diff --git a/flux/cluster/apps/misc/cdn-control/deployment.yaml b/flux/cluster/apps/misc/cdn-control/deployment.yaml new file mode 100644 index 0000000..3f8668e --- /dev/null +++ b/flux/cluster/apps/misc/cdn-control/deployment.yaml @@ -0,0 +1,53 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: cdn-deployment + namespace: family + labels: + app: cdn-deployment + keel.sh/policy: force + keel.sh/match-tag: "true" +spec: + replicas: 1 + selector: + matchLabels: + app: cdn-deployment + template: + metadata: + labels: + app: cdn-deployment + spec: + containers: + - name: cdn-deployment + imagePullPolicy: Always + image: registry.asraphiel.dev/library/cdn-control:main + ports: + - containerPort: 8080 + env: + - name: CDN_ACCESS_KEY + valueFrom: + secretKeyRef: + name: cdn-secrets + key: access-key + - name: CDN_SECRET_KEY + valueFrom: + secretKeyRef: + name: cdn-secrets + key: secret-key + - name: CDN_ENDPOINT + valueFrom: + secretKeyRef: + name: cdn-secrets + key: endpoint + - name: CDN_BASE_PATH + valueFrom: + secretKeyRef: + name: cdn-secrets + key: base-path + - name: CDN_BUCKET + valueFrom: + secretKeyRef: + name: cdn-secrets + key: bucket + imagePullSecrets: + - name: registry-creds diff --git a/flux/cluster/apps/misc/cdn-control/ingress.yaml b/flux/cluster/apps/misc/cdn-control/ingress.yaml new file mode 100644 index 0000000..a318d42 --- /dev/null +++ b/flux/cluster/apps/misc/cdn-control/ingress.yaml @@ -0,0 +1,27 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: cdn-deployment-ingress + namespace: misc +spec: + rules: + - host: "cdn.asraphiel.dev" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cdn-deployment-service + port: + number: 80 + - host: "cdn.voidcorp.nl" + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: cdn-deployment-service + port: + number: 80 diff --git a/flux/cluster/apps/misc/cdn-control/kustomization.yaml b/flux/cluster/apps/misc/cdn-control/kustomization.yaml new file mode 100644 index 0000000..0169223 --- /dev/null +++ b/flux/cluster/apps/misc/cdn-control/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +resources: + - deployment.yaml + - ingress.yaml + - service.yaml + - secret.yaml diff --git a/flux/cluster/apps/misc/cdn-control/secret.yaml b/flux/cluster/apps/misc/cdn-control/secret.yaml new file mode 100644 index 0000000..0363f5b --- /dev/null +++ b/flux/cluster/apps/misc/cdn-control/secret.yaml @@ -0,0 +1,33 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: cdn-secrets + namespace: cdn +spec: + refreshInterval: "15s" + secretStoreRef: + name: vault + kind: ClusterSecretStore + target: + name: cdn-secrets + data: + - secretKey: access-key + remoteRef: + key: k8s/cdn + property: access-key + - secretKey: secret-key + remoteRef: + key: k8s/cdn + property: secret-key + - secretKey: endpoint + remoteRef: + key: k8s/cdn + property: endpoint + - secretKey: base-path + remoteRef: + key: k8s/cdn + property: base-path + - secretKey: bucket + remoteRef: + key: k8s/cdn + property: bucket diff --git a/flux/cluster/apps/misc/cdn-control/service.yaml b/flux/cluster/apps/misc/cdn-control/service.yaml new file mode 100644 index 0000000..7d2b4ee --- /dev/null +++ b/flux/cluster/apps/misc/cdn-control/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: cdn-deployment-service + namespace: misc +spec: + selector: + app: cdn-deployment + ports: + - protocol: TCP + port: 80 + targetPort: 8080 diff --git a/flux/cluster/apps/misc/kustomization.yaml b/flux/cluster/apps/misc/kustomization.yaml index 0e250b8..049965f 100644 --- a/flux/cluster/apps/misc/kustomization.yaml +++ b/flux/cluster/apps/misc/kustomization.yaml @@ -3,3 +3,4 @@ kind: Kustomization resources: - pinbot - registry-creds.yaml + - cdn-control