Merge branch 'master' of ssh://gitea.adminakademia.pl:2222/adminakademia/kubernetes

Traefik-labs/dashboard.yml

@@ -0,0 +1,14 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: dashboard
+  namespace: traefik
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`traefik.adminakademia.pl`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
+      kind: Rule
+      services:
+        - name: api@internal
+          kind: TraefikService

Traefik-labs/nginx/czerwona/index.html

@@ -0,0 +1,15 @@
+<html>
+<head><title>STRONA CZERWONA NGINX</title>
+  <style>
+    html {
+      font-size: 500.0%;
+    }
+    div {
+      text-align: center;
+    }
+  </style>
+</head>
+<body>
+  <div>STRONA CZERWONA NGINX !</div>
+</body>
+</html>

Traefik-labs/nginx/nginx_czerwony.yml

@@ -0,0 +1,43 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+  run: nginx
+ name: nginx-deploy-czerwony
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      run: nginx-czerwony
+  template:
+    metadata:
+      labels:
+        run: nginx-czerwony
+    spec:
+      containers:
+      - name: nginx-czerwony
+        image: nginx
+        ports:
+          - containerPort: 80
+        volumeMounts:
+        - name: html-czerwony
+          mountPath: /usr/share/nginx/html
+      volumes:
+      - name: html-czerwony
+        configMap:
+          name: czerwony-html
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-deploy-czerwony
+  labels:
+    app: nginx
+spec:
+#  type: ClusterIP
+  ports:
+  - port: 80
+    protocol: TCP
+  selector:
+    run: nginx-czerwony

Traefik-labs/nginx/nginx_niebieski.yml

@@ -0,0 +1,43 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+  run: nginx
+ name: nginx-deploy-niebieski
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      run: nginx-niebieski
+  template:
+    metadata:
+      labels:
+        run: nginx-niebieski
+    spec:
+      containers:
+      - name: nginx-niebieski
+        image: nginx
+        ports:
+          - containerPort: 80
+        volumeMounts:
+        - name: html-niebieski
+          mountPath: /usr/share/nginx/html
+      volumes:
+      - name: html-niebieski
+        configMap:
+          name: niebieski-html
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-deploy-niebieski
+  labels:
+    app: nginx
+spec:
+#  type: ClusterIP
+  ports:
+  - port: 80
+    protocol: TCP
+  selector:
+    run: nginx-niebieski

Traefik-labs/nginx/nginx_zielony.yml

@@ -0,0 +1,43 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+  run: nginx
+ name: nginx-deploy-zielony
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      run: nginx-zielony
+  template:
+    metadata:
+      labels:
+        run: nginx-zielony
+    spec:
+      containers:
+      - name: nginx-zielony
+        image: nginx
+        ports:
+          - containerPort: 80
+        volumeMounts:
+        - name: html-zielony
+          mountPath: /usr/share/nginx/html
+      volumes:
+      - name: html-zielony
+        configMap:
+          name: zielony-html
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx-deploy-zielony
+  labels:
+    app: nginx
+spec:
+#  type: ClusterIP
+  ports:
+  - port: 80
+    protocol: TCP
+  selector:
+    run: nginx-zielony

Traefik-labs/nginx/niebieska/index.html

@@ -0,0 +1,15 @@
+<html>
+<head><title>STRONA NIEBIESKA NGINX</title>
+  <style>
+    html {
+      font-size: 500.0%;
+    }
+    div {
+      text-align: center;
+    }
+  </style>
+</head>
+<body>
+  <div>STRONA NIEBIESKA NGINX !</div>
+</body>
+</html>

Traefik-labs/nginx/zielona/index.html

@@ -0,0 +1,15 @@
+<html>
+<head><title>STRONA ZIELONA NGINX</title>
+  <style>
+    html {
+      font-size: 500.0%;
+    }
+    div {
+      text-align: center;
+    }
+  </style>
+</head>
+<body>
+  <div>STRONA ZIELONA NGINX !</div>
+</body>
+</html>

