2024-03-26 19:26:02 +00:00
|
|
|
{
|
|
|
|
kubernetes.resources = {
|
|
|
|
configMaps.freshrss.data = {
|
|
|
|
TZ = "Europe/Amsterdam";
|
|
|
|
CRON_MIN = "2,32";
|
|
|
|
ADMIN_EMAIL = "pim@kunis.nl";
|
|
|
|
PUBLISHED_PORT = "443";
|
|
|
|
};
|
|
|
|
|
2024-03-28 19:27:36 +00:00
|
|
|
# TODO: encrypt this with sops and commit to git repo.
|
2024-03-28 22:05:05 +00:00
|
|
|
secrets.freshrss.stringData.adminPassword = "ref+file:///home/pim/.config/home/vals.yaml#/freshrss/password";
|
2024-03-26 19:26:02 +00:00
|
|
|
|
|
|
|
deployments.freshrss = {
|
|
|
|
metadata.labels.app = "freshrss";
|
|
|
|
|
|
|
|
spec = {
|
|
|
|
selector.matchLabels.app = "freshrss";
|
|
|
|
|
|
|
|
template = {
|
|
|
|
metadata.labels.app = "freshrss";
|
|
|
|
|
|
|
|
spec = {
|
|
|
|
containers.freshrss = {
|
|
|
|
image = "freshrss/freshrss:edge";
|
2024-03-27 20:20:22 +00:00
|
|
|
envFrom = [{ configMapRef.name = "freshrss"; }];
|
2024-03-26 19:26:02 +00:00
|
|
|
|
|
|
|
ports = [{
|
|
|
|
containerPort = 80;
|
|
|
|
protocol = "TCP";
|
|
|
|
}];
|
|
|
|
|
|
|
|
env = [
|
|
|
|
{
|
|
|
|
name = "ADMIN_PASSWORD";
|
2024-03-27 20:20:22 +00:00
|
|
|
|
2024-03-26 19:26:02 +00:00
|
|
|
valueFrom.secretKeyRef = {
|
|
|
|
name = "freshrss";
|
|
|
|
key = "adminPassword";
|
|
|
|
};
|
|
|
|
}
|
|
|
|
{
|
|
|
|
name = "ADMIN_API_PASSWORD";
|
2024-03-27 20:20:22 +00:00
|
|
|
|
2024-03-26 19:26:02 +00:00
|
|
|
valueFrom.secretKeyRef = {
|
|
|
|
name = "freshrss";
|
|
|
|
key = "adminPassword";
|
|
|
|
};
|
|
|
|
}
|
|
|
|
];
|
|
|
|
|
|
|
|
volumeMounts = [{
|
|
|
|
name = "data";
|
|
|
|
mountPath = "/var/www/FreshRSS/data";
|
|
|
|
}];
|
|
|
|
};
|
|
|
|
|
|
|
|
volumes = [{
|
|
|
|
name = "data";
|
|
|
|
persistentVolumeClaim.claimName = "freshrss";
|
|
|
|
}];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-03-27 20:20:22 +00:00
|
|
|
persistentVolumes.freshrss.spec = {
|
|
|
|
capacity.storage = "1Mi";
|
|
|
|
accessModes = [ "ReadWriteMany" ];
|
|
|
|
|
|
|
|
nfs = {
|
2024-04-12 21:31:10 +00:00
|
|
|
server = "lewis.dmz";
|
2024-03-27 20:20:22 +00:00
|
|
|
path = "/mnt/data/nfs/freshrss/data";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
persistentVolumeClaims.freshrss.spec = {
|
|
|
|
accessModes = [ "ReadWriteMany" ];
|
|
|
|
storageClassName = "";
|
|
|
|
resources.requests.storage = "1Mi";
|
|
|
|
volumeName = "freshrss";
|
|
|
|
};
|
|
|
|
|
2024-03-26 19:26:02 +00:00
|
|
|
services.freshrss.spec = {
|
|
|
|
selector.app = "freshrss";
|
|
|
|
|
|
|
|
ports = [{
|
|
|
|
protocol = "TCP";
|
|
|
|
port = 80;
|
|
|
|
targetPort = 80;
|
|
|
|
}];
|
|
|
|
};
|
|
|
|
|
2024-04-07 12:07:05 +00:00
|
|
|
ingresses.freshrss = {
|
|
|
|
metadata.annotations."cert-manager.io/cluster-issuer" = "letsencrypt";
|
2024-03-26 19:26:02 +00:00
|
|
|
|
2024-04-07 12:07:05 +00:00
|
|
|
spec = {
|
|
|
|
ingressClassName = "traefik";
|
2024-03-26 19:26:02 +00:00
|
|
|
|
2024-04-07 12:07:05 +00:00
|
|
|
rules = [{
|
|
|
|
host = "rss.kun.is";
|
2024-03-26 19:26:02 +00:00
|
|
|
|
2024-04-07 12:07:05 +00:00
|
|
|
http.paths = [{
|
|
|
|
path = "/";
|
|
|
|
pathType = "Prefix";
|
|
|
|
|
|
|
|
backend.service = {
|
|
|
|
name = "freshrss";
|
|
|
|
port.number = 80;
|
|
|
|
};
|
|
|
|
}];
|
2024-03-26 19:26:02 +00:00
|
|
|
}];
|
2024-04-07 12:07:05 +00:00
|
|
|
|
|
|
|
tls = [{
|
|
|
|
secretName = "freshrss-tls";
|
|
|
|
hosts = [ "rss.kun.is" ];
|
|
|
|
}];
|
|
|
|
};
|
2024-03-26 19:26:02 +00:00
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|