FluxCD/applications
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feat(hedgedoc): add hedgedoc
All checks were successful
Lint yaml / build-package (push) Successful in 3s
Details

Browse Source
This commit is contained in:
Yi-Ting Shih
2024-12-05 09:45:06 +00:00
parent 39e422a3ef
commit 96b725e54e
8 changed files with 199 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
flux-applications/hedgedoc.yaml Normal file
View File

@@ -0,0 +1,14 @@
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: hedgedoc
namespace: flux-system
spec:
interval: 10m0s
path: ./hedgedoc/
prune: true
force: false
sourceRef:
kind: GitRepository
name: applications

51
hedgedoc/config.json Normal file
View File

@@ -0,0 +1,51 @@
{
"production": {
"domain": "md.konchin.com",
"port": 8000,
"allowOrigin": ["md.konchin.com", "localhost"],
"protocolUseSSL": true,
"loglevel": "debug",
"debug": true,
"email": false,
"allowEmailRegister": false,
"defaultPermission": "limited",
"allowAnonymous": false,
"hsts": {
"enable": true,
"maxAgeSeconds": 31536000,
"includeSubdomains": true,
"preload": true
},
"csp": {
"enable": true,
"upgradeInsecureRequests": "auto",
"addDefaults": true
},
"cookiePolicy": "lax",
"db": {
"username": "hedgedoc",
"password": "********",
"database": "hedgedoc",
"host": "pg.konchin.com",
"port": "5432",
"dialect": "postgres"
},
"ldap": {
"providerName": "konchin.com",
"url": "ldaps://ldap.konchin.com",
"searchBase": "ou=people,dc=konchin,dc=com",
"searchFilter": "(&(uid={{username}})(objectClass=person))",
"useridField": "uid",
"tlsca": "/etc/hedgedoc/rootca.pem"
},
"s3": {
"accessKeyId": "********",
"secretAccessKey": "********",
"region": "us-west-1"
},
"s3bucket": {
"bucket": "hedgedoc",
"endpointenv": "minio.konchin.com"
}
}
}

48
hedgedoc/deploy.yaml Normal file
View File

@@ -0,0 +1,48 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: hedgedoc
spec:
replicas: 1
selector:
matchLabels:
app: hedgedoc
template:
metadata:
labels:
app: hedgedoc
spec:
volumes:
- name: config
configMap:
name: hedgedoc
containers:
- name: hedgedoc
image: quay.io/hedgedoc/hedgedoc:1.9.9
ports:
- name: http
containerPort: 8000
volumeMounts:
- name: config
mountPath: /etc/hedgedoc/
env:
- name: CMD_CONFIG_FILE
value: /etc/hedgedoc/config.json
- name: CMD_DB_PASSWORD
valueFrom:
secretKeyRef:
name: hedgedoc
key: CMD_DB_PASSWORD
- name: CMD_S3_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: hedgedoc
key: CMD_S3_ACCESS_KEY_ID
- name: CMD_S3_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: hedgedoc
key: CMD_S3_SECRET_ACCESS_KEY
imagePullPolicy: Always

17
hedgedoc/ingress.yaml Normal file
View File

@@ -0,0 +1,17 @@
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: hedgedoc
spec:
rules:
- host: "md.konchin.com"
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: hedgedoc
port:
number: 8000

22
hedgedoc/kustomization.yaml Normal file
View File

@@ -0,0 +1,22 @@
---
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: hedgedoc
labels:
- pairs:
app: hedgedoc
generatorOptions:
disableNameSuffixHash: true
resources:
- namespace.yaml
- deploy.yaml
- service.yaml
- ingress.yaml
configMapGenerator:
- name: hedgedoc
files:
- config.json
- rootca.pem

