286 lines
7.0 KiB
YAML
286 lines
7.0 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# tasks file for ansible-role-www
|
|
- name: namespace
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: www
|
|
|
|
- name: pvc
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: data
|
|
namespace: www
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 8Ti
|
|
|
|
- name: cronjob
|
|
k8s:
|
|
definition:
|
|
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: mailsync
|
|
namespace: www
|
|
spec:
|
|
schedule: "{{ www_cron_schedule }}"
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
spec:
|
|
containers:
|
|
- name: python
|
|
image: python:3
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- /bin/python
|
|
- /usr/src/mailsync.py
|
|
env:
|
|
- name: USERNAME
|
|
value: "{{ www_username }}"
|
|
- name: PASSWORD
|
|
value: "{{ www_password }}"
|
|
- name: IMAP_SERVER
|
|
value: "{{ www_imap_server}}"
|
|
- name: SAVE_DIR
|
|
value: "{{ www_save_dir }}"
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
restartPolicy: OnFailure
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: data
|
|
|
|
- name: configmap for httpd.conf
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: httpd
|
|
namespace: www
|
|
data:
|
|
httpd.conf: "{{ lookup('file', 'httpd.conf') }}"
|
|
|
|
- name: configmap for httpd-gitweb.conf
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: httpd-gitweb
|
|
namespace: www
|
|
data:
|
|
docker.motd: "{{ lookup('file', 'httpd-gitweb.conf') }}"
|
|
|
|
- name: configmap for gitweb.conf
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: gitweb
|
|
namespace: www
|
|
data:
|
|
docker.motd: "{{ lookup('file', 'gitweb.conf') }}"
|
|
|
|
- name: deployment for gitweb
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: gitweb
|
|
namespace: www
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: gitweb
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: gitweb
|
|
spec:
|
|
initContainers:
|
|
- name: init
|
|
image: bash
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- "apt update -y && apt install -y git && git clone {{ www_repo_url }} /tmp/www && cp -r /tmp/www/* /data/"
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
containers:
|
|
- name: gitweb
|
|
image: ericomeehan/gitweb
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 80
|
|
volumeMounts:
|
|
- name: data
|
|
mountpath: /usr/local/apache2/htdocs
|
|
- name: httpd
|
|
mountPath: /usr/local/apache2/conf/httpd.conf
|
|
subPath: httpd.conf
|
|
- name: httpd-gitweb
|
|
mountPath: /usr/local/apache2/conf/httpd-gitweb.conf
|
|
subPath: httpd-gitweb.conf
|
|
- name: gitweb
|
|
mountPath: /etc/gitweb.conf
|
|
subPath: gitweb.conf
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: data
|
|
- name: httpd
|
|
configMap:
|
|
name: httpd
|
|
- name: httpd-gitweb
|
|
configMap:
|
|
name: httpd-gitweb
|
|
- name: gitweb
|
|
configMap:
|
|
name: gitweb
|
|
|
|
- name: service for gitweb
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: gitweb
|
|
namespace: www
|
|
spec:
|
|
selector:
|
|
app: gitweb
|
|
ports:
|
|
- port: 80
|
|
name: http
|
|
type: LoadBalancer
|
|
|
|
- name: onionservice
|
|
k8s:
|
|
definition:
|
|
apiVersion: tor.k8s.torproject.org/v1alpha2
|
|
kind: OnionService
|
|
metadata:
|
|
name: www
|
|
namespace: www
|
|
spec:
|
|
version: 3
|
|
rules:
|
|
- port:
|
|
number: 80
|
|
backend:
|
|
service:
|
|
name: www
|
|
port:
|
|
number: 80
|
|
|
|
- name: ingress
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: ca-issuer
|
|
name: www
|
|
namespace: www
|
|
spec:
|
|
ingressClassName: nginx
|
|
rules:
|
|
- host: eom.dev
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: gitweb
|
|
port:
|
|
number: 80
|
|
tls:
|
|
- hosts:
|
|
- eom.dev
|
|
secretName: www
|
|
|
|
- name: deployment for ftp
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: ftp
|
|
namespace: www
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: ftp
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: ftp
|
|
spec:
|
|
containers:
|
|
- name: ftp
|
|
image: bogem/ftp
|
|
imagePullPolicy: IfNotPresent
|
|
env:
|
|
- name: FTP_USER
|
|
value: "{{ www_ftp_user }}"
|
|
- name: FTP_PASS
|
|
value: "{{ www_ftp_password }}"
|
|
- name: PASV_ADDRESS
|
|
value: "{{ www_ftp_pasv_address }}"
|
|
ports:
|
|
- containerPort: 20
|
|
- containerPort: 21
|
|
volumeMounts:
|
|
- name: data
|
|
mountpath: /home/vsftpd
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: data
|
|
|
|
- name: service for ftp
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: ftp
|
|
namespace: www
|
|
spec:
|
|
selector:
|
|
app: ftp
|
|
ports:
|
|
- port: 20
|
|
name: ftpa
|
|
- port: 21
|
|
name: ftpb
|
|
type: LoadBalancer
|
|
|