upload manifests

asyncapi.yml

@@ -0,0 +1,61 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: asyncapi
+  namespace: asyncapi
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: asyncapi
+  template:
+    metadata:
+      labels:
+        app: asyncapi
+    spec:
+      containers:
+        - name: asyncapi
+          image: registry.kmlabz.com/birbnetes/asyncapi
+          imagePullPolicy: "Always"
+          ports:
+            - containerPort: 80
+      imagePullSecrets:
+        - name: regcred
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: asyncapi
+  namespace: asyncapi
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 80
+      name: http
+      protocol: TCP
+  selector:
+    app: asyncapi
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: asyncapi
+  namespace: asyncapi
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - asyncapi.kmlabz.com
+    secretName: asyncapi-cert-secret
+  rules:
+  - host: asyncapi.kmlabz.com
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: asyncapi
+          servicePort: http

drone.yml

@@ -0,0 +1,87 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: drone-config
+  labels:
+    app: drone
+  namespace: drone
+data:
+  DRONE_USER_CREATE: "username:tormakris,admin:true"
+  DRONE_ADMIN: tormakris
+  DRONE_AGENTS_ENABLED: "true"
+  DRONE_GITEA_SERVER: "https://git.kmlabz.com"
+  DRONE_GITEA_PRIVATE_MODE: "false"
+  DRONE_SERVER_HOST: drone.kmlabz.com
+  DRONE_SERVER_PROTO: https
+  DRONE_GITEA_CLIENT_ID: "edbee7f1-7295-4523-a88d-c55eb149da0f"
+  DRONE_GITEA_CLIENT_SECRET: "v7y2B0arZ6Fq2MZyYVDQ8JOGblBDeHX3oWAKMfxDQ_U="
+  DRONE_RPC_SECRET: d93445d12055463a6a5e4a39949c165e
+  DRONE_DATABASE_DRIVER: postgres
+  DRONE_DATABASE_DATASOURCE: "postgres://drone:cQk1JI73C1UZi0Y3oSQq@192.168.8.4:5432/drone?sslmode: verify-ca"
+  DRONE_DATABASE_SECRET: afb12100f88c1011f60c6a00f0cac02c
+  DRONE_GITEA_SKIP_VERIFY: "false"
+  DRONE_GIT_ALWAYS_AUTH: "true"
+  DRONE_LOGS_DEBUG: "true"
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: drone
+  namespace: drone
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: drone
+  template:
+    metadata:
+      labels:
+        app: drone
+    spec:
+      containers:
+        - name: drone
+          image: drone/drone:1
+          imagePullPolicy: "Always"
+          ports:
+            - containerPort: 80
+          envFrom:
+            - configMapRef:
+                name: drone-config
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: drone
+  namespace: drone
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 80
+      name: http
+      protocol: TCP
+  selector:
+    app: drone
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: drone
+  namespace: drone
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - drone.kmlabz.com
+    secretName: drone-cert-secret
+  rules:
+  - host: drone.kmlabz.com
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: drone
+          servicePort: http

swagger.yml

@@ -0,0 +1,72 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: swagger-ui-config
+  labels:
+    app: swagger-ui
+  namespace: swagger-ui
+data:
+  URLS: "[ { name: \"Input Service\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/input.yml\"}, { name: \"Storage Service\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/storage.yml\" }, {name: \"Output Service (RDB)\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/output-service-rdb.yml\"}, {name: \"Model Service\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/model.yaml\"}, {name: \"Command and Control\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/command-and-control.yml\"} ]"
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: swagger-ui
+  namespace: swagger-ui
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: swagger-ui
+  template:
+    metadata:
+      labels:
+        app: swagger-ui
+    spec:
+      containers:
+        - name: swagger-ui
+          image: swaggerapi/swagger-ui
+          imagePullPolicy: "Always"
+          ports:
+            - containerPort: 8080
+          envFrom:
+            - configMapRef:
+                name: swagger-ui-config
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: swagger-ui
+  namespace: swagger-ui
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 8080
+      name: http
+      protocol: TCP
+  selector:
+    app: swagger-ui
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: swagger-ui
+  namespace: swagger-ui
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - swagger.kmlabz.com
+    secretName: swagger-ui-cert-secret
+  rules:
+  - host: swagger.kmlabz.com
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: swagger-ui
+          servicePort: http

