12 files changed, 0 insertions, 255 deletions
diff --git a/kubernetes/namespaces/default/bitwarden/README.md b/kubernetes/namespaces/default/bitwarden/README.md
deleted file mode 100644
index 37f01eb..0000000
--- a/kubernetes/namespaces/default/bitwarden/README.md
+++ /dev/null
@@ -1,14 +0,0 @@
-# BitWarden
-
-Our internal password manager, used by the admins to share passwords for our services. Hosted at https://bitwarden.pythondiscord.com
-
-To deploy this, first set up the secrets (see below) and then run `kubectl apply -f .` in this folder.
-
-## Secrets
-This deployment expects a few secrets to exist in a secret called `bitwarden-secret-env`.
-
-
-| Environment           | Description                               |
-|-----------------------|-------------------------------------------|
-| ADMIN_TOKEN           | 64-character token used for initial login |
-| DATABASE_URL          | Database string: host://user:pass/db      |
diff --git a/kubernetes/namespaces/default/bitwarden/configmap.yaml b/kubernetes/namespaces/default/bitwarden/configmap.yaml
deleted file mode 100644
index c758f5d..0000000
--- a/kubernetes/namespaces/default/bitwarden/configmap.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: bitwarden-config-env
-data:
-  # Domain to access bitwarden by
-  DOMAIN: "https://bitwarden.pythondiscord.com"
-
-  # Password hint must be sent to an email when this is false.
-  # When it's true, it'll be shown right on the page.
-  SHOW_PASSWORD_HINT: "false"
-
-  # Admins only, please!
-  SIGNUPS_ALLOWED: "false"
-
-  # Used for LiveSync
-  WEBSOCKET_ENABLED: "true"
-
-  # Max conns to the DB
-  DATABASE_MAX_CONNS: "2"
-
-  # Force bitwarden to use postgres, rather than it's own volume
-  I_REALLY_WANT_VOLATILE_STORAGE: "true"
diff --git a/kubernetes/namespaces/default/bitwarden/deployment.yaml b/kubernetes/namespaces/default/bitwarden/deployment.yaml
deleted file mode 100644
index 70a22ce..0000000
--- a/kubernetes/namespaces/default/bitwarden/deployment.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: bitwarden
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: bitwarden
-  template:
-    metadata:
-      labels:
-        app: bitwarden
-    spec:
-      containers:
-        - name: bitwarden
-          image: vaultwarden/server:latest
-          imagePullPolicy: Always
-          resources:
-            requests:
-              cpu: 1m
-              memory: 50Mi
-            limits:
-              cpu: 50m
-              memory: 100Mi
-          ports:
-            - containerPort: 80
-          envFrom:
-            - secretRef:
-                name: bitwarden-secret-env
-            - configMapRef:
-                name: bitwarden-config-env
-          securityContext:
-            readOnlyRootFilesystem: true
diff --git a/kubernetes/namespaces/default/bitwarden/ingress.yaml b/kubernetes/namespaces/default/bitwarden/ingress.yaml
deleted file mode 100644
index d0371f6..0000000
--- a/kubernetes/namespaces/default/bitwarden/ingress.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  annotations:
-    nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
-    nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle"
-    nginx.ingress.kubernetes.io/auth-tls-error-page: "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
-  name: bitwarden
-spec:
-  tls:
-  - hosts:
-      - "*.pythondiscord.com"
-    secretName: pythondiscord.com-tls
-  rules:
-  - host: bitwarden.pythondiscord.com
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: bitwarden
-            port:
-              number: 80
diff --git a/kubernetes/namespaces/default/bitwarden/secrets.yaml b/kubernetes/namespaces/default/bitwarden/secrets.yaml
deleted file mode 100644
index 34cfd7a..0000000
--- a/kubernetes/namespaces/default/bitwarden/secrets.yaml
+++ /dev/null
diff --git a/kubernetes/namespaces/default/bitwarden/service.yaml b/kubernetes/namespaces/default/bitwarden/service.yaml
deleted file mode 100644
index 3df8cc2..0000000
--- a/kubernetes/namespaces/default/bitwarden/service.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: bitwarden
-spec:
-  ports:
-    - port: 80
-  selector:
-    app: bitwarden
diff --git a/kubernetes/namespaces/default/policy-bot/README.md b/kubernetes/namespaces/default/policy-bot/README.md
deleted file mode 100644
index ed44a63..0000000
--- a/kubernetes/namespaces/default/policy-bot/README.md
+++ /dev/null
@@ -1,24 +0,0 @@
-# Policy Bot
-Policy Bot is our instance of [palantir/policy-bot](https://github.com/palantir/policy-bot) for managing review policy across our GitHub repositories.
-
-Actual review policy is stored inside our GitHub repositories in the `.github/review-policy.yml` file, so the configuration here is purely for interacting with GitHub and some lower level things.
-
-## GitHub Configuration
-
-Follow the instructions in the [repository](https://github.com/palantir/policy-bot#deployment) to provision a GitHub application. Our manifests are configured to run the policy bot at https://policy-bot.pythondiscord.com/.
