From e529feb2758b751da9b9da403ef783f2309239ef Mon Sep 17 00:00:00 2001 From: Tyler <12643375+Tyler-Cash@users.noreply.github.com> Date: Wed, 14 Aug 2024 00:19:28 +1000 Subject: [PATCH] Deploy discord bot --- kubernetes/helm/security/kubed/Chart.yaml | 2 +- kubernetes/helm/security/kubed/values.yaml | 3 ++ .../tylerbot/tyler-bot-backend/Chart.yaml | 9 +++++ .../tyler-bot-backend/manifests/ingress.yaml | 30 ++++++++++++++ .../manifests/tylerbot-secrets.yaml | 22 ++++++++++ .../tylerbot/tyler-bot-backend/values.yaml | 40 +++++++++++++++++++ .../tylerbot/tyler-bot-frontend/Chart.yaml | 9 +++++ .../tylerbot/tyler-bot-frontend/values.yaml | 26 ++++++++++++ terraform/main.tf | 1 + terraform/secrets_storage/secrets-all.tf | 3 ++ terraform/secrets_storage/vars.tf | 6 +++ terraform/vars.tf | 4 ++ 12 files changed, 154 insertions(+), 1 deletion(-) create mode 100644 kubernetes/helm/tylerbot/tyler-bot-backend/Chart.yaml create mode 100644 kubernetes/helm/tylerbot/tyler-bot-backend/manifests/ingress.yaml create mode 100644 kubernetes/helm/tylerbot/tyler-bot-backend/manifests/tylerbot-secrets.yaml create mode 100644 kubernetes/helm/tylerbot/tyler-bot-backend/values.yaml create mode 100644 kubernetes/helm/tylerbot/tyler-bot-frontend/Chart.yaml create mode 100644 kubernetes/helm/tylerbot/tyler-bot-frontend/values.yaml diff --git a/kubernetes/helm/security/kubed/Chart.yaml b/kubernetes/helm/security/kubed/Chart.yaml index 9474cbac..d30432d3 100644 --- a/kubernetes/helm/security/kubed/Chart.yaml +++ b/kubernetes/helm/security/kubed/Chart.yaml @@ -6,4 +6,4 @@ appVersion: "1.0.0" dependencies: - name: kubed version: v0.13.2 - repository: https://charts.appscode.com/stable/ \ No newline at end of file + repository: https://charts.appscode.com/stable/ diff --git a/kubernetes/helm/security/kubed/values.yaml b/kubernetes/helm/security/kubed/values.yaml index e87bdf9f..e5b24d5a 100644 --- a/kubernetes/helm/security/kubed/values.yaml +++ b/kubernetes/helm/security/kubed/values.yaml @@ -1,5 +1,8 @@ kubed: operator: + registry: rancher + repository: mirrored-appscode-kubed + tag: v0.13.2 resources: requests: cpu: "1m" diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/Chart.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/Chart.yaml new file mode 100644 index 00000000..96b6b718 --- /dev/null +++ b/kubernetes/helm/tylerbot/tyler-bot-backend/Chart.yaml @@ -0,0 +1,9 @@ +apiVersion: v2 +name: backend +type: application +version: 1.0.0 +appVersion: "1.0.0" +dependencies: +- name: app-template + version: 3.3.2 + repository: https://bjw-s.github.io/helm-charts diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/ingress.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/ingress.yaml new file mode 100644 index 00000000..ede59514 --- /dev/null +++ b/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/ingress.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: event-ingress + annotations: + nginx.ingress.kubernetes.io/use-regex: "true" + external-dns.home.arpa/enabled: "true" +spec: + tls: + - hosts: + - event.k8s.tylercash.dev + secretName: event-tylercash-dev + rules: + - host: event.k8s.tylercash.dev + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: tyler-bot-frontend + port: + number: 80 + - path: /api(/|$)(.*) + pathType: ImplementationSpecific + backend: + service: + name: tyler-bot-backend + port: + number: 8080 diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/tylerbot-secrets.