From ee52b8bb839654559064e5a155bb7e90e51b619c Mon Sep 17 00:00:00 2001 From: Joe Banks Date: Mon, 15 Apr 2024 12:41:13 +0100 Subject: Move pixels to pixels namespace Also add a pull secret for the new namespace --- kubernetes/namespaces/default/pixels/README.md | 18 --------- .../namespaces/default/pixels/configmap.yaml | 12 ------ .../namespaces/default/pixels/deployment.yaml | 44 --------------------- kubernetes/namespaces/default/pixels/ingress.yaml | 24 ----------- kubernetes/namespaces/default/pixels/secrets.yaml | Bin 975 -> 0 bytes kubernetes/namespaces/default/pixels/service.yaml | 11 ------ 6 files changed, 109 deletions(-) delete mode 100644 kubernetes/namespaces/default/pixels/README.md delete mode 100644 kubernetes/namespaces/default/pixels/configmap.yaml delete mode 100644 kubernetes/namespaces/default/pixels/deployment.yaml delete mode 100644 kubernetes/namespaces/default/pixels/ingress.yaml delete mode 100644 kubernetes/namespaces/default/pixels/secrets.yaml delete mode 100644 kubernetes/namespaces/default/pixels/service.yaml (limited to 'kubernetes/namespaces/default/pixels') diff --git a/kubernetes/namespaces/default/pixels/README.md b/kubernetes/namespaces/default/pixels/README.md deleted file mode 100644 index f4ebf12..0000000 --- a/kubernetes/namespaces/default/pixels/README.md +++ /dev/null @@ -1,18 +0,0 @@ -# Pixels - -The deployment for the [Pixels project](https://git.pydis.com/pixels-v2), hosted at https://pixels.pythondiscord.com. - -## Secret - -It requires a `pixels-env` secret with the following entries: - -| Environment | Description | -|---------------|---------------------------------------------------------------------------------------------------------| -| AUTH_URL | A Discord OAuth2 URL with scopes: identify & guilds.members.read | -| CLIENT_ID | Discord Oauth2 client ID | -| CLIENT_SECRET | Discord Oauth2 client secret | -| DATABASE_URL | Postgres database URL. | -| JWT_SECRET | 32 byte (64 digit hex string) secret for encoding tokens. Any value can be used. | -| REDIS_URL | Redis storage URL | -| SENTRY_DSN | The Sentry DSN to send sentry events to | -| WEBHOOK_URL | The webhook to periodically post the canvas state to | diff --git a/kubernetes/namespaces/default/pixels/configmap.yaml b/kubernetes/namespaces/default/pixels/configmap.yaml deleted file mode 100644 index c3ccd50..0000000 --- a/kubernetes/namespaces/default/pixels/configmap.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: pixels-config-env -data: - BASE_URL: https://pixels.pythondiscord.com - FORCE_LOGIN: 'True' - GUILD_ID: '267624335836053506' - HELPERS_ROLE: '267630620367257601' - LOG_LEVEL: debug - MOD_ROLE: '267630620367257601' - PRODUCTION: 'true' diff --git a/kubernetes/namespaces/default/pixels/deployment.yaml b/kubernetes/namespaces/default/pixels/deployment.yaml deleted file mode 100644 index 34e7b50..0000000 --- a/kubernetes/namespaces/default/pixels/deployment.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pixels -spec: - replicas: 1 - selector: - matchLabels: - app: pixels - template: - metadata: - labels: - app: pixels - spec: - containers: - - name: pixels - image: ghcr.io/python-discord/pixels:latest - imagePullPolicy: Always - ports: - - containerPort: 8000 - envFrom: - - secretRef: - name: pixels-env - - configMapRef: - name: pixels-config-env - startupProbe: - httpGet: - path: /health - port: 8000 - httpHeaders: - - name: Host - value: pixels.pythondiscord.com - failureThreshold: 15 - periodSeconds: 2 - timeoutSeconds: 5 - initialDelaySeconds: 10 - securityContext: - readOnlyRootFilesystem: true - imagePullSecrets: - - name: ghcr-pull-secret - securityContext: - fsGroup: 2000 - runAsUser: 1000 - runAsNonRoot: true diff --git a/kubernetes/namespaces/default/pixels/ingress.yaml b/kubernetes/namespaces/default/pixels/ingress.yaml deleted file mode 100644 index bfc0ada..0000000 --- a/kubernetes/namespaces/default/pixels/ingress.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - annotations: - nginx.ingress.kubernetes.io/auth-tls-verify-client: "on" - nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle" - nginx.ingress.kubernetes.io/auth-tls-error-page: "https://www.youtube.com/watch?v=dQw4w9WgXcQ" - name: pixels -spec: - tls: - - hosts: - - "*.pythondiscord.com" - secretName: pythondiscord.com-tls - rules: - - host: pixels.pythondiscord.com - http: - paths: - - path: / - pathType: Prefix - backend: - service: - name: pixels - port: - number: 80 diff --git a/kubernetes/namespaces/default/pixels/secrets.yaml b/kubernetes/namespaces/default/pixels/secrets.yaml deleted file mode 100644 index f9db2fb..0000000 Binary files a/kubernetes/namespaces/default/pixels/secrets.yaml and /dev/null differ diff --git a/kubernetes/namespaces/default/pixels/service.yaml b/kubernetes/namespaces/default/pixels/service.yaml deleted file mode 100644 index 41860a1..0000000 --- a/kubernetes/namespaces/default/pixels/service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: pixels -spec: - selector: - app: pixels - ports: - - protocol: TCP - port: 80 - targetPort: 8000 -- cgit v1.2.3