Skip to content
Snippets Groups Projects
Select Git revision
  • migrate_image
  • master default protected
2 results
Compare History
Andri Joos's avatar
ingress for each project
Andri Joos authored
ed3dce58
Name Last commit Last update
.vscode
cert-manager
ddclient
deploy
docker_registry
element
gitlab
images
ingress
joos.io/homepage
my_bot
nextcloud
nfs
octobot
sonarqube
streama
synapse-admin
synapse
testing
turn
vaultwarden
wordpress
.gitlab-ci.yml
README.md
README.md

cgroup_memory=1 cgroup_enable=memory

How to Set Up an Nginx Ingress with Cert-Manager on DigitalOcean Kubernetes

[Set up docker-ce for testcluster device] (https://medium.com/@artur.klauser/building-multi-architecture-docker-images-with-buildx-27d80f7e2408), docker-ce must be installed for buildx https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-20-04-de snap install kubectl --classic https://stackoverflow.com/questions/63170642/push-cache-to-insecure-registry-by-buildx https://github.com/docker/buildx/blob/master/docs/guides/custom-registry-config.md, http=true https://rancher.com/docs/k3s/latest/en/installation/private-registry/

https://github.com/JetsonHacksNano/buildKernelAndModules jetson build nfs kernel (getKernelSources, editconfig, makeModules, make (kernel dir))

required services for cluster init: nfs (image: andrijoos/nfs-alpine:0.1), registry (manually build and push docker_buildx image), gitlab-runner-kubernetes, ingress, cert-manager, (gitlab if no other gitlab available)

gitlab kubernetes agent (kas)

shitty raspi-vents prevent os start!

TODOS

  • update images and cert-manager
  • update imagePullSecrets in templates
  • monitoring data usage of each service (mail if more needed in future) (monthly mail to me with report of all services)

server improvements

  • jeda namespace ein eigna ingress (+ distribution ingress, möglichkeit zum eina über json ds definiera)
    • mehreri exposedHttpPort erlauba (mit backwards compatibility wenn nur en int)
    • gsamts unnötigs zügs druslöscha (e.g. externalname)
  • ingress controller uf traefik (mit http3)
  • gitlab kubernetes templates uufsplitta in eigni projekt
    • rework ci script (includes, templating etc)
    • kubernetes runner uf da kubernetes runner vo gitlab umstella

additional deployments

VPN

  • tutorial
    • openssl instead of letsencrypt, since letsencrypt wants to make HTTP request onto the server (lb in the middle => letsencrypt gets encrypted traffic, since https is defined as backend protocol; could be resolved with multiple ingresses)
    • in config comment out last lines with sample vhost config
  • android app