archives added

archives/certmanager/INSTALL.md

@@ -0,0 +1,9 @@
+# Install 
+```
+    helm repo add jetstack https://charts.jetstack.io
+    helm repo update
+    helm upgrade --install cert-manager jetstack/cert-manager \
+      --namespace cert-manager \
+      --create-namespace \
+      --set installCRDs=true
+```

archives/certmanager/issuer.yaml

@@ -0,0 +1,15 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-prod
+  namespace: cert-manager
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: blanchespams@gmail.com
+    privateKeySecretRef:
+      name: letsencrypt-prod
+    solvers:
+    - http01:
+        ingress:
+          class: nginx

archives/matrix/matrix-depl.yaml

@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: matrix-synapse
+spec:
+  selector:
+    matchLabels:
+      run: matrix-synapse
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        run: matrix-synapse
+    spec:
+      containers:
+      - image: matrixdotorg/synapse:v1.25.0
+        name: synapse
+        #args: ["generate"]
+        #env:
+        #- name: SYNAPSE_SERVER_NAME
+        #  value: "matrix.squi.fr"
+        #- name: SYNAPSE_REPORT_STATS
+        #  value: "yes"
+        volumeMounts:
+        - name: data
+          mountPath: /data
+        ports:
+          - containerPort: 8008
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: matrix-synapse

archives/matrix/matrix-ingress.yaml

@@ -0,0 +1,18 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: gitea-ingr
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: matrix.squi.fr
+      http:
+        paths:
+          - pathType: Prefix
+            backend:
+              service:
+                name: gitea
+                port:
+                  number: 8008
+            path: /
+

archives/matrix/matrix-pv.yaml

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: matrix-synapse
+spec:
+  capacity:
+    storage: 30Gi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: nas.sq.lan
+    path: "/swarmdata/matrix/synapse"
+  mountOptions:
+    - nfsvers=4.2
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: matrix-synapse
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: ""
+  resources:
+    requests:
+      storage: 30Gi
+  volumeName: matrix-synapse

archives/matrix/postgres-conf.yaml

@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: postgres-configuration
+  labels:
+    app: postgres
+data:
+  POSTGRES_DB: synapse
+  POSTGRES_USER: synapse
+  POSTGRES_PASSWORD: mBYTE93Gx86Awu
+  POSTGRES_INITDB_ARGS: "--locale=C --encoding=UTF-8"

archives/matrix/postgres-pv.yaml

@@ -0,0 +1,28 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: matrix-postgres
+spec:
+  capacity:
+    storage: 30Gi
+  accessModes:
+    - ReadWriteOnce
+  nfs:
+    server: nas.sq.lan
+    path: "/swarmdata/matrix/postgres"
+  mountOptions:
+    - nfsvers=4.2
+
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: matrix-postgres
+spec:
+  accessModes:
+    - ReadWriteOnce
+  storageClassName: ""
+  resources:
+    requests:
+      storage: 30Gi
+  volumeName: matrix-postgres

archives/matrix/postgres-service.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    run: matrix-postgres
+  name: matrix-postgres
+spec:
+  ports:
+    - name: "postgres"
+      port: 5432
+  selector:
+    run: matrix-postgres

archives/matrix/postgres-stateful.yaml

@@ -0,0 +1,33 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: postgres-statefulset
+  labels:
+    run: matrix-postgres
+spec:
+  serviceName: "matrix-postgres"
+  replicas: 1
+  selector:
+    matchLabels:
+      run: matrix-postgres
+  template:
+    metadata:
+      labels:
+        run: matrix-postgres
+    spec:
+      containers:
+      - name: postgres
+        image: postgres:12
+        envFrom:
+        - configMapRef:
+            name: postgres-configuration
+        ports:
+        - containerPort: 5432
+          name: postgresdb
+        volumeMounts:
+        - name: data
+          mountPath: /var/lib/postgresql/data
+      volumes:
+      - name: data
+        persistentVolumeClaim:
+          claimName: matrix-postgres

archives/vaultwarden/vaultwarden-deployment.yaml

@@ -0,0 +1,34 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    run: vaultwarden
+  name: vaultwarden
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      run: vaultwarden
+  template:
+    metadata:
+      labels:
+        run: vaultwarden
+    spec:
+      containers:
+        - env:
+            - name: SIGNUPS_ALLOWED
+              value: "true"
+          image: vaultwarden/server:latest
+          imagePullPolicy: Always
+          name: vaultwarden
+          ports:
+            - containerPort: 80
+          volumeMounts:
+            - mountPath: /data/
+              name: vaultwarden-data
+      restartPolicy: Always
+      volumes:
+        - name: vaultwarden-data
+          persistentVolumeClaim:
+            claimName: vaultwarden-data
+

archives/vaultwarden/vaultwarden-ingress.yaml

@@ -0,0 +1,19 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: ingress-vaultwarden
+  annotations:
+    kubernetes.io/ingress.class: "nginx"
+spec:
+  rules:
+    - host: vault.sq.lan
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: vaultwarden
+                port:
+                  number: 80
+

archives/vaultwarden/vaultwarden-pv.yaml

@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: vaultwarden-data
+spec:
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteMany
+  nfs:
+    server: nas.sq.lan
+    path: "/swarmdata/vaultwarden"
+  mountOptions:
+    - nfsvers=4.2
+

archives/vaultwarden/vaultwarden-pvc.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: vaultwarden-data
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: ""
+  resources:
+    requests:
+      storage: 1Gi
+  volumeName: vaultwarden-data

archives/vaultwarden/vaultwarden-service.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    run: vaultwarden
+  name: vaultwarden
+spec:
+  ports:
+    - name: "80"
+      port: 80
+      targetPort: 80
+  selector:
+    run: vaultwarden
+

blog/blog-daemonset.yaml

@@ -16,6 +16,7 @@ spec:
       containers:
         - image: nginx:latest
           name: blog
+          imagePullPolicy: "Always"
           volumeMounts:
             - mountPath: /usr/share/nginx/html
               name: blog

freshrss/freshrss-deployment.yaml

@@ -1,10 +1,11 @@
 apiVersion: apps/v1
-kind: DaemonSet
+kind: Deployment
 metadata:
   labels:
     run: freshrss
   name: freshrss
 spec:
+  replicas: 1
   selector:
     matchLabels:
       run: freshrss

grafana/graf-services.yaml

@@ -25,8 +25,7 @@ spec:
       port: 9090
       targetPort: 9090
   selector:
-    run: grafana
-  type: LoadBalancer
+    run: prometheus
 
 ---
 apiVersion: v1

sqnotes/ingr.yml

@@ -5,7 +5,6 @@ metadata:
 spec:
   ingressClassName: nginx
   rules:
-    #- host: test.squi.fr
     - host: notes.squi.fr
       http:
         paths: