# DEPRECATED — käytä Helm chartia: git-pages/ # helm upgrade --install git-pages ./git-pages -n git-pages -f dev-values.yaml # # git-pages — k3s homelab (Codeberg git-pages) # # Yksi apex index-site (pages.helm-dev.../.index). Sisältö Gitea-poluissa: # {owner}/{repo}/reports/{sha8}/index.html # # Julkaisu (CI → Traefik → git-pages): # PATCH https://pages.helm-dev.keskikuja.site/ Authorization: Basic publish: # Traefik basicAuth middleware — token K8s-secretissä (htpasswd) # git-pages PAGES_INSECURE=1 takana — ei forge/DNS/Gitea write # # Secret (kerran, ennen ensimmäistä publishia): # export GIT_PAGES_PUBLISH_TOKEN="$(openssl rand -base64 32)" # kubectl -n git-pages create secret generic git-pages-publish-auth \ # --from-literal=users="$(docker run --rm httpd:2-alpine htpasswd -nb publish "$GIT_PAGES_PUBLISH_TOKEN")" # # Sama arvo → Gitea Actions secret GIT_PAGES_PUBLISH_TOKEN # # Lukeminen: GET/HEAD julkinen (OIDC myöhemmin Traefikissä) # # URL-esimerkki: # https://pages.helm-dev.keskikuja.site/niko/gitea-ci-library/reports/abc12345/index.html # # Image: codeberg.org/git-pages/git-pages:0.9.1 # CI: GIT_PAGES_PUBLISH_URL=https://pages.helm-dev.keskikuja.site # GIT_PAGES_PUBLISH_TOKEN → Gitea Actions secret --- apiVersion: v1 kind: Namespace metadata: name: git-pages labels: app.kubernetes.io/name: git-pages app.kubernetes.io/component: pages-server --- apiVersion: v1 kind: ConfigMap metadata: name: git-pages-config namespace: git-pages labels: app.kubernetes.io/name: git-pages data: config.toml: | log-format = "text" [server] pages = "tcp/:3000" caddy = "-" metrics = "tcp/:3002" [storage] type = "fs" [storage.fs] root = "/app/data" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: git-pages-data namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: git-pages namespace: git-pages labels: app.kubernetes.io/name: git-pages app.kubernetes.io/component: pages-server spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: git-pages template: metadata: labels: app.kubernetes.io/name: git-pages app.kubernetes.io/component: pages-server spec: securityContext: fsGroup: 1000 containers: - name: git-pages image: codeberg.org/git-pages/git-pages:0.9.1 imagePullPolicy: IfNotPresent command: - git-pages args: - -config - /etc/git-pages/config.toml env: - name: PAGES_INSECURE value: "1" ports: - name: http containerPort: 3000 protocol: TCP - name: metrics containerPort: 3002 protocol: TCP volumeMounts: - name: config mountPath: /etc/git-pages readOnly: true - name: data mountPath: /app/data readinessProbe: tcpSocket: port: http initialDelaySeconds: 3 periodSeconds: 10 livenessProbe: tcpSocket: port: http initialDelaySeconds: 10 periodSeconds: 20 resources: requests: cpu: 50m memory: 128Mi limits: cpu: 1000m memory: 512Mi volumes: - name: config configMap: name: git-pages-config - name: data persistentVolumeClaim: claimName: git-pages-data --- apiVersion: v1 kind: Service metadata: name: git-pages namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: type: ClusterIP selector: app.kubernetes.io/name: git-pages ports: - name: http port: 3000 targetPort: http protocol: TCP --- apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: git-pages-tls namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: secretName: git-pages-tls dnsNames: - pages.helm-dev.keskikuja.site issuerRef: name: letsencrypt-prod kind: ClusterIssuer --- # PATCH/PUT vaatii BasicAuth (publish-token). Ilman tokenia → 401. apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: name: git-pages-publish-auth namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: basicAuth: secret: git-pages-publish-auth --- # Julkinen luku: GET/HEAD. Julkaisu: PATCH/PUT + basicAuth (erillinen reitti). apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: git-pages namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: entryPoints: - websecure routes: - match: >- Host(`pages.helm-dev.keskikuja.site`) && (Method(`PATCH`) || Method(`PUT`)) kind: Rule middlewares: - name: git-pages-publish-auth services: - name: git-pages port: 3000 - match: Host(`pages.helm-dev.keskikuja.site`) && (Method(`GET`) || Method(`HEAD`)) kind: Rule services: - name: git-pages port: 3000 tls: secretName: git-pages-tls --- apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: name: https-redirect namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: redirectScheme: scheme: https permanent: true --- # HTTP → HTTPS. Jätä /.well-known/acme-challenge/ pois — cert-manager HTTP-01 (web :80). apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: git-pages-http namespace: git-pages labels: app.kubernetes.io/name: git-pages spec: entryPoints: - web routes: - match: >- Host(`pages.helm-dev.keskikuja.site`) && !PathPrefix(`/.well-known/acme-challenge/`) kind: Rule middlewares: - name: https-redirect services: - name: git-pages port: 3000