add speedtest deployment [ci skip]
This commit is contained in:
parent
61e318398c
commit
474da4efe5
3 changed files with 166 additions and 3 deletions
8
main.tf
8
main.tf
|
|
@ -133,6 +133,7 @@ variable "clickhouse_postgres_password" { type = string }
|
||||||
variable "wealthfolio_password_hash" { type = string }
|
variable "wealthfolio_password_hash" { type = string }
|
||||||
variable "aiostreams_database_connection_string" { type = string }
|
variable "aiostreams_database_connection_string" { type = string }
|
||||||
variable "actualbudget_credentials" { type = map(any) }
|
variable "actualbudget_credentials" { type = map(any) }
|
||||||
|
variable "speedtest_db_password" { type = string }
|
||||||
|
|
||||||
|
|
||||||
provider "kubernetes" {
|
provider "kubernetes" {
|
||||||
|
|
@ -182,12 +183,13 @@ module "k8s-node-template" {
|
||||||
snippet_name = local.k8s_cloud_init_snippet_name
|
snippet_name = local.k8s_cloud_init_snippet_name
|
||||||
# Add mirror registry
|
# Add mirror registry
|
||||||
containerd_config_update_command = <<-EOF
|
containerd_config_update_command = <<-EOF
|
||||||
echo '[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"docker.io\"]' >> /etc/containerd/config.toml && echo ' endpoint = [\"http://10.0.20.10:5000\"]' >> /etc/containerd/config.toml # docker registry vm
|
# BELOW IS DEPRECATED - replace with config_path version!!!!
|
||||||
|
echo '[plugins.\"io.containerd.grpc.v1.cri\".registry.mirrors.\"*\"]' >> /etc/containerd/config.toml && echo ' endpoint = [\"http://10.0.20.10:5000\"]' >> /etc/containerd/config.toml # docker registry vm
|
||||||
|
|
||||||
sed -i 's/.*max_concurrent_downloads = 3/max_concurrent_downloads = 20/g' /etc/containerd/config.toml # Enable multiple concurrent downloads
|
sed -i 's/.*max_concurrent_downloads = 3/max_concurrent_downloads = 20/g' /etc/containerd/config.toml # Enable multiple concurrent downloads
|
||||||
sudo sed -i '/serializeImagePulls:/d' /var/lib/kubelet/config.yaml && \
|
sudo sed -i '/serializeImagePulls:/d' /var/lib/kubelet/config.yaml && \
|
||||||
sudo sed -i '/maxParallelImagePulls:/d' /var/lib/kubelet/config.yaml && \
|
sudo sed -i '/maxParallelImagePulls:/d' /var/lib/kubelet/config.yaml && \
|
||||||
echo -e 'serializeImagePulls: false\nmaxParallelImagePulls: 50' | sudo tee -a /var/lib/kubelet/config.yaml && \
|
echo -e 'serializeImagePulls: false\nmaxParallelImagePulls: 50' | sudo tee -a /var/lib/kubelet/config.yaml
|
||||||
EOF
|
EOF
|
||||||
k8s_join_command = var.k8s_join_command
|
k8s_join_command = var.k8s_join_command
|
||||||
}
|
}
|
||||||
|
|
@ -556,6 +558,8 @@ module "kubernetes_cluster" {
|
||||||
aiostreams_database_connection_string = var.aiostreams_database_connection_string
|
aiostreams_database_connection_string = var.aiostreams_database_connection_string
|
||||||
|
|
||||||
actualbudget_credentials = var.actualbudget_credentials
|
actualbudget_credentials = var.actualbudget_credentials
|
||||||
|
|
||||||
|
speedtest_db_password = var.speedtest_db_password
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -112,6 +112,7 @@ variable "clickhouse_postgres_password" { type = string }
|
||||||
variable "wealthfolio_password_hash" { type = string }
|
variable "wealthfolio_password_hash" { type = string }
|
||||||
variable "aiostreams_database_connection_string" { type = string }
|
variable "aiostreams_database_connection_string" { type = string }
|
||||||
variable "actualbudget_credentials" { type = map(any) }
|
variable "actualbudget_credentials" { type = map(any) }
|
||||||
|
variable "speedtest_db_password" { type = string }
|
||||||
|
|
||||||
|
|
||||||
variable "defcon_level" {
|
variable "defcon_level" {
|
||||||
|
|
@ -137,7 +138,7 @@ locals {
|
||||||
"url", "excalidraw", "travel_blog", "dashy", "send", "ytdlp", "wealthfolio", "rybbit", "stirling-pdf",
|
"url", "excalidraw", "travel_blog", "dashy", "send", "ytdlp", "wealthfolio", "rybbit", "stirling-pdf",
|
||||||
"networking-toolbox", "navidrome", "freshrss", "forgejo", "tor-proxy", "real-estate-crawler", "n8n",
|
"networking-toolbox", "navidrome", "freshrss", "forgejo", "tor-proxy", "real-estate-crawler", "n8n",
|
||||||
"changedetection", "linkwarden", "matrix", "homepage", "meshcentral", "diun", "cyberchef", "ntfy", "ollama",
|
"changedetection", "linkwarden", "matrix", "homepage", "meshcentral", "diun", "cyberchef", "ntfy", "ollama",
|
||||||
"servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox"
|
"servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox", "speedtest"
|
||||||
],
|
],
|
||||||
}
|
}
|
||||||
active_modules = distinct(flatten([
|
active_modules = distinct(flatten([
|
||||||
|
|
@ -1024,3 +1025,12 @@ module "kyverno" {
|
||||||
for_each = contains(local.active_modules, "kyverno") ? { kyverno = true } : {}
|
