From 8a2f167cd972e3ccc6c878345da8c85e8b0fae1b Mon Sep 17 00:00:00 2001 From: root Date: Sat, 2 Nov 2024 02:20:55 +0300 Subject: [PATCH] k3s --- k3s_config/NPM/deployment.yaml | 36 ++++++++++++++ k3s_config/NPM/pvc.yaml | 12 +++++ k3s_config/NPM/service.yaml | 23 +++++++++ k3s_config/Planka/ingress.yaml | 19 ++++++++ k3s_config/Planka/planka-admin-secret.yaml | 11 +++++ k3s_config/Planka/planka-service.yaml | 14 ++++++ k3s_config/Planka/planka.yaml | 29 +++++++++++ k3s_config/Planka/postgres.yaml | 56 ++++++++++++++++++++++ k3s_config/metallb-config.yaml | 2 +- k3s_config/role-binding.yaml | 13 +++++ 10 files changed, 214 insertions(+), 1 deletion(-) create mode 100644 k3s_config/NPM/deployment.yaml create mode 100644 k3s_config/NPM/pvc.yaml create mode 100644 k3s_config/NPM/service.yaml create mode 100644 k3s_config/Planka/ingress.yaml create mode 100644 k3s_config/Planka/planka-admin-secret.yaml create mode 100644 k3s_config/Planka/planka-service.yaml create mode 100644 k3s_config/Planka/planka.yaml create mode 100644 k3s_config/Planka/postgres.yaml create mode 100644 k3s_config/role-binding.yaml diff --git a/k3s_config/NPM/deployment.yaml b/k3s_config/NPM/deployment.yaml new file mode 100644 index 00000000..11fcca63 --- /dev/null +++ b/k3s_config/NPM/deployment.yaml @@ -0,0 +1,36 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nginx-proxy-manager + namespace: nginx-proxy + labels: + app: nginx-proxy-manager +spec: + replicas: 1 + selector: + matchLabels: + app: nginx-proxy-manager + template: + metadata: + labels: + app: nginx-proxy-manager + spec: + containers: + - name: nginx-proxy-manager + image: jc21/nginx-proxy-manager:latest + ports: + - containerPort: 80 + - containerPort: 81 + - containerPort: 443 + volumeMounts: + - name: data + mountPath: /data + - name: letsencrypt + mountPath: /etc/letsencrypt + volumes: + - name: data + persistentVolumeClaim: + claimName: nginx-proxy-pvc + - name: letsencrypt + emptyDir: {} + diff --git a/k3s_config/NPM/pvc.yaml b/k3s_config/NPM/pvc.yaml new file mode 100644 index 00000000..11960d59 --- /dev/null +++ b/k3s_config/NPM/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: nginx-proxy-pvc + namespace: nginx-proxy +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + diff --git a/k3s_config/NPM/service.yaml b/k3s_config/NPM/service.yaml new file mode 100644 index 00000000..7a4345e5 --- /dev/null +++ b/k3s_config/NPM/service.yaml @@ -0,0 +1,23 @@ +apiVersion: v1 +kind: Service +metadata: + name: nginx-proxy-manager + namespace: nginx-proxy +spec: + type: LoadBalancer # или NodePort, если MetalLB не настроен + selector: + app: nginx-proxy-manager + ports: + - name: http + protocol: TCP + port: 80 + targetPort: 80 + - name: admin + protocol: TCP + port: 81 + targetPort: 81 + - name: https + protocol: TCP + port: 443 + targetPort: 443 + diff --git a/k3s_config/Planka/ingress.yaml b/k3s_config/Planka/ingress.yaml new file mode 100644 index 00000000..51b8edea --- /dev/null +++ b/k3s_config/Planka/ingress.yaml @@ -0,0 +1,19 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: planka-ingress + namespace: planka + annotations: + traefik.ingress.kubernetes.io/router.entrypoints: web +spec: + rules: + - host: planka.intr + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: planka + port: + number: 80 diff --git a/k3s_config/Planka/planka-admin-secret.yaml b/k3s_config/Planka/planka-admin-secret.yaml new file mode 100644 index 00000000..c8d7b9bb --- /dev/null +++ b/k3s_config/Planka/planka-admin-secret.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Secret +metadata: + name: planka-admin-secret + namespace: planka +type: Opaque +data: + DEFAULT_ADMIN_EMAIL: Z2JhNDA0QGdtYWlsLmNvbQ== + DEFAULT_ADMIN_PASSWORD: ODE0OA== + DEFAULT_ADMIN_NAME: cm9vdA== + DEFAULT_ADMIN_USERNAME: cm9vdA== diff --git a/k3s_config/Planka/planka-service.yaml b/k3s_config/Planka/planka-service.yaml new file mode 100644 index 00000000..7b11622b --- /dev/null +++ b/k3s_config/Planka/planka-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + name: planka + namespace: planka +spec: + selector: + app: planka + type: LoadBalancer + ports: + - protocol: TCP + port: 80 + targetPort: 1337 + diff --git a/k3s_config/Planka/planka.yaml b/k3s_config/Planka/planka.yaml new file mode 100644 index 00000000..d89ed986 --- /dev/null +++ b/k3s_config/Planka/planka.yaml @@ -0,0 +1,29 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: planka + namespace: planka +spec: + selector: + matchLabels: + app: planka + template: + metadata: + labels: + app: planka + spec: + containers: + - name: planka + image: ghcr.io/plankanban/planka:latest + env: + - name: DATABASE_URL + value: postgres://plankauser:8148@postgres.planka.svc.cluster.local:5432/planka + - name: SECRET_KEY + value: jdkdslsdklsdklskd + - name: BASE_URL + value: "http://planka.intr" + envFrom: + - secretRef: + name: planka-admin-secret + ports: + - containerPort: 1337 diff --git a/k3s_config/Planka/postgres.yaml b/k3s_config/Planka/postgres.yaml new file mode 100644 index 00000000..7a2d2171 --- /dev/null +++ b/k3s_config/Planka/postgres.yaml @@ -0,0 +1,56 @@ +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: planka +spec: + ports: + - port: 5432 + selector: + app: postgres +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: planka +spec: + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:13 + env: + - name: POSTGRES_DB + value: "planka" + - name: POSTGRES_USER + value: "plankauser" + - name: POSTGRES_PASSWORD + value: "8148" + ports: + - containerPort: 5432 + volumeMounts: + - name: postgres-storage + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-storage + persistentVolumeClaim: + claimName: postgres-pvc +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-pvc + namespace: planka +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/k3s_config/metallb-config.yaml b/k3s_config/metallb-config.yaml index 45cb2290..e33217d7 100644 --- a/k3s_config/metallb-config.yaml +++ b/k3s_config/metallb-config.yaml @@ -5,7 +5,7 @@ metadata: namespace: metallb-system spec: addresses: - - 78.37.179.200-78.37.179.200 # Укажите здесь диапазон, доступный в вашей сети + - 192.168.0.150-192.168.0.180 # Укажите здесь диапазон, доступный в вашей сети --- apiVersion: metallb.io/v1beta1 kind: L2Advertisement diff --git a/k3s_config/role-binding.yaml b/k3s_config/role-binding.yaml new file mode 100644 index 00000000..8836191f --- /dev/null +++ b/k3s_config/role-binding.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: kubernetes-dashboard-global-access +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin # Полный доступ ко всем ресурсам в кластере +subjects: +- kind: ServiceAccount + name: default + namespace: kubernetes-dashboard +