From f87e5b32f9c08fa3fd31d15547ec559f3f897432 Mon Sep 17 00:00:00 2001 From: moonrailgun Date: Tue, 5 Mar 2024 00:28:38 +0800 Subject: [PATCH] chore: add sealos config --- k8s/sealos/tianji.yaml | 322 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 322 insertions(+) create mode 100644 k8s/sealos/tianji.yaml diff --git a/k8s/sealos/tianji.yaml b/k8s/sealos/tianji.yaml new file mode 100644 index 0000000..0df4e4b --- /dev/null +++ b/k8s/sealos/tianji.yaml @@ -0,0 +1,322 @@ +apiVersion: app.sealos.io/v1 +kind: Template +metadata: + name: tianji +spec: + title: 'Tianji' + url: 'https://tianji.msgbyte.com/' + gitRepo: 'https://github.com/msgbyte/tianji' + author: 'moonrailgun' + description: 'Tianji: Insight into everything, Website Analytics + Uptime Monitor + Server Status. not only another GA alternatives' + readme: 'https://raw.githubusercontent.com/msgbyte/tianji/master/README.md' + icon: 'https://tianji.msgbyte.com/img/logo.svg' + templateType: inline + defaults: + app_host: + # number or string.. + type: string + value: tianji-${{ random(8) }} + app_name: + type: string + value: tianji-${{ random(8) }} + inputs: + JWT_SECRET: + description: 'replace me with a random string' + type: string + default: 'replace-me-with-a-random-string' + required: true + ALLOW_REGISTER: + description: 'whether allow register account' + type: string + default: "false" + required: false + ALLOW_OPENAPI: + description: 'whether allow open openapi' + type: string + default: "true" + required: false + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ${{ defaults.app_name }} + annotations: + originImageName: moonrailgun/tianji + deploy.cloud.sealos.io/minReplicas: '1' + deploy.cloud.sealos.io/maxReplicas: '1' + labels: + cloud.sealos.io/app-deploy-manager: ${{ defaults.app_name }} + app: ${{ defaults.app_name }} +spec: + replicas: 1 + revisionHistoryLimit: 1 + selector: + matchLabels: + app: ${{ defaults.app_name }} + strategy: + type: RollingUpdate + rollingUpdate: + maxUnavailable: 1 + maxSurge: 0 + template: + metadata: + labels: + app: ${{ defaults.app_name }} + spec: + containers: + - name: ${{ defaults.app_name }} + image: moonrailgun/tianji + env: + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: ${{ defaults.app_name }}-pg-conn-credential + key: password + - name: DATABASE_URL + value: postgresql://postgres:$(PG_PASSWORD)@${{ defaults.app_name }}-pg-postgresql.${{ SEALOS_NAMESPACE }}.svc:5432/tianji + - name: JWT_SECRET + value: ${{ inputs.JWT_SECRET }} + - name: ALLOW_REGISTER + value: ${{ inputs.ALLOW_REGISTER }} + - name: ALLOW_OPENAPI + value: ${{ inputs.ALLOW_OPENAPI }} + resources: + requests: + cpu: 100m + memory: 102Mi + limits: + cpu: 200m + memory: 512Mi + command: [] + args: [] + ports: + - containerPort: 12345 + imagePullPolicy: Always + volumeMounts: [] + volumes: [] +--- +apiVersion: v1 +kind: Service +metadata: + name: ${{ defaults.app_name }} + labels: + cloud.sealos.io/app-deploy-manager: ${{ defaults.app_name }} +spec: + ports: + - port: 12345 + selector: + app: ${{ defaults.app_name }} +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ${{ defaults.app_name }} + labels: + cloud.sealos.io/app-deploy-manager: ${{ defaults.app_name }} + cloud.sealos.io/app-deploy-manager-domain: ${{ defaults.app_host }} + annotations: + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/proxy-body-size: 32m + nginx.ingress.kubernetes.io/server-snippet: | + client_header_buffer_size 64k; + large_client_header_buffers 4 128k; + nginx.ingress.kubernetes.io/ssl-redirect: 'false' + nginx.ingress.kubernetes.io/backend-protocol: HTTP + nginx.ingress.kubernetes.io/rewrite-target: /$2 + nginx.ingress.kubernetes.io/client-body-buffer-size: 64k + nginx.ingress.kubernetes.io/proxy-buffer-size: 64k + nginx.ingress.kubernetes.io/proxy-send-timeout: '300' + nginx.ingress.kubernetes.io/proxy-read-timeout: '300' + nginx.ingress.kubernetes.io/configuration-snippet: | + if ($request_uri ~* \.