summary refs log tree commit diff
diff options
context:
space:
mode:
authorVincent Ambo <tazjin@gmail.com>2018-01-03T15·31+0100
committerVincent Ambo <tazjin@gmail.com>2018-01-03T22·02+0100
commit9464a1dee43740054a1cb01e00930906e75758b8 (patch)
tree04bea681c101ec1dcd81df600f9ad9ef20a08873
parent51cbf1e92a8a0c8c45bd911c0f82e1313fd3761e (diff)
chore: Clean up old Kubernetes configuration
Diffstat
-rw-r--r--bitlbee/Dockerfile24


-rw-r--r--bitlbee/bitlbee-rc.yaml38


-rw-r--r--bitlbee/bitlbee-svc.yaml15


-rw-r--r--bitlbee/bitlbee.conf11


-rw-r--r--bitlbee/motd.txt6


-rw-r--r--bitlbee/stunnel.conf9


-rw-r--r--gogs/gogs-rc.yaml28


-rw-r--r--gogs/gogs-svc.yaml14


-rw-r--r--nginx/conf/http.conf54


-rw-r--r--nginx/conf/main.conf64


-rw-r--r--nginx/conf/stream.conf12


-rwxr-xr-xnginx/generate-dhparam14


-rw-r--r--nginx/nginx-svc.yaml24


-rw-r--r--nginx/nginx.yaml51


-rwxr-xr-xnginx/replace-config18


-rw-r--r--quassel/Dockerfile13


-rw-r--r--quassel/quassel-rc.yaml27


-rw-r--r--quassel/quassel-svc.yaml12


-rw-r--r--quassel/stunnel.conf16


-rw-r--r--tazblog/tazblog-db.yaml36


-rw-r--r--tazblog/tazblog.yaml33


21 files changed, 0 insertions, 519 deletions
diff --git a/bitlbee/Dockerfile b/bitlbee/Dockerfile
deleted file mode 100644
index ea87d16284..0000000000
--- a/bitlbee/Dockerfile
+++ /dev/null
@@ -1,24 +0,0 @@
-FROM alpine
-MAINTAINER Vincent Ambo <tazjin@gmail.com>
-
-# Install bitlbee packages
-RUN apk update && \
-    apk add bitlbee bitlbee-otr bitlbee-doc ca-certificates curl gnutls
-
-# Install stunnel
-RUN echo "http://dl-3.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories
-RUN apk update && apk add stunnel
-
-# Add a user for bitlbee
-RUN adduser -D bitlbee
-
-# Add bitlbee configuration
-ADD bitlbee.conf /etc/bitlbee/bitlbee.conf
-ADD motd.txt /etc/bitlbee/motd.txt
-
-# Add stunnel configuration
-ADD stunnel.conf /etc/bitlbee/stunnel.conf
-
-EXPOSE 6697
-
-CMD bitlbee -F && stunnel /etc/bitlbee/stunnel.conf
diff --git a/bitlbee/bitlbee-rc.yaml b/bitlbee/bitlbee-rc.yaml
deleted file mode 100644
index 676ff06229..0000000000
--- a/bitlbee/bitlbee-rc.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
----
-apiVersion: v1
-kind: ReplicationController
-metadata:
-  name: bitlbee-v1
-  labels:
-    app: bitlbee
-    spec: v1
-spec:
-  replicas: 1
-  selector:
-    app: bitlbee
-    spec: v1
-  template:
-    metadata:
-      labels:
-        app: bitlbee
-        spec: v1
-    spec:
-      containers:
-        - image: eu.gcr.io/composite-watch-759/bitlbee
-          imagePullPolicy: Always
-          name: bitlbee
-          volumeMounts:
-            - name: tazj-in-tls
-              mountPath: /etc/bitlbee/tls
-            - name: bitlbee-storage
-              mountPath: /var/lib/bitlbee
-          ports:
-            - containerPort: 6697
-      volumes:
-        - name: tazj-in-tls
-          secret:
-            secretName: tazj-in-tls
-        - name: bitlbee-storage
-          gcePersistentDisk:
-            pdName: bitlbee-storage
-            fsType: ext4
diff --git a/bitlbee/bitlbee-svc.yaml b/bitlbee/bitlbee-svc.yaml
deleted file mode 100644
index 956e02a418..0000000000
--- a/bitlbee/bitlbee-svc.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: bitlbee
-  labels:
-    app: bitlbee
-spec:
