From 6f72fb13218cddd6337bcd64c6a62f7e1f4acc0f Mon Sep 17 00:00:00 2001 From: Nico Schottelius Date: Sun, 20 Jun 2021 13:08:37 +0200 Subject: [PATCH] etherpad: cleanup for production --- apps/etherpadlite-ssl/etherpad/settings.json | 2 +- apps/etherpadlite-ssl/foo | 2 -- apps/etherpadlite-ssl/nginx/http.conf | 16 -------------- .../templates/certbot-job.yaml | 0 .../templates/deployment.yaml | 22 ++++++++----------- apps/etherpadlite-ssl/values.yaml | 3 ++- 6 files changed, 12 insertions(+), 33 deletions(-) delete mode 100644 apps/etherpadlite-ssl/foo delete mode 100644 apps/etherpadlite-ssl/nginx/http.conf delete mode 100644 apps/etherpadlite-ssl/templates/certbot-job.yaml diff --git a/apps/etherpadlite-ssl/etherpad/settings.json b/apps/etherpadlite-ssl/etherpad/settings.json index eadafe2..d876d4a 100644 --- a/apps/etherpadlite-ssl/etherpad/settings.json +++ b/apps/etherpadlite-ssl/etherpad/settings.json @@ -170,7 +170,7 @@ "dbType": "dirty", "dbSettings": { - "filename": "var/dirty.db" + "filename": "/data/dirty.db" }, /* diff --git a/apps/etherpadlite-ssl/foo b/apps/etherpadlite-ssl/foo deleted file mode 100644 index dec1cba..0000000 --- a/apps/etherpadlite-ssl/foo +++ /dev/null @@ -1,2 +0,0 @@ -nginx-certbot-helm-1624126293-aservice.default.svc.c2.k8s.ooo -nginx-certbot-helm-1624126293-aservice ClusterIP 2a0a:e5c0:13:e2::f808 80/TCP,443/TCP 2m13s diff --git a/apps/etherpadlite-ssl/nginx/http.conf b/apps/etherpadlite-ssl/nginx/http.conf deleted file mode 100644 index 8a9e368..0000000 --- a/apps/etherpadlite-ssl/nginx/http.conf +++ /dev/null @@ -1,16 +0,0 @@ -server { - listen *:80; - listen [::]:80; - - server_name _; - - # Forward for certbot - location /.well-known/acme-challenge/ { - root /usr/share/nginx/html; - } - - # Everything else -> ssl - location / { - return 301 https://$host$request_uri; - } -} diff --git a/apps/etherpadlite-ssl/templates/certbot-job.yaml b/apps/etherpadlite-ssl/templates/certbot-job.yaml deleted file mode 100644 index e69de29..0000000 diff --git a/apps/etherpadlite-ssl/templates/deployment.yaml b/apps/etherpadlite-ssl/templates/deployment.yaml index 5027764..f9e6ceb 100644 --- a/apps/etherpadlite-ssl/templates/deployment.yaml +++ b/apps/etherpadlite-ssl/templates/deployment.yaml @@ -23,18 +23,10 @@ spec: - name: etherpadconfig mountPath: "/opt/etherpad-lite/settings.json" subPath: settings.json - - name: nginx - image: nginx:1.21.0-alpine - ports: - - containerPort: 80 - - containerPort: 443 - volumeMounts: - - name: nginx-config - mountPath: "/etc/nginx/conf.d/" - name: etcletsencrypt mountPath: "/etc/letsencrypt" - - name: webroot - mountPath: "/usr/share/nginx/html" + - name: data + mountPath: "/data" volumes: - name: nginx-config configMap: @@ -42,9 +34,9 @@ spec: - name: etcletsencrypt persistentVolumeClaim: claimName: {{ .Release.Name }}-letsencrypt-certs - - name: webroot + - name: data persistentVolumeClaim: - claimName: {{ .Release.Name }}-webroot + claimName: {{ .Release.Name }}-data --- apiVersion: v1 kind: Service @@ -85,7 +77,7 @@ spec: apiVersion: v1 kind: PersistentVolumeClaim metadata: - name: {{ .Release.Name }}-webroot + name: {{ .Release.Name }}-data spec: accessModes: - ReadWriteMany @@ -115,6 +107,10 @@ spec: value: "{{ .Release.Name }}-{{ .Values.serviceName }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - name: EMAIL value: "{{ .Values.email }}" + {{ if eq .Values.letsencryptStaging "no" }} + - name: STAGING + value: "no" + {{ end }} volumeMounts: - name: etcletsencrypt mountPath: "/etc/letsencrypt" diff --git a/apps/etherpadlite-ssl/values.yaml b/apps/etherpadlite-ssl/values.yaml index cbc7324..57548cd 100644 --- a/apps/etherpadlite-ssl/values.yaml +++ b/apps/etherpadlite-ssl/values.yaml @@ -1,3 +1,4 @@ -serviceName: aservice +serviceName: pad clusterDomain: c2.k8s.ooo email: technik@ungleich.ch +letsencryptStaging: "no"