FluxCD/applications
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat: add vita

Browse Source
This commit is contained in:
Yi-Ting Shih
2025-12-13 06:08:17 +08:00
parent 621838f3c6
commit 775746cd79
12 changed files with 329 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
flux-applications/vita.yaml Normal file
View File

@@ -0,0 +1,18 @@
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: vita
namespace: flux-system
spec:
interval: 10m0s
path: ./vita/
prune: true
force: false
sourceRef:
kind: GitRepository
name: applications
decryption:
provider: sops
secretRef:
name: sops-gpg

4
vita/.sops.yaml Normal file
View File

@@ -0,0 +1,4 @@
creation_rules:
- path_regex: '.*.yaml'
encrypted_regex: '^(data|stringData)$'
pgp: A638A6B54530D54E868F9D3238736C662F799E0D

78
vita/deploy.backend.yaml Normal file
View File

@@ -0,0 +1,78 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: vita-backend
labels:
app: vita-backend
spec:
replicas: 1
selector:
matchLabels:
app: vita-backend
template:
metadata:
labels:
app: vita-backend
spec:
containers:
- name: backend
image: gitea.konchin.com/go2025/backend:main
env:
- name: EXTERNAL_URL
valueFrom:
configMapKeyRef:
name: vita-backend-config
key: EXTERNAL_URL
- name: PRESHARED_KEY
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: PRESHARED_KEY
- name: ACCESS_TOKEN_SECRET
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: ACCESS_TOKEN_SECRET
- name: REFRESH_TOKEN_SECRET
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: REFRESH_TOKEN_SECRET
- name: PG_CONNECTION_STRING
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: PG_CONNECTION_STRING
- name: MINIO_HOST
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: MINIO_HOST
- name: MINIO_BUCKET
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: MINIO_BUCKET
- name: MINIO_ACCESSKEY
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: MINIO_ACCESSKEY
- name: MINIO_SECRETKEY
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: MINIO_SECRETKEY
- name: MINIO_USESSL
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: MINIO_USESSL
- name: UPTRACE_DSN
valueFrom:
secretKeyRef:
name: vita-backend-secret
key: UPTRACE_DSN
imagePullSecrets:
- name: regcred

49
vita/deploy.dcbot.yaml Normal file
View File

@@ -0,0 +1,49 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: vita-dcbot
labels:
app: vita-dcbot
spec:
replicas: 0
selector:
matchLabels:
app: vita-dcbot
template:
metadata:
labels:
app: vita-dcbot
spec:
containers:
- name: dcbot
image: gitea.konchin.com/go2025/backend:main
args: ["dcbot"]
env:
- name: PRESHARED_KEY
valueFrom:
secretKeyRef:
name: vita-dcbot-secret
key: PRESHARED_KEY
- name: DISCORD_BOT_TOKEN
valueFrom:
secretKeyRef:
name: vita-dcbot-secret
key: DISCORD_BOT_TOKEN
- name: API_ENDPOINT
valueFrom:
configMapKeyRef:
name: vita-dcbot-config
key: API_ENDPOINT
- name: EXTERNAL_URL
valueFrom:
configMapKeyRef:
name: vita-dcbot-config
key: EXTERNAL_URL
- name: UPTRACE_DSN
valueFrom:
secretKeyRef:
name: vita-dcbot-secret
key: UPTRACE_DSN
imagePullSecrets:
- name: regcred

22
vita/deploy.frontend.yaml Normal file
View File

@@ -0,0 +1,22 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: vita-frontend
labels:
app: vita-frontend
spec:
replicas: 1
selector:
matchLabels:
app: vita-frontend
template:
metadata:
labels:
app: vita-frontend
spec:
containers:
- name: frontend
image: gitea.konchin.com/go2025/frontend:main
imagePullSecrets:
- name: regcred

32
vita/ingress.yaml Normal file
View File

@@ -0,0 +1,32 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: vita-ing
spec:
ingressClassName: traefik-prod
rules:
- host: "go2025.konchin.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: frontend
port:
number: 80
- path: /api
pathType: Prefix
backend:
service:
name: backend
port:
number: 8080
- path: /img
pathType: Prefix
backend:
service:
name: backend
port:
number: 8080