-  type: LoadBalancer
-  selector:
-    app: bitlbee
-  ports:
-    - port: 6697
-      targetPort: 6697
-      name: irc-tls
diff --git a/bitlbee/bitlbee.conf b/bitlbee/bitlbee.conf
deleted file mode 100644
index 0903a991c0..0000000000
--- a/bitlbee/bitlbee.conf
+++ /dev/null
@@ -1,11 +0,0 @@
-[settings]
-User = bitlbee
-HostName = bitlbee.tazj.in
-ConfigDir = /var/lib/bitlbee
-
-AuthMode = Closed
-AuthPassword = md5:sehKBm6gtplh6/K0Dn6DOo0crlRH
-OperPassword = md5:lP81y2wzU5pSwOtTEI37ewrSSlda
-
-[defaults]
-private = 1
diff --git a/bitlbee/motd.txt b/bitlbee/motd.txt
deleted file mode 100644
index 98d8c37d9b..0000000000
--- a/bitlbee/motd.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-Welcome to tazjin's bitlbee server!
-
-While this server may appear as if it's open to the public, you are in no way
-safe from me reading your communication or randomly terminating the service.
-
-Use at your own peril, unless you are me.
diff --git a/bitlbee/stunnel.conf b/bitlbee/stunnel.conf
deleted file mode 100644
index 4f1b3011c1..0000000000
--- a/bitlbee/stunnel.conf
+++ /dev/null
@@ -1,9 +0,0 @@
-setuid = nobody
-setgid = nogroup
-foreground = yes
-
-[bitlbee]
-accept  = 6697
-connect = 6667
-cert = /etc/bitlbee/tls/tls.crt
-key = /etc/bitlbee/tls/tls.key
diff --git a/gogs/gogs-rc.yaml b/gogs/gogs-rc.yaml
deleted file mode 100644
index cf23de863c..0000000000
--- a/gogs/gogs-rc.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-apiVersion: v1
-kind: ReplicationController
-metadata:
-  name: gogs
-spec:
-  replicas: 1
-  selector:
-    app: gogs
-  template:
-    metadata:
-      labels:
-        app: gogs
-    spec:
-      containers:
-        - image: gogs/gogs
-          imagePullPolicy: Always
-          name: gogs
-          ports:
-            - containerPort: 22
-            - containerPort: 3000
-          volumeMounts:
-            - name: gogs-storage
-              mountPath: /data
-      volumes:
-        - name: gogs-storage
-          gcePersistentDisk:
-            pdName: gogs-storage
-            fsType: ext4
diff --git a/gogs/gogs-svc.yaml b/gogs/gogs-svc.yaml
deleted file mode 100644
index 89b1287d31..0000000000
--- a/gogs/gogs-svc.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: gogs-priv
-  labels:
-    app: gogs
-spec:
-  selector:
-    app: gogs
-  ports:
-    - port: 3000
-      name: gogs-http-internal
-    - port: 22
-      name: gogs-ssh-internal
diff --git a/nginx/conf/http.conf b/nginx/conf/http.conf
deleted file mode 100644
index ad03bec1ba..0000000000
--- a/nginx/conf/http.conf
+++ /dev/null
@@ -1,54 +0,0 @@
-# Default TLS redirect
-server {
-    listen       80;
-    server_name  *.tazj.in tazj.in;
-    return       301 https://$server_name$request_uri;
-}
-
-# Simple IP echo thing
-server {
-    listen 80;
-    listen 443 ssl http2;
-    server_name ip.tazj.in;
-    access_log off;
-    add_header "Content-Type" "text/plain";
-    return 200 "$remote_addr\n";
-}
-
-# Redirect for oslo.pub
-server {
-    listen 80;
-    listen 443 ssl;
-    server_name oslo.pub *.oslo.pub;
-    return 302 https://www.google.com/maps/d/viewer?mid=1pJIYY9cuEdt9DuMTbb4etBVq7hs;
-}
-
-# Gogs web interface
-server {
-    listen 443 ssl http2;
-    server_name git.tazj.in;
-
-    location / {
