Fascinated/homelab
Archived
1
1
Fork 0
Code Issues 1 Pull Requests 9 Actions Activity

feat(apps): drone-ci
Some checks failed
Check Kubernetes YAMLs / scan (push) Failing after 18s
Details

Browse Source
This commit is contained in:
Lee 2024-09-23 22:05:44 +01:00
parent 8a0e065039
commit 0cc06ea7fd
8 changed files with 136 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
kubernetes/apps/production/drone/deployment.yaml Normal file
View File

@ -0,0 +1,53 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: drone-deployment
namespace: drone-ci
labels:
app: drone
spec:
replicas: 1
selector:
matchLabels:
app: drone
template:
metadata:
labels:
app: drone
spec:
containers:
- name: drone
image: drone/drone:2
ports:
- containerPort: 80
- containerPort: 443
env:
- name: DRONE_GITEA_SERVER
value: "https://try.gitea.io"
- name: DRONE_GITEA_CLIENT_ID
valueFrom:
secretKeyRef:
name: drone-secret
key: DRONE_GITEA_CLIENT_ID
- name: DRONE_GITEA_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: drone-secret
key: DRONE_GITEA_CLIENT_SECRET
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-secret
key: DRONE_RPC_SECRET
- name: DRONE_SERVER_HOST
value: "drone.local.fascinated.cc"
- name: DRONE_SERVER_PROTO
value: "https"
volumeMounts:
- name: drone-data
mountPath: /data
volumes:
- name: drone-data
persistentVolumeClaim:
claimName: drone-pvc

22
kubernetes/apps/production/drone/ingress.yaml Normal file
View File

@ -0,0 +1,22 @@
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: drone-ci-ingress
namespace: drone-ci
annotations:
kubernetes.io/ingress.class: traefik-external
spec:
entryPoints:
- websecure
routes:
- match: Host(`drone.local.fascinated.cc`)
kind: Rule
middlewares:
- name: default-headers
namespace: traefik
services:
- name: drone-service
port: 80
tls:
secretName: local-fascinated-cc

11
kubernetes/apps/production/drone/kustomization.yaml Normal file
View File

@ -0,0 +1,11 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: drone-ci
resources:
- namespace.yaml
- sealed-secrets.yaml
- pvc.yaml
- deployment.yaml
- service.yaml
- ingress.yaml

5
kubernetes/apps/production/drone/namespace.yaml Normal file
View File

@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: drone-ci

12
kubernetes/apps/production/drone/pvc.yaml Normal file
View File

@ -0,0 +1,12 @@
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: drone-pvc
namespace: drone-ci
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi

15
kubernetes/apps/production/drone/sealed-secrets.yaml Normal file
View File

@ -0,0 +1,15 @@
---
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: drone-secret
namespace: drone-ci
spec:
encryptedData:
foo: AgBGX0uwg9RxgFG1vOFH8JlvhvU3cJWLqUpH+c2RsYGF58LpUEEwXxTkKae8B8yGTgqCgb+Uhp+NAXVTIxAVk3HBRAycgYGjlRY/ZZRd95Di6ZLp+OlN1kIbzI/XX58Gn5k7xETzlC+WKv5yWCXBL1GB7iqR+jRvaEUuV6c4AXwMRk+vw5ULUHJY6n1SAP2W8RWMHL5tQc7NYis22kBYsWSjDC/QD8TvyxHgqiSndtbLTx5wWDmF4xdu8NBQ2jhWDoAp3j7YOwsKXYNUTVDTHIbRnPXuGhJwiiXs2AnJMgEZRjTd7rnbdIiColk8gA25xl1OL1qWTNHaCBp4/eKVD10RFISbjOrEB6hmjKm1jCvwStFUVsTyMhHHaXFS4KdWbpKfc7SF5T+hdNt+tNqdCtZsl+BMrsL3B0w9tg6CoYtcELEGRmQungcBaK16C/ZGeGHElddte3UO9fsjF9QEW2zlJWi/Vy5dq8LFq1a0vS709RBHjNpVcEsfdhep/F3msqMph7t89z6FMUBRlu5btTa4PyeoN0QnvoRoWa5tjQHhC/80/zLYC/bZQ//vLBxjREhaDiG5LsE73YhCVqCni7qapVEW4Scx2i8lfVZgZiaWmux/bxx4s5jPNPErBdx/o3y12pmUxWnos5zFe9aIRsuUTn9l9SAW28iDikAOu+89BrYEaLHFdTEUX2C3jiI5hp3a3w73WB1sLtjDLs8OeiarzGaQKSYcJLzmMyLRZweUosuo13WpN3svF04f5xYlLbrpGudrwjumqHJGSxx0lnsKiCyx5hBsex+aj9H4ZQYnwaup6EBHlwN2WCwPseaqAkzjn3dm6coJ5pZY/+iCDVahv2bpxId9TNWlR1uCPkY7MAGhPFV6CnP3jixIqB7tCtqPTP7YQc3qgcAQz1LI6KTGIM3lPC//1mHqoaxsuIoOQ6XZo64lcrNaeP0dtUokekdTR7slTE6uDGw+7vGjTvMQVnxhW5AaHTz/jga7O1uD0XEpTxIjjnpFqOk+yrvMzP6XGiboTI2Ehwkv+uRLQ72R8Dtgk9vzy7pAzKRMch3FMOhgAl/Hl0Y=
template:
metadata:
creationTimestamp: null
name: drone-secret
namespace: drone-ci

17
kubernetes/apps/production/drone/service.yaml Normal file
View File

@ -0,0 +1,17 @@
---
apiVersion: v1
kind: Service
metadata:
name: drone-service
namespace: drone-ci
spec:
type: ClusterIP
ports:
- port: 80
targetPort: 80
protocol: TCP
- port: 443
targetPort: 443
protocol: TCP
selector:
app: drone

2
kubernetes/apps/production/flyimg/ingress.yaml
View File

@ -1,7 +1,7 @@
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: IngressRoute kind: IngressRoute
metadata: metadata:
name: capacitor-external-ingress name: capacitor-ingress
namespace: public-services namespace: public-services
annotations: annotations:
kubernetes.io/ingress.class: traefik-external kubernetes.io/ingress.class: traefik-external