16
vita/kustomization.yaml Normal file
View File

@@ -0,0 +1,16 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: vita
generatorOptions:
disableNameSuffixHash: true
resources:
- namespace.yaml
- deploy.backend.yaml
- deploy.dcbot.yaml
- deploy.frontend.yaml
- svc.backend.yaml
- svc.frontend.yaml
- secret.backend.yaml
- secret.dcbot.yaml
- ingress.yaml

5
vita/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: vita

41
vita/secret.backend.yaml Normal file
View File

@@ -0,0 +1,41 @@
apiVersion: v1
kind: Secret
metadata:
name: vita-backend-secret
data:
ACCESS_TOKEN_SECRET: ENC[AES256_GCM,data:AzbuPVOw0m9tSRSXz4XMjLS44lVWw2fUJ2C8lJy/4F/nYIupxUhA/E/V/jo=,iv:t7ZjphPvciUokGzGoLJNBIntkrbHqIz2mVOFOLdvo5M=,tag:DlMB8J2Gnj6ecoaL4l86bQ==,type:str]
MINIO_ACCESSKEY: ENC[AES256_GCM,data:edouSYxiYx8=,iv:EMjrSpho9/zLcdBQXKKDRBdsQgnhbt6aiLTR1mXqHDk=,tag:6jHg6l3P0xej4TJaOJwCAw==,type:str]
MINIO_BUCKET: ENC[AES256_GCM,data:U15ZwRY/X4E=,iv:kliQ9Pi8Q8gdLRN9ErJtCOQDyFWzhcj7kUpq/ow1Nzw=,tag:OfgxDRPBPY5Nj9qOI2BSyg==,type:str]
MINIO_HOST: ENC[AES256_GCM,data:shDzkYcwTpoY4JANjeJSgg==,iv:KITDxKAI3jou3ThlMqgEf5VSf6/L4nb2FVxYHQdpvP4=,tag:SXW2oVG0Co/DTUAy1afknQ==,type:str]
MINIO_SECRETKEY: ENC[AES256_GCM,data:G7BvBrNDNPoiaTM8YnbnXQ==,iv:rrjumyerkK8lyKuIlkh5MIwiFhf42BN30CeV5L4cLsU=,tag:WdZDBNqizJrErjc+cryimQ==,type:str]
MINIO_USESSL: ENC[AES256_GCM,data:3su0xKmAs6c=,iv:tmRBYpx7GTmZvnqJ4yaN+R6uYa3l0E/Wpw4RCu45eRw=,tag:rdAakCwXYwnKCXSJbjrqcQ==,type:str]
PG_CONNECTION_STRING: ENC[AES256_GCM,data:arA7VJa0RA+C4wiQi3HkCqyOJCS50RG9226cFc8pgLMeihWO1hPyb8cVXPHHUbWGdxLZSTEgPa/KD//jnIzCrSgO+cmcQ5AxSl289UsAGN9ltohN,iv:xxGL3NUil1kSvedpaQa5aQAQ8x11rYsGmDofNv+xcHE=,tag:buk6KASKEf0QSjm0f8amWw==,type:str]
PRESHARED_KEY: ENC[AES256_GCM,data:LeV4tOohVKoY1zshqpB6hvPkeK5JyD8BrbXhtK/rsYheGOM9Z3AGiispLls=,iv:w2BQG0ziTju6VjpWKoVp2xkpikKuAfeZF7Kn8Fq+TSc=,tag:NSVWuRogU0uaaNGvU7buVg==,type:str]
