From c42a9b6e050da4ffb5f51e10e50e79c69ab9c1e6 Mon Sep 17 00:00:00 2001 From: rohow Date: Thu, 11 Apr 2024 18:27:32 +0800 Subject: [PATCH] =?UTF-8?q?feat(deploy):=20=E6=A0=BC=E5=BC=8F=E5=8C=96?= =?UTF-8?q?=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/cert-manager/helmchart-dnspod.yaml | 1 - apps/gitea/helmchart.yaml | 5 ++- apps/gitea/ingressroute-http.yaml | 19 ++++++----- apps/gitea/ingressroute-ssh.yaml | 12 +++---- apps/nas/todo.yaml | 34 +++++++++---------- apps/postgresql-ha/helmchart.yaml | 3 +- apps/redis/helmchart.yaml | 5 ++- certs/certificate-dev-cm.yaml | 8 ++--- certs/certificate-fillcode-com.yaml | 4 +-- core/coredns/configmap.yaml | 1 - core/coredns/nodelocaldns.yaml | 8 ++--- core/patch-affinity.yaml | 12 +++---- core/traefik/helmchartconfig.yaml | 8 ++--- core/traefik/ingressroute-internal.yaml | 15 ++++---- core/traefik/middleware/middleware-cache.yaml | 11 ++++++ 15 files changed, 79 insertions(+), 67 deletions(-) create mode 100644 core/traefik/middleware/middleware-cache.yaml diff --git a/apps/cert-manager/helmchart-dnspod.yaml b/apps/cert-manager/helmchart-dnspod.yaml index dc7d769..4b2fdb9 100644 --- a/apps/cert-manager/helmchart-dnspod.yaml +++ b/apps/cert-manager/helmchart-dnspod.yaml @@ -31,4 +31,3 @@ spec: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" - \ No newline at end of file diff --git a/apps/gitea/helmchart.yaml b/apps/gitea/helmchart.yaml index d4ceecd..8d13f1c 100644 --- a/apps/gitea/helmchart.yaml +++ b/apps/gitea/helmchart.yaml @@ -56,6 +56,5 @@ spec: readOnly: true mountPath: /data/gitea/templates - - - \ No newline at end of file + + diff --git a/apps/gitea/ingressroute-http.yaml b/apps/gitea/ingressroute-http.yaml index 79e0b9a..a1772a7 100644 --- a/apps/gitea/ingressroute-http.yaml +++ b/apps/gitea/ingressroute-http.yaml @@ -5,12 +5,15 @@ metadata: namespace: infra-devops spec: entryPoints: - - websecure + - websecure routes: - - kind: Rule - match: Host(`git.dev.cm`) - services: - - kind: Service - name: gitea-http - namespace: infra-devops - port: 3000 \ No newline at end of file + - kind: Rule + match: Host(`git.dev.cm`) + middlewares: + - name: compress + - name: cache + services: + - kind: Service + name: gitea-http + namespace: infra-devops + port: 3000 \ No newline at end of file diff --git a/apps/gitea/ingressroute-ssh.yaml b/apps/gitea/ingressroute-ssh.yaml index d6a58ae..282399d 100644 --- a/apps/gitea/ingressroute-ssh.yaml +++ b/apps/gitea/ingressroute-ssh.yaml @@ -5,10 +5,10 @@ metadata: namespace: infra-devops spec: entryPoints: - - ssh + - ssh routes: - - match: HostSNI(`*`) - services: - - name: gitea-ssh - namespace: infra-devops - port: 22 \ No newline at end of file + - match: HostSNI(`*`) + services: + - name: gitea-ssh + namespace: infra-devops + port: 22 \ No newline at end of file diff --git a/apps/nas/todo.yaml b/apps/nas/todo.yaml index 4570014..542078e 100644 --- a/apps/nas/todo.yaml +++ b/apps/nas/todo.yaml @@ -2,59 +2,59 @@ http: routers: router: entryPoints: - - websecure + - websecure rule: "Host(`router.dev.cm`)" service: "router@file" middlewares: - - web-base + - web-base vm: entryPoints: - - websecure + - websecure rule: "Host(`vm.dev.cm`)" service: "vm@file" middlewares: - - web-base + - web-base nas: entryPoints: - - websecure + - websecure rule: "Host(`nas.dev.cm`)" service: "nas@file" middlewares: - - web-base + - web-base download: entryPoints: - - websecure + - websecure rule: "Host(`download.dev.cm`)" service: "download@file" middlewares: - - traefik-forward-auth - - web-base + - traefik-forward-auth + - web-base downloadRpc: entryPoints: - - websecure + - websecure rule: "Host(`download.dev.cm`) && PathPrefix(`/jsonrpc`)" service: "downloadRpc@file" middlewares: - - web-base - + - web-base + services: router: loadBalancer: servers: - - url: "https://192.168.21.1/" + - url: "https://192.168.21.1/" vm: loadBalancer: servers: - - url: "https://192.168.21.2:8006/" + - url: "https://192.168.21.2:8006/" nas: loadBalancer: servers: - - url: "http://192.168.21.3/" + - url: "http://192.168.21.3/" download: loadBalancer: servers: - - url: "http://192.168.21.3:6880/" + - url: "http://192.168.21.3:6880/" downloadRpc: loadBalancer: servers: - - url: "http://192.168.21.3:6800/" \ No newline at end of file + - url: "http://192.168.21.3:6800/" \ No newline at end of file diff --git a/apps/postgresql-ha/helmchart.yaml b/apps/postgresql-ha/helmchart.yaml index 22116ec..c349496 100644 --- a/apps/postgresql-ha/helmchart.yaml +++ b/apps/postgresql-ha/helmchart.yaml @@ -36,5 +36,4 @@ spec: - key: "node-role.kubernetes.io/master" operator: "Exists" effect: "NoSchedule" - - \ No newline at end of file + diff --git a/apps/redis/helmchart.yaml b/apps/redis/helmchart.yaml index eede5dc..8e4a7ae 100644 --- a/apps/redis/helmchart.yaml +++ b/apps/redis/helmchart.yaml @@ -12,6 +12,5 @@ spec: password: ribiPwYQNU6GWxCYR0Nj replica: replicaCount: 0 - - - \ No newline at end of file + + diff --git a/certs/certificate-dev-cm.yaml b/certs/certificate-dev-cm.yaml index 38d1ed5..663426f 100644 --- a/certs/certificate-dev-cm.yaml +++ b/certs/certificate-dev-cm.yaml @@ -10,9 +10,9 @@ spec: kind: ClusterIssuer group: cert-manager.io dnsNames: - - "dev.cm" - - "*.dev.cm" - - "*.node.dev.cm" + - "dev.cm" + - "*.dev.cm" + - "*.node.dev.cm" --- apiVersion: traefik.containo.us/v1alpha1 @@ -22,6 +22,6 @@ metadata: namespace: kube-system spec: certificates: - - secretName: dev-cm-crt + - secretName: dev-cm-crt defaultCertificate: secretName: dev-cm-crt \ No newline at end of file diff --git a/certs/certificate-fillcode-com.yaml b/certs/certificate-fillcode-com.yaml index 17a6da0..71dbf06 100644 --- a/certs/certificate-fillcode-com.yaml +++ b/certs/certificate-fillcode-com.yaml @@ -10,5 +10,5 @@ spec: kind: ClusterIssuer group: cert-manager.io dnsNames: - - "fillcode.com" - - "*.fillcode.com" \ No newline at end of file + - "fillcode.com" + - "*.fillcode.com" \ No newline at end of file diff --git a/core/coredns/configmap.yaml b/core/coredns/configmap.yaml index c7cf6e3..af39bdf 100644 --- a/core/coredns/configmap.yaml +++ b/core/coredns/configmap.yaml @@ -16,4 +16,3 @@ data: local.server: | # - \ No newline at end of file diff --git a/core/coredns/nodelocaldns.yaml b/core/coredns/nodelocaldns.yaml index 8c899fd..9abee8c 100644 --- a/core/coredns/nodelocaldns.yaml +++ b/core/coredns/nodelocaldns.yaml @@ -125,10 +125,10 @@ spec: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - - key: svccontroller.k3s.cattle.io/enablelb - operator: In - values: - - "true" + - key: svccontroller.k3s.cattle.io/enablelb + operator: In + values: + - "true" priorityClassName: system-node-critical serviceAccountName: node-local-dns hostNetwork: true diff --git a/core/patch-affinity.yaml b/core/patch-affinity.yaml index c58e232..3cdd2f0 100644 --- a/core/patch-affinity.yaml +++ b/core/patch-affinity.yaml @@ -5,9 +5,9 @@ spec: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - - matchExpressions: - - key: node-role.kubernetes.io/master - operator: In - values: - - "true" - \ No newline at end of file + - matchExpressions: + - key: node-role.kubernetes.io/master + operator: In + values: + - "true" + \ No newline at end of file diff --git a/core/traefik/helmchartconfig.yaml b/core/traefik/helmchartconfig.yaml index 06856c5..cc53417 100644 --- a/core/traefik/helmchartconfig.yaml +++ b/core/traefik/helmchartconfig.yaml @@ -50,9 +50,9 @@ spec: port: 8022 expose: true exposedPort: 22 + additionalArguments: + - "--experimental.plugins.souin.moduleName=github.com/darkweak/souin" + - "--experimental.plugins.souin.version=v1.6.47" experimental: plugins: - enabled: true - souin: - moduleName: github.com/darkweak/souin - version: v1.6.47 \ No newline at end of file + enabled: true \ No newline at end of file diff --git a/core/traefik/ingressroute-internal.yaml b/core/traefik/ingressroute-internal.yaml index 033b28e..f7d565b 100644 --- a/core/traefik/ingressroute-internal.yaml +++ b/core/traefik/ingressroute-internal.yaml @@ -5,13 +5,16 @@ metadata: namespace: kube-system spec: entryPoints: - - websecure + - websecure routes: - kind: Rule match: Host(`gateway.dev.cm`) + middlewares: + - name: compress + - name: cache services: - - kind: TraefikService - name: dashboard@internal + - kind: TraefikService + name: dashboard@internal --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute @@ -20,10 +23,10 @@ metadata: namespace: kube-system spec: entryPoints: - - websecure + - websecure routes: - kind: Rule match: Host(`gateway.dev.cm`) && PathPrefix(`/api`) services: - - kind: TraefikService - name: api@internal \ No newline at end of file + - kind: TraefikService + name: api@internal \ No newline at end of file diff --git a/core/traefik/middleware/middleware-cache.yaml b/core/traefik/middleware/middleware-cache.yaml new file mode 100644 index 0000000..f16900b --- /dev/null +++ b/core/traefik/middleware/middleware-cache.yaml @@ -0,0 +1,11 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: Middleware +metadata: + name: cache + namespace: kube-system +spec: + plugin: + souin: + default_cache: + ttl: 3600s + default_cache_control: public, max-age=86400 \ No newline at end of file