-        proxy_pass http://gogs-priv.default.svc.cluster.local:3000;
-    }
-}
-
-# tazj.in -> www.tazj.in
-server {
-    listen 443 ssl http2;
-    server_name tazj.in;
-
-    location / {
-        return 301 https://www.tazj.in$request_uri;
-    }
-}
-
-# TazBlog
-server {
-    listen      443 ssl http2 default_server;
-    server_name www.tazj.in default;
-
-    location / {
-        proxy_pass http://tazblog-priv.default.svc.cluster.local/;
-    }
-}
diff --git a/nginx/conf/main.conf b/nginx/conf/main.conf
deleted file mode 100644
index d5618545bd..0000000000
--- a/nginx/conf/main.conf
+++ /dev/null
@@ -1,64 +0,0 @@
-user  nginx;
-worker_processes  1;
-daemon off;
-
-error_log  /var/log/nginx/error.log warn;
-pid        /var/run/nginx.pid;
-
-events {
-    worker_connections  1024;
-}
-
-http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
-    sendfile        on;
-
-    keepalive_timeout  65;
-    gzip  on;
-
-    # Modern SSL config
-    ssl_protocols TLSv1.2;
-    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
-    ssl_prefer_server_ciphers on;
-    ssl_session_timeout 1d;
-    ssl_session_cache shared:HTTPS:50m;
-    ssl_session_tickets off;
-    ssl_dhparam /etc/nginx/ssl/dhparam/tls.dhparam;
-
-    # Logstash log format
-    log_format logstash '$http_host '
-    '$remote_addr [$time_local] '
-    '"$request" $status $body_bytes_sent '
-    '"$http_referer" "$http_user_agent" '
-    '$request_time '
-    '$upstream_response_time';
-
-    access_log   /var/log/nginx/access.log  logstash;
-
-    # Default tazj.in config (certs need to be overriden for other stuff, like oslo.pub)
-    ssl_certificate /etc/nginx/ssl/tazj.in/fullchain.pem;
-    ssl_certificate_key /etc/nginx/ssl/tazj.in/key.pem;
-
-    # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
-    add_header Strict-Transport-Security max-age=15768000;
-
-    include /etc/nginx/conf/http.conf;
-}
-
-stream {
-    ssl_protocols TLSv1.2;
-    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
-    ssl_dhparam /etc/nginx/ssl/dhparam/tls.dhparam;
-    ssl_prefer_server_ciphers on;
-    ssl_session_timeout 1d;
-    ssl_session_cache shared:STREAM:50m;
-    ssl_session_tickets off;
-
-    # Default tazj.in certificate
-    ssl_certificate /etc/nginx/ssl/tazj.in/fullchain.pem;
-    ssl_certificate_key /etc/nginx/ssl/tazj.in/key.pem;
-
-    include /etc/nginx/conf/stream.conf;
-}
diff --git a/nginx/conf/stream.conf b/nginx/conf/stream.conf
deleted file mode 100644
index 3fa02fdcf9..0000000000
--- a/nginx/conf/stream.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# Gogs SSH tunneling
-server {
-    listen 22;
-    proxy_pass gogs-priv.default.svc.cluster.local:22;
-}
-
-# Quassel TLS -> TCP tunneling
-server {
-    # listen 4242 ssl;
-    listen 4242;
-    proxy_pass quassel-priv.default.svc.cluster.local:4242;
-}
diff --git a/nginx/generate-dhparam b/nginx/generate-dhparam
deleted file mode 100755
index ef923cc7f6..0000000000
--- a/nginx/generate-dhparam
+++ /dev/null
@@ -1,14 +0,0 @@
-#!/bin/bash
-
-readonly dhparam=$(openssl dhparam 2048 | base64 -w0)
-
-echo "Inserting new DH parameter ..."
-kubectl replace --force -f - <<EOF
-apiVersion: v1
-kind: Secret
-metadata:
-  name: nginx-dhparam
-data:
-  tls.dhparam: ${dhparam}
-EOF
-
diff --git a/nginx/nginx-svc.yaml b/nginx/nginx-svc.yaml