wekan.yml

@@ -0,0 +1,104 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: wekan-config
+  labels:
+    app: wekan
+    tier: server
+  namespace: wekan
+data:
+  MONGO_URL: REDACTED
+  ROOT_URL: "https://wekan.kmlabz.com"
+  MAIL_URL: "smtp://192.168.42.7:25/?tls={rejectUnauthorized:false}"
+  MAIL_FROM: "Wekan Notifications <wekan@kmlabz.com>"
+  ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE: "3"
+  ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD: "60"
+  ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW: "15"
+  ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE: "3"
+  ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD: "60"
+  ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW: "15"
+  WITH_API: "true"
+  RICHER_CARD_COMMENT_EDITOR: "false"
+  SCROLLINERTIA: "0"
+  SCROLLAMOUNT: "auto"
+  CARD_OPENED_WEBHOOK_ENABLED: "false"
+  BIGEVENTS_PATTERN: "NONE"
+  BROWSER_POLICY_ENABLED: "true"
+  OAUTH2_ID_MAP: preferred_username
+  OAUTH2_USERNAME_MAP: preferred_username
+  OAUTH2_FULLNAME_MAP: given_name
+  OAUTH2_EMAIL_MAP: email
+  OAUTH2_ENABLED: "true"
+  OAUTH2_LOGIN_STYLE: redirect
+  OAUTH2_CLIENT_ID: REDACTED
+  OAUTH2_SERVER_URL: "https://keycloak.kmlabz.com/auth"
+  OAUTH2_AUTH_ENDPOINT: /realms/master/protocol/openid-connect/auth
+  OAUTH2_USERINFO_ENDPOINT: /realms/master/protocol/openid-connect/userinfo
+  OAUTH2_TOKEN_ENDPOINT: /realms/master/protocol/openid-connect/token
+  OAUTH2_SECRET: REDACTED
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: wekan
+  namespace: wekan
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: wekan
+      tier: server
+  template:
+    metadata:
+      labels:
+        app: wekan
+        tier: server
+    spec:
+      containers:
+        - name: wekan
+          image: wekanteam/wekan
+          imagePullPolicy: "Always"
+          ports:
+            - containerPort: 8080
+          envFrom:
+            - configMapRef:
+                name: wekan-config
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: wekan
+  namespace: wekan
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 8080
+      name: http
+      protocol: TCP
+  selector:
+    app: wekan
+    tier: server
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: wekan
+  namespace: wekan
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - wekan.kmlabz.com
+    secretName: wekan-cert-secret
+  rules:
+  - host: wekan.kmlabz.com
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: wekan
+          servicePort: http

xwiki.yml

@@ -0,0 +1,97 @@
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: xwiki-config
+  labels:
+    app: xwiki
+  namespace: xwiki
+data:
+  DB_USER: REDACTED
+  DB_PASSWORD: REDACTED
+  DB_DATABASE: REDACTED
+  DB_HOST: REDACTED
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: xwiki-pv-claim
+  labels:
+    app: xwiki
+  namespace: xwiki
+spec:
+  storageClassName: longhorn
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: xwiki
+  namespace: xwiki
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: xwiki
+  template:
+    metadata:
+      labels:
+        app: xwiki
+    spec:
+      containers:
+        - name: xwiki
+          image: xwiki:stable-postgres-tomcat
+          imagePullPolicy: "Always"
+          ports:
+            - containerPort: 8080
+          volumeMounts:
+            - mountPath: /usr/local/xwiki
+              name: xwiki-volume
+          envFrom:
+            - configMapRef:
+                name: xwiki-config
+      volumes:
+        - name: xwiki-volume
+          persistentVolumeClaim:
+            claimName: xwiki-pv-claim
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: xwiki
+  namespace: xwiki
+spec:
+  type: ClusterIP
+  ports:
+    - port: 80
+      targetPort: 8080
+      name: http
+      protocol: TCP
+  selector:
+    app: xwiki
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: xwiki
+  namespace: xwiki
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - xwiki.kmlabz.com
+    secretName: xwiki-cert-secret
+  rules:
+  - host: xwiki.kmlabz.com
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: xwiki
+          servicePort: http