From 5f564302221a2564c160c69c14a3ae819a9aec27 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Fri, 29 Oct 2021 09:56:58 +0200
Subject: [PATCH] ++update

---
 apps/haproxy/README.md      | 16 ----------
 apps/haproxy/haproxy-v2.cfg | 36 ---------------------
 apps/haproxy/haproxy.cfg    | 63 -------------------------------------
 apps/zammad/values.yaml     |  4 +++
 generic/haproxy-sleep.yaml  | 11 +++++++
 image-building.md           |  4 +++
 6 files changed, 19 insertions(+), 115 deletions(-)
 delete mode 100644 apps/haproxy/README.md
 delete mode 100644 apps/haproxy/haproxy-v2.cfg
 delete mode 100644 apps/haproxy/haproxy.cfg
 create mode 100644 generic/haproxy-sleep.yaml
 create mode 100644 image-building.md

diff --git a/apps/haproxy/README.md b/apps/haproxy/README.md
deleted file mode 100644
index cc82b48..0000000
--- a/apps/haproxy/README.md
+++ /dev/null
@@ -1,16 +0,0 @@
-## Objective
-
-Deploy a proxy to the kubernetes cluster that handles
-IPv4-to-IPv6 translations as follows:
-
-```
-Outside k8s:
-
-[ IPv4-Address ] ---- [ SIIT NAT64 mapping ]
-                               |
-                               |
-                               |
-Inside k8s:           [ haproxy container ]
-                               |
-                               |
-                      [ abc.namespacex.svc.clusterdomain ]
diff --git a/apps/haproxy/haproxy-v2.cfg b/apps/haproxy/haproxy-v2.cfg
deleted file mode 100644
index bb245cb..0000000
--- a/apps/haproxy/haproxy-v2.cfg
+++ /dev/null
@@ -1,36 +0,0 @@
-global
-    log stdout format raw local0
-
-    # turn on stats unix socket
-    stats socket /var/lib/haproxy/stats
-
-resolvers mydns
-  parse-resolv-conf
-
-defaults
-    retries                 3
-    log global
-    timeout http-request    10s
-    timeout queue           1m
-    timeout connect         10s
-    timeout client          1m
-    timeout server          1m
-    timeout http-keep-alive 10s
-    timeout check           10s
-
-frontend f_https
-    bind ipv6@:6443
-    mode tcp
-
-    tcp-request inspect-delay 5s
-    tcp-request content accept if { req_ssl_hello_type 1 }
-    tcp-request content reject unless { req_ssl_sni -i k8s.ooo }
-    tcp-request content do-resolve(txn.myip,mydns,ipv6) req_ssl_sni,lower
-
-    default_backend b_https
-
-backend b_https
-    mode tcp
-
-    tcp-request content set-dst var(txn.myip)
-    server tcp_https ipv6@*
diff --git a/apps/haproxy/haproxy.cfg b/apps/haproxy/haproxy.cfg
deleted file mode 100644
index ed05f7f..0000000
--- a/apps/haproxy/haproxy.cfg
+++ /dev/null
@@ -1,63 +0,0 @@
-global
-    log stdout format raw local0
-
-    # turn on stats unix socket
-    stats socket /var/lib/haproxy/stats
-
-resolvers mydns
-  parse-resolv-conf
-  timeout retry   1s
-  hold valid 30s
-  hold nx 3s
-  hold other 3s
-  hold obsolete 0s
-  accepted_payload_size 8192
-
-defaults
-    retries                 3
-    log global
-    timeout http-request    10s
-    timeout queue           1m
-    timeout connect         10s
-    timeout client          1m
-    timeout server          1m
-    timeout http-keep-alive 10s
-    timeout check           10s
-
-frontend f_http
-    bind ipv6@:80
-    mode http
-
-    http-request do-resolve(txn.myip,mydns,ipv6) hdr(Host),lower
-
-    # if DNS resolving did not work
-    # use_backend b_503 unless { var(txn.myip) -m found }
-
-    default_backend      b_http
-
-backend b_http
-    mode http
-    http-request deny unless { hdr(host) -i c2.k8s.ooo }
-    http-request set-dst var(txn.myip)
-    server http ipv6@*
-
-# # HTTPs
-frontend f_https
-    bind ipv6@:443
-    mode tcp
-
-    tcp-request inspect-delay 5s
-    tcp-request content accept if { req_ssl_hello_type 1 }
-    tcp-request deny unless { req_ssl_sni -i k8s.ooo }
-    tcp-request content do-resolve(txn.myip,mydns,ipv6) req_ssl_sni,lower
-
-    default_backend b_https
-
-backend b_https
-    mode tcp
-
-    tcp-request content set-dst var(txn.myip)
-    server tcp_https ipv6@*
-
-#    tcp-request connection deny unless { hdr(host) -i c2.k8s.ooo }
-#    use_backend b_503 unless { var(txn.myip) -m found }
diff --git a/apps/zammad/values.yaml b/apps/zammad/values.yaml
index ec0ee0a..ffd79a7 100644
--- a/apps/zammad/values.yaml
+++ b/apps/zammad/values.yaml
@@ -7,5 +7,9 @@ letsencryptStaging: "yes"
 identifier: "{{ .Release.Name }}"
 fqdn: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
 
+storage:
+  data:
+    size: 1Gi
+
 datasizeingb: 1
 dbsizeingb: 0.5
diff --git a/generic/haproxy-sleep.yaml b/generic/haproxy-sleep.yaml
new file mode 100644
index 0000000..e9450eb
--- /dev/null
+++ b/generic/haproxy-sleep.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: haproxy2-sleep
+spec:
+  containers:
+  - name: haproxy
+    image: haproxy:2.4.7-alpine
+    args:
+    - sleep
+    - "1000000"
diff --git a/image-building.md b/image-building.md
new file mode 100644
index 0000000..68e380e
--- /dev/null
+++ b/image-building.md
@@ -0,0 +1,4 @@
+## WIP
+
+* Maybe kaniko
+* also checking out buildkit daemon-less