deleted file mode 100644
index 84406a0bca..0000000000
--- a/nginx/nginx-svc.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: nginx
-  labels:
-    app: nginx
-  annotations:
-    acme/certificate: '["tazj.in", "www.tazj.in", "ip.tazj.in", "git.tazj.in"]'
-    acme/secretName: tazj.in-tls
-spec:
-  type: LoadBalancer
-  loadBalancerIP: 104.155.119.229
-  selector:
-    app: nginx
-  ports:
-    - port: 80
-      name: http
-    - port: 443
-      name: https
-    - port: 22
-      name: ssh
-    - port: 4242
-      name: quassel
diff --git a/nginx/nginx.yaml b/nginx/nginx.yaml
deleted file mode 100644
index 3bce210ad5..0000000000
--- a/nginx/nginx.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: nginx
-  labels:
-    app: nginx
-    spec: v4
-spec:
-  replicas: 2
-  template:
-    metadata:
-      labels:
-        app: nginx
-    spec:
-      containers:
-        - image: nginx:1.9.12
-          name: nginx
-          volumeMounts:
-            - name: tazj-in-tls
-              mountPath: /etc/nginx/ssl/tazj.in
-            - name: nginx-dhparam
-              mountPath: /etc/nginx/ssl/dhparam
-            - name: nginx-config
-              mountPath: /etc/nginx/conf
-            - name: nginx-logs
-              mountPath: /var/log/nginx
-          command:
-            - '/usr/sbin/nginx'
-            - '-c'
-            - '/etc/nginx/conf/main.conf'
-          ports:
-            - containerPort: 80
-            - containerPort: 443
-        - image: reactivehub/google-fluentd-catch-all
-          name: google-log-agent
-          volumeMounts:
-            - name: nginx-logs
-              mountPath: /var/log/nginx
-      volumes:
-        - name: tazj-in-tls
-          secret:
-            secretName: tazj.in-tls
-        - name: nginx-dhparam
-          secret:
-            secretName: nginx-dhparam
-        - name: nginx-config
-          secret:
-            secretName: nginx-config
-        - name: nginx-logs
-          emptyDir: {}
diff --git a/nginx/replace-config b/nginx/replace-config
deleted file mode 100755
index 2542a2c683..0000000000
--- a/nginx/replace-config
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/bash
-set -ueo pipefail
-
-readonly main_conf=$(cat conf/main.conf | base64 -w0)
-readonly http_conf=$(cat conf/http.conf | base64 -w0)
-readonly stream_conf=$(cat conf/stream.conf | base64 -w0)
-
-echo "Replacing nginx configuration ..."
-kubectl replace --force -f - <<EOF
-apiVersion: v1
-kind: Secret
-metadata:
-  name: nginx-config
-data:
-  main.conf: ${main_conf}
-  http.conf: ${http_conf}
-  stream.conf: ${stream_conf}
-EOF
diff --git a/quassel/Dockerfile b/quassel/Dockerfile
deleted file mode 100644
index d7ad1e6a3d..0000000000
--- a/quassel/Dockerfile
+++ /dev/null
@@ -1,13 +0,0 @@
-FROM alpine
-MAINTAINER Vincent Ambo <tazjin@gmail.com>
-
-# Install Quassel server packages
-RUN apk update && apk add quassel-core qt-sqlite icu-libs
-
-# Location for mounting Quassel state and configuration volume
-VOLUME /var/lib/quassel
-
-EXPOSE 4242
-USER quassel
-
-CMD /usr/bin/quasselcore
diff --git a/quassel/quassel-rc.yaml b/quassel/quassel-rc.yaml
deleted file mode 100644
index f3586c0aa8..0000000000
--- a/quassel/quassel-rc.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-apiVersion: v1
