blob: a0ad4419642ae4107a176cf90708734c7b3104bd [file] [log] [blame]
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: git
namespace: mulk
labels:
name: git
k8s-app: git
spec:
replicas: 1
selector:
matchLabels:
k8s-app: git
name: git
template:
metadata:
labels:
name: git
k8s-app: git
spec:
imagePullSecrets:
- name: kube-registry-token
containers:
- name: master
image: woahbase/alpine-cgit:latest
imagePullPolicy: Always
env: []
resources:
limits:
cpu: 2000m
memory: 100Mi
requests:
cpu: 10m
memory: 50Mi
ports:
- containerPort: 80
name: cgit-http
protocol: TCP
volumeMounts:
- name: data
mountPath: /home/git
- name: config
mountPath: /etc/cgitrc
subPath: cgitrc
readOnly: true
volumes:
- name: data
persistentVolumeClaim:
claimName: git-data
- name: config
configMap:
name: git-config
---
apiVersion: v1
kind: Service
metadata:
name: git-cgit
namespace: mulk
labels:
k8s-app: git
name: git-cgit
spec:
selector:
k8s-app: git
type: ClusterIP
ports:
- name: http
port: 80
targetPort: cgit-http
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: git-gitolite
namespace: mulk
labels:
k8s-app: git
name: git-gitolite
spec:
selector:
k8s-app: git
type: ClusterIP
ports:
- name: ssh
port: 22
targetPort: gitolite-ssh
protocol: TCP
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: git-data
namespace: mulk
labels:
name: git-data
k8s-app: git
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 200Gi
storageClassName: local-path
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: git-cgit-cgi
namespace: mulk
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /cgit/cgit.cgi/$1$2
spec:
rules:
- host: git.benkard.de
http:
paths:
- backend:
service:
name: git-cgit
port:
number: 80
path: /(.*)[.]git(/.*)?$
pathType: ImplementationSpecific
- backend:
service:
name: git-cgit
port:
number: 80
path: /(.*)(.*)?$
pathType: ImplementationSpecific
tls:
- hosts:
- git.benkard.de
secretName: git-cgit-cgi-tls
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: git-cgit-assets
namespace: mulk
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/rewrite-target: /cgit/$1
spec:
rules:
- host: static.git.benkard.de
http:
paths:
- backend:
service:
name: git-cgit
port:
number: 80
path: /(.*)
pathType: ImplementationSpecific
tls:
- hosts:
- static.git.benkard.de
secretName: git-cgit-assets-tls
---
apiVersion: v1
kind: ConfigMap
metadata:
name: git-config
namespace: mulk
data:
cgitrc: |-
css=https://static.git.benkard.de/cgit.css
logo=https://static.git.benkard.de/cgit.png
remove-suffix=1
enable-commit-graph=1
enable-index-links=1
enable-log-filecount=1
enable-log-linecount=1
enable-git-config=1
case-sensitive-sort=0
virtual-root=https://git.benkard.de/
#cache-size=10000
#cache-root=/var/cache/cgit
# needs Pygments
#source-filter=/usr/lib/cgit/filters/syntax-highlighting.py
about-filter=/usr/lib/cgit/filters/about-formatting.sh
clone-url=https://git.benkard.de/$CGIT_REPO_URL
readme=:README.md
readme=:README.markdown
readme=:README.html
readme=:README.txt
readme=:README
project-list=/home/git/projects.list
scan-path=/home/git/repositories/
#
---
apiVersion: batch/v1
kind: CronJob
metadata:
name: git-github-replication
namespace: mulk
labels: &labels
k8s-app: git
spec:
schedule: "*/120 * * * *"
concurrencyPolicy: Forbid
jobTemplate:
spec:
ttlSecondsAfterFinished: 3600
template:
metadata:
name: git-github-replication
labels: *labels
spec:
restartPolicy: OnFailure
volumes:
- name: github-secrets
secret:
secretName: github-secrets
defaultMode: 0444
- name: data
persistentVolumeClaim:
claimName: git-data
containers:
- name: master
image: buildpack-deps:scm
securityContext:
runAsUser: 100
runAsGroup: 101
command:
- bash
- -c
- |
for x in \
aquifer \
benki \
cellspp \
cl-json-template \
cl-mulkutils \
cl-protocols \
cljssss-g \
fibers \
hellonet \
instadump \
jgvariant \
json-template-r6rs \
json-template-racket \
json-template-typed-racket \
logikorr \
mulkcms \
mulkcms2 \
mulkjournal \
mulklib \
mulkontainers \
mulkrypt-for-racket \
mulkyid \
objective-cl \
quarkus-googlecloud-jsonlogging \
toilet
do
cd "/git/repositories/mulk/$x.git"
git fetch "https://gitlab.benkard.de/mulk/${x}.git" master:master
git push "git@github.com:benkard/${x}.git" master
done
true
env:
- name: HOME
value: /nonexistent
resources:
limits:
memory: 100Mi
requests:
cpu: 20m
memory: 100Mi
volumeMounts:
- name: github-secrets
mountPath: /nonexistent/.ssh
readOnly: true
- name: data
mountPath: /git