From ab227496731d5327f8faac4835b80ab9aa811e00 Mon Sep 17 00:00:00 2001 From: Raiko Koosaar Date: Mon, 21 Oct 2024 19:02:56 +0000 Subject: [PATCH] wp --- .../default/wordpress/app/externalsecret.yaml | 30 +++++ .../default/wordpress/app/helmrelease.yaml | 108 ++++++++++++++++++ .../default/wordpress/app/kustomization.yaml | 9 ++ kubernetes/apps/default/wordpress/ks.yaml | 28 +++++ 4 files changed, 175 insertions(+) create mode 100644 kubernetes/apps/default/wordpress/app/externalsecret.yaml create mode 100644 kubernetes/apps/default/wordpress/app/helmrelease.yaml create mode 100644 kubernetes/apps/default/wordpress/app/kustomization.yaml create mode 100644 kubernetes/apps/default/wordpress/ks.yaml diff --git a/kubernetes/apps/default/wordpress/app/externalsecret.yaml b/kubernetes/apps/default/wordpress/app/externalsecret.yaml new file mode 100644 index 00000000..7af1d554 --- /dev/null +++ b/kubernetes/apps/default/wordpress/app/externalsecret.yaml @@ -0,0 +1,30 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/external-secrets.io/externalsecret_v1beta1.json +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: wordpress +spec: + secretStoreRef: + kind: ClusterSecretStore + name: onepassword-connect + target: + name: wordpress-secret + template: + engineVersion: v2 + data: + WORDPRESS_DATABASE_HOST: &dbHost postgres16-rw.database.svc.cluster.local + WORDPRESS_DATABASE_PORT_NUMBER: "5432" + WORDPRESS_DATABASE_NAME: &dbName "wordpress" + WORDPRESS_DATABASE_USER: &dbUser "{{ .WORDPRESS_POSTGRES_USER }}" + WORDPRESS_DATABASE_PASSWORD: &dbPass "{{ .WORDPRESS_POSTGRES_PASSWORD }}" + INIT_POSTGRES_DBNAME: *dbName + INIT_POSTGRES_HOST: *dbHost + INIT_POSTGRES_USER: *dbUser + INIT_POSTGRES_PASS: *dbPass + INIT_POSTGRES_SUPER_PASS: "{{ .POSTGRES_SUPER_PASS }}" + dataFrom: + - extract: + key: cloudnative-pg + - extract: + key: wordpress diff --git a/kubernetes/apps/default/wordpress/app/helmrelease.yaml b/kubernetes/apps/default/wordpress/app/helmrelease.yaml new file mode 100644 index 00000000..becb7ff2 --- /dev/null +++ b/kubernetes/apps/default/wordpress/app/helmrelease.yaml @@ -0,0 +1,108 @@ +--- +# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: &app wordpress +spec: + interval: 30m + chart: + spec: + chart: app-template + version: 3.5.1 + sourceRef: + kind: HelmRepository + name: bjw-s + namespace: flux-system + install: + remediation: + retries: 3 + upgrade: + cleanupOnFail: true + remediation: + strategy: rollback + retries: 3 + dependsOn: + - name: longhorn + namespace: storage + - name: volsync + namespace: storage + values: + controllers: + wordpress: + annotations: + reloader.stakater.com/auto: "true" + initContainers: + init-db: + image: + repository: ghcr.io/rkoosaar/postgres-init + tag: 16 + envFrom: &envFrom + - secretRef: + name: wordpress-secret + containers: + app: + image: + repository: bitnami/wordpress + tag: 6.6.2 + envFrom: *envFrom + env: + TZ: Europe/London + # PUID: "1026" + # PGID: "1000" + # probes: + # liveness: + # enabled: true + # readiness: + # enabled: true + # startup: + # enabled: true + # spec: + # failureThreshold: 30 + # periodSeconds: 5 + # resources: + # requests: + # cpu: 15m + # memory: 324M + # limits: + # memory: 604M + # externalDatabase: + # database: ${SECRET_WP_1_MARIADB_DB} + # host: ${SECRET_MARIADB_SERVER} + # port: + # user: ${SECRET_WP_1_MARIADB_USER} + # password: ${SECRET_WP_1_MARIADB_PASS} + mariadb: + enabled: false + service: + app: + controller: *app + ports: + http: + port: 80 + ingress: + app: + className: internal + annotations: + external-dns.alpha.kubernetes.io/target: "internal.${SECRET_DOMAIN}" + hosts: + - host: "{{ .Release.Name }}.${SECRET_DOMAIN}" + paths: + - path: / + pathType: Prefix + service: + identifier: app + port: http + metrics: + enabled: true + + persistence: + config: + existingClaim: *app + # media: + # type: nfs + # server: nas.kvshs.xyz + # path: /media + # globalMounts: + # - path: /media + diff --git a/kubernetes/apps/default/wordpress/app/kustomization.yaml b/kubernetes/apps/default/wordpress/app/kustomization.yaml new file mode 100644 index 00000000..71da2026 --- /dev/null +++ b/kubernetes/apps/default/wordpress/app/kustomization.yaml @@ -0,0 +1,9 @@ +--- +# yaml-language-server: $schema=https://json.schemastore.org/kustomization +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - ./externalsecret.yaml + - ./helmrelease.yaml + #- ../../../../templates/gatus/external + - ../../../../templates/volsync diff --git a/kubernetes/apps/default/wordpress/ks.yaml b/kubernetes/apps/default/wordpress/ks.yaml new file mode 100644 index 00000000..7394e568 --- /dev/null +++ b/kubernetes/apps/default/wordpress/ks.yaml @@ -0,0 +1,28 @@ +--- +# yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/kustomize.toolkit.fluxcd.io/kustomization_v1.json +apiVersion: kustomize.toolkit.fluxcd.io/v1 +kind: Kustomization +metadata: + name: &app wordpress + namespace: flux-system +spec: + targetNamespace: default + commonMetadata: + labels: + app.kubernetes.io/name: *app + dependsOn: + - name: external-secrets-stores + - name: cloudnative-pg-cluster + path: ./kubernetes/apps/default/wordpress/app + prune: true + sourceRef: + kind: GitRepository + name: home-kubernetes + wait: false + interval: 30m + retryInterval: 1m + timeout: 5m + postBuild: + substitute: + APP: *app + VOLSYNC_CAPACITY: 2Gi