add external database
This commit is contained in:
parent
acc1a074ed
commit
6711667af8
|
@ -0,0 +1,7 @@
|
||||||
|
#!/bin/bash -e
|
||||||
|
|
||||||
|
k3d cluster delete local
|
||||||
|
# docker stop registry.localhost
|
||||||
|
# docker container rm registry.localhost
|
||||||
|
# docker stop mariadb.localhost
|
||||||
|
# docker container rm mariadb.localhost
|
|
@ -1,5 +1,5 @@
|
||||||
--- a 2020-08-03 08:32:44.463589161 -0400
|
--- a 2020-08-10 23:13:10.083362050 -0400
|
||||||
+++ b 2020-08-03 08:34:06.230277210 -0400
|
+++ b 2020-08-10 23:14:00.823784738 -0400
|
||||||
@@ -19,7 +19,7 @@
|
@@ -19,7 +19,7 @@
|
||||||
metadata:
|
metadata:
|
||||||
name: certificaterequests.cert-manager.io
|
name: certificaterequests.cert-manager.io
|
||||||
|
@ -147,3 +147,12 @@
|
||||||
---
|
---
|
||||||
# Source: cert-manager/templates/service.yaml
|
# Source: cert-manager/templates/service.yaml
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
|
@@ -19338,7 +19333,7 @@
|
||||||
|
- --secure-port=10250
|
||||||
|
- --dynamic-serving-ca-secret-namespace=$(POD_NAMESPACE)
|
||||||
|
- --dynamic-serving-ca-secret-name=cert-manager-webhook-ca
|
||||||
|
- - --dynamic-serving-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.cert-manager.svc
|
||||||
|
+ - --dynamic-serving-dns-names=cert-manager-webhook,cert-manager-webhook.cert-manager,cert-manager-webhook.kube-system.svc
|
||||||
|
ports:
|
||||||
|
- name: https
|
||||||
|
containerPort: 10250
|
||||||
|
|
|
@ -3,7 +3,7 @@ kind: RemoteResources
|
||||||
metadata:
|
metadata:
|
||||||
name: cert-manager
|
name: cert-manager
|
||||||
resources:
|
resources:
|
||||||
- url: https://github.com/jetstack/cert-manager/releases/download/v0.16.0/cert-manager.yaml
|
- url: https://github.com/jetstack/cert-manager/releases/download/v0.16.1/cert-manager.yaml
|
||||||
sha256: 5770f5f01c10a902355b3522b8ce44508ebb6ec88955efde9a443afe5b3969d7
|
sha256: 75e7cc1fb42f759860ab896aaa404c0d8c8d5896274d3739eccb193ed1075dd9
|
||||||
patches:
|
# patches:
|
||||||
- cert-manager-namespace.patch
|
# - cert-manager-namespace.patch
|
|
@ -0,0 +1,3 @@
|
||||||
|
resources:
|
||||||
|
- drone-server-deployment.yaml
|
||||||
|
- drone-runner-deployment.yaml
|
|
@ -32,7 +32,10 @@ spec:
|
||||||
- name: DB_TYPE
|
- name: DB_TYPE
|
||||||
value: mysql
|
value: mysql
|
||||||
- name: DB_HOST
|
- name: DB_HOST
|
||||||
value: mariadb.gitea.svc:3306
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mariadb-credentials-secret
|
||||||
|
key: host
|
||||||
- name: DB_NAME
|
- name: DB_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
|
|
|
@ -19,4 +19,4 @@ spec:
|
||||||
- path: /
|
- path: /
|
||||||
backend:
|
backend:
|
||||||
serviceName: gitea-http
|
serviceName: gitea-http
|
||||||
servicePort: http
|
servicePort: http
|
||||||
|
|
|
@ -1,7 +1,5 @@
|
||||||
resources:
|
resources:
|
||||||
- gitea-deployment.yaml
|
- gitea-deployment.yaml
|
||||||
- drone-server-deployment.yaml
|
|
||||||
- drone-runner-deployment.yaml
|
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
|
|
||||||
secretGenerator:
|
secretGenerator:
|
||||||
|
@ -9,15 +7,16 @@ secretGenerator:
|
||||||
type: Opaque
|
type: Opaque
|
||||||
behavior: create
|
behavior: create
|
||||||
literals:
|
literals:
|
||||||
|
- host=mariadb.localhost:3306
|
||||||
- database=gitea
|
- database=gitea
|
||||||
- username=gitea
|
- username=gitea
|
||||||
- password=replaceme
|
- password=changeme
|
||||||
- name: drone-secret
|
- name: drone-secret
|
||||||
type: Opaque
|
