ryan/lunarfront-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add dev pod chart — code-server + SSH on dedicated node pool

Browse Source
This commit is contained in:
Ryan Moon
2026-04-04 06:56:56 -05:00
parent 9658e3126c
commit 0a0237d58f
8 changed files with 153 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
argocd/dev-app.yaml Normal file
View File

@@ -0,0 +1,24 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dev
namespace: argocd
annotations:
argocd-image-updater.argoproj.io/image-list: dev=registry.digitalocean.com/lunarfront/lunarfront-devpod:latest
argocd-image-updater.argoproj.io/dev.update-strategy: digest
argocd-image-updater.argoproj.io/write-back-method: argocd
spec:
project: default
source:
repoURL: ssh://git@git-ssh.lunarfront.tech/ryan/lunarfront-charts.git
targetRevision: main
path: dev
destination:
server: https://kubernetes.default.svc
namespace: dev
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true

58
dev/deployment.yaml Normal file
View File

@@ -0,0 +1,58 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: dev
namespace: dev
spec:
replicas: 0
selector:
matchLabels:
app: dev
template:
metadata:
labels:
app: dev
spec:
nodeSelector:
role: dev
tolerations:
- key: dedicated
value: dev
effect: NoSchedule
imagePullSecrets:
- name: registry-lunarfront
containers:
- name: dev
image: registry.digitalocean.com/lunarfront/lunarfront-devpod:latest
ports:
- containerPort: 8080
name: web
- containerPort: 22
name: ssh
env:
- name: SSH_AUTHORIZED_KEYS
valueFrom:
secretKeyRef:
name: dev-secrets
key: ssh-authorized-keys
- name: PASSWORD
valueFrom:
secretKeyRef:
name: dev-secrets
key: code-server-password
- name: ANTHROPIC_API_KEY
valueFrom:
secretKeyRef:
name: dev-secrets
key: anthropic-api-key
volumeMounts:
- name: workspace
mountPath: /workspace
resources:
requests:
cpu: 500m
memory: 1Gi
volumes:
- name: workspace
persistentVolumeClaim:
claimName: dev-workspace

25
dev/ingress.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dev
namespace: dev
annotations:
nginx.ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
ingressClassName: nginx
rules:
- host: dev.lunarfront.tech
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: dev
port:
number: 8080
tls:
- secretName: dev-lunarfront-tech-tls
hosts:
- dev.lunarfront.tech

4
dev/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: dev

12
dev/pvc.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dev-workspace
namespace: dev
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi
storageClassName: do-block-storage

4
dev/secret.yaml Normal file
View File

@@ -0,0 +1,4 @@
# Managed externally — apply manually:
# kubectl create secret generic dev-secrets -n dev \
# --from-literal=code-server-password=<password> \
# --from-literal=ssh-authorized-keys="<your-public-key>"

25
dev/services.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
name: dev
namespace: dev
spec:
selector:
app: dev
ports:
- name: web
port: 8080
targetPort: 8080
---
apiVersion: v1
kind: Service
metadata:
name: dev-ssh
namespace: dev
spec:
selector:
app: dev
ports:
- name: ssh
port: 22
targetPort: 22

1
ingress/tcp-services.yaml
View File

@@ -5,3 +5,4 @@ metadata:
namespace: ingress-nginx
data:
"22": "gitea/gitea-ssh:22"
"2222": "dev/dev-ssh:22"