Deploy discord bot

Tyler-Cash · Aug 14, 2024 · e529feb · e529feb
1 parent 575dead
commit e529feb
Show file tree

Hide file tree

Showing 12 changed files with 154 additions and 1 deletion.
diff --git a/kubernetes/helm/security/kubed/Chart.yaml b/kubernetes/helm/security/kubed/Chart.yaml
@@ -6,4 +6,4 @@ appVersion: "1.0.0"
 dependencies:
 - name: kubed
   version: v0.13.2
-  repository: https://charts.appscode.com/stable/
+  repository: https://charts.appscode.com/stable/
diff --git a/kubernetes/helm/security/kubed/values.yaml b/kubernetes/helm/security/kubed/values.yaml
@@ -1,5 +1,8 @@
 kubed:
   operator:
+    registry: rancher
+    repository: mirrored-appscode-kubed
+    tag: v0.13.2
     resources:
       requests:
         cpu: "1m"
diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/Chart.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/Chart.yaml
@@ -0,0 +1,9 @@
+apiVersion: v2
+name: backend
+type: application
+version: 1.0.0
+appVersion: "1.0.0"
+dependencies:
+- name: app-template
+  version: 3.3.2
+  repository: https://bjw-s.github.io/helm-charts
diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/ingress.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/ingress.yaml
@@ -0,0 +1,30 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: event-ingress
+  annotations:
+    nginx.ingress.kubernetes.io/use-regex: "true"
+    external-dns.home.arpa/enabled: "true"
+spec:
+  tls:
+  - hosts:
+    - event.k8s.tylercash.dev
+    secretName: event-tylercash-dev
+  rules:
+    - host: event.k8s.tylercash.dev
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: tyler-bot-frontend
+                port:
+                  number: 80
+          - path: /api(/|$)(.*)
+            pathType: ImplementationSpecific
+            backend:
+              service:
+                name: tyler-bot-backend
+                port:
+                  number: 8080
diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/tylerbot-secrets.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/tylerbot-secrets.yaml
@@ -0,0 +1,22 @@
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: security-authentik-es
+spec:
+  refreshInterval: "1h"
+  secretStoreRef:
+    kind: ClusterSecretStore
+    name: gcp-clusterstore
+  target:
+    name: tylerbot-secrets
+    deletionPolicy: Delete
+    creationPolicy: Owner
+    template:
+      engineVersion: v2
+      templateFrom:
+        - target: Data
+          literal: |
+            {{- .tylerbot }}
+  dataFrom:
+    - extract:
+        key: "all_secrets"
diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/values.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/values.yaml
@@ -0,0 +1,40 @@
+app-template:
+  controllers:
+    main:
+      containers:
+        main:
+          image:
+            repository: ghcr.io/tyler-cash/tyler-bot-backend
+            tag: latest@sha256:709877f6157c31a17f16b5a7d2d3af147da6f28341d0ca90998aec3307830ad4
+          env:
+            TZ: Australia/Sydney
+            SPRING_CONFIG_ADDITIONAL-LOCATION: &secret_folder /secrets/config/
+            SPRING_PROFILES_ACTIVE: prod
+
+  service:
+    main:
+      type: LoadBalancer
+      controller: main
+      ports:
+        http:
+          port: 8080
+
+  persistence:
+    storage:
+      enabled: true
+      storageClass: ceph-block
+      accessMode: ReadWriteOnce
+      size: 5Gi
+    secrets:
+      enabled: true
+      type: secret
+      name: tylerbot-secrets
+      globalMounts:
+        - path: *secret_folder
+
+  resources:
+    requests:
+      cpu: 50m
+      memory: 1Gi
+    limits:
+      memory: 2Gi
diff --git a/kubernetes/helm/tylerbot/tyler-bot-frontend/Chart.yaml b/kubernetes/helm/tylerbot/tyler-bot-frontend/Chart.yaml
@@ -0,0 +1,9 @@
+apiVersion: v2
+name: backend
+type: application
+version: 1.0.0
+appVersion: "1.0.0"
+dependencies:
+- name: app-template
+  version: 3.3.2
+  repository: https://bjw-s.github.io/helm-charts
diff --git a/kubernetes/helm/tylerbot/tyler-bot-frontend/values.yaml b/kubernetes/helm/tylerbot/tyler-bot-frontend/values.yaml
@@ -0,0 +1,26 @@
+app-template:
+  controllers:
+    main:
+      containers:
+        main:
+          image:
+            repository: ghcr.io/tyler-cash/tyler-bot-frontend
+            tag: latest@sha256:0077a744e61b66aae3a2f68fb0fcb5d7e78fd68a1b5d131b670d1055559fc01c
+          env:
+            TZ: Australia/Sydney
+
+  service:
+    main:
+      type: LoadBalancer
+      controller: main
+      ports:
+        http:
+          port: 80
+
+  resources:
+    requests:
+      cpu: 50m
+      memory: 100Mi
+    limits:
+      memory: 500Mi
+
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -25,6 +25,7 @@ module "secrets_storage" {
   email_password = var.email_password
   alertmanager_config = var.alertmanager_config
   tailscale_authkey = var.tailscale_authkey
+  tylerbot_config = var.tylerbot_config
 }
 
 module "dns" {

diff --git a/terraform/secrets_storage/secrets-all.tf b/terraform/secrets_storage/secrets-all.tf
@@ -26,6 +26,9 @@ locals {
     "alertmanager" = {
       "alertmanager.yaml" = var.alertmanager_config
     }
+    "tylerbot" = {
+      "application-prod.yaml" = var.tylerbot_config
+    }
     "authentik" = {
       "email-username" = var.email_username
       "email-password" = var.email_password

diff --git a/terraform/secrets_storage/vars.tf b/terraform/secrets_storage/vars.tf
@@ -16,13 +16,19 @@ variable "homelab_project_id" {}
 variable "email_username" {
   sensitive = true # Sensitive as value is a key, not a username
 }
+
 variable "email_password" {
   sensitive = true
 }
+
 variable "alertmanager_config" {
   sensitive = true
 }
 
+variable "tylerbot_config" {
+  sensitive = true
+}
+
 variable "tailscale_authkey" {
   sensitive = true
 }
diff --git a/terraform/vars.tf b/terraform/vars.tf
@@ -59,3 +59,7 @@ variable "alertmanager_config" {
 variable "tailscale_authkey" {
   sensitive = true
 }
+
+variable "tylerbot_config" {
+  sensitive = true
+}