diff --git a/deploy/drone/drone-ingress.yaml b/deploy/drone/drone-ingress.yaml new file mode 100644 index 0000000..0ad046d --- /dev/null +++ b/deploy/drone/drone-ingress.yaml @@ -0,0 +1,26 @@ +`apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: drone-ingress + namespace: drone + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-prod" + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" +spec: + ingressClassName: nginx + tls: + - hosts: + - drone.prod.panic.haus + secretName: drone-tls + + rules: + - host: drone.prod.panic.haus + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: drone-server + port: + number: 80 diff --git a/deploy/drone/drone-server-deploy.yaml b/deploy/drone/drone-server-deploy.yaml new file mode 100644 index 0000000..a6aca93 --- /dev/null +++ b/deploy/drone/drone-server-deploy.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: drone-server + namespace: drone +spec: + replicas: 1 + selector: + matchLabels: + name: drone-server + template: + metadata: + labels: + name: drone-server + spec: + containers: + - name: drone-server + image: drone/drone:2 + imagePullPolicy: Always + env: + - name: "DRONE_GITEA_CLIENT_ID" + value: "e6a4fb3b-e6b1-43dd-8f45-4def94742609" + - name: "DRONE_GITEA_CLIENT_SECRET" + value: "gto_4ggtzkrukdzsmheoa2b4wz5cza2jif6gpf7wunbrtxa74senlykq" + - name: "DRONE_GITEA_SERVER" + value: "https://git.beatrice.wtf" + - name: "DRONE_GIT_ALWAYS_AUTH" + value: "false" + - name: "DRONE_RPC_SECRET" + value: "H8ndv3um34VWcixdrE3caViLViRnYDcy" + - name: "DRONE_WEBHOOK_SECRET" + value: "G7Sxnkj6NGqC6r2Q5yCkVcZSb77AxKLe" + - name: "DRONE_SERVER_HOST" + value: "drone.beatrice.wtf" + - name: "DRONE_SERVER_PROTO" + value: "https" + - name: "DRONE_SERVER_PORT" + value: ":80" + - name: "DRONE_SERVER_BUILD_LIMIT" + value: "9" + - name: "DRONE_ALLOW_PRIVILEGED" + value: "true" + - name: "DRONE_LOGS_DEBUG" + value: "true" + - name: "DRONE_USER_CREATE" + value: "username:bea,admin:true" + volumeMounts: + - mountPath: /var/lib/drone + name: drone-lib + - mountPath: /data + name: drone-data + volumes: + - name: drone-lib + persistentVolumeClaim: + claimName: drone-lib-pvc + - name: drone-data + persistentVolumeClaim: + claimName: drone-data-pvc diff --git a/deploy/drone/drone-server-pvc.yaml b/deploy/drone/drone-server-pvc.yaml new file mode 100644 index 0000000..021f00f --- /dev/null +++ b/deploy/drone/drone-server-pvc.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: drone-lib-pvc + namespace: drone + labels: + name: drone-server +spec: + storageClassName: longhorn + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: drone-data-pvc + namespace: drone + labels: + name: drone-server +spec: + storageClassName: longhorn + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi diff --git a/deploy/drone/drone-server-svc.yaml b/deploy/drone/drone-server-svc.yaml new file mode 100644 index 0000000..a48e1a9 --- /dev/null +++ b/deploy/drone/drone-server-svc.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: drone-server + namespace: drone + labels: + name: drone-server +spec: + type: ClusterIP + ports: + - protocol: TCP + port: 80 + targetPort: 80 + selector: + name: drone-server + diff --git a/deploy/drone/kustomization.yaml b/deploy/drone/kustomization.yaml new file mode 100644 index 0000000..044a570 --- /dev/null +++ b/deploy/drone/kustomization.yaml @@ -0,0 +1,8 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - drone-ingress.yaml + - drone-server-pvc.yaml + - drone-server-svc.yaml + - drone-server-deploy.yaml