git/git.yaml - kubeia - Gitiles

 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: git
   namespace: mulk
   labels:
     name: git
     k8s-app: git
 spec:
   replicas: 1
   selector:
     matchLabels:
       k8s-app: git
       name: git
   template:
     metadata:
       labels:
         name: git
         k8s-app: git
     spec:
       imagePullSecrets:
         - name: kube-registry-token
       containers:
         - name: master
           image: woahbase/alpine-cgit:latest
           imagePullPolicy: Always
           env: []
           resources:
             limits:
               cpu: 2000m
               memory: 100Mi
             requests:
               cpu: 10m
               memory: 50Mi
           ports:
             - containerPort: 80
               name: cgit-http
               protocol: TCP
           volumeMounts:
             - name: data
               mountPath: /home/git
             - name: config
               mountPath: /etc/cgitrc
               subPath: cgitrc
               readOnly: true
       volumes:
         - name: data
           persistentVolumeClaim:
             claimName: git-data
         - name: config
           configMap:
             name: git-config
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: git-cgit
   namespace: mulk
   labels:
     k8s-app: git
     name: git-cgit
 spec:
   selector:
     k8s-app: git
   type: ClusterIP
   ports:
    - name: http
      port: 80
      targetPort: cgit-http
      protocol: TCP
 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: git-gitolite
   namespace: mulk
   labels:
     k8s-app: git
     name: git-gitolite
 spec:
   selector:
     k8s-app: git
   type: ClusterIP
   ports:
    - name: ssh
      port: 22
      targetPort: gitolite-ssh
      protocol: TCP
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: git-data
   namespace: mulk
   labels:
     name: git-data
     k8s-app: git
 spec:
   accessModes:
     - ReadWriteOnce
   resources:
     requests:
       storage: 200Gi
   storageClassName: local-path
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: git-cgit-cgi
   namespace: mulk
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-prod
     kubernetes.io/ingress.class: nginx
     nginx.ingress.kubernetes.io/rewrite-target: /cgit/cgit.cgi/$1$2
 spec:
   rules:
   - host: git.benkard.de
     http:
       paths:
       - backend:
           service:
             name: git-cgit
             port:
               number: 80
         path: /(.*)[.]git(/.*)?$
         pathType: ImplementationSpecific
       - backend:
           service:
             name: git-cgit
             port:
               number: 80
         path: /(.*)(.*)?$
         pathType: ImplementationSpecific
   tls:
   - hosts:
     - git.benkard.de
     secretName: git-cgit-cgi-tls
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: git-cgit-assets
   namespace: mulk
   annotations:
     cert-manager.io/cluster-issuer: letsencrypt-prod
     kubernetes.io/ingress.class: nginx
     nginx.ingress.kubernetes.io/rewrite-target: /cgit/$1
 spec:
   rules:
   - host: static.git.benkard.de
     http:
       paths:
       - backend:
           service:
             name: git-cgit
             port:
               number: 80
         path: /(.*)
         pathType: ImplementationSpecific
   tls:
   - hosts:
     - static.git.benkard.de
     secretName: git-cgit-assets-tls
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: git-config
   namespace: mulk
 data:
   cgitrc: |-
     css=https://static.git.benkard.de/cgit.css
     logo=https://static.git.benkard.de/cgit.png

     remove-suffix=1
     enable-commit-graph=1
     enable-index-links=1
     enable-log-filecount=1
     enable-log-linecount=1
     enable-git-config=1
     case-sensitive-sort=0

     virtual-root=https://git.benkard.de/

     #cache-size=10000
     #cache-root=/var/cache/cgit

     # needs Pygments
     #source-filter=/usr/lib/cgit/filters/syntax-highlighting.py

     about-filter=/usr/lib/cgit/filters/about-formatting.sh

     clone-url=https://git.benkard.de/$CGIT_REPO_URL

     readme=:README.md
     readme=:README.markdown
     readme=:README.html
     readme=:README.txt
     readme=:README

     project-list=/home/git/projects.list
     scan-path=/home/git/repositories/

     #

 ---

 apiVersion: batch/v1
 kind: CronJob

 metadata:
   name: git-github-replication
   namespace: mulk
   labels: &labels
     k8s-app: git

 spec:
   schedule: "*/120 * * * *"

   jobTemplate:

     spec:
       ttlSecondsAfterFinished: 3600

       template:
         metadata:
           name: git-github-replication
           labels: *labels

         spec:
           restartPolicy: OnFailure

           volumes:
             - name: github-secrets
               secret:
                 secretName: github-secrets
                 defaultMode: 0400
             - name: data
               persistentVolumeClaim:
                 claimName: git-data