type: Opaque
|
||||||
literals:
|
literals:
|
||||||
- rpc_secret=replaceme
|
- rpc_secret=changeme
|
||||||
- name: drone-gitea-oauth-secret
|
- name: drone-gitea-oauth-secret
|
||||||
type: Opaque
|
type: Opaque
|
||||||
literals:
|
literals:
|
||||||
- client_id=replaceme
|
- client_id=changeme
|
||||||
- client_secret=replaceme
|
- client_secret=changeme
|
||||||
|
|
|
@ -24,7 +24,10 @@ spec:
|
||||||
- name: GF_DATABASE_TYPE
|
- name: GF_DATABASE_TYPE
|
||||||
value: mysql
|
value: mysql
|
||||||
- name: GF_DATABASE_HOST
|
- name: GF_DATABASE_HOST
|
||||||
value: mariadb.grafana.svc:3306
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mariadb-credentials-secret
|
||||||
|
key: host
|
||||||
- name: GF_DATABASE_NAME
|
- name: GF_DATABASE_NAME
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
|
|
|
@ -12,6 +12,7 @@ secretGenerator:
|
||||||
type: Opaque
|
type: Opaque
|
||||||
behavior: create
|
behavior: create
|
||||||
literals:
|
literals:
|
||||||
|
- host=mariadb.localhost:3306
|
||||||
- database=grafana
|
- database=grafana
|
||||||
- username=grafana
|
- username=grafana
|
||||||
- password=replaceme
|
- password=changeme
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
--- a 2020-08-03 08:27:39.420706235 -0400
|
--- a 2020-08-10 23:16:01.598069317 -0400
|
||||||
+++ b 2020-08-03 08:29:09.257135444 -0400
|
+++ b 2020-08-10 23:16:35.401656793 -0400
|
||||||
@@ -1,14 +1,4 @@
|
@@ -1,14 +1,4 @@
|
||||||
-
|
-
|
||||||
-apiVersion: v1
|
-apiVersion: v1
|
||||||
|
@ -253,11 +253,13 @@
|
||||||
spec:
|
spec:
|
||||||
template:
|
template:
|
||||||
metadata:
|
metadata:
|
||||||
@@ -525,7 +515,7 @@
|
@@ -524,8 +514,8 @@
|
||||||
|
imagePullPolicy: IfNotPresent
|
||||||
args:
|
args:
|
||||||
- create
|
- create
|
||||||
- --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.ingress-nginx.svc
|
- - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.ingress-nginx.svc
|
||||||
- - --namespace=ingress-nginx
|
- - --namespace=ingress-nginx
|
||||||
|
+ - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.kube-system.svc
|
||||||
+ - --namespace=kube-system
|
+ - --namespace=kube-system
|
||||||
- --secret-name=ingress-nginx-admission
|
- --secret-name=ingress-nginx-admission
|
||||||
restartPolicy: OnFailure
|
restartPolicy: OnFailure
|
||||||
|
|
|
@ -8,6 +8,7 @@ secretGenerator:
|
||||||
type: Opaque
|
type: Opaque
|
||||||
behavior: create
|
behavior: create
|
||||||
literals:
|
literals:
|
||||||
|
- host=mariadb.localhost:3306
|
||||||
- database=nextcloud
|
- database=nextcloud
|
||||||
- username=nextcloud
|
- username=nextcloud
|
||||||
- password=replaceme
|
- password=changeme
|
||||||
|
|
|
@ -20,7 +20,10 @@ spec:
|
||||||
- name: TRUSTED_PROXIES
|
- name: TRUSTED_PROXIES
|
||||||
value: 10.0.0.0/8
|
value: 10.0.0.0/8
|
||||||
- name: MYSQL_HOST
|
- name: MYSQL_HOST
|
||||||
value: mariadb.nextcloud.svc:3306
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: mariadb-credentials-secret
|
||||||
|
key: host
|
||||||
- name: MYSQL_DATABASE
|
- name: MYSQL_DATABASE
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
|
|
|
@ -0,0 +1,4 @@
|
||||||
|
bases:
|
||||||
|
- ../../bases/cert-manager
|
||||||
|
|
||||||
|
# namespace: cert-manager
|
|
@ -1,5 +1,4 @@
|
||||||
bases:
|
bases:
|
||||||
- ../../bases/ingress-nginx
|
- ../../bases/ingress-nginx
|
||||||
- ../../bases/cert-manager
|
|
||||||
|
|
||||||
namespace: kube-system
|
namespace: kube-system
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
bases:
|
bases:
