kube/alrest: move manifests here

Signed-off-by: Xe Iaso <me@xeiaso.net>

21 files changed, 367 insertions, 312 deletions

diff --git a/cmd/hlang/manifest.yaml b/cmd/hlang/manifest.yaml
deleted file mode 100644
index e88f6d3..0000000
--- a/cmd/hlang/manifest.yaml
+++ /dev/null
@@ -1,116 +0,0 @@
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: hlang
-  labels:
-    app.kubernetes.io/name: hlang
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: hlang
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: hlang
-    spec:
-      securityContext:
-        fsGroup: 1000
-      containers:
-        - name: main
-          image: ghcr.io/xe/x/hlang:latest
-          imagePullPolicy: "Always"
-          resources:
-            limits:
-              cpu: "500m"
-              memory: "256Mi"
-            requests:
-              cpu: "250m"
-              memory: "128Mi"
-          securityContext:
-            runAsUser: 1000
-            runAsGroup: 1000
-            runAsNonRoot: true
-            allowPrivilegeEscalation: false
-            capabilities:
-              drop:
-                - ALL
-            seccompProfile:
-              type: RuntimeDefault
-          livenessProbe:
-            httpGet:
-              path: /
-              port: 8080
-              httpHeaders:
-                - name: X-Kubernetes
-                  value: "is kinda okay"
-            initialDelaySeconds: 3
-            periodSeconds: 3
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: hlang
-  labels:
-    app.kubernetes.io/name: hlang
-spec:
-  selector:
-    app.kubernetes.io/name: hlang
-  ports:
-    - port: 80
-      targetPort: 8080
-      name: http
-  type: ClusterIP
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: hlang-within-lgbt
-  labels:
-    app.kubernetes.io/name: hlang
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-spec:
-  ingressClassName: nginx
-  tls:
-    - hosts:
-      - h.within.lgbt
-      secretName: hlang-within-lgbt-public-tls
-  rules:
-  - host: h.within.lgbt
-    http:
-      paths:
-      - pathType: Prefix
-        path: "/"
-        backend:
-          service:
-            name: hlang
-            port: 
-              name: http
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: hlang-christine-website
-  labels:
-    app.kubernetes.io/name: hlang
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-spec:
-  ingressClassName: nginx
-  tls:
-    - hosts:
-      - h.christine.website
-      secretName: hlang-christine-website-public-tls
-  rules:
-  - host: h.christine.website
-    http:
-      paths:
-      - pathType: Prefix
-        path: "/"
-        backend:
-          service:
-            name: hlang
-            port: 
-              name: http
\ No newline at end of file
diff --git a/cmd/johaus/yeetfile.js b/cmd/johaus/yeetfile.js
index f6b3269..9b6d04e 100644
--- a/cmd/johaus/yeetfile.js
+++ b/cmd/johaus/yeetfile.js
@@ -1,6 +1,3 @@
-nix.build(".#docker.johaus");
-docker.load("./result");
-docker.push(`ghcr.io/xe/x/johaus`);
 yeet.run("kubectl", "apply", "-f=manifest.yaml");
 yeet.run("sh", "-c", "kubectl rollout restart deployments/johaus");
 
diff --git a/cmd/within.website/manifest.yaml b/cmd/within.website/manifest.yaml
deleted file mode 100644
index e0e915f..0000000
--- a/cmd/within.website/manifest.yaml
+++ /dev/null
@@ -1,150 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: within-website
-data:
-  "config.ts": |   
-    export interface Repo {
-        kind: "gitea" | "github";
-        domain: string;
-        user: string;
-        repo: string;
-        description: string;
-    }
-
-    const githubRepo = (name: string, description: string): Repo => {
-    return {
-        kind: "github",
-        domain: "github.com",
-        user: "Xe",
-        repo: name,
-        description,
-    };
-    };
-
-    const giteaRepo = (name: string, description: string): Repo => {
-    return {
-        kind: "gitea",
-        domain: "tulpa.dev",
-        user: "cadey",
-        repo: name,
-        description,
-    };
-    };
