luc/alpine-server
1
0
Fork 0
Code Issues Pull requests Activity

dotconfig/pods: add

Browse source
This commit is contained in:
Luc Bijl 2025-08-17 15:02:06 +02:00
parent 679647542d
commit 2e05501c92
14 changed files with 755 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

174
dotconfig/pods/ampel/ampel-pod.yml Normal file
View file

@ -0,0 +1,174 @@
apiversion: v1
kind: Pod
metadata:
name: ampel-pod
annotations:
io.podman.annotations.infra.name: ampel-pod-infra
spec:
containers:
# - name: root
# image:
# env:
# - name: PORT
# value: 3000
# ports:
# - containerport: 3000
# hostport:
# protocol: TCP
# volumemounts:
# - name: localtime
# mountpath: /etc/localtime
# readonly: true
- name: git
image: codeberg.org/forgejo/forgejo:9
env:
- name: USER_UID
value: "1000"
- name: USER_GID
value: "1000"
- name: FORGEJO__database__DB_TYPE
value: "postgres"
- name: FORGEJO__database__HOST
value: "ampel-pod-postgres"
- name: FORGEJO__database__USER
value: "postgres"
- name: FORGEJO__database__PASSWD
valuefrom:
secretkeyref:
name: ampel-secrets
key: postgres-password
- name: FORGEJO__database__NAME
value: "forgejo"
ports:
- containerport: 3100
hostport:
protocol: TCP
volumemounts:
- name: git-data
mountpath: /data
- name: localtime
mountpath: /etc/localtime
readonly: true
- name: tailscale
image: ghcr.io/tailscale/tailscale:latest
env:
- name: TS_HOSTNAME
value: "ampel-pod"
- name: TS_AUTHKEY
value: ""
- name: TS_STATE_DIR
value: "/var/lib/tailscale"
- name: TS_EXTRA_ARGS
value: "--login-server="
volumemounts:
- name: tailscale-lib
mountpath: /var/lib/tailscale
- name: localtime
mountpath: /etc/localtime
readonly: true
- name: docs
image: git.ampel.dev/ampel/mkdocs-git:latest
env:
- name: GIT_REPO_URL
value: ""
- name: PORT
value: 3200
ports:
- containerport: 3200
hostport:
protocol: TCP
volumemounts:
- name: localtime
mountpath: /etc/localtime
readonly: true
- name: blog
image: git.ampel.dev/ampel/mkdocs-git:latest
env:
- name: GIT_REPO_URL
value: ""
- name: PORT
value: 3300
ports:
- containerport: 3300
hostport:
protocol: TCP
volumemounts:
- name: localtime
mountpath: /etc/localtime
readonly: true
- name: notes
image: quay.io/hedgedoc/hedgedoc:alpine
env:
- name: CMD_DB_URL
valuefrom:
secretkeyref:
name: ampel-secrets
key: postgres-url
- name: CMD_PORT
value: 3400
- name: CMD_ALLOW_EMAIL_REGISTER
value: true
- name: CMD_DOMAIN
value: ""
- name: CMD_PROTOCOL_USESSL
value: true
- name: NODE_ENV
value: production
- name: CMD_IMAGE_UPLOAD_TYPE
value: filesystem
- name: UPLOADS_MODE
value: 0700
ports:
- containerport: 3400
hostport:
protocol: TCP
volumemounts:
- name: notes-uploads
mountpath: /hedgedoc/public/uploads
- name: localtime
mountpath: /etc/localtime
readonly: true
- name: postgres
image: docker.io/library/postgres:16-alpine
env:
- name: POSTGRES_PASSWORD
valuefrom:
secretkeyref:
name: ampel-secrets
key: postgres-password
volumemounts:
- name: postgres-dump
mountpath: /dump
- name: postgres-data
mountpath: /var/lib/postgresql/data
- name: localtime
mountpath: /etc/localtime
readonly: true
volumes:
- name: git-data
persistentvolumeclaim:
claimname: ampel-pod-git-data
- name: tailscale-lib
persistentvolumeclaim:
claimname: ampel-pod-tailscale-lib
- name: notes-uploads
persistentvolumeclaim:
claimname: ampel-pod-notes-uploads
- name: postgres-dump
hostpath:
path: $HOME/.dump/ampel
type: Directory
- name: postgres-data
persistentvolumeclaim:
claimname: ampel-pod-postgres-data
- name: localtime
hostpath:
path: /etc/localtime
type: File

8
dotconfig/pods/ampel/ampel-secrets.yml Normal file
View file

@ -0,0 +1,8 @@
apiversion: v1
data:
postgres-password:
postgres-url:
kind: Secret
metadata:
creationtimestamp: null
name: ampel-secrets