5
hedgedoc/namespace.yaml Normal file
View File

@@ -0,0 +1,5 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: hedgedoc

29
hedgedoc/rootca.pem Normal file
View File

@@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFAjCCAuqgAwIBAgIUQGFtCLSyk55KvnESvDfNJqGWX4EwDQYJKoZIhvcNAQEL
BQAwGTEXMBUGA1UEAwwOS29uY2hpbi5jb20gQ0EwHhcNMjQwOTEzMTcyMzMyWhcN
MzQwOTExMTcyMzMyWjAZMRcwFQYDVQQDDA5Lb25jaGluLmNvbSBDQTCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJDrd5hz7FZdNxGCUQt7gv+KDO/GRIbN
Lg31AD0AOY2CdSKUoHoDa6RRI0jZrZr7HqvDKXnfz4FAfydCFggVzLSY7dxhr571
FcjezP1Y5Ft2ColAVbmUuftRf0mMV0pRgI+4evQTLIKJh35aw/ggarbhKn1Hf/6b
OoV05OmmHc1tUghOrafW7Qp2HSgdMRlyQPr+6j791aCEFSU19h7JKCOhcHbtGWDV
xsA0gWO+hGyiAhtvWYF1dgLZ7odKrV7gcm5r0+dDv8deBnfxZKaPDgGHT+ED4AeY
kRncWIhqILYNiD/xLwLAj3zeUi+REUiPcMaAGLxuriXmrUxRYeP4EaTxbjtLEKjI
OV3uOxOmHFpMHUqBC9IAuFdwdTEmPwvikSTgxfTjjcQr4Lq6maZqOynZK5Cfhxkw
slS1FhJw/wHe1z2kjykgV4Erp3oNOV5bdQYu1f4bz2R37sI4XEGRlPDVBr1KgCFB
jUcwCy/zFk4xdnayZD7MRMo3IOetDspuntkpOkwBrJTV9fJPhgikPUrFujMfojQs
aMttHLBFQN7ssDYVnw3FWJnpxD1eIbW1/2EG/18j/qpVi+N5QiFKoKLMiQcSltHi
Sg+BvEZXu6wlJI62LGzEwcdqv8b3XJJDObECI7NTj5RSW6EnLNKr9ryf/au9Aank
Y6/bjCB5peMvAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwICBDAPBgNVHRMBAf8EBTAD
AQH/MB0GA1UdDgQWBBRkNAxKfd3zytl/MIxhaPUIlfsolzANBgkqhkiG9w0BAQsF
AAOCAgEAD/S2hQok24RAsbu6FVIC1j9C+I+l9aQKljcLmdO8vCE4umSAPWiGXzro
HKGiR5rfghg4G0k5x8y3FDv475l4YodbZ1QGOZMWicLl9lA9KjO5BE/5FGZG6gCO
fHp1um/CdfoSsIRnzXQ46Alt/jo1il5flv3vnA3C4Zy+YmQ3EsOea+pezz31/a8I
XFDhjGZN4+viIE04EmcpQWGa46zeOkcweN23m92jnPN+Yi85Z+YnPXssyJTZKgvz
eA3Ww5wlGArph+w8qNOJAo/wibDElwks80/p744IhW0nNfRkPj3erphmGHnlcAjL
EMl3X9zglLjtV27WXXYhHp8luilcBsdZWOGN+OUX3uP+rcOowP93wW9yBiD68rF3
0oG9zq0WLWOfPDSmM6mHDjI3Hwmx+VEL9cNMlm3h9UOQtJKnbUxbrrTkUzv4y9zE
fgOUvICOWRvdz0HnF5Dg4XyGQhMq+cqj0fD18Fl/KKTtU5CUXI66fmdNFdjePPcm
/FUI+7DFjum+WWOTdlJsYIPiH0MTDWrAdduzcEuQHo4Z9+FimgPBpyBQIhivF2WO
ACzQLzK++utdy7fp92WV1hyF14DTyVC/KwvF3vI0BycLXBoYhwubIRb5fCQxDm7q
UxhDKxf83XaYEu0LjfORZodfM4dQDdwsX4wHlHsLLdRWni6SwGw=
-----END CERTIFICATE-----

13
hedgedoc/service.yaml Normal file
View File

@@ -0,0 +1,13 @@
---
apiVersion: v1
kind: Service
metadata:
name: hedgedoc
spec:
type: ClusterIP
selector:
app: hedgedoc
ports:
- name: http
port: 8000
targetPort: 8000