|
||||||
- ../../namespaces/kube-system
|
- ../../namespaces/kube-system
|
||||||
|
- ../../namespaces/cert-manager
|
||||||
|
|
||||||
# allow "kubectl apply -l managed-by=auto-deploy --prune ..."
|
# allow "kubectl apply -l managed-by=auto-deploy --prune ..."
|
||||||
commonlabels:
|
commonlabels:
|
||||||
|
|
|
@ -27,8 +27,9 @@ if ! k3d cluster list "$cluster_name" &>/dev/null; then
|
||||||
--agents 3 \
|
--agents 3 \
|
||||||
--k3s-server-arg '--no-deploy=traefik' \
|
--k3s-server-arg '--no-deploy=traefik' \
|
||||||
--volume "$k3s_registry_config:/etc/rancher/k3s/registries.yaml" \
|
--volume "$k3s_registry_config:/etc/rancher/k3s/registries.yaml" \
|
||||||
-p 8080:80@loadbalancer
|
-p 80:80@loadbalancer \
|
||||||
sleep 1
|
-p 443:443@loadbalancer
|
||||||
|
sleep 10
|
||||||
fi
|
fi
|
||||||
# --volume ":/var/lib/rancher/k3s/server/manifests/auto-deploy.yaml" \
|
# --volume ":/var/lib/rancher/k3s/server/manifests/auto-deploy.yaml" \
|
||||||
|
|
||||||
|
@ -44,6 +45,36 @@ if ! docker ps -a | grep registry.localhost &>/dev/null; then
|
||||||
docker network connect "k3d-$cluster_name" registry.localhost
|
docker network connect "k3d-$cluster_name" registry.localhost
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# local mariadb database
|
||||||
|
if ! docker ps -a | grep mariadb.localhost &>/dev/null; then
|
||||||
|
docker volume create local_mariadb
|
||||||
|
docker run -d \
|
||||||
|
--name mariadb.localhost \
|
||||||
|
--volume local_mariadb:/var/lib/mysql \
|
||||||
|
--restart always \
|
||||||
|
--env MYSQL_ROOT_PASSWORD=changeme \
|
||||||
|
-p 3306:3306 \
|
||||||
|
mariadb:10.5
|
||||||
|
docker network connect "k3d-$cluster_name" mariadb.localhost
|
||||||
|
sleep 10
|
||||||
|
fi
|
||||||
|
|
||||||
|
docker exec mariadb.localhost mysql -vv -uroot -pchangeme -e "
|
||||||
|
CREATE DATABASE IF NOT EXISTS gitea;
|
||||||
|
CREATE USER IF NOT EXISTS 'gitea'@'%' IDENTIFIED BY 'changeme';
|
||||||
|
GRANT ALL PRIVILEGES ON gitea.* TO 'gitea'@'%';
|
||||||
|
|
||||||
|
CREATE DATABASE IF NOT EXISTS grafana;
|
||||||
|
CREATE USER IF NOT EXISTS 'grafana'@'%' IDENTIFIED BY 'changeme';
|
||||||
|
GRANT ALL PRIVILEGES ON grafana.* TO 'grafana'@'%';
|
||||||
|
|
||||||
|
CREATE DATABASE IF NOT EXISTS nextcloud;
|
||||||
|
CREATE USER IF NOT EXISTS 'nextcloud'@'%' IDENTIFIED BY 'changeme';
|
||||||
|
GRANT ALL PRIVILEGES ON grafana.* TO 'nextcloud'@'%';
|
||||||
|
|
||||||
|
FLUSH PRIVILEGES;
|
||||||
|
"
|
||||||
|
|
||||||
k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null
|
k3d kubeconfig merge "$cluster_name" --switch-context >/dev/null
|
||||||
kubectl apply -f "$auto_deploy_manifest"
|
kubectl apply -f "$auto_deploy_manifest"
|
||||||
kubectl get nodes
|
kubectl get nodes
|
Loading…
Reference in New Issue