-
-    const repos: Repo[] = [
-    githubRepo("derpigo", "A Derpibooru/Furbooru API client in Go. This is used to monitor Derpibooru/Furbooru for images by artists I care about and archive them."),
-    githubRepo("eclier", "A command router for Go programs that implements every command in Lua. This was an experiment for making extensible command-line applications with Lua for extending them."),
-    githubRepo("gcss", "A CSS preprocessor for Go. This is a legacy Go package that I am bringing forward to modern Go standards."),
-    giteaRepo("gopher", "A Gopher (RFC 1436) client/server stack for Go applications. This allows users to write custom Gopher clients and servers."),
-    githubRepo("ln", "The natural log function for Go: an easy package for structured logging. This is the logging stack that I use for most of my personal projects."),
-    githubRepo("x", "Various experimental things. /x/ is my monorepo of side projects, hobby programming, and other explorations of how programming in Go can be."),
-    ];
-
-    export default repos;
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: within-website
-  labels:
-    app.kubernetes.io/name: within-website
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: within-website
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: within-website
-    spec:
-      securityContext:
-        fsGroup: 1000
-      volumes:
-        - name: tyson
-          configMap:
-            name: within-website
-      containers:
-        - name: main
-          image: ghcr.io/xe/x/within-website:latest
-          imagePullPolicy: "Always"
-          resources:
-            limits:
-              cpu: "500m"
-              memory: "256Mi"
-            requests:
-              cpu: "250m"
-              memory: "128Mi"
-          securityContext:
-            runAsUser: 1000
-            runAsGroup: 1000
-            runAsNonRoot: true
-            allowPrivilegeEscalation: false
-            capabilities:
-              drop:
-                - ALL
-            seccompProfile:
-              type: RuntimeDefault
-          livenessProbe:
-            httpGet:
-              path: /
-              port: 8080
-              httpHeaders:
-                - name: X-Kubernetes
-                  value: "is kinda okay"
-            initialDelaySeconds: 3
-            periodSeconds: 3
-          env:
-            - name: TYSON_CONFIG
-              value: "/etc/within.website/config.ts"
-            - name: PORT
-              value: "8080"
-            - name: SLOG_LEVEL
-              value: DEBUG
-          volumeMounts:
-            - name: tyson
-              mountPath: /etc/within.website
-              readOnly: true
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: within-website
-  labels:
-    app.kubernetes.io/name: within-website
-spec:
-  selector:
-    app.kubernetes.io/name: within-website
-  ports:
-    - port: 80
-      targetPort: 8080
-      name: http
-  type: ClusterIP
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: within-website
-  labels:
-    app.kubernetes.io/name: within-website
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-spec:
-  ingressClassName: nginx
-  tls:
-    - hosts:
-      - within.website
-      secretName: within-website-public-tls
-  rules:
-  - host: within.website
-    http:
-      paths:
-      - pathType: Prefix
-        path: "/"
-        backend:
-          service:
-            name: within-website
-            port: 
-              name: http
diff --git a/kube/alrest/x/hlang/deployment.yaml b/kube/alrest/x/hlang/deployment.yaml
new file mode 100644
index 0000000..da92408
--- /dev/null
+++ b/kube/alrest/x/hlang/deployment.yaml
@@ -0,0 +1,48 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: hlang
+  labels:
+    app.kubernetes.io/name: hlang
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: hlang
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: hlang
+    spec:
+      securityContext:
+        fsGroup: 1000
+      containers:
+        - name: main
+          image: ghcr.io/xe/x/hlang:latest