Traefik-labs/tls/basicauthssl.yaml

@@ -0,0 +1,62 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: nginx-basicauth
+spec:
+  basicAuth:
+    secret: authsecret
+
+
+---
+# Przyklad:
+#   htpasswd -nb user password | base64
+#   dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: authsecret
+
+data:
+  users: |
+    dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx-http
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`)
+      kind: Rule
+      middlewares:
+        - name: nginx-basicauth
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx-https
+  namespace: default
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`nginx.adminakademia.pl`)
+      kind: Rule
+      middlewares:
+        - name: nginx-basicauth
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+  tls:
+      secretName: nginx.adminakademia.pl

Traefik-labs/tls/basicauthsslredirect.yaml

@@ -0,0 +1,75 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: nginx-redirect-scheme
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+    port: "443"
+
+
+---
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: nginx-basicauth
+spec:
+  basicAuth:
+    secret: authsecret
+
+
+---
+# Przyklad:
+#   htpasswd -nb user password | base64
+#   dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: authsecret
+
+data:
+  users: |
+    dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx-http
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`testcert.adminakademia.pl`)
+      kind: Rule
+      middlewares:
+        - name: nginx-redirect-scheme
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx-https
+  namespace: default
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`testcert.adminakademia.pl`)
+      kind: Rule
+      middlewares:
+        - name: nginx-basicauth
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+  tls:
+      secretName: testcert.adminakademia.pl

Traefik-labs/tls/dashboard/dashboard.yml

@@ -0,0 +1,88 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: traefik.adminakademia.pl
+  namespace: traefik
+spec:
+  dnsNames:
+    - traefik.adminakademia.pl
+  secretName: traefik.adminakademia.pl
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: traefik-redirect-scheme
+  namespace: traefik
+spec:
+  redirectScheme:
+    scheme: https
+    permanent: true
+    port: "443"
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-basicauth
+  namespace: traefik
+spec:
+  basicAuth:
+    secret: dashboardsecret
+
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: dashboardsecret
+  namespace: traefik
+data:
+  users: |
+    dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: dashboard-http
+  namespace: traefik
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`traefik.adminakademia.pl`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
+      kind: Rule
+      middlewares:
+        - name: traefik-redirect-scheme
+      services:
+        - name: api@internal
+          kind: TraefikService
+
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: dashboard-https
+  namespace: traefik
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`traefik.adminakademia.pl`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
+      kind: Rule
+      middlewares:
+        - name: dashboard-basicauth
+      services:
+        - name: api@internal
+          kind: TraefikService
+  tls:
+      secretName: traefik.adminakademia.pl

Traefik-labs/tls/lets-issuer.yaml

@@ -0,0 +1,20 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: letsencrypt-production
+  namespace: default
+spec:
+  acme:
+    # The ACME server URL
+    server: https://acme-v02.api.letsencrypt.org/directory
+    # server: https://acme-staging-v02.api.letsencrypt.org/directory
+    # Email address used for ACME registration
+    email: kontakt@adminakademia.pl
+    # Name of a secret used to store the ACME account private key
+    privateKeySecretRef:
+      name: letsencrypt-production
+    # Enable the HTTP-01 challenge provider
+    solvers:
+    - http01:
+        ingress:
+          class: traefik

Traefik-labs/tls/letscert.yaml

@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: testcert.adminakademia.pl
+  namespace: default
+spec:
+  dnsNames:
+    - testcert.adminakademia.pl
+  secretName: testcert.adminakademia.pl
+  issuerRef:
+    name: letsencrypt-production
+    kind: ClusterIssuer

Traefik-labs/tls/self-issuer.yaml

@@ -0,0 +1,6 @@
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+  name: selfsigned
+spec:
+  selfSigned: {}

Traefik-labs/tls/selfsignedcert.yaml

@@ -0,0 +1,12 @@
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: nginx.adminakademia.pl
+  namespace: default
+spec:
+  dnsNames:
+    - nginx.adminakademia.pl
+  secretName: nginx.adminakademia.pl
+  issuerRef:
+    name: selfsigned
+    kind: ClusterIssuer

