Home >
Docs >
adyxax.org >
www >
Installation
Installation notes of www on k3s
Tags: hugo k3s kubernetes
Introduction
This is a static website built using hugo.
The CI/CD is a work in progress, for now the installation is made from a crude kubernetes manifest. The instructions have been updated for the search feature.
Kubernetes manifests
apiVersion: v1
kind: Namespace
metadata:
name: www
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: www
name: www
labels:
app: www
spec:
replicas: 1
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
type: RollingUpdate
selector:
matchLabels:
app: www
template:
metadata:
labels:
app: www
spec:
containers:
- name: www
image: quay.io/adyxax/www:2021110901
ports:
- containerPort: 80
readinessProbe:
httpGet:
path: '/'
port: 80
initialDelaySeconds: 1
timeoutSeconds: 1
livenessProbe:
httpGet:
path: '/'
port: 80
initialDelaySeconds: 1
timeoutSeconds: 1
lifecycle:
preStop:
exec:
command: ["/bin/sh", "-c", "sleep 10"]
- name: search
image: quay.io/adyxax/www-search:2021110901
ports:
- containerPort: 8080
readinessProbe:
httpGet:
path: '/search/'
port: 8080
initialDelaySeconds: 1
timeoutSeconds: 1
livenessProbe:
httpGet:
path: '/search/'
port: 8080
initialDelaySeconds: 1
timeoutSeconds: 1
lifecycle:
preStop:
exec:
command: ["/bin/sh", "-c", "sleep 10"]
---
apiVersion: v1
kind: Service
metadata:
namespace: www
name: www
spec:
type: ClusterIP
selector:
app: www
ports:
- protocol: TCP
port: 80
targetPort: 80
name: www
- protocol: TCP
port: 8080
targetPort: 8080
name: search
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: www
name: www
spec:
ingressClassName: nginx
tls:
- secretName: wildcard-adyxax-org
rules:
- host: www.adyxax.org
http:
paths:
- path: '/'
pathType: Prefix
backend:
service:
name: www
port:
number: 80
- path: '/search'
pathType: Prefix
backend:
service:
name: www
port:
number: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: www
name: redirects
annotations:
nginx.ingress.kubernetes.io/permanent-redirect: https://www.adyxax.org/
nginx.ingress.kubernetes.io/permanent-redirect-code: "308"
spec:
ingressClassName: nginx
tls:
- secretName: wildcard-adyxax-org
rules:
- host: adyxax.org
- host: wiki.adyxax.org
DNS CNAME
Terraform is only used for the dns record on this app for legacy reasons
resource "cloudflare_record" "pass-cname" {
zone_id = lookup(data.cloudflare_zones.adyxax-org.zones[0], "id")
name = "www"
value = "myth.adyxax.org"
type = "CNAME"
proxied = false
}
Certificate
For now I do not manage my certificates with terraform but manually. Once every two months I run :
acme.sh --config-home "$HOME/.acme.sh" --server letsencrypt --dns dns_cf --issue -d adyxax.org -d *.adyxax.org --force
kubectl -n www create secret tls wildcard-adyxax-org --cert=$HOME/.acme.sh/adyxax.org/fullchain.cer \
--key=$HOME/.acme.sh/adyxax.org/adyxax.org.key -o yaml --save-config --dry-run=client | kubectl apply -f -