+          imagePullPolicy: "Always"
+          resources:
+            limits:
+              cpu: "500m"
+              memory: "256Mi"
+            requests:
+              cpu: "250m"
+              memory: "128Mi"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 8080
+              httpHeaders:
+                - name: X-Kubernetes
+                  value: "is kinda okay"
+            initialDelaySeconds: 3
+            periodSeconds: 3
\ No newline at end of file
diff --git a/kube/alrest/x/hlang/ingress-christine-website.yaml b/kube/alrest/x/hlang/ingress-christine-website.yaml
new file mode 100644
index 0000000..6a808c3
--- /dev/null
+++ b/kube/alrest/x/hlang/ingress-christine-website.yaml
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: hlang-christine-website
+  labels:
+    app.kubernetes.io/name: hlang
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+      - h.christine.website
+      secretName: hlang-christine-website-public-tls
+  rules:
+  - host: h.christine.website
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: hlang
+            port: 
+              name: http
\ No newline at end of file
diff --git a/kube/alrest/x/hlang/ingress-within-lgbt.yaml b/kube/alrest/x/hlang/ingress-within-lgbt.yaml
new file mode 100644
index 0000000..40a26cf
--- /dev/null
+++ b/kube/alrest/x/hlang/ingress-within-lgbt.yaml
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: hlang-within-lgbt
+  labels:
+    app.kubernetes.io/name: hlang
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+      - h.within.lgbt
+      secretName: hlang-within-lgbt-public-tls
+  rules:
+  - host: h.within.lgbt
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: hlang
+            port: 
+              name: http
\ No newline at end of file
diff --git a/kube/alrest/x/hlang/kustomization.yaml b/kube/alrest/x/hlang/kustomization.yaml
new file mode 100644
index 0000000..f473637
--- /dev/null
+++ b/kube/alrest/x/hlang/kustomization.yaml
@@ -0,0 +1,5 @@
+resources:
+  - deployment.yaml
+  - service.yaml
+  - ingress-within-lgbt.yaml
+  - ingress-christine-website.yaml
\ No newline at end of file
diff --git a/kube/alrest/x/hlang/service.yaml b/kube/alrest/x/hlang/service.yaml
new file mode 100644
index 0000000..31a01d4
--- /dev/null
+++ b/kube/alrest/x/hlang/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: hlang
+  labels:
+    app.kubernetes.io/name: hlang
+spec:
+  selector:
+    app.kubernetes.io/name: hlang
+  ports:
+    - port: 80
+      targetPort: 8080
+      name: http
+  type: ClusterIP
\ No newline at end of file
diff --git a/cmd/johaus/manifest.yaml b/kube/alrest/x/johaus/deployment.yaml
index cfd880a..b06264c 100644
--- a/cmd/johaus/manifest.yaml
+++ b/kube/alrest/x/johaus/deployment.yaml
@@ -1,4 +1,3 @@
----
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -46,45 +45,4 @@ spec:
                 - name: X-Kubernetes
                   value: "is kinda okay"
             initialDelaySeconds: 3
-            periodSeconds: 3
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: johaus
-  labels:
-    app.kubernetes.io/name: johaus
-spec:
-  selector:
-    app.kubernetes.io/name: johaus
-  ports:
-    - port: 80
-      targetPort: 8080
-      name: http
-  type: ClusterIP
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: johaus
-  labels:
-    app.kubernetes.io/name: johaus
-  annotations:
-    cert-manager.io/cluster-issuer: "letsencrypt-prod"
-spec:
-  ingressClassName: nginx
-  tls:
-    - hosts:
-      - johaus.cetacean.club
-      secretName: johaus-public-tls
-  rules:
-  - host: johaus.cetacean.club
-    http:
-      paths:
-      - pathType: Prefix
-        path: "/"
-        backend:
-          service:
-            name: johaus
-            port: 
-              name: http
\ No newline at end of file
+            periodSeconds: 3
\ No newline at end of file
diff --git a/kube/alrest/x/johaus/ingress.yaml b/kube/alrest/x/johaus/ingress.yaml
new file mode 100644
index 0000000..44b30d3
--- /dev/null
+++ b/kube/alrest/x/johaus/ingress.yaml