Traefik-labs/traefik/dashboard/dashboard.yml

@@ -0,0 +1,41 @@
+
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: dashboard-basicauth
+  namespace: traefik
+spec:
+  basicAuth:
+    secret: dashboardsecret
+
+
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: dashboardsecret
+  namespace: traefik
+data:
+  users: |
+    dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: dashboard
+  namespace: traefik
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`traefik.adminakademia.pl`) && (PathPrefix(`/dashboard`) || PathPrefix(`/api`))
+      kind: Rule
+      middlewares:
+        - name: dashboard-basicauth
+      services:
+        - name: api@internal
+          kind: TraefikService
+

Traefik-labs/traefik/ingressroute1.yml

@@ -0,0 +1,14 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`) 
+      kind: Rule
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80

Traefik-labs/traefik/ingressroute2.yml

@@ -0,0 +1,14 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`, `nginx.adminrulez.pl`) 
+      kind: Rule
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80

Traefik-labs/traefik/ingressroute3.yml

@@ -0,0 +1,24 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`czerwony.adminakademia.pl`) 
+      kind: Rule
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+    - match: Host(`zielony.adminakademia.pl`) 
+      kind: Rule
+      services:
+        - name: nginx-deploy-zielony
+          port: 80
+    - match: Host(`niebieski.adminakademia.pl`) 
+      kind: Rule
+      services:
+        - name: nginx-deploy-niebieski
+          port: 80

Traefik-labs/traefik/middlewares/basicauth.yml

@@ -0,0 +1,42 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: nginx-basicauth
+spec:
+  basicAuth:
+    secret: authsecret
+
+
+---
+# Przyklad:
+#   htpasswd -nb user password | base64
+#   dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: authsecret
+
+data:
+  users: |
+    dXNlcjokYXByMSRMSHp4QW9oNyQ3SHhWYU84RGY2aUlCcE5XOG40TEYwCgo=
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`)
+      kind: Rule
+      middlewares:
+        - name: nginx-basicauth
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80

Traefik-labs/traefik/middlewares/redirectssl.yml

@@ -0,0 +1,48 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: nginx-redirectssl
+spec:
+  redirectScheme:
+    scheme: https 
+    permanent: true
+    port: "443"
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx-http
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`)
+      kind: Rule
+      middlewares:
+        - name: nginx-redirectssl
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx-https
+  namespace: default
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`nginx.adminakademia.pl`)
+      kind: Rule
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+  tls:
+    certResolver: letsencrypt
+

Traefik-labs/traefik/middlewares/stripprefix.yml

@@ -0,0 +1,41 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: nginx-stripprefix
+spec:
+  stripPrefix:
+    prefixes: 
+      - /zielony
+      - /niebieski
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`) 
+      kind: Rule
+      services:
+        - name: nginx-deploy-czerwony
+          port: 80
+    - match: Host(`nginx.adminakademia.pl`) && Path(`/zielony`)
+      kind: Rule
+      middlewares:
+        - name: nginx-stripprefix
+      services:
+        - name: nginx-deploy-zielony
+          port: 80
+    - match: Host(`nginx.adminakademia.pl`) && Path(`/niebieski`)
+      kind: Rule
+      middlewares:
+        - name: nginx-stripprefix
+      services:
+        - name: nginx-deploy-niebieski
+          port: 80
+

Traefik-labs/traefik/wrr/wrr.yaml

@@ -0,0 +1,35 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: TraefikService
+metadata:
+  name: nginx-wrr
+  namespace: default
+spec:
+  weighted:
+    services:
+     - name: nginx-deploy-czerwony
+       port: 80
+       weight: 0
+     - name: nginx-deploy-zielony
+       port: 80
+       weight: 3
+     - name: nginx-deploy-niebieski
+       port: 80
+       weight: 1
+
+
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`nginx.adminakademia.pl`)
+      kind: Rule
+      services:
+        - name: nginx-wrr
+          kind: TraefikService
+