diff --git a/page-metrics-exporter/templates/deployment.yaml b/page-metrics-exporter/templates/deployment.yaml new file mode 100644 index 0000000..e69de29 diff --git a/page-metrics-exporter/templates/service.yaml b/page-metrics-exporter/templates/service.yaml new file mode 100644 index 0000000..e69de29 diff --git a/rio/.helmignore b/rio/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/rio/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/rio/Chart.lock b/rio/Chart.lock new file mode 100644 index 0000000..abde1d7 --- /dev/null +++ b/rio/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: common + repository: file://../common + version: 0.1.0 +digest: sha256:636a65e9846bdff17cc4e65b0849061f783759a37aa51fb85ff6fd8ba5e68467 +generated: "2025-11-03T22:42:18.664343287+01:00" diff --git a/rio/Chart.yaml b/rio/Chart.yaml new file mode 100644 index 0000000..2d2e744 --- /dev/null +++ b/rio/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: rio +description: A Helm chart for rio +type: application +version: 0.1.0 +appVersion: "1.16.0" + +dependencies: + - name: common + version: 0.1.0 + repository: file://../common diff --git a/rio/templates/deployment.yaml b/rio/templates/deployment.yaml new file mode 100644 index 0000000..cf11de5 --- /dev/null +++ b/rio/templates/deployment.yaml @@ -0,0 +1,73 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rio + labels: {{- include "common.app.labels" . | nindent 4 }} +spec: + selector: + matchLabels: {{- include "common.app.labels" . | nindent 6 }} + template: + metadata: + labels: {{- include "common.app.labels" . | nindent 8 }} + spec: + containers: + - name: rio + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + env: + - name: PAGES_DOMAIN + value: {{ .Values.config.domain }} + - name: GITEA_URL + value: {{ .Values.config.giteaUrl | quote }} + - name: HOST + value: "0.0.0.0" + - name: PORT + value: "4443" + - name: HTTP_HOST + value: "0.0.0.0" + - name: HTTP_PORT + value: "8080" + - name: ACME_DNS_PROVIDER + value: {{ .Values.config.acme.dnsProvider }} + {{- .Values.config.acme.env | toYaml | nindent 12 }} + - name: TOKEN_FILE + value: /etc/rio/secrets/gitea-token + - name: ACME_EMAIL + value: {{ .Values.config.acme.email }} + - name: CERTS_FILE + value: /var/lib/rio/certs.json + - name: ACME_FILE + value: /var/lib/rio/acme.json + - name: ACME_SERVER + value: {{ .Values.config.acme.server }} + {{- if .Values.config.metrics.enabled }} + - name: METRICS_URL + value: {{ .Values.config.metrics.url }} + {{- end }} + ports: + - containerPort: 8080 + protocol: TCP + name: http + - containerPort: 4443 + protocol: TCP + name: https + securityContext: + runAsNonRoot: true + runAsUser: 10004 + runAsGroup: 10004 + readOnlyRootFilesystem: true + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /etc/rio/secrets/ + name: secrets + - mountPath: /var/lib/rio/ + name: data + volumes: + - name: secrets + secret: + secretName: {{ .Values.config.secretName }} + - name: data + persistentVolumeClaim: + claimName: rio-data diff --git a/rio/templates/pvc.yaml b/rio/templates/pvc.yaml new file mode 100644 index 0000000..9643c3e --- /dev/null +++ b/rio/templates/pvc.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: rio-data + labels: {{- include "common.app.labels" . | nindent 4 }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 4Mi + storageClassName: {{ .Values.pvc.storageClass }} \ No newline at end of file diff --git a/rio/templates/service.yaml b/rio/templates/service.yaml new file mode 100644 index 0000000..2e23242 --- /dev/null +++ b/rio/templates/service.yaml @@ -0,0 +1,16 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: rio + labels: {{- include "common.app.labels" . | nindent 4 }} +spec: + selector: {{- include "common.app.labels" . | nindent 4 }} + ports: + - port: 8080 + name: http + protocol: TCP + - port: 4443 + name: https + protocol: TCP + type: ClusterIP \ No newline at end of file diff --git a/rio/values.yaml b/rio/values.yaml new file mode 100644 index 0000000..da5b1fe --- /dev/null +++ b/rio/values.yaml @@ -0,0 +1,30 @@ +image: git.polynom.me/papatutuwawa/rio +imageTag: "20240721-1" + +config: + # Secret to mount under /etc/rio/secrets/ + secretName: rio + # Domain to serve the domains under + domain: example.org + # URL of the Gitea instance to serve from + giteaUrl: https://gitea.example.org + # DNS provider to use + acme: + # The DNS provider to use + dnsProvider: example + # Extra environment variabls to use for that provider + env: [] + # The EMail to use to register with the ACME provider + email: user@example.org + # The ACME server to use + server: https://acme-staging-v02.api.letsencrypt.org/directory + + metrics: + # Send metrics to a collection server + enabled: false + # URL of the collection server + url: ... + +pvc: + # Storage class to use for the data PVC + storageClass: local-path \ No newline at end of file