Add traefik config for running on a different port

main
trivernis 1 year ago
parent 85c8afe072
commit c2703834f0
Signed by: Trivernis
GPG Key ID: DFFFCC2C7A02DB45

4
.gitignore vendored

@ -1,4 +1,6 @@
**/*.tfvars
**/.terraform/*
**/*.tfstate.*
**/*.tfstate
**/*.tfstate
**/*.auth
**/*-secret.yaml

@ -0,0 +1,25 @@
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: longhorn-auth
namespace: longhorn-system
spec:
basicAuth:
secret: longhorn-secret
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: longhorn-route
namespace: longhorn-system
spec:
entryPoints:
- web
routes:
- match: Host(`longhorn.trivernis.net`)
kind: Rule
services:
- name: longhorn-frontend
port: 80
middlewares:
- name: longhorn-auth

@ -20,6 +20,7 @@ spec:
labels:
app: plantwiki
spec:
nodeName: hetzner-dedicated
containers:
- image: git.trivernis.net/trivernis/plantwiki:latest
name: plantwiki

@ -808,6 +808,7 @@ data:
- name: google
engine: google
weight: 2
shortcut: go
# additional_tests:
# android: *test_android

@ -4,7 +4,7 @@ metadata:
name: searxng
namespace: searxng
spec:
replicas: 1
replicas: 3
selector:
matchLabels:
app: searxng
@ -13,6 +13,13 @@ spec:
labels:
app: searxng
spec:
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app: searxng
containers:
- image: docker.io/searxng/searxng:latest
name: searxng

@ -0,0 +1,19 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: searxng-route
namespace: searxng
spec:
entryPoints:
- web
routes:
- match: Host(`search.trivernis.dev`)
kind: Rule
services:
- name: searxng-srv
port: 8080
- match: Host(`search.trivernis.net`)
kind: Rule
services:
- name: searxng-srv
port: 8080

@ -0,0 +1,15 @@
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: traefik
namespace: kube-system
spec:
valuesContent: |-
additionalArguments:
- "--entryPoints.web.proxyProtocol.trustedIPs=10.0.0.254"
- "--entryPoints.web.forwardedHeaders.trustedIPs=10.0.0.254"
ports:
web:
exposedPort: 8000
websecure:
exposedPort: 8443

@ -10,4 +10,35 @@ apt install apparmor apparmor-utils -y
```
Follow https://community.hetzner.com/tutorials/k3s-glusterfs-loadbalancer
For Storage use https://github.com/hetznercloud/csi-driver/blob/main/docs/kubernetes/README.md
## Longhorn Storage
On all nodes install [open-iscsi](https://longhorn.io/docs/1.5.1/deploy/install/#installing-open-iscsi).
```sh
helm repo add longhorn https://charts.longhorn.io
helm repo update
helm install longhorn longhorn/longhorn --namespace longhorn-system --create-namespace --version 1.5.1
```
## Hetzner Storage
https://github.com/hetznercloud/csi-driver/blob/main/docs/kubernetes/README.md
## Metrics
```sh
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
```
## Prometheus / Grafana
https://grafana.com/blog/2023/01/19/how-to-monitor-kubernetes-clusters-with-the-prometheus-operator/
```sh
kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/main/bundle.yaml --force-conflicts=true --server-side=true
```
## Traefik (fix)
```sh
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
```

@ -34,10 +34,10 @@ resource "hcloud_placement_group" "spread-group" {
resource "hcloud_server" "control" {
name = "cluster-control"
image = "ubuntu-22.04"
image = "fedora-38"
location = "nbg1"
ssh_keys = ["archomen_cloud1", "deepthought_cloud1"]
server_type = "cx11"
server_type = "cx21"
firewall_ids = [hcloud_firewall.firewall.id]
placement_group_id = hcloud_placement_group.spread-group.id
@ -57,7 +57,7 @@ resource "hcloud_server" "control" {
resource "hcloud_server" "worker-1" {
name = "cluster-worker-1"
image = "ubuntu-22.04"
image = "fedora-38"
location = "nbg1"
ssh_keys = ["archomen_cloud2", "deepthought_cloud2"]
server_type = "cx21"

Loading…
Cancel
Save