-
-## Secrets
-
-This app requires a `policy-bot-defaults` secret with the following entries:
-
-| Environment                                      | Description                                                           |
-|--------------------------------------------------|-----------------------------------------------------------------------|
-| GITHUB_APP_PRIVATE_KEY                           | Contents of the PEM certificate downloadable from the GitHub App page |
-| GITHUB_APP_WEBHOOK_SECRET                        | Webhook secret from GitHub App Page                                   |
-| GITHUB_OAUTH_CLIENT_SECRET                       | OAuth 2 client secret from Github App page                            |
-| POLICYBOT_OPTIONS_DO_NOT_LOAD_COMMIT_PUSHED_DATE | Set to True to not use deprecated commit_pushed_date from Github API  |
-| POLICYBOT_SESSIONS_KEY                           | Random characters for signing user sessions                           |
-
-Run `kubectl apply -f .` inside this directory to apply the the configuration.
-
-Access the running application over [policy-bot.pythondiscord.com]([https://policy-bot.pythondiscord.com/])!
diff --git a/kubernetes/namespaces/default/policy-bot/configmap.yaml b/kubernetes/namespaces/default/policy-bot/configmap.yaml
deleted file mode 100644
index 6183948..0000000
--- a/kubernetes/namespaces/default/policy-bot/configmap.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-bot-defaults
-data:
-  policy-bot.yml: |
-    # Options for the http server
-    server:
-      # The listen address and port
-      address: "0.0.0.0"
-      port: 8080
-      # The public URL, used for URL generation when the server is behind a proxy
-      public_url: https://policy-bot.pythondiscord.com/
-
-    # Options for logging output
-    logging:
-      # If true, logs are printed in human-readable form. We recommend using
-      # "false" to output JSON-formatted logs in production
-      text: false
-      # Set a minimum logging level threshold
-      # Choose from: debug, info, warn, error
-      level: debug
-
-    # Options for connecting to GitHub
-    github:
-      # The URL of the GitHub homepage. Can also be set by the GITHUB_WEB_URL
-      # environment variable.
-      web_url: "https://github.com"
-      # The base URL for v3 (REST) API requests. Can also be set by the
-      # GITHUB_V3_API_URL environment variable.
-      v3_api_url: "https://api.github.com"
-      # The base URL for v4 (GraphQL) API requests. Can also be set by the
-      # GITHUB_V4_API_URL environment variable.
-      v4_api_url: "https://api.github.com/graphql"
-      app:
-        # The integration ID of the GitHub app. Can also be set by the
-        # GITHUB_APP_INTEGRATION_ID environment variable.
-        integration_id: 91554
-      oauth:
-        # The client ID of the OAuth app associated with the GitHub app. Can also
-        # be set by the GITHUB_OAUTH_CLIENT_ID environment variable.
-        client_id: "Iv1.5be42b7c960b1ab2"
-
-    # Options for application behavior
-    options:
-      # The path within repositories to find the policy.yml file
-      policy_path: .github/review-policy.yml
-      # The context prefix for status checks created by the bot
-      status_check_context: "Review requirements"
diff --git a/kubernetes/namespaces/default/policy-bot/deployment.yaml b/kubernetes/namespaces/default/policy-bot/deployment.yaml
deleted file mode 100644
index 1b3f96b..0000000
--- a/kubernetes/namespaces/default/policy-bot/deployment.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: policy-bot
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: policy-bot
-  template:
-    metadata:
-      labels:
-        app: policy-bot
-    spec:
-      containers:
-        - name: policy-bot
-          image: palantirtechnologies/policy-bot:latest
-          imagePullPolicy: Always
-          resources:
-            requests:
-              cpu: 50m
-              memory: 50Mi
-            limits:
-              cpu: 100m
-              memory: 100Mi
-          ports:
-            - containerPort: 8080
-          volumeMounts:
-            - mountPath: /secrets
-              name: policy-bot-config
-          securityContext:
-            readOnlyRootFilesystem: true
-          envFrom:
-            - secretRef:
-                name: policy-bot-secrets
-      volumes:
-        - name: policy-bot-config
-          configMap:
-            name: policy-bot-defaults
-      securityContext:
-        fsGroup: 2000
-        runAsUser: 1000
-        runAsNonRoot: true
diff --git a/kubernetes/namespaces/default/policy-bot/ingress.yaml b/kubernetes/namespaces/default/policy-bot/ingress.yaml
deleted file mode 100644
index 088dd01..0000000
--- a/kubernetes/namespaces/default/policy-bot/ingress.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  annotations:
-    nginx.ingress.kubernetes.io/auth-tls-verify-client: "on"
-    nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle"
-    nginx.ingress.kubernetes.io/auth-tls-error-page: "https://www.youtube.com/watch?v=dQw4w9WgXcQ"
-  name: policy-bot
-spec:
-  tls:
-  - hosts:
-      - "*.pythondiscord.com"
-    secretName: pythondiscord.com-tls
-  rules:
-  - host: policy-bot.pythondiscord.com
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: policy-bot
-            port:
-              number: 80
diff --git a/kubernetes/namespaces/default/policy-bot/secrets.yaml b/kubernetes/namespaces/default/policy-bot/secrets.yaml
deleted file mode 100644
index 9d91e70..0000000
--- a/kubernetes/namespaces/default/policy-bot/secrets.yaml
+++ /dev/null
diff --git a/kubernetes/namespaces/default/policy-bot/service.yaml b/kubernetes/namespaces/default/policy-bot/service.yaml
deleted file mode 100644
index da0fb64..0000000
--- a/kubernetes/namespaces/default/policy-bot/service.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: policy-bot
-spec:
-  selector:
-    app: policy-bot
-  ports:
-    - protocol: TCP
-      port: 80
-      targetPort: 8080