cmd/mi: kubernetes manifest

Signed-off-by: Xe Iaso <me@xeiaso.net>
author: Xe Iaso <me@xeiaso.net> 2024-05-12 11:21:41 -0400
committer: Xe Iaso <me@xeiaso.net> 2024-05-12 11:22:01 -0400
commit: 18b8e0e201ecfafce937c781999883ceeba69ce6 (patch)
tree: 09a77392069b6b47cd6b2c04678f0b6b0b7340ec
parent: c1a685f81d936fe87673126b9318c78fa21bda94 (diff)
download: x-18b8e0e201ecfafce937c781999883ceeba69ce6.tar.xz
x-18b8e0e201ecfafce937c781999883ceeba69ce6.zip
10 files changed, 271 insertions, 2 deletions
diff --git a/cmd/mi/main.go b/cmd/mi/main.go
index a904a9b..069abfc 100644
--- a/cmd/mi/main.go
+++ b/cmd/mi/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"log/slog"
 	"net/http"
 	"os"
@@ -15,8 +16,9 @@ import (
 )
 
 var (
-	bind  = flag.String("bind", ":8080", "HTTP bind address")
-	dbLoc = flag.String("db-loc", "./var/data.db", "")
+	bind         = flag.String("bind", ":8080", "HTTP bind address")
+	dbLoc        = flag.String("db-loc", "./var/data.db", "")
+	internalBind = flag.String("internal-bind", ":9195", "HTTP internal routes bind address")
 )
 
 func main() {
@@ -45,6 +47,20 @@ func main() {
 	i := &Importer{db: db}
 	i.Mount(mux)
 
+	mux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
+		if err := db.Exec("select 1+1").Error; err != nil {
+			http.Error(w, "database not healthy", http.StatusInternalServerError)
+			return
+		}
+		w.WriteHeader(http.StatusOK)
+		fmt.Fprintln(w, "OK")
+	})
+
+	go func() {
+		slog.Info("starting internal server", "bind", *internalBind)
+		slog.Error("internal server stopped", "err", http.ListenAndServe(*internalBind, nil))
+	}()
+
 	slog.Info("starting server", "bind", *bind)
 	slog.Error("server stopped", "err", http.ListenAndServe(*bind, mux))
 }
diff --git a/cmd/mi/manifest.yaml b/cmd/mi/manifest.yaml
new file mode 100644
index 0000000..e00e10e
--- /dev/null
+++ b/cmd/mi/manifest.yaml
@@ -0,0 +1,124 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: mi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mi
+  namespace: mi
+  labels:
+    app.kubernetes.io/name: mi
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 2Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mi
+  namespace: mi
+  labels:
+    app.kubernetes.io/name: mi
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: mi
+  template:
+    metadata:
+      namespace: mi
+      labels:
+        app.kubernetes.io/name: mi
+    spec:
+      volumes:
+        - name: vol
+          persistentVolumeClaim:
+            claimName: mi
+      securityContext:
+        fsGroup: 1000
+      containers:
+        - name: main
+          image: ghcr.io/xe/x/mi:latest
+          imagePullPolicy: "Always"
+          resources:
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              httpHeaders:
+                - name: X-Kubernetes
+                  value: "is kinda okay"
+            initialDelaySeconds: 3
+            periodSeconds: 3
+          env:
+            - name: BIND
+              value: ":8080"
+            - name: DB_LOC
+              value: "/data/mi.db"
+            - name: INTERNAL_BIND
+              value: ":9195"
+          volumeMounts:
+            - name: vol
+              mountPath: "/data"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mi
+  namespace: mi
+spec:
+  selector:
+    app.kubernetes.io/name: mi
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+      name: http
+    - protocol: TCP
+      port: 9195
+      targetPort: 9195
+      name: metrics
+  type: ClusterIP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: nginx
+  namespace: mi
+  labels:
+    app.kubernetes.io/name: mi
+spec:
+  defaultBackend:
+    service:
+      name: mi
+      port:
+        name: http
+  ingressClassName: tailscale
+  tls:
+    - hosts:
+        - mi
diff --git a/cmd/mi/yeetfile.js b/cmd/mi/yeetfile.js
new file mode 100644
index 0000000..f5f4412
--- /dev/null
+++ b/cmd/mi/yeetfile.js
@@ -0,0 +1,3 @@
+nix.build(".#docker.mi");
+docker.load("./result");
+docker.push(`ghcr.io/xe/x/mi`);
diff --git a/kube/alrest/waifud/.gitignore b/kube/alrest/waifud/.gitignore
new file mode 100644
index 0000000..b511ae1
--- /dev/null
+++ b/kube/alrest/waifud/.gitignore
@@ -0,0 +1 @@
+*.qcow2
diff --git a/kube/alrest/waifud/arch.yaml b/kube/alrest/waifud/arch.yaml
new file mode 100644
index 0000000..9637ba5
--- /dev/null
+++ b/kube/alrest/waifud/arch.yaml
@@ -0,0 +1,19 @@
+apiVersion: cdi.kubevirt.io/v1beta1
+kind: DataVolume
+metadata:
+  name: "arch-linux"
+  namespace: waifud
+  annotations:
+    xeiaso.net/project: waifud
+spec:
+  storage:
+    storageClassName: longhorn
+    volumeMode: block # or filesystem
+    accessModes:
+      - ReadWriteOnce # Necessary as it's no longer has a default
+    resources:
+      requests:
+        storage: 2Gi
+  source:
+    http:
+      url: "https://geo.mirror.pkgbuild.com/images/latest/Arch-Linux-x86_64-cloudimg.qcow2"
diff --git a/kube/alrest/waifud/cipra.yaml b/kube/alrest/waifud/cipra.yaml
new file mode 100644
index 0000000..521c341
--- /dev/null
+++ b/kube/alrest/waifud/cipra.yaml
@@ -0,0 +1,51 @@
+apiVersion: kubevirt.io/v1
+kind: VirtualMachine
+metadata:
+  creationTimestamp: 2018-07-04T15:03:08Z
+  generation: 1
+  labels:
+    kubevirt.io/os: linux
+  name: cipra
+  namespace: waifud
+spec:
+  running: true
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        kubevirt.io/domain: cipra
+    spec:
+      domain:
+        cpu:
+          cores: 2
+        devices:
+          disks:
+          - disk:
+              bus: virtio
+            name: disk0
+          - cdrom:
+              bus: sata
+              readonly: true
+            name: cloudinitdisk
+        machine:
+          type: q35
+        resources:
+          requests:
+            memory: 2048M
+      volumes:
+      - name: disk0
+        persistentVolumeClaim:
+          claimName: cipra
+      - cloudInitNoCloud:
+          userData: |
+            #cloud-config
+            hostname: cipra
+
+            users:
+            - name: xe
+                groups: [ wheel ]
+                sudo: [ "ALL=(ALL) NOPASSWD:ALL" ]
+                shell: /bin/sh
+                ssh-authorized-keys:
+                - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM6NPbPIcCTzeEsjyx0goWyj6fr2qzcfKCCdOUqg0N/v cadey@kos-mos
+        name: cloudinitdisk
diff --git a/kube/alrest/waifud/namespace.yaml b/kube/alrest/waifud/namespace.yaml
new file mode 100644
index 0000000..91279f1
--- /dev/null
+++ b/kube/alrest/waifud/namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: waifud
+  annotations:
+    xeiaso.net/project: waifud
diff --git a/kube/alrest/waifud/rocky-9.3.yaml b/kube/alrest/waifud/rocky-9.3.yaml
new file mode 100644
index 0000000..ba6f064
--- /dev/null
+++ b/kube/alrest/waifud/rocky-9.3.yaml
@@ -0,0 +1,19 @@
+apiVersion: cdi.kubevirt.io/v1beta1
+kind: DataVolume
+metadata:
+  name: "rocky-9.3"
+  namespace: waifud
+  annotations:
+    xeiaso.net/project: waifud
+spec:
+  storage:
+    storageClassName: longhorn
+    volumeMode: block # or filesystem
+    accessModes:
+      - ReadWriteOnce # Necessary as it's no longer has a default
+    resources:
+      requests:
+        storage: 10Gi
+  source:
+    http:
+      url: "https://download.rockylinux.org/pub/rocky/9/images/x86_64/Rocky-9-GenericCloud-Base.latest.x86_64.qcow2"
diff --git a/kube/alrest/waifud/ubuntu-22.04.yaml b/kube/alrest/waifud/ubuntu-22.04.yaml
new file mode 100644
index 0000000..3a80515
--- /dev/null
+++ b/kube/alrest/waifud/ubuntu-22.04.yaml
@@ -0,0 +1,15 @@
+apiVersion: cdi.kubevirt.io/v1beta1
+kind: DataVolume
+metadata:
+  name: "ubuntu-22.04"
+  namespace: waifud
+  annotations:
+    xeiaso.net/project: waifud
+spec:
+  storage:
+    resources:
+      requests:
+        storage: 5Gi
+  source:
+    http:
+      url: "https://cloud-images.ubuntu.com/daily/server/jammy/current/jammy-server-cloudimg-amd64.img"
diff --git a/kube/alrest/waifud/ubuntu-24.04.yaml b/kube/alrest/waifud/ubuntu-24.04.yaml
new file mode 100644
index 0000000..4c45c4c
--- /dev/null
+++ b/kube/alrest/waifud/ubuntu-24.04.yaml
@@ -0,0 +1,15 @@
+apiVersion: cdi.kubevirt.io/v1beta1
+kind: DataVolume
+metadata:
+  name: "ubuntu-24.04"
+  namespace: waifud
+  annotations:
+    xeiaso.net/project: waifud
+spec:
+  storage:
+    resources:
+      requests:
+        storage: 5Gi
+  source:
+    http:
+      url: "https://cloud-images.ubuntu.com/daily/server/noble/current/noble-server-cloudimg-amd64.img"
author	Xe Iaso <me@xeiaso.net>	2024-05-12 11:21:41 -0400
committer	Xe Iaso <me@xeiaso.net>	2024-05-12 11:22:01 -0400
commit	18b8e0e201ecfafce937c781999883ceeba69ce6 (patch)
tree	09a77392069b6b47cd6b2c04678f0b6b0b7340ec
parent	c1a685f81d936fe87673126b9318c78fa21bda94 (diff)
download	x-18b8e0e201ecfafce937c781999883ceeba69ce6.tar.xz x-18b8e0e201ecfafce937c781999883ceeba69ce6.zip