add unifi and gittea

apps/gittea/gitea-deployment.yaml

@@ -0,0 +1,56 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: gitea
+  name: gitea-deployment
+  namespace: default
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: gitea
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: gitea
+    spec:
+      containers:
+      - image: gitea/gitea:latest
+        imagePullPolicy: Always
+        name: gitea
+        ports:
+        - containerPort: 3000
+          name: gitea-http
+          protocol: TCP
+        - containerPort: 22
+          name: gitea-ssh
+          protocol: TCP
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+        - mountPath: /data
+          name: gitea-storage
+        - mountPath: /persistentvolumes
+          name: nfs-client-root
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: gitea-storage
+        persistentVolumeClaim:
+          claimName: gitea
+      - name: nfs-client-root
+        nfs:
+          path: /volume1/k8s
+          server: 192.168.1.176

apps/gittea/gitea-ingress.yaml

@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    acme.cert-manager.io/http01-edit-in-place: "true"
+    cert-manager.io/issuer: letsencrypt-prod
+    kubernetes.io/ingress.class: nginx
+  name: gittea-ingress
+  namespace: default
+spec:
+  rules:
+  - host: git.lilpenguins.com
+    http:
+      paths:
+      - backend:
+          service:
+            name: gitea-service
+            port:
+              number: 80
+        path: /
+        pathType: Prefix
+  tls:
+  - hosts:
+    - git.lilpenguins.com
+    secretName: gitea-tls-prod

apps/gittea/gitea-service.yaml

@@ -0,0 +1,21 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: gitea-service
+  namespace: default
+spec:
+  ports:
+  - name: gitea-http
+    nodePort: 32671
+    port: 80
+    protocol: TCP
+    targetPort: gitea-http
+  - name: gitea-ssh
+    nodePort: 31364
+    port: 22
+    protocol: TCP
+    targetPort: gitea-ssh
+  selector:
+    app: gitea
+  sessionAffinity: None
+  type: LoadBalancer

apps/gittea/gitea-storage.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: gitea
+  namespace: default
+spec:
+  storageClassName: synology-iscsi-storage-custom
+  accessModes:
+  - ReadWriteMany
+  resources:
+    requests:
+      storage: 20Gi

apps/unifi/unifi-deployment.yaml

@@ -0,0 +1,65 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    app: unifi
+  name: unifi-deployment
+  namespace: default
+spec:
+  progressDeadlineSeconds: 600
+  replicas: 1
+  revisionHistoryLimit: 10
+  selector:
+    matchLabels:
+      app: unifi
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: unifi
+    spec:
+      containers:
+      - image: lscr.io/linuxserver/unifi-controller:latest
+        imagePullPolicy: Always
+        name: unifi
+        env:
+          - name: TZ
+            value: Etcd/New_York
+        ports:
+        - containerPort: 8443
+          protocol: TCP
+        - containerPort: 8080
+          protocol: TCP
+        - containerPort: 8843
+          protocol: TCP
+        - containerPort: 8880
+          protocol: TCP
+        - containerPort: 6789
+          protocol: TCP
+        - containerPort: 3478
+          protocol: UDP
+        - containerPort: 10001
+          protocol: UDP
+        - containerPort: 1900
+          protocol: UDP
+        - containerPort: 5514
+          protocol: UDP
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+        - mountPath: /config
+          name: unifi-config
+      dnsPolicy: ClusterFirst
+      restartPolicy: Always
+      schedulerName: default-scheduler
+      securityContext: {}
+      terminationGracePeriodSeconds: 30
+      volumes:
+      - name: unifi-config
+        persistentVolumeClaim:
+          claimName: unifi-config

apps/unifi/unifi-service.yaml

@@ -0,0 +1,38 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: unifi-service
+spec:
+  ports:
+    - port: 8443
+      targetPort: 8443
+      name: web-admin
+    - port: 8080
+      targetPort: 8080
+      name: http
+    - port: 8843
+      targetPort: 8843
+      name: https-guest
+    - port: 8880
+      targetPort: 8880
+      name: http-guest
+    - port: 6789
+      targetPort: 6789
+      name: mobile-test
+    - port: 3478
+      targetPort: 3478
+      name: stun-port
+    - port: 10001
+      targetPort: 10001
+      name: ap-discovery
+    - port: 1900
+      targetPort: 1900
+      name: l2-discovery
+    - port: 5514
+      targetPort: 5514
+      name: syslog
+  selector:
+    app: unifi
+  sessionAffinity: None
+  type: LoadBalancer

apps/unifi/unifi-storage.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: unifi-config
+  namespace: default
+spec:
+  storageClassName: synology-iscsi-storage-custom
+  accessModes:
+  - ReadWriteMany
+  resources:
+    requests:
+      storage: 10Gi