Initial commit: mushroom, zetikettes

With basic config to have TLS certs with ACME. It works! TODO: - gitea - bar-jupyter
2026-03-02 06:48:46 +00:00
commit 0cf7c9b908
20 changed files with 756 additions and 0 deletions
--- a/zetikettes/Makefile
+++ b/zetikettes/Makefile
@@ -0,0 +1,15 @@
+namespace := zetikettes
+
+.PHONY: deploy
+deploy:			## Deploy the service on a running cluster
+	kubectl -n $(namespace) apply \
+		-f app.yaml \
+		-f ingress.yaml \
+		-f nginx-config.yaml \
+		-f service.yaml
+
+.PHONY: help
+help:           ## Show this help
+	@echo Noteworthy targets:
+	@egrep '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-20s\033[0m %s\n", $$1, $$2}'
+.DEFAULT_GOAL := help
--- a/zetikettes/app.yaml
+++ b/zetikettes/app.yaml
@@ -0,0 +1,52 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: zetikettes-app
+spec:
+  serviceName: "zetikettes"
+  replicas: 1
+  selector:
+    matchLabels:
+      app: zetikettes
+  template:
+    metadata:
+      labels:
+        app: zetikettes
+    spec:
+      containers:
+        # --- The Backend (Stateful) ---
+        - name: backend
+          image: pol/zetikettes:latest
+          imagePullPolicy: Never
+          ports:
+            - containerPort: 8000
+          volumeMounts:
+            - name: var-lib-zetikettes
+              mountPath: /data
+              subPath: data
+          env:
+            - name: CSRF_TRUSTED_ORIGINS
+              value: https://zetikettes.jenova.ponteilla.net
+            - name: STATIC_URL
+              value: /zetikettes/srv/static/
+
+        # --- The Frontend (Nginx Sidecar) ---
+        - name: nginx-sidecar
+          image: nginx:alpine
+          ports:
+            - containerPort: 80
+          volumeMounts:
+            - name: var-lib-zetikettes
+              mountPath: /var/lib/zetikettes
+            - name: config-volume
+              mountPath: /etc/nginx/conf.d/default.conf
+              subPath: default.conf
+
+      volumes:
+        - name: config-volume
+          configMap:
+            name: nginx-config
+        - name: var-lib-zetikettes
+          hostPath:
+            path: /var/lib/zetikettes
+            type: DirectoryOrCreate
--- a/zetikettes/ingress.yaml
+++ b/zetikettes/ingress.yaml
@@ -0,0 +1,21 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: zetikettes
+  annotations:
+    traefik.ingress.kubernetes.io/router.tls.certresolver: default
+spec:
+  tls:
+    - hosts:
+        - zetikettes.jenova.ponteilla.net
+  rules:
+    - host: zetikettes.jenova.ponteilla.net
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: zetikettes
+                port:
+                  number: 80
--- a/zetikettes/nginx-config.yaml
+++ b/zetikettes/nginx-config.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-config
+data:
+  default.conf: |
+    server {
+        listen 80;
+        root /var/lib/zetikettes/frontend;
+        location /zetikettes/srv/static {
+            alias /var/lib/zetikettes/www_static;
+        }
+        location /zetikettes/srv/data {
+            alias /var/lib/zetikettes/data;
+        }
+        location ^~ /zetikettes/srv {
+            proxy_pass http://127.0.0.1:8000;
+            proxy_set_header SCRIPT_NAME /zetikettes/srv;
+            proxy_set_header Host $http_host;
+
+            # generating stuff takes time
+            proxy_read_timeout 10m;
+
+            client_max_body_size 10M;
+        }
+    }
--- a/zetikettes/service.yaml
+++ b/zetikettes/service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: zetikettes
+spec:
+  selector:
+    app: zetikettes
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
+  type: ClusterIP