Add initial Kubernetes config files

This includes all the resources currently running on https://gitea.kosmos.org

It sets up a persistent data volume for the MySQL database, one for the
Gitea data, that Gitea calls the custom folder (config, attachment,
avatars, logs, etc). We mount that persistent data volume as
/data/gitea. It also creates a Let's Encrypt certificate for
gitea.kosmos.org, also saved to the custom folder.

This also includes two scripts:

* `./script/get_secrets` downloads the secrets to the local filesystem so
they can be edited
* `./script/replace_secrets` deletes the remote secrets and creates them
again from the local ones in kubernetes/config/*

Closes #6
This commit is contained in:
Greg Karékinian
2018-12-14 17:14:00 +01:00
parent bdc9294260
commit 4c463adcda
7 changed files with 234 additions and 0 deletions

69
kubernetes/gitea-db.yaml Normal file
View File

@@ -0,0 +1,69 @@
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: gitea-db
spec:
replicas: 1
strategy:
type: Recreate
template:
metadata:
labels:
name: gitea-db
spec:
containers:
- env:
- name: MYSQL_DATABASE
value: gitea
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: gitea-mysql-pass
key: password
- name: MYSQL_USER
value: gitea
image: mariadb:10.3.10
name: gitea-db
resources: {}
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- mountPath: /var/lib/mysql
name: gitea-db-data
restartPolicy: Always
volumes:
- name: gitea-db-data
persistentVolumeClaim:
claimName: gitea-db-data
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: gitea-db-data
labels:
name: gitea-db-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Service
metadata:
name: gitea-db
labels:
service: gitea-db
spec:
selector:
name: gitea-db
type: ClusterIP
ports:
- port: 3306