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: johaus
+  labels:
+    app.kubernetes.io/name: johaus
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+      - johaus.cetacean.club
+      secretName: johaus-public-tls
+  rules:
+  - host: johaus.cetacean.club
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: johaus
+            port: 
+              name: http
\ No newline at end of file
diff --git a/kube/alrest/x/johaus/kustomization.yaml b/kube/alrest/x/johaus/kustomization.yaml
new file mode 100644
index 0000000..6b1764d
--- /dev/null
+++ b/kube/alrest/x/johaus/kustomization.yaml
@@ -0,0 +1,4 @@
+resources:
+  - deployment.yaml
+  - service.yaml
+  - ingress.yaml
\ No newline at end of file
diff --git a/kube/alrest/x/johaus/service.yaml b/kube/alrest/x/johaus/service.yaml
new file mode 100644
index 0000000..eeb8508
--- /dev/null
+++ b/kube/alrest/x/johaus/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: johaus
+  labels:
+    app.kubernetes.io/name: johaus
+spec:
+  selector:
+    app.kubernetes.io/name: johaus
+  ports:
+    - port: 80
+      targetPort: 8080
+      name: http
+  type: ClusterIP
\ No newline at end of file
diff --git a/kube/alrest/x/kustomization.yaml b/kube/alrest/x/kustomization.yaml
new file mode 100644
index 0000000..b10e627
--- /dev/null
+++ b/kube/alrest/x/kustomization.yaml
@@ -0,0 +1,5 @@
+resources:
+  - hlang
+  #- johaus
+  - sapientwindex
+  - within.website
\ No newline at end of file
diff --git a/kube/alrest/x/sapientwindex/deployment.yaml b/kube/alrest/x/sapientwindex/deployment.yaml
new file mode 100644
index 0000000..c612113
--- /dev/null
+++ b/kube/alrest/x/sapientwindex/deployment.yaml
@@ -0,0 +1,47 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: sapientwindex
+  labels:
+    app.kubernetes.io/name: sapientwindex
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: sapientwindex
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: sapientwindex
+    spec:
+      volumes:
+        - name: sapientwindex
+          secret:
+            secretName: sapientwindex
+      containers:
+        - name: bot
+          image: ghcr.io/xe/x/sapientwindex:latest
+          imagePullPolicy: "Always"
+          resources:
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
+          volumeMounts:
+            - name: sapientwindex
+              readOnly: true
+              mountPath: "/run/secrets/sapientwindex"
diff --git a/kube/alrest/x/sapientwindex/kustomization.yaml b/kube/alrest/x/sapientwindex/kustomization.yaml
new file mode 100644
index 0000000..538a0d8
--- /dev/null
+++ b/kube/alrest/x/sapientwindex/kustomization.yaml
@@ -0,0 +1,3 @@
+resources:
+  - deployment.yaml
+  - xe-op-secret.yaml
\ No newline at end of file
diff --git a/cmd/sapientwindex/xe-op-secret.yaml b/kube/alrest/x/sapientwindex/xe-op-secret.yaml
index 81cf6c4..81cf6c4 100644
--- a/cmd/sapientwindex/xe-op-secret.yaml
+++ b/kube/alrest/x/sapientwindex/xe-op-secret.yaml
diff --git a/kube/alrest/x/within.website/configmap.yaml b/kube/alrest/x/within.website/configmap.yaml
new file mode 100644
index 0000000..33ea5ef
--- /dev/null
+++ b/kube/alrest/x/within.website/configmap.yaml
@@ -0,0 +1,44 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: within-website
+data:
+  "config.ts": |   
+    export interface Repo {
+        kind: "gitea" | "github";
+        domain: string;
+        user: string;
+        repo: string;
+        description: string;
+    }
+
+    const githubRepo = (name: string, description: string): Repo => {
+      return {
+        kind: "github",
+        domain: "github.com",
+        user: "Xe",
+        repo: name,
+        description,
+      };
+    };
+
+    const giteaRepo = (name: string, description: string): Repo => {
+      return {
+        kind: "gitea",
+        domain: "tulpa.dev",
+        user: "cadey",
+        repo: name,
+        description,
+      };
+    };
+
+    const repos: Repo[] = [
+    githubRepo("derpigo", "A Derpibooru/Furbooru API client in Go. This is used to monitor Derpibooru/Furbooru for images by artists I care about and archive them."),
