cmd/mi: kubernetes manifest

Signed-off-by: Xe Iaso <me@xeiaso.net>
author: Xe Iaso <me@xeiaso.net> 2024-05-12 11:21:41 -0400
committer: Xe Iaso <me@xeiaso.net> 2024-05-12 11:22:01 -0400
commit: 18b8e0e201ecfafce937c781999883ceeba69ce6 (patch)
tree: 09a77392069b6b47cd6b2c04678f0b6b0b7340ec /cmd/mi
parent: c1a685f81d936fe87673126b9318c78fa21bda94 (diff)
download: x-18b8e0e201ecfafce937c781999883ceeba69ce6.tar.xz
x-18b8e0e201ecfafce937c781999883ceeba69ce6.zip
3 files changed, 145 insertions, 2 deletions
diff --git a/cmd/mi/main.go b/cmd/mi/main.go
index a904a9b..069abfc 100644
--- a/cmd/mi/main.go
+++ b/cmd/mi/main.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"flag"
+	"fmt"
 	"log/slog"
 	"net/http"
 	"os"
@@ -15,8 +16,9 @@ import (
 )
 
 var (
-	bind  = flag.String("bind", ":8080", "HTTP bind address")
-	dbLoc = flag.String("db-loc", "./var/data.db", "")
+	bind         = flag.String("bind", ":8080", "HTTP bind address")
+	dbLoc        = flag.String("db-loc", "./var/data.db", "")
+	internalBind = flag.String("internal-bind", ":9195", "HTTP internal routes bind address")
 )
 
 func main() {
@@ -45,6 +47,20 @@ func main() {
 	i := &Importer{db: db}
 	i.Mount(mux)
 
+	mux.HandleFunc("/healthz", func(w http.ResponseWriter, r *http.Request) {
+		if err := db.Exec("select 1+1").Error; err != nil {
+			http.Error(w, "database not healthy", http.StatusInternalServerError)
+			return
+		}
+		w.WriteHeader(http.StatusOK)
+		fmt.Fprintln(w, "OK")
+	})
+
+	go func() {
+		slog.Info("starting internal server", "bind", *internalBind)
+		slog.Error("internal server stopped", "err", http.ListenAndServe(*internalBind, nil))
+	}()
+
 	slog.Info("starting server", "bind", *bind)
 	slog.Error("server stopped", "err", http.ListenAndServe(*bind, mux))
 }
diff --git a/cmd/mi/manifest.yaml b/cmd/mi/manifest.yaml
new file mode 100644
index 0000000..e00e10e
--- /dev/null
+++ b/cmd/mi/manifest.yaml
@@ -0,0 +1,124 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: mi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: mi
+  namespace: mi
+  labels:
+    app.kubernetes.io/name: mi
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 2Gi
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mi
+  namespace: mi
+  labels:
+    app.kubernetes.io/name: mi
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: mi
+  template:
+    metadata:
+      namespace: mi
+      labels:
+        app.kubernetes.io/name: mi
+    spec:
+      volumes:
+        - name: vol
+          persistentVolumeClaim:
+            claimName: mi
+      securityContext:
+        fsGroup: 1000
+      containers:
+        - name: main
+          image: ghcr.io/xe/x/mi:latest
+          imagePullPolicy: "Always"
+          resources:
+            limits:
+              cpu: "500m"
+              memory: "512Mi"
+            requests:
+              cpu: "100m"
+              memory: "256Mi"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+              httpHeaders:
+                - name: X-Kubernetes
+                  value: "is kinda okay"
+            initialDelaySeconds: 3
+            periodSeconds: 3
+          env:
+            - name: BIND
+              value: ":8080"
+            - name: DB_LOC
+              value: "/data/mi.db"
+            - name: INTERNAL_BIND
+              value: ":9195"
+          volumeMounts:
+            - name: vol
+              mountPath: "/data"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mi
+  namespace: mi
+spec:
+  selector:
+    app.kubernetes.io/name: mi
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+      name: http
+    - protocol: TCP
+      port: 9195
+      targetPort: 9195
+      name: metrics
+  type: ClusterIP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: nginx
+  namespace: mi
+  labels:
+    app.kubernetes.io/name: mi
+spec:
+  defaultBackend:
+    service:
+      name: mi
+      port:
+        name: http
+  ingressClassName: tailscale
+  tls:
+    - hosts:
+        - mi
diff --git a/cmd/mi/yeetfile.js b/cmd/mi/yeetfile.js
new file mode 100644
index 0000000..f5f4412
--- /dev/null
+++ b/cmd/mi/yeetfile.js
@@ -0,0 +1,3 @@
+nix.build(".#docker.mi");
+docker.load("./result");
+docker.push(`ghcr.io/xe/x/mi`);
author	Xe Iaso <me@xeiaso.net>	2024-05-12 11:21:41 -0400
committer	Xe Iaso <me@xeiaso.net>	2024-05-12 11:22:01 -0400
commit	18b8e0e201ecfafce937c781999883ceeba69ce6 (patch)
tree	09a77392069b6b47cd6b2c04678f0b6b0b7340ec /cmd/mi
parent	c1a685f81d936fe87673126b9318c78fa21bda94 (diff)
download	x-18b8e0e201ecfafce937c781999883ceeba69ce6.tar.xz x-18b8e0e201ecfafce937c781999883ceeba69ce6.zip