Add traefik config for running on a different port

main
trivernis 1 year ago
parent 85c8afe072
commit c2703834f0
Signed by: Trivernis
GPG Key ID: DFFFCC2C7A02DB45

2
.gitignore vendored

@ -2,3 +2,5 @@
**/.terraform/* **/.terraform/*
**/*.tfstate.* **/*.tfstate.*
**/*.tfstate **/*.tfstate
**/*.auth
**/*-secret.yaml

@ -0,0 +1,25 @@
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: longhorn-auth
namespace: longhorn-system
spec:
basicAuth:
secret: longhorn-secret
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: longhorn-route
namespace: longhorn-system
spec:
entryPoints:
- web
routes:
- match: Host(`longhorn.trivernis.net`)
kind: Rule
services:
- name: longhorn-frontend
port: 80
middlewares:
- name: longhorn-auth

@ -20,6 +20,7 @@ spec:
labels: labels:
app: plantwiki app: plantwiki
spec: spec:
nodeName: hetzner-dedicated
containers: containers:
- image: git.trivernis.net/trivernis/plantwiki:latest - image: git.trivernis.net/trivernis/plantwiki:latest
name: plantwiki name: plantwiki

@ -808,6 +808,7 @@ data:
- name: google - name: google
engine: google engine: google
weight: 2
shortcut: go shortcut: go
# additional_tests: # additional_tests:
# android: *test_android # android: *test_android

@ -4,7 +4,7 @@ metadata:
name: searxng name: searxng
namespace: searxng namespace: searxng
spec: spec:
replicas: 1 replicas: 3
selector: selector:
matchLabels: matchLabels:
app: searxng app: searxng
@ -13,6 +13,13 @@ spec:
labels: labels:
app: searxng app: searxng
spec: spec:
topologySpreadConstraints:
- maxSkew: 1
topologyKey: kubernetes.io/hostname
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app: searxng
containers: containers:
- image: docker.io/searxng/searxng:latest - image: docker.io/searxng/searxng:latest
name: searxng name: searxng

@ -0,0 +1,19 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: searxng-route
namespace: searxng
spec:
entryPoints:
- web
routes:
- match: Host(`search.trivernis.dev`)
kind: Rule
services:
- name: searxng-srv
port: 8080
- match: Host(`search.trivernis.net`)
kind: Rule
services:
- name: searxng-srv
port: 8080

@ -0,0 +1,15 @@
apiVersion: helm.cattle.io/v1
kind: HelmChartConfig
metadata:
name: traefik
namespace: kube-system
spec:
valuesContent: |-
additionalArguments:
- "--entryPoints.web.proxyProtocol.trustedIPs=10.0.0.254"
- "--entryPoints.web.forwardedHeaders.trustedIPs=10.0.0.254"
ports:
web:
exposedPort: 8000
websecure:
exposedPort: 8443

@ -10,4 +10,35 @@ apt install apparmor apparmor-utils -y
``` ```
Follow https://community.hetzner.com/tutorials/k3s-glusterfs-loadbalancer Follow https://community.hetzner.com/tutorials/k3s-glusterfs-loadbalancer
For Storage use https://github.com/hetznercloud/csi-driver/blob/main/docs/kubernetes/README.md ## Longhorn Storage
On all nodes install [open-iscsi](https://longhorn.io/docs/1.5.1/deploy/install/#installing-open-iscsi).
```sh
helm repo add longhorn https://charts.longhorn.io
helm repo update
helm install longhorn longhorn/longhorn --namespace longhorn-system --create-namespace --version 1.5.1
```
## Hetzner Storage
https://github.com/hetznercloud/csi-driver/blob/main/docs/kubernetes/README.md
## Metrics
```sh
kubectl apply -f https://github.com/kubernetes-sigs/metrics-server/releases/latest/download/components.yaml
```
## Prometheus / Grafana
https://grafana.com/blog/2023/01/19/how-to-monitor-kubernetes-clusters-with-the-prometheus-operator/
```sh
kubectl apply -f https://raw.githubusercontent.com/prometheus-operator/prometheus-operator/main/bundle.yaml --force-conflicts=true --server-side=true
```
## Traefik (fix)
```sh
kubectl apply -f https://raw.githubusercontent.com/traefik/traefik/v2.10/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
```

@ -34,10 +34,10 @@ resource "hcloud_placement_group" "spread-group" {
resource "hcloud_server" "control" { resource "hcloud_server" "control" {
name = "cluster-control" name = "cluster-control"
image = "ubuntu-22.04" image = "fedora-38"
location = "nbg1" location = "nbg1"
ssh_keys = ["archomen_cloud1", "deepthought_cloud1"] ssh_keys = ["archomen_cloud1", "deepthought_cloud1"]
server_type = "cx11" server_type = "cx21"
firewall_ids = [hcloud_firewall.firewall.id] firewall_ids = [hcloud_firewall.firewall.id]
placement_group_id = hcloud_placement_group.spread-group.id placement_group_id = hcloud_placement_group.spread-group.id
@ -57,7 +57,7 @@ resource "hcloud_server" "control" {
resource "hcloud_server" "worker-1" { resource "hcloud_server" "worker-1" {
name = "cluster-worker-1" name = "cluster-worker-1"
image = "ubuntu-22.04" image = "fedora-38"
location = "nbg1" location = "nbg1"
ssh_keys = ["archomen_cloud2", "deepthought_cloud2"] ssh_keys = ["archomen_cloud2", "deepthought_cloud2"]
server_type = "cx21" server_type = "cx21"

Loading…
Cancel
Save