-kind: ReplicationController
-metadata:
-  name: quassel
-spec:
-  replicas: 1
-  selector:
-    app: quassel
-  template:
-    metadata:
-      labels:
-        app: quassel
-    spec:
-      containers:
-        - image: eu.gcr.io/composite-watch-759/quassel
-          imagePullPolicy: Always
-          name: quassel
-          ports:
-            - containerPort: 4242
-          volumeMounts:
-            - name: quassel-storage
-              mountPath: /var/lib/quassel
-      volumes:
-        - name: quassel-storage
-          gcePersistentDisk:
-            pdName: quassel-storage
-            fsType: ext4
diff --git a/quassel/quassel-svc.yaml b/quassel/quassel-svc.yaml
deleted file mode 100644
index 98d8b8e20a..0000000000
--- a/quassel/quassel-svc.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: quassel-priv
-  labels:
-    app: quassel
-spec:
-  selector:
-    app: quassel
-  ports:
-    - port: 4242
-      name: quassel-internal
diff --git a/quassel/stunnel.conf b/quassel/stunnel.conf
deleted file mode 100644
index 3c29e78901..0000000000
--- a/quassel/stunnel.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-; stunnel configuration for quassel tunnel
-
-; global configuration
-setuid = stunnel
-setgid = stunnel
-;pid = /var/run/stunnel.pid
-output = /var/log/stunnel.log
-
-; clients
-[quassel-tazjin]
-client = yes
-accept = 127.0.0.1:4242
-connect = irc.tazj.in:4242
-verify = 2
-CApath = /etc/ssl/certs
-checkHost = irc.tazj.in
diff --git a/tazblog/tazblog-db.yaml b/tazblog/tazblog-db.yaml
deleted file mode 100644
index b9d8fb1040..0000000000
--- a/tazblog/tazblog-db.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: tazblog-db
-spec:
-  template:
-    metadata:
-      labels:
-        app: tazblog-db
-    spec:
-      containers:
-        - image: eu.gcr.io/composite-watch-759/tazblog-haskell:f33723a
-          name: tazblog-db
-          command: ["tazblog-db"]
-          volumeMounts:
-            - name: tazblog-state
-              mountPath: /var/tazblog
-      volumes:
-        - name: tazblog-state
-          gcePersistentDisk:
-            pdName: tazblog-state
-            fsType: ext4
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: tazblog-db
-  labels:
-    app: tazblog-db
-spec:
-  selector:
-    app: tazblog-db
-  ports:
-    - port: 8070
-      name: tazblog-db
diff --git a/tazblog/tazblog.yaml b/tazblog/tazblog.yaml
deleted file mode 100644
index 35275daddd..0000000000
--- a/tazblog/tazblog.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
----
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: tazblog
-spec:
-  replicas: 2
-  template:
-    metadata:
-      labels:
-        app: tazblog
-    spec:
-      containers:
-        - image: eu.gcr.io/composite-watch-759/tazblog-haskell:f33723a
-          imagePullPolicy: Always
-          name: tazblog
-          command: ["tazblog", "--dbHost", "tazblog-db.default.svc.cluster.local"]
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: tazblog-priv
-  labels:
-    app: tazblog
-  annotations:
-    acme/certificate: "www.tazj.in"
-spec:
-  selector:
-    app: tazblog
-  ports:
-    - port: 80
-      targetPort: 8000
-      name: tazblog-http

 

generated by cgit-pink 1.4.1 (git 2.44.0) at 2024-05-25T03·57+0000