172 lines
3.9 KiB
YAML
172 lines
3.9 KiB
YAML
#SPDX-License-Identifier: MIT-0
|
|
---
|
|
# tasks file for ansible-role-www
|
|
- name: namespace
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: www
|
|
|
|
- name: pvc
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: data
|
|
namespace: www
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteMany
|
|
resources:
|
|
requests:
|
|
storage: 8Ti
|
|
|
|
- name: configmap for httpd.conf
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: httpd
|
|
namespace: www
|
|
data:
|
|
httpd.conf: "{{ lookup('file', 'httpd.conf') }}"
|
|
|
|
- name: deployment for www
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: httpd
|
|
namespace: www
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: httpd
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: httpd
|
|
spec:
|
|
initContainers:
|
|
- name: init
|
|
image: debian:trixie
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- "apt update -y && apt install -y git && git clone {{ www_repo_url }} /tmp/www && rm -rf /data/* && cp -r /tmp/www/htdocs/* /data/"
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
containers:
|
|
- name: httpd
|
|
image: ericomeehan/www:latest
|
|
imagePullPolicy: Always
|
|
ports:
|
|
- containerPort: 80
|
|
- containerPort: 9117
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /usr/local/apache2/htdocs
|
|
- name: httpd
|
|
mountPath: /usr/local/apache2/conf/httpd.conf
|
|
subPath: httpd.conf
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: data
|
|
- name: httpd
|
|
configMap:
|
|
name: httpd
|
|
|
|
- name: service for prometheus
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: prometheus
|
|
namespace: www
|
|
spec:
|
|
selector:
|
|
app: httpd
|
|
ports:
|
|
- port: 9117
|
|
name: http
|
|
type: ClusterIP
|
|
|
|
- name: service for httpd
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: httpd
|
|
namespace: www
|
|
spec:
|
|
selector:
|
|
app: httpd
|
|
ports:
|
|
- port: 80
|
|
name: http
|
|
type: ClusterIP
|
|
|
|
- name: onionservice
|
|
k8s:
|
|
definition:
|
|
apiVersion: tor.k8s.torproject.org/v1alpha2
|
|
kind: OnionService
|
|
metadata:
|
|
name: httpd
|
|
namespace: www
|
|
spec:
|
|
version: 3
|
|
rules:
|
|
- port:
|
|
number: 80
|
|
backend:
|
|
service:
|
|
name: httpd
|
|
port:
|
|
number: 80
|
|
|
|
- name: ingress
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: ca-issuer
|
|
nginx.ingress.kubernetes.io/enable-cors: "true"
|
|
nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
|
|
name: www
|
|
namespace: www
|
|
spec:
|
|
ingressClassName: nginx
|
|
rules:
|
|
- host: eom.dev
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: httpd
|
|
port:
|
|
number: 80
|
|
tls:
|
|
- hosts:
|
|
- eom.dev
|
|
secretName: www
|
|
|