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/tylerbot-secrets.yaml new file mode 100644 index 00000000..bde5f343 --- /dev/null +++ b/kubernetes/helm/tylerbot/tyler-bot-backend/manifests/tylerbot-secrets.yaml @@ -0,0 +1,22 @@ +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: security-authentik-es +spec: + refreshInterval: "1h" + secretStoreRef: + kind: ClusterSecretStore + name: gcp-clusterstore + target: + name: tylerbot-secrets + deletionPolicy: Delete + creationPolicy: Owner + template: + engineVersion: v2 + templateFrom: + - target: Data + literal: | + {{- .tylerbot }} + dataFrom: + - extract: + key: "all_secrets" diff --git a/kubernetes/helm/tylerbot/tyler-bot-backend/values.yaml b/kubernetes/helm/tylerbot/tyler-bot-backend/values.yaml new file mode 100644 index 00000000..e63ae6f9 --- /dev/null +++ b/kubernetes/helm/tylerbot/tyler-bot-backend/values.yaml @@ -0,0 +1,40 @@ +app-template: + controllers: + main: + containers: + main: + image: + repository: ghcr.io/tyler-cash/tyler-bot-backend + tag: latest@sha256:709877f6157c31a17f16b5a7d2d3af147da6f28341d0ca90998aec3307830ad4 + env: + TZ: Australia/Sydney + SPRING_CONFIG_ADDITIONAL-LOCATION: &secret_folder /secrets/config/ + SPRING_PROFILES_ACTIVE: prod + + service: + main: + type: LoadBalancer + controller: main + ports: + http: + port: 8080 + + persistence: + storage: + enabled: true + storageClass: ceph-block + accessMode: ReadWriteOnce + size: 5Gi + secrets: + enabled: true + type: secret + name: tylerbot-secrets + globalMounts: + - path: *secret_folder + + resources: + requests: + cpu: 50m + memory: 1Gi + limits: + memory: 2Gi diff --git a/kubernetes/helm/tylerbot/tyler-bot-frontend/Chart.yaml b/kubernetes/helm/tylerbot/tyler-bot-frontend/Chart.yaml new file mode 100644 index 00000000..96b6b718 --- /dev/null +++ b/kubernetes/helm/tylerbot/tyler-bot-frontend/Chart.yaml @@ -0,0 +1,9 @@ +apiVersion: v2 +name: backend +type: application +version: 1.0.0 +appVersion: "1.0.0" +dependencies: +- name: app-template + version: 3.3.2 + repository: https://bjw-s.github.io/helm-charts diff --git a/kubernetes/helm/tylerbot/tyler-bot-frontend/values.yaml b/kubernetes/helm/tylerbot/tyler-bot-frontend/values.yaml new file mode 100644 index 00000000..2daa70f2 --- /dev/null +++ b/kubernetes/helm/tylerbot/tyler-bot-frontend/values.yaml @@ -0,0 +1,26 @@ +app-template: + controllers: + main: + containers: + main: + image: + repository: ghcr.io/tyler-cash/tyler-bot-frontend + tag: latest@sha256:0077a744e61b66aae3a2f68fb0fcb5d7e78fd68a1b5d131b670d1055559fc01c + env: + TZ: Australia/Sydney + + service: + main: + type: LoadBalancer + controller: main + ports: + http: + port: 80 + + resources: + requests: + cpu: 50m + memory: 100Mi + limits: + memory: 500Mi + diff --git a/terraform/main.tf b/terraform/main.tf index 064b4280..a8adf27f 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -25,6 +25,7 @@ module "secrets_storage" { email_password = var.email_password alertmanager_config = var.alertmanager_config tailscale_authkey = var.tailscale_authkey + tylerbot_config = var.tylerbot_config } module "dns" { diff --git a/terraform/secrets_storage/secrets-all.tf b/terraform/secrets_storage/secrets-all.tf index 9e4f3c3a..bf49bc2d 100644 --- a/terraform/secrets_storage/secrets-all.tf +++ b/terraform/secrets_storage/secrets-all.tf @@ -26,6 +26,9 @@ locals { "alertmanager" = { "alertmanager.yaml" = var.alertmanager_config } + "tylerbot" = { + "application-prod.yaml" = var.tylerbot_config + } "authentik" = { "email-username" = var.email_username "email-password" = var.email_password diff --git a/terraform/secrets_storage/vars.tf b/terraform/secrets_storage/vars.tf index 74b74661..205a759a 100644 --- a/terraform/secrets_storage/vars.tf +++ b/terraform/secrets_storage/vars.tf @@ -16,13 +16,19 @@ variable "homelab_project_id" {} variable "email_username" { sensitive = true # Sensitive as value is a key, not a username } + variable "email_password" { sensitive = true } + variable "alertmanager_config" { sensitive = true } +variable "tylerbot_config" { + sensitive = true +} + variable "tailscale_authkey" { sensitive = true } diff --git a/terraform/vars.tf b/terraform/vars.tf index a9d17a51..67a6d24d 100644 --- a/terraform/vars.tf +++ b/terraform/vars.tf @@ -59,3 +59,7 @@ variable "alertmanager_config" { variable "tailscale_authkey" { sensitive = true } + +variable "tylerbot_config" { + sensitive = true +}