REFRESH_TOKEN_SECRET: ENC[AES256_GCM,data:O2FbIOMYlXMZ6IfW0kbkrL/zzAmj49Sue+NnxdlDYqmRb6u/Qo9rMlRyIWA=,iv:BbFgPC7OSPEDPZFadkUOioXeFWQ7Gj1RniM3gnTTcpA=,tag:4SPYqY62f41uhYzoTbgSnA==,type:str]
UPTRACE_DSN: ENC[AES256_GCM,data:v8KjY6GN5BcR8WneDrtXIkx24iZ0OHwY9lqm6NtehwYvn+Ns3GtoFnyEWcO25+vKIu4Bwg==,iv:Llz5ThtgKRTykSijvS36Lmb8objW8RBIB6i/8++zC8g=,tag:q3MfPne1w8Pa/A+RFBrpLw==,type:str]
sops:
lastmodified: "2025-12-12T21:59:00Z"
mac: ENC[AES256_GCM,data:7+hsQ6aqHjnB4ibAyyC3ayzyNYLZSudHXMq+t5wsbx+hBd3LFVWEzeTU7ZjLhFM7gct+JIYTrAsIIt2nS8XbuuGSJQYLnX7wodQXYE5pycBl6k6MA9jrCcWXzTG73FIeUB6gk20P0QvbiIfVdhW7I5ZUIZwWtDz4q6WSxQESAs8=,iv:wI9S1gF6WXzCNxj9zRF/ZXMtcVrYrKA7OiWQRKfk5bA=,tag:kblVlbpMlTEuioAppiyzsA==,type:str]
pgp:
- created_at: "2025-12-12T21:59:00Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA+nT7MSlwYOAAQ//e7yyIiW2wIWLrblsXGXRXXt9BcuDpKkngHioce8Q/RZw
Kbp0IgN+cLBWuoySIUCaotzKC/IvqxcZsxTj+EifSSygpYVAr7zmbzUKercWdqM8
M1kzO0o0JiYeDIYCkgheXuNM3WSa8O2lmbpEs/44Do6pTDlqJHnSIs8Iwm0q7a8Z
0GmHRhHhQgVzXeO2LHjUOipD69H5jEUndPQBXxd5vftBoRqhYVMeLRsmL1PZ8/K/
YE3ST0opS1yFGxCm4FZTj8B+2F7aHXQi4wbsev4FAN7RlsQGCjWF2gPGZm20aEcl
tccVolOmPFABcdNvgX9S3n11Gj2drb++6v1bscWiTrUDqUIQVAeEtKQzOWtxezqt
rEc8zFJ96vEOrVC6vrPgLc/4/n5O+8+5/LfqlIvOuWxp0QVVM0U8bMivXOD3oC6N
8c91agFFNLXh6dWzIRrVcnsdW09sdLtXYtiPLRwvY8+yBplDHRYla1c1ps9cIP5Y
omYgQs++qNIzmoPsR5LEF+3do4RY97umR7yHBgBgQODmFERuAxOKNIpiY4JldLjf
wjy/bE28WfjBAJs0NA/yxxcA11IxRPLWRHwgCnJ6KemtwA5X8V06nXpjZE25n19C
IiBg3Xh1xsM6T6VHQL6Cmpj9iMDA4r2ew4Rlml7v6/dUxa+T7zSkmasN3Z2l2sfS
XgGtvlRlPlF7GZqyM/1/Qv9hLvvzZUu6LA4jiT+FVBL6nZa29sSIboX0oB5Jphv8
lejwbL5wdG7fsWB2tz5OlGqJ0G+6+uypKY8LknZFyeVnhlnBj+3EoAxKYAu0MH4=
=0Uby
-----END PGP MESSAGE-----
fp: A638A6B54530D54E868F9D3238736C662F799E0D
encrypted_regex: ^(data|stringData)$
version: 3.11.0

