diff --git a/argocd/dev-app.yaml b/argocd/dev-app.yaml new file mode 100644 index 0000000..260ff2e --- /dev/null +++ b/argocd/dev-app.yaml @@ -0,0 +1,24 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: dev + namespace: argocd + annotations: + argocd-image-updater.argoproj.io/image-list: dev=registry.digitalocean.com/lunarfront/lunarfront-devpod:latest + argocd-image-updater.argoproj.io/dev.update-strategy: digest + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + project: default + source: + repoURL: ssh://git@git-ssh.lunarfront.tech/ryan/lunarfront-charts.git + targetRevision: main + path: dev + destination: + server: https://kubernetes.default.svc + namespace: dev + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true diff --git a/dev/deployment.yaml b/dev/deployment.yaml new file mode 100644 index 0000000..3d77c57 --- /dev/null +++ b/dev/deployment.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dev + namespace: dev +spec: + replicas: 0 + selector: + matchLabels: + app: dev + template: + metadata: + labels: + app: dev + spec: + nodeSelector: + role: dev + tolerations: + - key: dedicated + value: dev + effect: NoSchedule + imagePullSecrets: + - name: registry-lunarfront + containers: + - name: dev + image: registry.digitalocean.com/lunarfront/lunarfront-devpod:latest + ports: + - containerPort: 8080 + name: web + - containerPort: 22 + name: ssh + env: + - name: SSH_AUTHORIZED_KEYS + valueFrom: + secretKeyRef: + name: dev-secrets + key: ssh-authorized-keys + - name: PASSWORD + valueFrom: + secretKeyRef: + name: dev-secrets + key: code-server-password + - name: ANTHROPIC_API_KEY + valueFrom: + secretKeyRef: + name: dev-secrets + key: anthropic-api-key + volumeMounts: + - name: workspace + mountPath: /workspace + resources: + requests: + cpu: 500m + memory: 1Gi + volumes: + - name: workspace + persistentVolumeClaim: + claimName: dev-workspace diff --git a/dev/ingress.yaml b/dev/ingress.yaml new file mode 100644 index 0000000..c81f33f --- /dev/null +++ b/dev/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: dev + namespace: dev + annotations: + nginx.ingress.kubernetes.io/ssl-redirect: "true" + cert-manager.io/cluster-issuer: letsencrypt-prod +spec: + ingressClassName: nginx + rules: + - host: dev.lunarfront.tech + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: dev + port: + number: 8080 + tls: + - secretName: dev-lunarfront-tech-tls + hosts: + - dev.lunarfront.tech diff --git a/dev/namespace.yaml b/dev/namespace.yaml new file mode 100644 index 0000000..8cab297 --- /dev/null +++ b/dev/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: dev diff --git a/dev/pvc.yaml b/dev/pvc.yaml new file mode 100644 index 0000000..95cc410 --- /dev/null +++ b/dev/pvc.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: dev-workspace + namespace: dev +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 100Gi + storageClassName: do-block-storage diff --git a/dev/secret.yaml b/dev/secret.yaml new file mode 100644 index 0000000..926bada --- /dev/null +++ b/dev/secret.yaml @@ -0,0 +1,4 @@ +# Managed externally — apply manually: +# kubectl create secret generic dev-secrets -n dev \ +# --from-literal=code-server-password= \ +# --from-literal=ssh-authorized-keys="" diff --git a/dev/services.yaml b/dev/services.yaml new file mode 100644 index 0000000..d82b91c --- /dev/null +++ b/dev/services.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Service +metadata: + name: dev + namespace: dev +spec: + selector: + app: dev + ports: + - name: web + port: 8080 + targetPort: 8080 +--- +apiVersion: v1 +kind: Service +metadata: + name: dev-ssh + namespace: dev +spec: + selector: + app: dev + ports: + - name: ssh + port: 22 + targetPort: 22 diff --git a/ingress/tcp-services.yaml b/ingress/tcp-services.yaml index 712645e..0850710 100644 --- a/ingress/tcp-services.yaml +++ b/ingress/tcp-services.yaml @@ -5,3 +5,4 @@ metadata: namespace: ingress-nginx data: "22": "gitea/gitea-ssh:22" + "2222": "dev/dev-ssh:22"