add drone

deploy/drone/drone-ingress.yaml

@@ -0,0 +1,26 @@
+`apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: drone-ingress
+  namespace: drone
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+    nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:  
+        - drone.prod.panic.haus
+      secretName: drone-tls
+  
+  rules: 
+    - host: drone.prod.panic.haus
+      http:
+        paths:   
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: drone-server
+                port: 
+                  number: 80

deploy/drone/drone-server-deploy.yaml

@@ -0,0 +1,58 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: drone-server
+  namespace: drone
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      name: drone-server
+  template:
+    metadata:
+      labels:
+        name: drone-server
+    spec:
+      containers:
+        - name: drone-server
+          image: drone/drone:2
+          imagePullPolicy: Always
+          env:
+            - name: "DRONE_GITEA_CLIENT_ID"
+              value: "e6a4fb3b-e6b1-43dd-8f45-4def94742609"
+            - name: "DRONE_GITEA_CLIENT_SECRET"
+              value: "gto_4ggtzkrukdzsmheoa2b4wz5cza2jif6gpf7wunbrtxa74senlykq"
+            - name: "DRONE_GITEA_SERVER"
+              value: "https://git.beatrice.wtf"
+            - name: "DRONE_GIT_ALWAYS_AUTH"
+              value: "false"
+            - name: "DRONE_RPC_SECRET"
+              value: "H8ndv3um34VWcixdrE3caViLViRnYDcy"
+            - name: "DRONE_WEBHOOK_SECRET"
+              value: "G7Sxnkj6NGqC6r2Q5yCkVcZSb77AxKLe"
+            - name: "DRONE_SERVER_HOST"
+              value: "drone.beatrice.wtf"
+            - name: "DRONE_SERVER_PROTO"
+              value: "https"
+            - name: "DRONE_SERVER_PORT"
+              value: ":80"
+            - name: "DRONE_SERVER_BUILD_LIMIT"
+              value: "9"
+            - name: "DRONE_ALLOW_PRIVILEGED"
+              value: "true"
+            - name: "DRONE_LOGS_DEBUG"
+              value: "true"
+            - name: "DRONE_USER_CREATE"
+              value: "username:bea,admin:true"
+          volumeMounts:
+            - mountPath: /var/lib/drone
+              name: drone-lib
+            - mountPath: /data
+              name: drone-data
+      volumes:
+        - name: drone-lib
+          persistentVolumeClaim:
+            claimName: drone-lib-pvc
+        - name: drone-data
+          persistentVolumeClaim:
+            claimName: drone-data-pvc

deploy/drone/drone-server-pvc.yaml

@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: drone-lib-pvc
+  namespace: drone
+  labels:
+    name: drone-server
+spec:
+  storageClassName: longhorn
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 20Gi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: drone-data-pvc
+  namespace: drone
+  labels:
+    name: drone-server
+spec:
+  storageClassName: longhorn
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 20Gi

deploy/drone/drone-server-svc.yaml

@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: drone-server
+  namespace: drone
+  labels:
+    name: drone-server
+spec:
+  type: ClusterIP
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  selector:
+    name: drone-server
+

deploy/drone/kustomization.yaml

@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - drone-ingress.yaml
+  - drone-server-pvc.yaml
+  - drone-server-svc.yaml
+  - drone-server-deploy.yaml