(js|css|gif|jpe?g|png)) { + expires 30d; + add_header Cache-Control "public"; + } +spec: + rules: + - host: ${{ defaults.app_host }}.${{ SEALOS_CLOUD_DOMAIN }} + http: + paths: + - pathType: Prefix + path: /()(.*) + backend: + service: + name: ${{ defaults.app_name }} + port: + number: 12345 + tls: + - hosts: + - ${{ defaults.app_host }}.${{ SEALOS_CLOUD_DOMAIN }} + secretName: ${{ SEALOS_CERT_SECRET_NAME }} +--- +apiVersion: apps.kubeblocks.io/v1alpha1 +kind: Cluster +metadata: + finalizers: + - cluster.kubeblocks.io/finalizer + labels: + clusterdefinition.kubeblocks.io/name: postgresql + clusterversion.kubeblocks.io/name: postgresql-14.8.0 + sealos-db-provider-cr: ${{ defaults.app_name }}-pg + annotations: {} + name: ${{ defaults.app_name }}-pg +spec: + affinity: + nodeLabels: {} + podAntiAffinity: Preferred + tenancy: SharedNode + topologyKeys: [] + clusterDefinitionRef: postgresql + clusterVersionRef: postgresql-14.8.0 + componentSpecs: + - componentDefRef: postgresql + monitor: true + name: postgresql + replicas: 1 + resources: + limits: + cpu: 1000m + memory: 1024Mi + requests: + cpu: 100m + memory: 102Mi + serviceAccountName: ${{ defaults.app_name }}-pg + switchPolicy: + type: Noop + volumeClaimTemplates: + - name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: openebs-backup + terminationPolicy: Delete + tolerations: [] + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + sealos-db-provider-cr: ${{ defaults.app_name }}-pg + app.kubernetes.io/instance: ${{ defaults.app_name }}-pg + app.kubernetes.io/managed-by: kbcli + name: ${{ defaults.app_name }}-pg + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + labels: + sealos-db-provider-cr: ${{ defaults.app_name }}-pg + app.kubernetes.io/instance: ${{ defaults.app_name }}-pg + app.kubernetes.io/managed-by: kbcli + name: ${{ defaults.app_name }}-pg +rules: + - apiGroups: + - '' + resources: + - events + verbs: + - create + - apiGroups: + - '' + resources: + - configmaps + verbs: + - create + - get + - list + - patch + - update + - watch + - delete + - apiGroups: + - '' + resources: + - endpoints + verbs: + - create + - get + - list + - patch + - update + - watch + - delete + - apiGroups: + - '' + resources: + - pods + verbs: + - get + - list + - patch + - update + - watch + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + labels: + sealos-db-provider-cr: ${{ defaults.app_name }}-pg + app.kubernetes.io/instance: ${{ defaults.app_name }}-pg + app.kubernetes.io/managed-by: kbcli + name: ${{ defaults.app_name }}-pg +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: ${{ defaults.app_name }}-pg +subjects: + - kind: ServiceAccount + name: ${{ defaults.app_name }}-pg + namespace: ${{ SEALOS_NAMESPACE }} + +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: ${{ defaults.app_name }}-init +spec: + completions: 1 + template: + spec: + containers: + - name: pgsql-init + image: senzing/postgresql-client:latest + env: + - name: PG_PASSWORD + valueFrom: + secretKeyRef: + name: ${{ defaults.app_name }}-pg-conn-credential + key: password + - name: DATABASE_URL + value: postgresql://postgres:$(PG_PASSWORD)@${{ defaults.app_name }}-pg-postgresql.${{ SEALOS_NAMESPACE }}.svc:5432 + command: + - /bin/sh + - -c + - | + until psql ${DATABASE_URL} -c 'CREATE DATABASE tianji;' &>/dev/null; do sleep 1; done + restartPolicy: Never + backoffLimit: 0 + ttlSecondsAfterFinished: 300 + +--- +apiVersion: app.sealos.io/v1 +kind: App +metadata: + name: ${{ defaults.app_name }} + labels: + cloud.sealos.io/app-deploy-manager: ${{ defaults.app_name }} +spec: + data: + url: https://${{ defaults.app_host }}.${{ SEALOS_CLOUD_DOMAIN }} + displayType: normal + icon: "https://tianji.msgbyte.com/img/logo.svg" + menuData: + nameColor: text-black + name: ${{ defaults.app_name }} + type: iframe