+    githubRepo("eclier", "A command router for Go programs that implements every command in Lua. This was an experiment for making extensible command-line applications with Lua for extending them."),
+    githubRepo("gcss", "A CSS preprocessor for Go. This is a legacy Go package that I am bringing forward to modern Go standards."),
+    giteaRepo("gopher", "A Gopher (RFC 1436) client/server stack for Go applications. This allows users to write custom Gopher clients and servers."),
+    githubRepo("ln", "The natural log function for Go: an easy package for structured logging. This is the logging stack that I use for most of my personal projects."),
+    githubRepo("x", "Various experimental things. /x/ is my monorepo of side projects, hobby programming, and other explorations of how programming in Go can be."),
+    ];
+
+    export default repos;
\ No newline at end of file
diff --git a/kube/alrest/x/within.website/deployment.yaml b/kube/alrest/x/within.website/deployment.yaml
new file mode 100644
index 0000000..00c10dd
--- /dev/null
+++ b/kube/alrest/x/within.website/deployment.yaml
@@ -0,0 +1,63 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: within-website
+  labels:
+    app.kubernetes.io/name: within-website
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: within-website
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: within-website
+    spec:
+      securityContext:
+        fsGroup: 1000
+      volumes:
+        - name: tyson
+          configMap:
+            name: within-website
+      containers:
+        - name: main
+          image: ghcr.io/xe/x/within-website:latest
+          imagePullPolicy: "Always"
+          resources:
+            limits:
+              cpu: "500m"
+              memory: "256Mi"
+            requests:
+              cpu: "250m"
+              memory: "128Mi"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 8080
+              httpHeaders:
+                - name: X-Kubernetes
+                  value: "is kinda okay"
+            initialDelaySeconds: 3
+            periodSeconds: 3
+          env:
+            - name: TYSON_CONFIG
+              value: "/etc/within.website/config.ts"
+            - name: PORT
+              value: "8080"
+            - name: SLOG_LEVEL
+              value: DEBUG
+          volumeMounts:
+            - name: tyson
+              mountPath: /etc/within.website
+              readOnly: true
\ No newline at end of file
diff --git a/kube/alrest/x/within.website/ingress.yaml b/kube/alrest/x/within.website/ingress.yaml
new file mode 100644
index 0000000..9c1822e
--- /dev/null
+++ b/kube/alrest/x/within.website/ingress.yaml
@@ -0,0 +1,25 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: within-website
+  labels:
+    app.kubernetes.io/name: within-website
+  annotations:
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  ingressClassName: nginx
+  tls:
+    - hosts:
+      - within.website
+      secretName: within-website-public-tls
+  rules:
+  - host: within.website
+    http:
+      paths:
+      - pathType: Prefix
+        path: "/"
+        backend:
+          service:
+            name: within-website
+            port: 
+              name: http
diff --git a/kube/alrest/x/within.website/kustomization.yaml b/kube/alrest/x/within.website/kustomization.yaml
new file mode 100644
index 0000000..70e6095
--- /dev/null
+++ b/kube/alrest/x/within.website/kustomization.yaml
@@ -0,0 +1,5 @@
+resources:
+  - configmap.yaml
+  - deployment.yaml
+  - service.yaml
+  - ingress.yaml
\ No newline at end of file
diff --git a/kube/alrest/x/within.website/service.yaml b/kube/alrest/x/within.website/service.yaml
new file mode 100644
index 0000000..a1424f1
--- /dev/null
+++ b/kube/alrest/x/within.website/service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: within-website
+  labels:
+    app.kubernetes.io/name: within-website
+spec:
+  selector:
+    app.kubernetes.io/name: within-website
+  ports:
+    - port: 80
+      targetPort: 8080
+      name: http
+  type: ClusterIP
\ No newline at end of file