dev.cm/k3s
1
0
派生 0
代码 议题 拉取请求 活动

test: flux local cluster setup with infra-devops post

浏览代码
这个提交包含在:
rohow
2026-03-25 12:08:55 +08:00
未验证
父节点 cddcd02d1b
当前提交 eb32e5755d
修改 94 个文件,包含 1567 行新增1023 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件
flux/apps/certificate-fillcode-com.yaml
+14
查看文件
@@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: fillcode-com-crt
namespace: apps
spec:
secretName: fillcode-com-crt
issuerRef:
name: dnspod
kind: ClusterIssuer
group: cert-manager.io
dnsNames:
- "fillcode.com"
- "*.fillcode.com"
flux/apps/certificate-sinceai-com.yaml
+14
查看文件
@@ -0,0 +1,14 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: sinceai-com-crt
namespace: apps
spec:
secretName: sinceai-com-crt
issuerRef:
name: dnspod
kind: ClusterIssuer
group: cert-manager.io
dnsNames:
- "sinceai.com"
- "*.sinceai.com"
flux/apps/helmrelease-halo.yaml
+57
查看文件
@@ -0,0 +1,57 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: halo
namespace: apps
spec:
interval: 30m
chart:
spec:
chart: halo
version: 1.3.2
sourceRef:
kind: HelmRepository
name: halo
namespace: infra-gitops
interval: 12h
values:
image:
repository: halohub/halo-pro
tag: 2.23.1
service:
type: ClusterIP
ingress:
enabled: true
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header Accept-Encoding "";
subs_filter_types text/html;
subs_filter '<(script|img|link)([^>]*) (src|href)="/' '<$1$2 $3="https://cdn.fillcode.com/dev-cm/' ri;
subs_filter 'url\(\/' 'url(https://cdn.fillcode.com/dev-cm/' ri;
subs_filter '<head>' '<head><script src="/__static/pwa-cdn.js"></script>' ri;
hostname: dev.cm
path: /
pathType: Prefix
podAnnotations:
backup.velero.io/backup-volumes: halo-data
persistence:
annotations:
helm.sh/resource-policy: keep
metrics:
enabled: true
mysql:
enabled: false
postgresql:
enabled: false
externalDatabase:
platform: postgresql
host: cnpg17-cluster-hk-rw.infra-data
port: 5432
user: app
password: from-secret
database: halo
existingSecret: cnpg17-cluster-hk-app
haloUsername: rohow
haloExternalUrl: https://dev.cm
flux/apps/helmrelease-rustdesk.yaml
+39
查看文件
@@ -0,0 +1,39 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: rustdesk
namespace: apps
spec:
interval: 30m
chart:
spec:
chart: rustdesk-server
version: 0.0.7
sourceRef:
kind: HelmRepository
name: devcm-repo
namespace: infra-gitops
interval: 12h
values:
rustdeskServer:
encryptedOnly: true
mustLogin: true
server: desk-server.dev.cm
podAnnotations:
backup.velero.io/backup-volumes: data
extraEnvs:
- name: TZ
value: "Asia/Shanghai"
- name: RUSTDESK_API_LANG
value: "zh-CN"
rustdeskApi:
server: desk.dev.cm
ingress:
enabled: true
className: "nginx"
host: desk.dev.cm
annotations:
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
nginx.ingress.kubernetes.io/enable-websocket: "true"
flux/apps/helmrelease-whoami.yaml
+28
查看文件
@@ -0,0 +1,28 @@
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
name: fillcode-whoami
namespace: apps
spec:
interval: 30m
chart:
spec:
chart: whoami
version: 5.1.2
sourceRef:
kind: HelmRepository
name: cowboysysop
namespace: infra-gitops
interval: 12h
values:
ingress:
enabled: true
ingressClassName: nginx
tls:
- hosts:
- whoami.fillcode.com
secretName: fillcode-com-crt
hosts:
- host: whoami.fillcode.com
paths:
- /
flux/apps/ingress-fillcode.yaml
+22
查看文件
@@ -0,0 +1,22 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: fillcode
namespace: apps
spec:
ingressClassName: nginx
rules:
- host: fillcode.com
http:
paths:
- path: /docs/fillcode
pathType: Prefix
backend:
service:
name: halo
port:
number: 80
tls:
- hosts:
- fillcode.com
secretName: fillcode-com-crt
flux/apps/ingress-halo-static.yaml
+30
查看文件
@@ -0,0 +1,30 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: halo-static
namespace: apps
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
nginx.ingress.kubernetes.io/proxy-buffering: "on"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_cache cache;
proxy_cache_valid 200 302 7d;
proxy_cache_valid 404 10m;
proxy_cache_valid any 1h;
proxy_cache_use_stale error timeout updating http_404 http_500 http_502 http_503 http_504;
proxy_cache_bypass $http_x_purge;
proxy_ignore_headers Cache-Control;
add_header X-Cache-Status $upstream_cache_status;
spec:
ingressClassName: nginx
rules:
- host: dev.cm
http:
paths:
- path: /(.*\.(css|js|png|jpg|jpeg|gif|svg|webp|ico|woff|woff2|ttf|eot)|avatars/[^/]+)$
pathType: ImplementationSpecific
backend:
service:
name: halo
port:
number: 80
flux/apps/ingress-halo-www.yaml
+22
查看文件
@@ -0,0 +1,22 @@
# 如果检测到www.dev.cm的请求,则重定向到dev.cm
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: halo-www
namespace: apps
annotations:
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^/(.*)$ https://dev.cm/$1 permanent;
spec:
ingressClassName: nginx
rules:
- host: www.dev.cm
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: halo
port:
number: 80
flux/apps/ingress-sinceai-shop.yaml
+26
查看文件
@@ -0,0 +1,26 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: sinceai-shop
namespace: apps
annotations:
# 302 跳转到https://sinceai.taobao.com/
nginx.ingress.kubernetes.io/configuration-snippet: |
rewrite ^/(.*)$ https://sinceai.taobao.com/$1? permanent;
spec:
ingressClassName: nginx
rules:
- host: shop.sinceai.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: halo
port:
number: 80
tls:
- hosts:
- shop.sinceai.com
secretName: sinceai-com-crt
flux/apps/kustomization.yaml
+13
查看文件
@@ -0,0 +1,13 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- certificate-fillcode-com.yaml
- certificate-sinceai-com.yaml
- helmrelease-halo.yaml
- ingress-fillcode.yaml
- ingress-halo-www.yaml
- ingress-halo-static.yaml
- ingress-sinceai-shop.yaml
- helmrelease-whoami.yaml
- helmrelease-rustdesk.yaml
flux/apps/namespace.yaml
+4
查看文件
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: apps