First Complete Working Version
This commit is contained in:
9
template/backend/backend-config.yaml
Normal file
9
template/backend/backend-config.yaml
Normal file
@@ -0,0 +1,9 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: backend-config
|
||||
data:
|
||||
backend_url: backend-service
|
||||
backend_port: "8070"
|
||||
backend_db_name: ${KUBE_DATABASE_NAME}
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: backend-deployment
|
||||
spec:
|
||||
replicas: 1
|
||||
@@ -43,49 +43,49 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: frontend-secret
|
||||
key: frontendPath
|
||||
key: frontendUrl
|
||||
|
||||
- name: TOKEN_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: tokenSecret
|
||||
key: backendTokenSecret
|
||||
|
||||
- name: ACCESS_TOKEN_DURATION
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: accessTokenDuration
|
||||
key: backendAccessTokenDuration
|
||||
|
||||
- name: REFRESH_TOKEN_DURATION
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: refreshTokenDuration
|
||||
key: backendRefreshTokenDuration
|
||||
|
||||
- name: DEFAULT_USER_FULLNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: defaultUserFullName
|
||||
key: backendDefaultUserFullName
|
||||
|
||||
- name: DEFAULT_USER_EMAIL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: defaultUserEmail
|
||||
key: backendDefaultUserEmail
|
||||
|
||||
- name: DEFAULT_USER_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: defaultUserUsername
|
||||
key: backendDefaultUserUsername
|
||||
|
||||
- name: DEFAULT_USER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: defaultUserPassword
|
||||
key: backendDefaultUserPassword
|
||||
|
||||
- name: PORT
|
||||
valueFrom:
|
||||
@@ -97,37 +97,37 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: googleClientId
|
||||
key: backendGoogleClientId
|
||||
|
||||
- name: GOOGLE_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: googleClientSecret
|
||||
key: backendGoogleClientSecret
|
||||
|
||||
- name: GOOGLE_REDIRECT_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: googleRedirectUrl
|
||||
key: backendGoogleRedirectUrl
|
||||
|
||||
- name: GITHUB_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: githubClientId
|
||||
key: backendGithubClientId
|
||||
|
||||
- name: GITHUB_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: githubClientSecret
|
||||
key: backendGithubClientSecret
|
||||
|
||||
- name: GITHUB_REDIRECT_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: githubRedirectUrl
|
||||
key: backendGithubRedirectUrl
|
||||
|
||||
- name: POSTGRES_URL
|
||||
valueFrom:
|
||||
@@ -193,7 +193,7 @@ spec:
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: backend-service
|
||||
spec:
|
||||
selector:
|
||||
|
||||
@@ -2,15 +2,15 @@ apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: letsencrypt-cluster-certificate
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
spec:
|
||||
dnsNames:
|
||||
- ${DOMAIN}
|
||||
- ${API_DOMAIN}
|
||||
- ${KUBE_DOMAIN}
|
||||
- ${KUBE_API_DOMAIN}
|
||||
secretName: letsencrypt-cluster-certificate-tls
|
||||
issuerRef:
|
||||
name: cluster-certificate-issuer
|
||||
kind: ClusterIssuer
|
||||
subject:
|
||||
organizations:
|
||||
- Hideyoshi
|
||||
- ${KUBE_DOMAIN_ORGANIZATION}
|
||||
6
template/cert-manager/cert-manager-issuer-dev.yaml
Normal file
6
template/cert-manager/cert-manager-issuer-dev.yaml
Normal file
@@ -0,0 +1,6 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: cluster-certificate-issuer
|
||||
spec:
|
||||
selfSigned: {}
|
||||
14
template/cert-manager/cert-manager-issuer.yaml
Normal file
14
template/cert-manager/cert-manager-issuer.yaml
Normal file
@@ -0,0 +1,14 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: ClusterIssuer
|
||||
metadata:
|
||||
name: cluster-certificate-issuer
|
||||
spec:
|
||||
acme:
|
||||
server: ${KUBE_CERT_SERVER}
|
||||
email: ${KUBE_DOMAIN_EMAIL}
|
||||
privateKeySecretRef:
|
||||
name: cluster-certificate-issuer
|
||||
solvers:
|
||||
- http01:
|
||||
ingress:
|
||||
class: nginx
|
||||
7
template/frontend/frontend-config.yaml
Normal file
7
template/frontend/frontend-config.yaml
Normal file
@@ -0,0 +1,7 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: frontend-config
|
||||
data:
|
||||
frontend_url: frontend-service
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: frontend-deployment
|
||||
labels:
|
||||
app: frontend
|
||||
@@ -47,23 +47,23 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: frontend-secret
|
||||
key: backendUrl
|
||||
key: frontendBackendUrl
|
||||
- name: BACKEND_OAUTH_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: frontend-secret
|
||||
key: backendOAuthUrl
|
||||
key: frontendOAuthUrl
|
||||
- name: GITHUB_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: frontend-secret
|
||||
key: githubUser
|
||||
key: frontendGithubUser
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: frontend-service
|
||||
spec:
|
||||
selector:
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: nginx-ingress
