131 lines
2.9 KiB
YAML
131 lines
2.9 KiB
YAML
|
apiVersion: v1
|
||
|
kind: PersistentVolumeClaim
|
||
|
metadata:
|
||
|
name: dot-wiki
|
||
|
spec:
|
||
|
accessModes:
|
||
|
- ReadWriteOnce
|
||
|
volumeMode: Filesystem
|
||
|
resources:
|
||
|
requests:
|
||
|
storage: 4Gi
|
||
|
---
|
||
|
apiVersion: v1
|
||
|
kind: ConfigMap
|
||
|
metadata:
|
||
|
name: wiki-config
|
||
|
data:
|
||
|
config.json: |
|
||
|
{
|
||
|
"admin": "ADMIN",
|
||
|
"farm": true,
|
||
|
"cookieSecret": "RANDOM",
|
||
|
"security_type": "friends",
|
||
|
"secure_cookie": false,
|
||
|
"wikiDomains": {
|
||
|
"local": {
|
||
|
"id": "/home/node/.wiki/local.owner.json"
|
||
|
},
|
||
|
"localhost": {
|
||
|
"id": "/home/node/.wiki/local.owner.json"
|
||
|
},
|
||
|
"localtest.me": {
|
||
|
"id": "/home/node/.wiki/local.owner.json"
|
||
|
},
|
||
|
"local.dbbs.co": {
|
||
|
"id": "/home/node/.wiki/local.owner.json"
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
local.owner.json: |
|
||
|
{
|
||
|
"name": "The Owner",
|
||
|
"friend": {
|
||
|
"secret": "ADMIN"
|
||
|
}
|
||
|
}
|
||
|
install-config: |
|
||
|
#!/bin/sh
|
||
|
randomstring() {
|
||
|
node -e 'console.log(require("crypto").randomBytes(64).toString("hex"))'
|
||
|
}
|
||
|
readonly ADMIN=$(randomstring)
|
||
|
readonly COOKIE=$(randomstring)
|
||
|
|
||
|
readonly CONFIG=/home/node/.wiki/config.json
|
||
|
readonly OWNER=/home/node/.wiki/local.owner.json
|
||
|
[ -f $CONFIG ] || {
|
||
|
jq --arg admin $ADMIN \
|
||
|
--arg cookie $COOKIE \
|
||
|
'.admin = $admin | .cookieSecret = $cookie' \
|
||
|
/etc/config/config.json \
|
||
|
> $CONFIG
|
||
|
}
|
||
|
[ -f $OWNER ] || {
|
||
|
jq --arg admin $ADMIN \
|
||
|
'.friend.secret = $admin' \
|
||
|
/etc/config/local.owner.json \
|
||
|
> $OWNER
|
||
|
}
|
||
|
chown -R 1000:1000 /home/node/.wiki
|
||
|
---
|
||
|
apiVersion: apps/v1
|
||
|
kind: Deployment
|
||
|
metadata:
|
||
|
name: wiki-deployment
|
||
|
spec:
|
||
|
replicas: 1
|
||
|
selector:
|
||
|
matchLabels:
|
||
|
app: wiki
|
||
|
template:
|
||
|
metadata:
|
||
|
labels:
|
||
|
app: wiki
|
||
|
spec:
|
||
|
securityContext:
|
||
|
runAsUser: 1000
|
||
|
runAsGroup: 1000
|
||
|
fsGroup: 1000
|
||
|
initContainers:
|
||
|
- name: wiki-config
|
||
|
image: dobbs/farm:1.0.0
|
||
|
securityContext:
|
||
|
runAsUser: 0
|
||
|
runAsGroup: 0
|
||
|
allowPrivilegeEscalation: false
|
||
|
volumeMounts:
|
||
|
- name: dot-wiki
|
||
|
mountPath: /home/node/.wiki
|
||
|
- name: config-templates
|
||
|
mountPath: /etc/config
|
||
|
command: ["sh", "/etc/config/install-config"]
|
||
|
containers:
|
||
|
- name: farm
|
||
|
image: dobbs/farm:1.0.0
|
||
|
command: ["wiki", "--config", "/home/node/.wiki/config.json"]
|
||
|
ports:
|
||
|
- containerPort: 3000
|
||
|
volumeMounts:
|
||
|
- name: dot-wiki
|
||
|
mountPath: /home/node/.wiki
|
||
|
volumes:
|
||
|
- name: dot-wiki
|
||
|
persistentVolumeClaim:
|
||
|
claimName: dot-wiki
|
||
|
- name: config-templates
|
||
|
configMap:
|
||
|
name: wiki-config
|
||
|
---
|
||
|
apiVersion: v1
|
||
|
kind: Service
|
||
|
metadata:
|
||
|
name: wiki-service
|
||
|
spec:
|
||
|
ports:
|
||
|
- name: http
|
||
|
targetPort: 3000
|
||
|
port: 80
|
||
|
selector:
|
||
|
app: wiki
|