From 2909a422ce48f95b445152979d2ae2330ff08991 Mon Sep 17 00:00:00 2001 From: Nathan Rashleigh Date: Sat, 20 Jan 2024 23:22:20 +1100 Subject: [PATCH] cv, time to rest --- README.md | 4 ++-- crates/crates.yaml | 41 +++++++++++++++++++++++++++------- mnml/mnml.yaml | 45 ++++++++++++++++++++++++++++++-------- ntr-cv/ntr-cv.ingress.yaml | 25 +++++++++++++++++++++ ntr-cv/ntr-cv.yaml | 44 +++++++++++++++++++++++++++++++++++++ spacerace/spacerace.yaml | 21 +++++++++++++----- 6 files changed, 156 insertions(+), 24 deletions(-) create mode 100644 ntr-cv/ntr-cv.ingress.yaml create mode 100644 ntr-cv/ntr-cv.yaml diff --git a/README.md b/README.md index 07326af..036b796 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,6 @@ ## TODO [x] private registry -[ ] secrets -[ ] ntr-cv static containers +[x] secrets +[x] ntr-cv static containers [ ] grafana etc \ No newline at end of file diff --git a/crates/crates.yaml b/crates/crates.yaml index 03ecb6e..1330496 100644 --- a/crates/crates.yaml +++ b/crates/crates.yaml @@ -63,11 +63,20 @@ spec: - containerPort: 5432 env: - name: POSTGRES_DB - value: crates + valueFrom: + secretKeyRef: + name: crates + key: POSTGRES_DB - name: POSTGRES_USER - value: crates + valueFrom: + secretKeyRef: + name: crates + key: POSTGRES_USER - name: POSTGRES_PASSWORD - value: digdeep + valueFrom: + secretKeyRef: + name: crates + key: POSTGRES_PASSWORD volumeMounts: - name: crates-postgres-storage mountPath: /var/lib/postgresql/data @@ -101,13 +110,26 @@ spec: - containerPort: 80 env: - name: DATABASE_URL - value: 'postgresql://crates:digdeep@crates-postgres:5432/crates?schema=public' + valueFrom: + secretKeyRef: + name: crates + key: DATABASE_URL - name: DISCORD_TOKEN - value: 'MTA3MjQ4OTgzMDE0NTA2NDk5MA.G4ZhOg.rFchS4vp0cNqHKuqubMFZSZCD15_E58MQhfDJo' + valueFrom: + secretKeyRef: + name: crates + key: DISCORD_TOKEN - name: DISCOGS_TOKEN - value: 'Discogs token=wRTXuYZGOPsIQgKRGKCAkUkidGtvpSfQgPWkYIpD' + valueFrom: + secretKeyRef: + name: crates + key: DISCOGS_TOKEN - name: DISCORD_ENABLED - value: 'true' + valueFrom: + secretKeyRef: + name: crates + key: DISCORD_ENABLED + --- @@ -133,7 +155,10 @@ spec: args: ["prisma", "migrate", "deploy"] env: - name: DATABASE_URL - value: 'postgresql://crates:digdeep@crates-postgres:5432/crates?schema=public' + valueFrom: + secretKeyRef: + name: crates + key: DATABASE_URL --- diff --git a/mnml/mnml.yaml b/mnml/mnml.yaml index 5116478..95b2141 100644 --- a/mnml/mnml.yaml +++ b/mnml/mnml.yaml @@ -99,11 +99,20 @@ spec: - containerPort: 5432 env: - name: POSTGRES_DB - value: mnml + valueFrom: + secretKeyRef: + name: mnml + key: POSTGRES_DB - name: POSTGRES_USER - value: mnml + valueFrom: + secretKeyRef: + name: mnml + key: POSTGRES_USER - name: POSTGRES_PASSWORD - value: maximal + valueFrom: + secretKeyRef: + name: mnml + key: POSTGRES_PASSWORD volumeMounts: - name: mnml-postgres-storage mountPath: /var/lib/postgresql/data @@ -140,17 +149,35 @@ spec: name: ws env: - name: DATABASE_URL - value: 'postgresql://mnml:maximal@mnml-postgres:5432/mnml' + valueFrom: + secretKeyRef: + name: mnml + key: DATABASE_URL - name: MAIL_ADDRESS - value: 'machines@mnml.gg' + valueFrom: + secretKeyRef: + name: mnml + key: MAIL_ADDRESS - name: MAIL_PASSWORD - value: 'rabble' + valueFrom: + secretKeyRef: + name: mnml + key: MAIL_PASSWORD - name: MAIL_DOMAIN - value: 'gmail' + valueFrom: + secretKeyRef: + name: mnml + key: MAIL_DOMAIN - name: STRIPE_WH_SECRET - value: 'aaaaaaaaa' + valueFrom: + secretKeyRef: + name: mnml + key: STRIPE_WH_SECRET - name: STRIPE_SECRET - value: 'bignreese' + valueFrom: + secretKeyRef: + name: mnml + key: STRIPE_SECRET volumeMounts: - name: mnml-img-storage mountPath: /var/lib/mnml/public/imgs diff --git a/ntr-cv/ntr-cv.ingress.yaml b/ntr-cv/ntr-cv.ingress.yaml new file mode 100644 index 0000000..dbd12e1 --- /dev/null +++ b/ntr-cv/ntr-cv.ingress.yaml @@ -0,0 +1,25 @@ +--- + +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ntr-cv + annotations: + cert-manager.io/issuer: "letsencrypt-prod" +spec: + ingressClassName: nginx + tls: + - hosts: + - strix.systems + secretName: strix-systems-tls + rules: + - host: strix.systems + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: ntr-cv + port: + number: 8080 diff --git a/ntr-cv/ntr-cv.yaml b/ntr-cv/ntr-cv.yaml new file mode 100644 index 0000000..1e12658 --- /dev/null +++ b/ntr-cv/ntr-cv.yaml @@ -0,0 +1,44 @@ +--- + +# ----------------------------------------------------------------------- +# DEPLOYMENTS +# ----------------------------------------------------------------------- + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ntr-cv +spec: + replicas: 1 + selector: + matchLabels: + app: ntr-cv + template: + metadata: + labels: + app: ntr-cv + spec: + containers: + - name: ntr-cv + image: registry.strix.systems/ntr-cv + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8080 + +--- + +# ----------------------------------------------------------------------- +# SERVICES +# ----------------------------------------------------------------------- + +--- + +apiVersion: v1 +kind: Service +metadata: + name: ntr-cv +spec: + selector: + app: ntr-cv + ports: + - port: 8080 diff --git a/spacerace/spacerace.yaml b/spacerace/spacerace.yaml index db06f9f..8cde412 100644 --- a/spacerace/spacerace.yaml +++ b/spacerace/spacerace.yaml @@ -63,11 +63,20 @@ spec: - containerPort: 5432 env: - name: POSTGRES_DB - value: spacerace + valueFrom: + secretKeyRef: + name: spacerace + key: POSTGRES_DB - name: POSTGRES_USER - value: spacerace + valueFrom: + secretKeyRef: + name: spacerace + key: POSTGRES_USER - name: POSTGRES_PASSWORD - value: zoomzoom + valueFrom: + secretKeyRef: + name: spacerace + key: POSTGRES_PASSWORD volumeMounts: - name: spacerace-postgres-storage mountPath: /var/lib/postgresql/data @@ -101,8 +110,10 @@ spec: - containerPort: 80 env: - name: CONNECTIONSTRINGS__SPACERACE - value: "Server=spacerace-postgres;Port=5432;Database=spacerace;User Id=spacerace;Password=zoomzoom" - + valueFrom: + secretKeyRef: + name: spacerace + key: CONNECTIONSTRINGS__SPACERACE --- # -----------------------------------------------------------------------