DevOps/ansible-role-www
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8307cdd74d944bc13894da03a0e4938110b460d7
ansible-role-www/tasks/main.yml

331 lines
8.1 KiB
YAML
Raw Blame History

#SPDX-License-Identifier: MIT-0
---
# tasks file for ansible-role-www
- name: namespace
k8s:
state: present
definition:
apiVersion: v1
kind: Namespace
metadata:
name: www
- name: pvc
k8s:
state: present
definition:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
namespace: www
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 8Ti
- name: configmap for authorized_keys
k8s:
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: keys
namespace: www
data:
authorized_keys: "{{ lookup('template', 'authorized_keys.j2') }}"
- name: configmap for mailsync.py
k8s:
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: mailsync
namespace: www
data:
mailsync.py: "{{ lookup('file', 'mailsync.py') }}"
- name: cronjob
k8s:
definition:
apiVersion: batch/v1
kind: CronJob
metadata:
name: mailsync
namespace: www
spec:
schedule: "{{ www_cron_schedule }}"
jobTemplate:
spec:
template:
spec:
containers:
- name: python
image: python:3
imagePullPolicy: IfNotPresent
command:
- python
- /usr/src/mailsync.py
env:
- name: USERNAME
value: "{{ www_username }}"
- name: PASSWORD
value: "{{ www_password }}"
- name: IMAP_SERVER
value: "{{ www_imap_server}}"
- name: SAVE_DIR
value: "{{ www_save_dir }}"
volumeMounts:
- name: data
mountPath: /data
- name: mailsync
mountPath: /usr/src/mailsync.py
subPath: mailsync.py
restartPolicy: OnFailure
volumes:
- name: data
persistentVolumeClaim:
claimName: data
- name: mailsync
configMap:
name: mailsync
- name: configmap for httpd.conf
k8s:
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: httpd
namespace: www
data:
httpd.conf: "{{ lookup('file', 'httpd.conf') }}"
- name: configmap for httpd-gitweb.conf
k8s:
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: httpd-gitweb
namespace: www
data:
httpd-gitweb.conf: "{{ lookup('file', 'httpd-gitweb.conf') }}"
- name: configmap for gitweb.conf
k8s:
state: present
definition:
apiVersion: v1
kind: ConfigMap
metadata:
name: gitweb
namespace: www
data:
gitweb.conf: "{{ lookup('file', 'gitweb.conf') }}"
- name: deployment for gitweb
k8s:
definition:
apiVersion: v1
kind: Deployment
metadata:
name: gitweb
namespace: www
spec:
replicas: 1
selector:
matchLabels:
app: gitweb
template:
metadata:
labels:
app: gitweb
spec:
initContainers:
- name: init
image: debian:trixie
command:
- /bin/bash
- -c
- "apt update -y && apt install -y git && git clone {{ www_repo_url }} /tmp/www && cp -r /tmp/www/htdocs/* /data/"
volumeMounts:
- name: data
mountPath: /data
containers:
- name: gitweb
image: ericomeehan/gitweb:latest
imagePullPolicy: Always
ports:
- containerPort: 80
- containerPort: 9117
volumeMounts:
- name: data
mountPath: /usr/local/apache2/htdocs
- name: httpd
mountPath: /usr/local/apache2/conf/httpd.conf
subPath: httpd.conf
- name: httpd-gitweb
mountPath: /usr/local/apache2/conf/extra/httpd-gitweb.conf
subPath: httpd-gitweb.conf
- name: gitweb
mountPath: /etc/gitweb.conf
subPath: gitweb.conf
volumes:
- name: data
persistentVolumeClaim:
claimName: data
- name: httpd
configMap:
name: httpd
- name: httpd-gitweb
configMap:
name: httpd-gitweb
- name: gitweb
configMap:
name: gitweb
- name: service for prometheus
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: prometheus
namespace: www
spec:
selector:
app: gitweb
ports:
- port: 9117
name: http
type: ClusterIP
- name: service for gitweb
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: gitweb
namespace: www
spec:
selector:
app: gitweb
ports:
- port: 80
name: http
externalTrafficPolicy: Local
type: LoadBalancer
- name: onionservice
k8s:
definition:
apiVersion: tor.k8s.torproject.org/v1alpha2
kind: OnionService
metadata:
name: www
namespace: www
spec:
version: 3
rules:
- port:
number: 80
backend:
service:
name: www
port:
number: 80
- name: ingress
k8s:
state: present
definition:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: ca-issuer
nginx.ingress.kubernetes.io/enable-cors: "true"
nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
name: www
namespace: www
spec:
ingressClassName: nginx
rules:
- host: eom.dev
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: gitweb
port:
number: 80
tls:
- hosts:
- eom.dev
secretName: www
- name: deployment for gitserver
k8s:
definition:
apiVersion: v1
kind: Deployment
metadata:
name: gitserver
namespace: www
spec:
replicas: 1
selector:
matchLabels:
app: gitserver
template:
metadata:
labels:
app: gitserver
spec:
containers:
- name: gitserver
image: ericomeehan/gitserver:latest
imagePullPolicy: Always
ports:
- containerPort: 22
volumeMounts:
- name: data
mountPath: /home/git/data
- name: keys
mountPath: /auth
volumes:
- name: data
persistentVolumeClaim:
claimName: data
- name: keys
configMap:
name: keys
- name: service for gitserver
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: gitserver
namespace: www
spec:
selector:
app: gitserver
ports:
- port: 22
name: gitserver
type: LoadBalancer
Reference in New Issue View Git Blame Copy Permalink