k8s manifests with vars set up for fluxcd
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

tangled knot

Dylan Shepard f129366f

+174
+14
certificate.yaml
··· 1 + apiVersion: cert-manager.io/v1 2 + kind: Certificate 3 + metadata: 4 + name: tangled-cert 5 + namespace: tangled 6 + spec: 7 + secretName: tangled-ssl 8 + duration: 2160h 9 + renewBefore: 360h 10 + dnsNames: 11 + - knot.${domain} 12 + issuerRef: 13 + name: ${cert_issuer} 14 + kind: ClusterIssuer
+30
ingressroute.yaml
··· 1 + apiVersion: traefik.io/v1alpha1 2 + kind: IngressRoute 3 + metadata: 4 + name: tangled 5 + namespace: tangled 6 + spec: 7 + entryPoints: 8 + - websecure 9 + routes: 10 + - match: Host(`knot.${domain}`) && PathPrefix(`/`) 11 + kind: Rule 12 + services: 13 + - name: tangled-http 14 + port: 5555 15 + tls: 16 + secretName: tangled-ssl 17 + --- 18 + apiVersion: traefik.io/v1alpha1 19 + kind: IngressRouteTCP 20 + metadata: 21 + name: tangled-ssh 22 + namespace: tangled 23 + spec: 24 + entryPoints: 25 + - tangled-ssh 26 + routes: 27 + - match: HostSNI(`*`) 28 + services: 29 + - name: tangled-ssh 30 + port: 22
+10
kustomization.yaml
··· 1 + namespace: tangled 2 + 3 + resources: 4 + - namespace.yaml 5 + - pvc.yaml 6 + - secrets.yaml 7 + - statefulset.yaml 8 + - service.yaml 9 + - ingressroute.yaml 10 + - certificate.yaml
+4
namespace.yaml
··· 1 + apiVersion: v1 2 + kind: Namespace 3 + metadata: 4 + name: tangled
+12
pvc.yaml
··· 1 + apiVersion: v1 2 + kind: PersistentVolumeClaim 3 + metadata: 4 + name: tangled-data 5 + namespace: tangled 6 + spec: 7 + storageClassName: nfs 8 + accessModes: 9 + - ReadWriteMany 10 + resources: 11 + requests: 12 + storage: 20Gi
+15
secrets.yaml
··· 1 + apiVersion: external-secrets.io/v1 2 + kind: ExternalSecret 3 + metadata: 4 + name: tangled-secrets 5 + namespace: tangled 6 + spec: 7 + refreshInterval: "10m" 8 + secretStoreRef: 9 + name: vault 10 + kind: ClusterSecretStore 11 + target: 12 + name: tangled-secrets 13 + dataFrom: 14 + - extract: 15 + key: kv/k8s/tangled
+29
service.yaml
··· 1 + apiVersion: v1 2 + kind: Service 3 + metadata: 4 + name: tangled-http 5 + namespace: tangled 6 + spec: 7 + selector: 8 + app: tangled 9 + ports: 10 + - name: http 11 + protocol: TCP 12 + port: 5555 13 + targetPort: 5555 14 + type: ClusterIP 15 + --- 16 + apiVersion: v1 17 + kind: Service 18 + metadata: 19 + name: tangled-ssh 20 + namespace: tangled 21 + spec: 22 + selector: 23 + app: tangled 24 + ports: 25 + - name: ssh 26 + protocol: TCP 27 + port: 22 28 + targetPort: 22 29 + type: ClusterIP
+60
statefulset.yaml
··· 1 + apiVersion: apps/v1 2 + kind: StatefulSet 3 + metadata: 4 + name: tangled 5 + namespace: tangled 6 + spec: 7 + replicas: 1 8 + serviceName: tangled 9 + selector: 10 + matchLabels: 11 + app: tangled 12 + template: 13 + metadata: 14 + labels: 15 + app: tangled 16 + spec: 17 + containers: 18 + - name: knot 19 + image: atcr.io/tangled.org/knot:latest 20 + imagePullPolicy: Always 21 + ports: 22 + - name: http 23 + containerPort: 5555 24 + - name: ssh 25 + containerPort: 22 26 + env: 27 + - name: KNOT_SERVER_HOSTNAME 28 + value: knot.${domain} 29 + - name: KNOT_SERVER_DB_PATH 30 + value: /app/knotserver.db 31 + - name: KNOT_REPO_SCAN_PATH 32 + value: /home/git/repositories 33 + - name: KNOT_SERVER_INTERNAL_LISTEN_ADDR 34 + value: localhost:5444 35 + - name: APPVIEW_ENDPOINT 36 + value: https://tangled.org 37 + envFrom: 38 + - secretRef: 39 + name: tangled-secrets 40 + volumeMounts: 41 + - mountPath: /etc/ssh/keys 42 + name: data 43 + subPath: ssh-keys 44 + - mountPath: /home/git/repositories 45 + name: data 46 + subPath: repositories 47 + - mountPath: /app 48 + name: data 49 + subPath: server 50 + readinessProbe: 51 + httpGet: 52 + path: / 53 + port: http 54 + initialDelaySeconds: 10 55 + periodSeconds: 5 56 + failureThreshold: 6 57 + volumes: 58 + - name: data 59 + persistentVolumeClaim: 60 + claimName: tangled-data