From 7dc13dd11246602370070e8af807f5bf41524e3c Mon Sep 17 00:00:00 2001 From: LordMathis Date: Sun, 23 Mar 2025 16:14:42 +0100 Subject: [PATCH] Add ghost deployment --- apps/base/ghost/kustomization.yaml | 8 ++++++++ apps/base/ghost/namespace.yaml | 5 +++++ apps/base/ghost/repository.yaml | 9 +++++++++ apps/prod/ghost/ingress.yaml | 14 ++++++++++++++ apps/prod/ghost/kustomization.yaml | 19 +++++++++++++++++++ apps/prod/ghost/kustomizeconfig.yaml | 7 +++++++ apps/prod/ghost/release.yaml | 19 +++++++++++++++++++ apps/prod/ghost/secret.enc.yaml | 28 ++++++++++++++++++++++++++++ apps/prod/ghost/values.yaml | 24 ++++++++++++++++++++++++ 9 files changed, 133 insertions(+) create mode 100644 apps/base/ghost/kustomization.yaml create mode 100644 apps/base/ghost/namespace.yaml create mode 100644 apps/base/ghost/repository.yaml create mode 100644 apps/prod/ghost/ingress.yaml create mode 100644 apps/prod/ghost/kustomization.yaml create mode 100644 apps/prod/ghost/kustomizeconfig.yaml create mode 100644 apps/prod/ghost/release.yaml create mode 100644 apps/prod/ghost/secret.enc.yaml create mode 100644 apps/prod/ghost/values.yaml diff --git a/apps/base/ghost/kustomization.yaml b/apps/base/ghost/kustomization.yaml new file mode 100644 index 0000000..f4e458d --- /dev/null +++ b/apps/base/ghost/kustomization.yaml @@ -0,0 +1,8 @@ +# /apps/base/ghost/kustomization.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: ghost + +resources: + - namespace.yaml + - repository.yaml \ No newline at end of file diff --git a/apps/base/ghost/namespace.yaml b/apps/base/ghost/namespace.yaml new file mode 100644 index 0000000..d7ef795 --- /dev/null +++ b/apps/base/ghost/namespace.yaml @@ -0,0 +1,5 @@ +# /apps/base/ghost/namespace.yaml +apiVersion: v1 +kind: Namespace +metadata: + name: ghost \ No newline at end of file diff --git a/apps/base/ghost/repository.yaml b/apps/base/ghost/repository.yaml new file mode 100644 index 0000000..de9d3f0 --- /dev/null +++ b/apps/base/ghost/repository.yaml @@ -0,0 +1,9 @@ +# /apps/base/ghost/repository.yaml +apiVersion: source.toolkit.fluxcd.io/v1 +kind: HelmRepository +metadata: + name: bitnami + namespace: ghost +spec: + interval: 24h + url: https://charts.bitnami.com/bitnami \ No newline at end of file diff --git a/apps/prod/ghost/ingress.yaml b/apps/prod/ghost/ingress.yaml new file mode 100644 index 0000000..dec354a --- /dev/null +++ b/apps/prod/ghost/ingress.yaml @@ -0,0 +1,14 @@ +apiVersion: traefik.io/v1alpha1 +kind: IngressRoute +metadata: + name: ghost-ingress + namespace: ghost +spec: + entryPoints: + - websecure + routes: + - match: Host(`${GHOST_DOMAIN}`) + kind: Rule + services: + - name: ghost + port: 80 \ No newline at end of file diff --git a/apps/prod/ghost/kustomization.yaml b/apps/prod/ghost/kustomization.yaml new file mode 100644 index 0000000..e07bf2f --- /dev/null +++ b/apps/prod/ghost/kustomization.yaml @@ -0,0 +1,19 @@ +# /apps/prod/ghost/kustomization.yaml +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: ghost + +resources: + - ../../base/ghost + - release.yaml + - ingress.yaml + - secret.enc.yaml + +configMapGenerator: + - name: ghost-prod-values + namespace: ghost + files: + - values.yaml + +configurations: + - kustomizeconfig.yaml \ No newline at end of file diff --git a/apps/prod/ghost/kustomizeconfig.yaml b/apps/prod/ghost/kustomizeconfig.yaml new file mode 100644 index 0000000..6b4cf2e --- /dev/null +++ b/apps/prod/ghost/kustomizeconfig.yaml @@ -0,0 +1,7 @@ +# /apps/prod/ghost/kustomizeconfig.yaml +nameReference: +- kind: ConfigMap + version: v1 + fieldSpecs: + - path: spec/valuesFrom/name + kind: HelmRelease \ No newline at end of file diff --git a/apps/prod/ghost/release.yaml b/apps/prod/ghost/release.yaml new file mode 100644 index 0000000..cc5f500 --- /dev/null +++ b/apps/prod/ghost/release.yaml @@ -0,0 +1,19 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: ghost + namespace: ghost +spec: + interval: 1h + chart: + spec: + chart: ghost + version: "22.2.3" + sourceRef: + kind: HelmRepository + name: bitnami + namespace: ghost + interval: 1h + valuesFrom: + - kind: ConfigMap + name: ghost-prod-values \ No newline at end of file diff --git a/apps/prod/ghost/secret.enc.yaml b/apps/prod/ghost/secret.enc.yaml new file mode 100644 index 0000000..9275e6f --- /dev/null +++ b/apps/prod/ghost/secret.enc.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Secret +metadata: + name: ghost-admin-secret + namespace: ghost +type: Opaque +stringData: + ghost-password: ENC[AES256_GCM,data:UfT+Is1grMWVhQOl2ew7etgE,iv:fDiZ4re4odMYd2LJk90qwqdMvr9+oH0fW7SZiEjE6TU=,tag:qbREC2IScRYq6Y9lk4C5EA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1jk99rtxq3ep2xj2w886cchddf7jypqpwkr3dszg5dzq93gn8cy9qyc786m + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvd0VQMmJYVFp4bVBYWTZh + RmlGQXE5YlBZZjVFYlJERFR1Q3B5U2tncDBVCkVvczlzakJFN3o2UGFiLzZaN2pL + RVRYTUpOYTdpNUFNVWhldFVucVBwNXMKLS0tIHRNUVpnSkpVeHV6L0FaOFZVdW8v + ZGs3Y2dkZEtmTG9GbVRoMzJoTFJpaHMKENlCAd/B6HLlL2NlRXx64JqoJYuxNQwj + KRGmUNbjDIjFQym/8LI6XbIW1WgrWa/6pVdzkUOjjTXe6V9BijFGhw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-03-23T15:09:57Z" + mac: ENC[AES256_GCM,data:Xy351DGdecmgyDrNR9QUMj5QXlqnm4icdJix0zyiX8THO8cojHj7g5qfrXLuQbN6G5zMVW0b6YgDiSeaXvSFje1tHNZd4cCmq3BO4A0MTAUufau6n50nWFlWaMecny4JIPYS+kJe6FUq68mCv/aaDMWPOf3jZDfPYb5KUVqat80=,iv:aLphC2N5vkBB9Ma5NafpP6dyHD5rM3Z6aI+g1sJ5KNM=,tag:yFslBcL/oKWwdWG2ZWeBrA==,type:str] + pgp: [] + unencrypted_regex: ^(apiVersion|metadata|kind|type)$ + version: 3.9.4 diff --git a/apps/prod/ghost/values.yaml b/apps/prod/ghost/values.yaml new file mode 100644 index 0000000..ce0b999 --- /dev/null +++ b/apps/prod/ghost/values.yaml @@ -0,0 +1,24 @@ +mysql: + enabled: false +postgresql: + enabled: false + +persistence: + enabled: true + storageClass: "retain-local-path" + size: 8Gi + +ghostHost: "${GHOST_URL}" +ghostUsername: admin +existingSecret: "ghost-admin-secret" +ghostEmail: "${GHOST_ADMIN_EMAIL}" +ghostBlogTitle: "" + +service: + type: ClusterIP + +extraEnvVars: + - name: database__client + value: sqlite3 + - name: NODE_ENV + value: production \ No newline at end of file