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
@@ -10,11 +10,11 @@ metadata:
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- ${DOMAIN}
|
||||
- ${API_DOMAIN}
|
||||
- ${KUBE_DOMAIN}
|
||||
- ${KUBE_API_DOMAIN}
|
||||
secretName: letsencrypt-cluster-certificate-tls
|
||||
rules:
|
||||
- host: ${DOMAIN}
|
||||
- host: ${KUBE_DOMAIN}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
@@ -24,7 +24,7 @@ spec:
|
||||
name: frontend-service
|
||||
port:
|
||||
number: 5000
|
||||
- host: ${API_DOMAIN}
|
||||
- host: ${KUBE_API_DOMAIN}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
|
||||
@@ -2,7 +2,7 @@ apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
name: postgres-cn-cluster
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
spec:
|
||||
instances: 1
|
||||
primaryUpdateStrategy: unsupervised
|
||||
|
||||
8
template/redis/redis-config.yaml
Normal file
8
template/redis/redis-config.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: redis-config
|
||||
data:
|
||||
redis-url: redis-service
|
||||
redis-port: "6379"
|
||||
47
template/redis/redis.yaml
Normal file
47
template/redis/redis.yaml
Normal file
@@ -0,0 +1,47 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: redis-deployment
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: redis
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: redis
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: bitnami/redis:6.2.16
|
||||
imagePullPolicy: "IfNotPresent"
|
||||
resources:
|
||||
requests:
|
||||
memory: "256Mi"
|
||||
cpu: "75m"
|
||||
limits:
|
||||
memory: "256Mi"
|
||||
cpu: "75m"
|
||||
ports:
|
||||
- containerPort: 6379
|
||||
env:
|
||||
- name: REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: redis-secret
|
||||
key: redisPassword
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: redis-service
|
||||
spec:
|
||||
selector:
|
||||
app: redis
|
||||
ports:
|
||||
- port: 6379
|
||||
type: ClusterIP
|
||||
8
template/storage/storage-config.yaml
Normal file
8
template/storage/storage-config.yaml
Normal file
@@ -0,0 +1,8 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: storage-config
|
||||
data:
|
||||
storage_url: storage-service
|
||||
storage_port: "8000"
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: storage-processor-deployment
|
||||
spec:
|
||||
replicas: 1
|
||||
@@ -44,13 +44,13 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: frontend-secret
|
||||
key: backendUrl
|
||||
key: frontendBackendUrl
|
||||
|
||||
- name: EXPIRES_IN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: accessTokenDuration
|
||||
key: backendAccessTokenDuration
|
||||
|
||||
- name: SERVER_PORT
|
||||
valueFrom:
|
||||
@@ -86,34 +86,34 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsAccessKeyId
|
||||
key: storageAwsAccessKeyId
|
||||
|
||||
- name: AWS_SECRET_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsSecretAccessKey
|
||||
key: storageAwsSecretAccessKey
|
||||
|
||||
- name: AWS_REGION_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsRegion
|
||||
key: storageAwsRegion
|
||||
|
||||
- name: AWS_BUCKET_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsBucket
|
||||
key: storageAwsBucket
|
||||
|
||||
- name: VIRUS_CHECKER_TYPE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: virusCheckerType
|
||||
key: storageVirusCheckerType
|
||||
|
||||
- name: VIRUS_CHECKER_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: virusCheckerApiKey
|
||||
key: storageVirusCheckerApiKey
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: storage-deployment
|
||||
spec:
|
||||
replicas: 1
|
||||
@@ -43,13 +43,13 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: frontend-secret
|
||||
key: backendUrl
|
||||
key: frontendBackendUrl
|
||||
|
||||
- name: EXPIRES_IN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: backend-secret
|
||||
key: accessTokenDuration
|
||||
key: backendAccessTokenDuration
|
||||
|
||||
- name: SERVER_PORT
|
||||
valueFrom:
|
||||
@@ -85,43 +85,43 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsAccessKeyId
|
||||
key: storageAwsAccessKeyId
|
||||
|
||||
- name: AWS_SECRET_ACCESS_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsSecretAccessKey
|
||||
key: storageAwsSecretAccessKey
|
||||
|
||||
- name: AWS_REGION_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsRegion
|
||||
key: storageAwsRegion
|
||||
|
||||
- name: AWS_BUCKET_NAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: awsBucket
|
||||
key: storageAwsBucket
|
||||
|
||||
- name: VIRUS_CHECKER_TYPE
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: virusCheckerType
|
||||
key: storageVirusCheckerType
|
||||
|
||||
- name: VIRUS_CHECKER_API_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: storage-secret
|
||||
key: virusCheckerApiKey
|
||||
key: storageVirusCheckerApiKey
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
namespace: portfolio
|
||||
namespace: ${KUBE_NAMESPACE}
|
||||
name: storage-service
|
||||
spec:
|
||||
selector:
|
||||
|
||||
Reference in New Issue
Block a user