From 439d3d415d30f409abf2e8c7abae156c64eb3c36 Mon Sep 17 00:00:00 2001 From: prettysunflower Date: Tue, 29 Jul 2025 19:03:02 -0400 Subject: [PATCH] Added template for apps Signed-off-by: prettysunflower --- .gitignore | 1 + apps/template/configmap.yaml | 6 +++ apps/template/deployment.yaml | 69 +++++++++++++++++++++++++++++++++++ apps/template/pvc.yaml | 11 ++++++ apps/template/secrets.yaml | 7 ++++ apps/template/svc.yaml | 13 +++++++ 6 files changed, 107 insertions(+) create mode 100644 apps/template/configmap.yaml create mode 100644 apps/template/deployment.yaml create mode 100644 apps/template/pvc.yaml create mode 100644 apps/template/secrets.yaml create mode 100644 apps/template/svc.yaml diff --git a/.gitignore b/.gitignore index d1cdd50..1802146 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ secrets.yaml +!apps/template/secrets.yaml infra/*/tailscale.patch.yaml .DS_Store diff --git a/apps/template/configmap.yaml b/apps/template/configmap.yaml new file mode 100644 index 0000000..e8d6f08 --- /dev/null +++ b/apps/template/configmap.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: app-configmap +data: + \ No newline at end of file diff --git a/apps/template/deployment.yaml b/apps/template/deployment.yaml new file mode 100644 index 0000000..4ee8222 --- /dev/null +++ b/apps/template/deployment.yaml @@ -0,0 +1,69 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: app + labels: + app.kubernetes.io/name: app +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: app + template: + metadata: + labels: + app.kubernetes.io/name: app + spec: + volumes: + - name: mountName + persistentVolumeClaim: + claimName: app-pvc + containers: + - name: containerName + image: image + envFrom: + - configMapRef: + name: configMap + - secretRef: + name: secrets + ports: + - containerPort: 1234 + name: http + volumeMounts: + - name: mountName + mountPath: "/" + livenessProbe: + exec: + command: + - /app/pocket-id + - healthcheck + httpGet: + path: /healthz + port: 8080 + initialDelaySeconds: 10 + failureThreshold: 3 + periodSeconds: 90 + startupProbe: + exec: + command: + - /app/pocket-id + - healthcheck + httpGet: + path: /healthz + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + runAsNonRoot: true + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + dnsPolicy: "ClusterFirst" + dnsConfig: + nameservers: + - 100.96.226.96 diff --git a/apps/template/pvc.yaml b/apps/template/pvc.yaml new file mode 100644 index 0000000..762239a --- /dev/null +++ b/apps/template/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: app-pvc +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + storageClassName: nfs-csi|hcloud-volumes \ No newline at end of file diff --git a/apps/template/secrets.yaml b/apps/template/secrets.yaml new file mode 100644 index 0000000..ade18c8 --- /dev/null +++ b/apps/template/secrets.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: app-secrets +type: Opaque +stringData: + \ No newline at end of file diff --git a/apps/template/svc.yaml b/apps/template/svc.yaml new file mode 100644 index 0000000..9fce686 --- /dev/null +++ b/apps/template/svc.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: app +spec: + type: NodePort + selector: + app.kubernetes.io/name: app + ports: + - protocol: TCP + port: 80 + targetPort: 1234 + name: http \ No newline at end of file