From b4e389eb451da79983c1a785855e05acfd936e5d Mon Sep 17 00:00:00 2001 From: Frank Elsinga Date: Wed, 27 Sep 2023 22:26:03 +0200 Subject: [PATCH] externalised penpot into the cloud --- .../tasks/components/penpot.yml | 143 ------------------ 1 file changed, 143 deletions(-) delete mode 100644 deployment/ansible/roles/k8s-components/tasks/components/penpot.yml diff --git a/deployment/ansible/roles/k8s-components/tasks/components/penpot.yml b/deployment/ansible/roles/k8s-components/tasks/components/penpot.yml deleted file mode 100644 index 5920f3766..000000000 --- a/deployment/ansible/roles/k8s-components/tasks/components/penpot.yml +++ /dev/null @@ -1,143 +0,0 @@ ---- -- name: Add codechem chart repo - kubernetes.core.helm_repository: - name: codechem - repo_url: "https://charts.codechem.com" -- name: Install penpot - kubernetes.core.helm: - atomic: true - wait: false - update_repo_cache: yes - release_state: present - chart_version: 1.0.10 - chart_ref: codechem/penpot - name: penpot - namespace: penpot - create_namespace: yes - values: - global: - storageClass: "longhorn" - postgresqlEnabled: true - redisEnabled: true - backend: - image: - tag: 1.18.4 - exporter: - image: - tag: 1.18.4 - frontend: - image: - tag: 1.18.4 - persistence: - enabled: true - size: 8Gi - storageClass: "longhorn" - config: - publicURI: "https://penpot.nav.tum.sexy" - flags: enable-registration enable-login enable-smtp disable-demo-users disable-demo-warning - postgresql: - host: "penpot-postgresql.penpot.svc.cluster.local" - port: 5432 - username: "{{ lookup('ansible.builtin.password', 'credentials/penpot/postgres/username', chars=['ascii_letters']) }}" - password: "{{ lookup('ansible.builtin.password', 'credentials/penpot/postgres/password', chars=['ascii_letters', 'digits'], length=64) }}" - database: penpot - redis: - host: "penpot-redis-master.penpot.svc.cluster.local" - port: 6379 - database: "0" - registrationDomainWhitelist: "tum.de,fs.tum.de,fsmb-tum.de" - smtp: - defaultFrom: "frank.elsinga@tum.de" - defaultReplyTo: "frank.elsinga@tum.de" - enabled: true - existingSecret: "" - host: "postout.lrz.de" - password: "{{ lookup('ansible.builtin.password', 'credentials/email') }}" - port: "587" - secretKeys: - passwordKey: "" - usernameKey: "" - ssl: false - tls: true - username: ge93cuk - postgresql: - auth: - username: "{{ lookup('ansible.builtin.password', 'credentials/penpot/postgres/username', chars=['ascii_letters']) }}" - password: "{{ lookup('ansible.builtin.password', 'credentials/penpot/postgres/password', chars=['ascii_letters', 'digits'], length=64) }}" - enablePostgresUser: false - database: penpot - redis: - auth: - enabled: false - -- name: add an cert for argo - kubernetes.core.k8s: - state: present - namespace: penpot - definition: - apiVersion: cert-manager.io/v1 - kind: Certificate - metadata: - name: penpot.nav.tum.sexy - spec: - commonName: penpot.nav.tum.sexy - dnsNames: - - penpot.nav.tum.sexy - secretName: penpot.nav.tum.sexy - issuerRef: - name: letsencrypt-production - kind: ClusterIssuer -- name: add an ingress for argo - kubernetes.core.k8s: - state: present - namespace: penpot - definition: - apiVersion: traefik.containo.us/v1alpha1 - kind: IngressRoute - metadata: - name: penpot-server - spec: - entryPoints: - - websecure - routes: - - kind: Rule - match: Host(`penpot.nav.tum.sexy`) - priority: 10 - services: - - name: penpot - port: 80 - tls: - secretName: penpot.nav.tum.sexy -- name: add web ingress - kubernetes.core.k8s: - state: present - namespace: penpot - definition: - apiVersion: traefik.containo.us/v1alpha1 - kind: IngressRoute - metadata: - name: penpot-server-http - spec: - entryPoints: - - web - routes: - - kind: Rule - match: Host(`penpot.nav.tum.sexy`) - services: - - name: noop@internal - kind: TraefikService - middlewares: - - name: https -- name: add http middleware - kubernetes.core.k8s: - state: present - namespace: penpot - definition: - apiVersion: traefik.containo.us/v1alpha1 - kind: Middleware - metadata: - name: https - spec: - redirectScheme: - scheme: https - permanent: true