34
vita/secret.dcbot.yaml Normal file
View File

@@ -0,0 +1,34 @@
apiVersion: v1
kind: Secret
metadata:
name: vita-dcbot-secret
data:
DISCORD_BOT_TOKEN: ENC[AES256_GCM,data:CdUSDQ4hasVJjRBuzdbaTa+/+vtVI/6N9xcRCv3cRiJ1Kpmpbm0A0G+IakMZgwGgRjJo7HStlNIG60J8UH3KowWdbJ6EtdVDWvLnk5RbeaN7aaJ+qyg9AqLgjd4hdGHQ,iv:nyI2BCOjdw5pJqqOOmnZ2XQUh6YiyzW/PjkhJI7yOfo=,tag:iwJR5OJ2L73YldjE1ZdJ9g==,type:str]
PRESHARED_KEY: ENC[AES256_GCM,data:BhSl2XJtMePP9JcyyYD5rzjRMrcCyTizwcnBBbUwZV1zPSk+xSx1DJru7wc=,iv:1Q2rDQA2iz20fNWqH5RhmGEit8zdgTvxFaNJBtvlcME=,tag:R9g4rDOKATp6XR9Y1rNALQ==,type:str]
UPTRACE_DSN: ENC[AES256_GCM,data:xxcp4Wg9II2+JjIggJoHy8IqbaJHUXB7M2d3SLreCz5tk6QaUnKLJTP50uApACYHyewePA==,iv:yjg75Us6e7hC1P8b0CyNy3QSXHEf4cO/ewoXKyf8jBg=,tag:OKbiDTlUwUEFQuBP3QXpQQ==,type:str]
sops:
lastmodified: "2025-12-12T21:29:43Z"
mac: ENC[AES256_GCM,data:pNpvE5qE11kE4egHc1M4227GjoQJn4gYPqQ60IUOSDDe4ZRjWkJomdmlyTdZSPudCLmF7vm0IJVk9RDtYd44SsuxiK0OXmtrAFeUi99qV0LMqj23hUrTDwZ0BPn62mXDtR0o4BcL/dXbWdwVRCN5zn1RxfxOQ+DqXmHxxfj6BMo=,iv:wq7+3CzCAWSA7P7YbvNb9HMDjF0SWc95XlHL6IfuO7g=,tag:esmiKuNuAU4Rj/zZS5wGgQ==,type:str]
pgp:
- created_at: "2025-12-12T21:29:43Z"
enc: |-
-----BEGIN PGP MESSAGE-----
hQIMA+nT7MSlwYOAAQ/7BY8sLcBdS2QXJ2KrrXpTH7cpU6PIiVZ3JfZGKRt2y8aA
SNusppniCFST0cTTisx1ti266hRxIpOUUB6qv0956w6yCl57V7/icfxvSKsaHjnK
SYoWpDUifavztmwEGKmmhZg0WYlaDpohx3UTDwsN1KwFc3a7/Sd6aQZOEtm/ZH7w
0DBfxQF8i+T1P90X+bVUwKiAC3AZo9/0F9P4uWFVJZ3nBP8dYLyJicR0ulvW/nZi
3ksrboBzS1kDWadn+yZGuzn3jbb/6W0XDCuw+gsD1bF1b/S+3WJZ+4pVJ6kMezpO
jmUahhaaPSbxuwf+0/D/oaIPyKJLHYlVsETab65/Jd9dzdFjk/+H3ZpuvQiCZBTD
KzoW7qqDRckQkAgho1bpc5l77m9w1kA48ewknYbfsg//mJGv/N7NayWQ05FV/ZmP
LKdu4YuCYg1UEngZv7z9sp0BAxYkEQ7G36ZK32CXt1PsHKSsoU7aK3JWrEShDL1d
S8GvIPybRORPsCWt3IcUZpZZmMJWUCU+5st+9lfUa0kPfPrQTCTD5XNQaoHF6/Aj
oDFoNu/MLzPMefODZDHOTfA1zbIWXD+TFEJTVHi83CJX8DrqheZGEJ3GbdDlM+VL
Yy583/C6JZy0SFwuLltnJZUGSQZKAOKYbpEpmgy/9MCqbnWS0ASOyVT4z2/124/S
XgEfgLAVDfCMstoWOHHbxA6AveUsa4+1qbG9JRRHEHHalKI8bJoWXQjI2+FG6ttn
+Qz2CbZtUCfXeLHtr+b5OGoP+YB6W+jvEtbU+nbCgv3Tg5AXHWQNhkFyEhCx4oY=
=TlgG
-----END PGP MESSAGE-----
fp: A638A6B54530D54E868F9D3238736C662F799E0D
encrypted_regex: ^(data|stringData)$
version: 3.11.0

15
vita/svc.backend.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: Service
metadata:
name: vita-backend
labels:
app: vita-backend
spec:
type: ClusterIP
selector:
app: vita-backend
ports:
- name: http
port: 8080
targetPort: 8080

15
vita/svc.frontend.yaml Normal file
View File

@@ -0,0 +1,15 @@
---
apiVersion: v1
kind: Service
metadata:
name: vita-frontend
labels:
app: vita-frontend
spec:
type: ClusterIP
selector:
app: vita-frontend
ports:
- name: http
port: 80
targetPort: 80