diff --git a/kubernetes/argocd/stacks/bmes-wordpress/certs.yml b/kubernetes/argocd/stacks/bmes-wordpress/certs.yml new file mode 100644 index 0000000..cfd5047 --- /dev/null +++ b/kubernetes/argocd/stacks/bmes-wordpress/certs.yml @@ -0,0 +1,12 @@ +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: bmes-tls +spec: + dnsNames: + - convergehealth.cc + secretName: bmes-tls + issuerRef: + kind: ClusterIssuer + name: letsencrypt diff --git a/kubernetes/argocd/stacks/bmes-wordpress/main.yml b/kubernetes/argocd/stacks/bmes-wordpress/main.yml new file mode 100644 index 0000000..4d7d2a9 --- /dev/null +++ b/kubernetes/argocd/stacks/bmes-wordpress/main.yml @@ -0,0 +1,140 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: wordpress-pvc + namespace: bmes-wordpress +spec: + accessModes: + - ReadWriteOnce + storageClassName: nfs-csi + resources: + requests: + storage: 20Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: database-pvc + namespace: bmes-wordpress +spec: + accessModes: + - ReadWriteOnce + storageClassName: nfs-csi + resources: + requests: + storage: 2Gi +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bmes-website + namespace: bmes-wordpress +spec: + strategy: + type: Recreate # hell on earth. + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bmes-website + template: + metadata: + annotations: + labels: + app.kubernetes.io/name: bmes-website + spec: + volumes: + - name: wp-data + persistentVolumeClaim: + claimName: wordpress-pvc + - name: wp-db + persistentVolumeClaim: + claimName: database-pvc + containers: + - name: wordpress-db + image: mysql:9.1 + volumeMounts: + - name: wp-db + mountPath: /var/lib/mysql + env: + - name: MYSQL_ROOT_PASSWORD + value: "notASecret" + - name: MYSQL_DATABASE + value: "wordpress" + - name: wordpress + image: wordpress:6.6-apache + imagePullPolicy: Always + ports: + - name: http + containerPort: 80 + protocol: TCP + volumeMounts: + - name: wp-data + mountPath: /var/www/html + env: + - name: WORDPRESS_DB_HOST + value: "localhost" + - name: WORDPRESS_DB_USER + value: "root" + - name: WORDPRESS_DB_PASSWORD + value: "notASecret" + - name: WORDPRESS_DB_NAME + value: "wordpress" + livenessProbe: + httpGet: + path: / + port: http + readinessProbe: + httpGet: + path: / + port: http + resources: + limits: + cpu: '1000m' + memory: 1024Mi + requests: + cpu: '100m' + memory: 256Mi +--- +apiVersion: v1 +kind: Service +metadata: + namespace: bmes-wordpress + name: wordpress +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: bmes-website +--- +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + name: bmes + namespace: bmes-wordpress + annotations: + external-dns.alpha.kubernetes.io/target: app.acmuic.org +spec: + entryPoints: + - websecure + - web + routes: + - kind: Rule + match: "Host(`convergehealth.cc`) || Host(`www.convergehealth.cc`)" + services: + - kind: Service + name: bmes # Perhaps move to new file. + namespace: bmes-wordpress + passHostHeader: true + port: http + responseForwarding: + flushInterval: 1ms + scheme: http + strategy: RoundRobin + weight: 10 + tls: + secretName: bmes-tls diff --git a/kubernetes/argocd/stacks/common/bmes-wordpress.yml b/kubernetes/argocd/stacks/common/bmes-wordpress.yml new file mode 100644 index 0000000..36ad8e1 --- /dev/null +++ b/kubernetes/argocd/stacks/common/bmes-wordpress.yml @@ -0,0 +1,26 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: bmes-wordpress + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + destination: + namespace: bmes-wordpress + server: 'https://kubernetes.default.svc' + sources: + - path: kubernetes/argocd/stacks/bmes-wordpress + repoURL: 'git@github.com:acm-uic/IaC.git' + targetRevision: HEAD + directory: + recurse: true + include: '*.yml' + exclude: values.yml + project: bmes + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true \ No newline at end of file diff --git a/kubernetes/argocd/stacks/common/projects.yml b/kubernetes/argocd/stacks/common/projects.yml index 3adcc72..bc8589c 100644 --- a/kubernetes/argocd/stacks/common/projects.yml +++ b/kubernetes/argocd/stacks/common/projects.yml @@ -81,4 +81,23 @@ spec: # A role which provides read-only access to all applications in the project - name: read-only description: Read-only privileges to sparkhacks - +--- +apiVersion: argoproj.io/v1alpha1 +kind: AppProject +metadata: + name: bmes + namespace: argocd +spec: + clusterResourceWhitelist: + - group: '*' + kind: '*' + destinations: + - namespace: 'bmes-wordpress' + server: '*' + sourceRepos: + - 'git@github.com:acm-uic/IaC.git' + - 'https://acm.cs.uic.edu/helm' + roles: + # A role which provides read-only access to all applications in the project + - name: read-only + description: Read-only privileges to sparkhacks