From 9e6caa1542d3b44a83d7d466de0875782d12baf2 Mon Sep 17 00:00:00 2001 From: Chris Lovering Date: Sun, 28 Sep 2025 20:08:31 +0100 Subject: [PATCH] Add the codejam winners to the k8s cluster These will be deleted once Johannes next takes his meds --- .../codejam-winners/gardenias/deployment.yaml | 28 +++++++++++++++++++ .../codejam-winners/gardenias/ingress.yaml | 25 +++++++++++++++++ .../codejam-winners/gardenias/service.yaml | 12 ++++++++ .../codejam-winners/monsteras/deployment.yaml | 28 +++++++++++++++++++ .../codejam-winners/monsteras/ingress.yaml | 25 +++++++++++++++++ .../codejam-winners/monsteras/service.yaml | 12 ++++++++ .../codejam-winners/tulips/deployment.yaml | 28 +++++++++++++++++++ .../codejam-winners/tulips/ingress.yaml | 25 +++++++++++++++++ .../codejam-winners/tulips/service.yaml | 12 ++++++++ 9 files changed, 195 insertions(+) create mode 100644 kubernetes/namespaces/codejam-winners/gardenias/deployment.yaml create mode 100644 kubernetes/namespaces/codejam-winners/gardenias/ingress.yaml create mode 100644 kubernetes/namespaces/codejam-winners/gardenias/service.yaml create mode 100644 kubernetes/namespaces/codejam-winners/monsteras/deployment.yaml create mode 100644 kubernetes/namespaces/codejam-winners/monsteras/ingress.yaml create mode 100644 kubernetes/namespaces/codejam-winners/monsteras/service.yaml create mode 100644 kubernetes/namespaces/codejam-winners/tulips/deployment.yaml create mode 100644 kubernetes/namespaces/codejam-winners/tulips/ingress.yaml create mode 100644 kubernetes/namespaces/codejam-winners/tulips/service.yaml diff --git a/kubernetes/namespaces/codejam-winners/gardenias/deployment.yaml b/kubernetes/namespaces/codejam-winners/gardenias/deployment.yaml new file mode 100644 index 00000000..a7e9598a --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/gardenias/deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gardenias + namespace: codejam-winners +spec: + replicas: 1 + selector: + matchLabels: + app: gardenias + template: + metadata: + labels: + app: gardenias + spec: + containers: + - name: gardenias + image: ghcr.io/python-discord/cj-gardenias + imagePullPolicy: Always + ports: + - containerPort: 80 + name: http + securityContext: + readOnlyRootFilesystem: true + securityContext: + fsGroup: 2000 + runAsUser: 1000 + runAsNonRoot: true diff --git a/kubernetes/namespaces/codejam-winners/gardenias/ingress.yaml b/kubernetes/namespaces/codejam-winners/gardenias/ingress.yaml new file mode 100644 index 00000000..fd1e14b5 --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/gardenias/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/auth-tls-verify-client: "on" + nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle" + nginx.ingress.kubernetes.io/auth-tls-error-page: "https://maintenance.python-discord.workers.dev/" + name: gardenias + namespace: codejam-winners +spec: + tls: + - hosts: + - "*.pythondiscord.com" + secretName: pythondiscord.com-tls + rules: + - host: gardenias.pythondiscord.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: gardenias + port: + number: 80 diff --git a/kubernetes/namespaces/codejam-winners/gardenias/service.yaml b/kubernetes/namespaces/codejam-winners/gardenias/service.yaml new file mode 100644 index 00000000..3086e619 --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/gardenias/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: gardenias + namespace: codejam-winners +spec: + selector: + app: gardenias + ports: + - protocol: TCP + port: 80 + targetPort: 8000 diff --git a/kubernetes/namespaces/codejam-winners/monsteras/deployment.yaml b/kubernetes/namespaces/codejam-winners/monsteras/deployment.yaml new file mode 100644 index 00000000..30277cdf --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/monsteras/deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: monsteras + namespace: codejam-winners +spec: + replicas: 1 + selector: + matchLabels: + app: monsteras + template: + metadata: + labels: + app: monsteras + spec: + containers: + - name: monsteras + image: ghcr.io/python-discord/cj-monsteras + imagePullPolicy: Always + ports: + - containerPort: 80 + name: http + securityContext: + readOnlyRootFilesystem: true + securityContext: + fsGroup: 2000 + runAsUser: 1000 + runAsNonRoot: true diff --git a/kubernetes/namespaces/codejam-winners/monsteras/ingress.yaml b/kubernetes/namespaces/codejam-winners/monsteras/ingress.yaml new file mode 100644 index 00000000..444d0edf --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/monsteras/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/auth-tls-verify-client: "on" + nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle" + nginx.ingress.kubernetes.io/auth-tls-error-page: "https://maintenance.python-discord.workers.dev/" + name: monsteras + namespace: codejam-winners +spec: + tls: + - hosts: + - "*.pythondiscord.com" + secretName: pythondiscord.com-tls + rules: + - host: monsteras.pythondiscord.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: monsteras + port: + number: 80 diff --git a/kubernetes/namespaces/codejam-winners/monsteras/service.yaml b/kubernetes/namespaces/codejam-winners/monsteras/service.yaml new file mode 100644 index 00000000..c55378e1 --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/monsteras/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: monsteras + namespace: codejam-winners +spec: + selector: + app: monsteras + ports: + - protocol: TCP + port: 80 + targetPort: 8080 diff --git a/kubernetes/namespaces/codejam-winners/tulips/deployment.yaml b/kubernetes/namespaces/codejam-winners/tulips/deployment.yaml new file mode 100644 index 00000000..04effcb0 --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/tulips/deployment.yaml @@ -0,0 +1,28 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: tulips + namespace: codejam-winners +spec: + replicas: 1 + selector: + matchLabels: + app: tulips + template: + metadata: + labels: + app: tulips + spec: + containers: + - name: tulips + image: ghcr.io/python-discord/cj-tulips + imagePullPolicy: Always + ports: + - containerPort: 80 + name: http + securityContext: + readOnlyRootFilesystem: true + securityContext: + fsGroup: 2000 + runAsUser: 1000 + runAsNonRoot: true diff --git a/kubernetes/namespaces/codejam-winners/tulips/ingress.yaml b/kubernetes/namespaces/codejam-winners/tulips/ingress.yaml new file mode 100644 index 00000000..57e83e92 --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/tulips/ingress.yaml @@ -0,0 +1,25 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + annotations: + nginx.ingress.kubernetes.io/auth-tls-verify-client: "on" + nginx.ingress.kubernetes.io/auth-tls-secret: "kube-system/mtls-client-crt-bundle" + nginx.ingress.kubernetes.io/auth-tls-error-page: "https://maintenance.python-discord.workers.dev/" + name: tulips + namespace: codejam-winners +spec: + tls: + - hosts: + - "*.pythondiscord.com" + secretName: pythondiscord.com-tls + rules: + - host: tulips.pythondiscord.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: tulips + port: + number: 80 diff --git a/kubernetes/namespaces/codejam-winners/tulips/service.yaml b/kubernetes/namespaces/codejam-winners/tulips/service.yaml new file mode 100644 index 00000000..9707da95 --- /dev/null +++ b/kubernetes/namespaces/codejam-winners/tulips/service.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: Service +metadata: + name: tulips + namespace: codejam-winners +spec: + selector: + app: tulips + ports: + - protocol: TCP + port: 80 + targetPort: 8000