port: number: 80 - name: ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: www namespace: www spec: ingressClassName: nginx rules: - host: eom.dev http: paths: - pathType: Prefix path: / backend: service: name: gitweb port: number: 80 tls: - hosts: - eom.dev secretName: www - name: deployment for ftp k8s: definition: apiVersion: v1 kind: Deployment metadata: name: ftp namespace: www spec: replicas: 1 selector: matchLabels: app: ftp template: metadata: labels: app: ftp spec: containers: - name: ftp image: bogem/ftp imagePullPolicy: IfNotPresent env: - name: FTP_USER value: "{{ www_ftp_user }}" - name: FTP_PASS value: "{{ www_ftp_password }}" - name: PASV_ADDRESS value: "{{ www_ftp_pasv_address }}" ports: - containerPort: 20 - containerPort: 21 volumeMounts: - name: data mountpath: /home/vsftpd volumes: - name: data persistentVolumeClaim: claimName: data - name: service for ftp k8s: definition: apiVersion: v1 kind: Service metadata: name: ftp namespace: www spec: selector: app: ftp ports: - port: 20 name: ftpa - port: 21 name: ftpb type: LoadBalancer