for_each = contains(local.active_modules, "kyverno") ? { kyverno = true } : {}
|
||||||
depends_on = [null_resource.core_services]
|
depends_on = [null_resource.core_services]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
module "speedtest" {
|
||||||
|
source = "./speedtest"
|
||||||
|
tls_secret_name = var.tls_secret_name
|
||||||
|
tier = local.tiers.aux
|
||||||
|
for_each = contains(local.active_modules, "speedtest") ? { speedtest = true } : {}
|
||||||
|
depends_on = [null_resource.core_services]
|
||||||
|
db_password = var.speedtest_db_password
|
||||||
|
}
|
||||||
|
|
|
||||||
149
modules/kubernetes/speedtest/main.tf
Normal file
149
modules/kubernetes/speedtest/main.tf
Normal file
|
|
@ -0,0 +1,149 @@
|
||||||
|
variable "tls_secret_name" {}
|
||||||
|
variable "tier" { type = string }
|
||||||
|
variable "db_password" { type = string }
|
||||||
|
|
||||||
|
|
||||||
|
resource "kubernetes_namespace" "speedtest" {
|
||||||
|
metadata {
|
||||||
|
name = "speedtest"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module "tls_secret" {
|
||||||
|
source = "../setup_tls_secret"
|
||||||
|
namespace = kubernetes_namespace.speedtest.metadata[0].name
|
||||||
|
tls_secret_name = var.tls_secret_name
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "random_id" "secret_key" {
|
||||||
|
byte_length = 32 # 32 bytes × 2 hex chars = 64 hex characters
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "kubernetes_deployment" "speedtest" {
|
||||||
|
metadata {
|
||||||
|
name = "speedtest"
|
||||||
|
namespace = kubernetes_namespace.speedtest.metadata[0].name
|
||||||
|
labels = {
|
||||||
|
app = "speedtest"
|
||||||
|
tier = var.tier
|
||||||
|
}
|
||||||
|
}
|
||||||
|
spec {
|
||||||
|
replicas = 1
|
||||||
|
selector {
|
||||||
|
match_labels = {
|
||||||
|
app = "speedtest"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
template {
|
||||||
|
metadata {
|
||||||
|
labels = {
|
||||||
|
app = "speedtest"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
spec {
|
||||||
|
container {
|
||||||
|
image = "lscr.io/linuxserver/speedtest-tracker:latest"
|
||||||
|
name = "speedtest"
|
||||||
|
port {
|
||||||
|
container_port = 80
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "PUID"
|
||||||
|
value = 1000
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "PGID"
|
||||||
|
value = 1000
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "APP_KEY"
|
||||||
|
value = "base64:${random_id.secret_key.b64_std}"
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "SPEEDTEST_SCHEDULE"
|
||||||
|
value = "0 * * * *"
|
||||||
|
}
|
||||||
|
# env {
|
||||||
|
# name = "SPEEDTEST_SERVERS"
|
||||||
|
# # Sofia speedtest servers - https://c.speedtest.net/speedtest-servers-static.php
|
||||||
|
# value = "7617,17787,11348,37980,54640,27843,57118,10754,20191,29617"
|
||||||
|
# }
|
||||||
|
env {
|
||||||
|
name = "APP_URL"
|
||||||
|
value = "https://speedtest.viktorbarzin.me"
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "DB_CONNECTION"
|
||||||
|
value = "mysql"
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "DB_HOST"
|
||||||
|
value = "mysql.dbaas.svc.cluster.local"
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "DB_DATABASE"
|
||||||
|
value = "speedtest"
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "DB_USERNAME"
|
||||||
|
value = "speedtest"
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "DB_PASSWORD"
|
||||||
|
value = var.db_password
|
||||||
|
}
|
||||||
|
env {
|
||||||
|
name = "APP_TIMEZONE"
|
||||||
|
value = "Europe/Sofia"
|
||||||
|
}
|
||||||
|
volume_mount {
|
||||||
|
name = "config"
|
||||||
|
mount_path = "/config"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
volume {
|
||||||
|
name = "config"
|
||||||
|
nfs {
|
||||||
|
server = "10.0.10.15"
|
||||||
|
path = "/mnt/main/speedtest"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "kubernetes_service" "speedtest" {
|
||||||
|
metadata {
|
||||||
|
name = "speedtest"
|
||||||
|
namespace = kubernetes_namespace.speedtest.metadata[0].name
|
||||||
|
labels = {
|
||||||
|
"app" = "speedtest"
|
||||||
|
}
|
||||||
|
annotations = {
|
||||||
|
"prometheus.io/scrape" = "true"
|
||||||
|
"prometheus.io/path" = "/prometheus"
|
||||||
|
"prometheus.io/port" = "80"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
spec {
|
||||||
|
selector = {
|
||||||
|
app = "speedtest"
|
||||||
|
}
|
||||||
|
port {
|
||||||
|
name = "http"
|
||||||
|
port = 80
|
||||||
|
target_port = 80
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
module "ingress" {
|
||||||
|
source = "../ingress_factory"
|
||||||
|
namespace = kubernetes_namespace.speedtest.metadata[0].name
|
||||||
|
name = "speedtest"
|
||||||
|
tls_secret_name = var.tls_secret_name
|
||||||
|
protected = true
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue