diff --git a/asyncapi.yml b/asyncapi.yml new file mode 100644 index 0000000..281c9bd --- /dev/null +++ b/asyncapi.yml @@ -0,0 +1,61 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: asyncapi + namespace: asyncapi +spec: + replicas: 1 + selector: + matchLabels: + app: asyncapi + template: + metadata: + labels: + app: asyncapi + spec: + containers: + - name: asyncapi + image: registry.kmlabz.com/birbnetes/asyncapi + imagePullPolicy: "Always" + ports: + - containerPort: 80 + imagePullSecrets: + - name: regcred +--- +apiVersion: v1 +kind: Service +metadata: + name: asyncapi + namespace: asyncapi +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 80 + name: http + protocol: TCP + selector: + app: asyncapi +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: asyncapi + namespace: asyncapi + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + tls: + - hosts: + - asyncapi.kmlabz.com + secretName: asyncapi-cert-secret + rules: + - host: asyncapi.kmlabz.com + http: + paths: + - path: / + backend: + serviceName: asyncapi + servicePort: http diff --git a/drone.yml b/drone.yml new file mode 100644 index 0000000..52cf0eb --- /dev/null +++ b/drone.yml @@ -0,0 +1,87 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: drone-config + labels: + app: drone + namespace: drone +data: + DRONE_USER_CREATE: "username:tormakris,admin:true" + DRONE_ADMIN: tormakris + DRONE_AGENTS_ENABLED: "true" + DRONE_GITEA_SERVER: "https://git.kmlabz.com" + DRONE_GITEA_PRIVATE_MODE: "false" + DRONE_SERVER_HOST: drone.kmlabz.com + DRONE_SERVER_PROTO: https + DRONE_GITEA_CLIENT_ID: "edbee7f1-7295-4523-a88d-c55eb149da0f" + DRONE_GITEA_CLIENT_SECRET: "v7y2B0arZ6Fq2MZyYVDQ8JOGblBDeHX3oWAKMfxDQ_U=" + DRONE_RPC_SECRET: d93445d12055463a6a5e4a39949c165e + DRONE_DATABASE_DRIVER: postgres + DRONE_DATABASE_DATASOURCE: "postgres://drone:cQk1JI73C1UZi0Y3oSQq@192.168.8.4:5432/drone?sslmode: verify-ca" + DRONE_DATABASE_SECRET: afb12100f88c1011f60c6a00f0cac02c + DRONE_GITEA_SKIP_VERIFY: "false" + DRONE_GIT_ALWAYS_AUTH: "true" + DRONE_LOGS_DEBUG: "true" +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: drone + namespace: drone +spec: + replicas: 1 + selector: + matchLabels: + app: drone + template: + metadata: + labels: + app: drone + spec: + containers: + - name: drone + image: drone/drone:1 + imagePullPolicy: "Always" + ports: + - containerPort: 80 + envFrom: + - configMapRef: + name: drone-config +--- +apiVersion: v1 +kind: Service +metadata: + name: drone + namespace: drone +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 80 + name: http + protocol: TCP + selector: + app: drone +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: drone + namespace: drone + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + tls: + - hosts: + - drone.kmlabz.com + secretName: drone-cert-secret + rules: + - host: drone.kmlabz.com + http: + paths: + - path: / + backend: + serviceName: drone + servicePort: http \ No newline at end of file diff --git a/swagger.yml b/swagger.yml new file mode 100644 index 0000000..ff77327 --- /dev/null +++ b/swagger.yml @@ -0,0 +1,72 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: swagger-ui-config + labels: + app: swagger-ui + namespace: swagger-ui +data: + URLS: "[ { name: \"Input Service\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/input.yml\"}, { name: \"Storage Service\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/storage.yml\" }, {name: \"Output Service (RDB)\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/output-service-rdb.yml\"}, {name: \"Model Service\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/model.yaml\"}, {name: \"Command and Control\", url: \"https://git.kmlabz.com/birbnetes/swagger-docs/raw/branch/master/command-and-control.yml\"} ]" +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: swagger-ui + namespace: swagger-ui +spec: + replicas: 1 + selector: + matchLabels: + app: swagger-ui + template: + metadata: + labels: + app: swagger-ui + spec: + containers: + - name: swagger-ui + image: swaggerapi/swagger-ui + imagePullPolicy: "Always" + ports: + - containerPort: 8080 + envFrom: + - configMapRef: + name: swagger-ui-config +--- +apiVersion: v1 +kind: Service +metadata: + name: swagger-ui + namespace: swagger-ui +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8080 + name: http + protocol: TCP + selector: + app: swagger-ui +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: swagger-ui + namespace: swagger-ui + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + tls: + - hosts: + - swagger.kmlabz.com + secretName: swagger-ui-cert-secret + rules: + - host: swagger.kmlabz.com + http: + paths: + - path: / + backend: + serviceName: swagger-ui + servicePort: http diff --git a/wekan.yml b/wekan.yml new file mode 100644 index 0000000..a4faf99 --- /dev/null +++ b/wekan.yml @@ -0,0 +1,104 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: wekan-config + labels: + app: wekan + tier: server + namespace: wekan +data: + MONGO_URL: REDACTED + ROOT_URL: "https://wekan.kmlabz.com" + MAIL_URL: "smtp://192.168.42.7:25/?tls={rejectUnauthorized:false}" + MAIL_FROM: "Wekan Notifications " + ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE: "3" + ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD: "60" + ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW: "15" + ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE: "3" + ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD: "60" + ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW: "15" + WITH_API: "true" + RICHER_CARD_COMMENT_EDITOR: "false" + SCROLLINERTIA: "0" + SCROLLAMOUNT: "auto" + CARD_OPENED_WEBHOOK_ENABLED: "false" + BIGEVENTS_PATTERN: "NONE" + BROWSER_POLICY_ENABLED: "true" + OAUTH2_ID_MAP: preferred_username + OAUTH2_USERNAME_MAP: preferred_username + OAUTH2_FULLNAME_MAP: given_name + OAUTH2_EMAIL_MAP: email + OAUTH2_ENABLED: "true" + OAUTH2_LOGIN_STYLE: redirect + OAUTH2_CLIENT_ID: REDACTED + OAUTH2_SERVER_URL: "https://keycloak.kmlabz.com/auth" + OAUTH2_AUTH_ENDPOINT: /realms/master/protocol/openid-connect/auth + OAUTH2_USERINFO_ENDPOINT: /realms/master/protocol/openid-connect/userinfo + OAUTH2_TOKEN_ENDPOINT: /realms/master/protocol/openid-connect/token + OAUTH2_SECRET: REDACTED +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: wekan + namespace: wekan +spec: + replicas: 1 + selector: + matchLabels: + app: wekan + tier: server + template: + metadata: + labels: + app: wekan + tier: server + spec: + containers: + - name: wekan + image: wekanteam/wekan + imagePullPolicy: "Always" + ports: + - containerPort: 8080 + envFrom: + - configMapRef: + name: wekan-config +--- +apiVersion: v1 +kind: Service +metadata: + name: wekan + namespace: wekan +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8080 + name: http + protocol: TCP + selector: + app: wekan + tier: server +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: wekan + namespace: wekan + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + tls: + - hosts: + - wekan.kmlabz.com + secretName: wekan-cert-secret + rules: + - host: wekan.kmlabz.com + http: + paths: + - path: / + backend: + serviceName: wekan + servicePort: http diff --git a/xwiki.yml b/xwiki.yml new file mode 100644 index 0000000..2dc8ec6 --- /dev/null +++ b/xwiki.yml @@ -0,0 +1,97 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: xwiki-config + labels: + app: xwiki + namespace: xwiki +data: + DB_USER: REDACTED + DB_PASSWORD: REDACTED + DB_DATABASE: REDACTED + DB_HOST: REDACTED +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: xwiki-pv-claim + labels: + app: xwiki + namespace: xwiki +spec: + storageClassName: longhorn + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: xwiki + namespace: xwiki +spec: + replicas: 1 + selector: + matchLabels: + app: xwiki + template: + metadata: + labels: + app: xwiki + spec: + containers: + - name: xwiki + image: xwiki:stable-postgres-tomcat + imagePullPolicy: "Always" + ports: + - containerPort: 8080 + volumeMounts: + - mountPath: /usr/local/xwiki + name: xwiki-volume + envFrom: + - configMapRef: + name: xwiki-config + volumes: + - name: xwiki-volume + persistentVolumeClaim: + claimName: xwiki-pv-claim +--- +apiVersion: v1 +kind: Service +metadata: + name: xwiki + namespace: xwiki +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 8080 + name: http + protocol: TCP + selector: + app: xwiki +--- +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress +metadata: + name: xwiki + namespace: xwiki + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: "letsencrypt-prod" +spec: + tls: + - hosts: + - xwiki.kmlabz.com + secretName: xwiki-cert-secret + rules: + - host: xwiki.kmlabz.com + http: + paths: + - path: / + backend: + serviceName: xwiki + servicePort: http