           containers:
             - name: master
               image: buildpack-deps:scm
               command:
                 - bash
                 - -c
                 - |
                   for x in \
                       aquifer \
                       benki \
                       cellspp \
                       cl-json-template \
                       cl-mulkutils \
                       cl-protocols \
                       cljssss-g \
                       fibers \
                       hellonet \
                       instadump \
                       json-template-r6rs \
                       json-template-racket \
                       json-template-typed-racket \
                       logikorr \
                       mulkcms \
                       mulkjournal \
                       mulklib \
                       mulkrypt-for-racket \
                       mulkyid \
                       objective-cl \
                       toilet
                   do
                       cd "/git/repositories/mulk/$x.git"
                       git push "git@github.com:benkard/${x}.git" master
                   done
                   true
               resources:
                 limits:
                   memory: 100Mi
                 requests:
                   cpu: 20m
                   memory: 100Mi
               volumeMounts:
                 - name: github-secrets
                   mountPath: /root/.ssh
                   readOnly: true
                 - name: data
                   mountPath: /git
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: git
	namespace: mulk
	labels:
	name: git
	k8s-app: git
	spec:
	replicas: 1
	selector:
	matchLabels:
	k8s-app: git
	name: git
	template:
	metadata:
	labels:
	name: git
	k8s-app: git
	spec:
	imagePullSecrets:
	- name: kube-registry-token
	containers:
	- name: master
	image: woahbase/alpine-cgit:latest
	imagePullPolicy: Always
	env: []
	resources:
	limits:
	cpu: 2000m
	memory: 100Mi
	requests:
	cpu: 10m
	memory: 50Mi
	ports:
	- containerPort: 80
	name: cgit-http
	protocol: TCP
	volumeMounts:
	- name: data
	mountPath: /home/git
	- name: config
	mountPath: /etc/cgitrc
	subPath: cgitrc
	readOnly: true
	volumes:
	- name: data
	persistentVolumeClaim:
	claimName: git-data
	- name: config
	configMap:
	name: git-config
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: git-cgit
	namespace: mulk
	labels:
	k8s-app: git
	name: git-cgit
	spec:
	selector:
	k8s-app: git
	type: ClusterIP
	ports:
	- name: http
	port: 80
	targetPort: cgit-http
	protocol: TCP
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: git-gitolite
	namespace: mulk
	labels:
	k8s-app: git
	name: git-gitolite
	spec:
	selector:
	k8s-app: git
	type: ClusterIP
	ports:
	- name: ssh
	port: 22
	targetPort: gitolite-ssh
	protocol: TCP
	---
	apiVersion: v1
	kind: PersistentVolumeClaim
	metadata:
	name: git-data
	namespace: mulk
	labels:
	name: git-data
	k8s-app: git
	spec:
	accessModes:
	- ReadWriteOnce
	resources:
	requests:
	storage: 200Gi
	storageClassName: local-path
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: git-cgit-cgi
	namespace: mulk
	annotations:
	cert-manager.io/cluster-issuer: letsencrypt-prod
	kubernetes.io/ingress.class: nginx
	nginx.ingress.kubernetes.io/rewrite-target: /cgit/cgit.cgi/$1$2
	spec:
	rules:
	- host: git.benkard.de
	http:
	paths:
	- backend:
	service:
	name: git-cgit
	port:
	number: 80
	path: /(.)[.]git(/.)?$
	pathType: ImplementationSpecific
	- backend:
	service:
	name: git-cgit
	port:
	number: 80
	path: /(.)(.)?$
	pathType: ImplementationSpecific
	tls:
	- hosts:
	- git.benkard.de
	secretName: git-cgit-cgi-tls
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: git-cgit-assets
	namespace: mulk
	annotations:
	cert-manager.io/cluster-issuer: letsencrypt-prod
	kubernetes.io/ingress.class: nginx
	nginx.ingress.kubernetes.io/rewrite-target: /cgit/$1
	spec:
	rules:
	- host: static.git.benkard.de
	http:
	paths:
	- backend:
	service:
	name: git-cgit
	port:
	number: 80
	path: /(.*)
	pathType: ImplementationSpecific
	tls:
	- hosts:
	- static.git.benkard.de
	secretName: git-cgit-assets-tls
	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	name: git-config
	namespace: mulk
	data:
	cgitrc: \|-
	css=https://static.git.benkard.de/cgit.css
	logo=https://static.git.benkard.de/cgit.png

	remove-suffix=1
	enable-commit-graph=1
	enable-index-links=1
	enable-log-filecount=1
	enable-log-linecount=1
	enable-git-config=1
	case-sensitive-sort=0

	virtual-root=https://git.benkard.de/

	#cache-size=10000
	#cache-root=/var/cache/cgit

	# needs Pygments
	#source-filter=/usr/lib/cgit/filters/syntax-highlighting.py

	about-filter=/usr/lib/cgit/filters/about-formatting.sh

	clone-url=https://git.benkard.de/$CGIT_REPO_URL

	readme=:README.md
	readme=:README.markdown
	readme=:README.html
	readme=:README.txt
	readme=:README

	project-list=/home/git/projects.list
	scan-path=/home/git/repositories/

	#

	---

	apiVersion: batch/v1
	kind: CronJob

	metadata:
	name: git-github-replication
	namespace: mulk
	labels: &labels
	k8s-app: git

	spec:
	schedule: "/120 * * *"

	jobTemplate:

	spec:
	ttlSecondsAfterFinished: 3600

	template:
	metadata:
	name: git-github-replication
	labels: *labels

	spec:
	restartPolicy: OnFailure

	volumes:
	- name: github-secrets
	secret:
	secretName: github-secrets
	defaultMode: 0400
	- name: data
	persistentVolumeClaim:
	claimName: git-data

	containers:
	- name: master
	image: buildpack-deps:scm
	command:
	- bash
	- -c
	- \|
	for x in \
	aquifer \
	benki \
	cellspp \
	cl-json-template \
	cl-mulkutils \
	cl-protocols \
	cljssss-g \
	fibers \
	hellonet \
	instadump \
	json-template-r6rs \
	json-template-racket \
	json-template-typed-racket \
	logikorr \
	mulkcms \
	mulkjournal \
	mulklib \
	mulkrypt-for-racket \
	mulkyid \
	objective-cl \
	toilet
	do
	cd "/git/repositories/mulk/$x.git"
	git push "git@github.com:benkard/${x}.git" master
	done
	true
	resources:
	limits:
	memory: 100Mi
	requests:
	cpu: 20m
	memory: 100Mi
	volumeMounts:
	- name: github-secrets
	mountPath: /root/.ssh
	readOnly: true
	- name: data
	mountPath: /git