infrastructure/k8s-cluster
1
0
Fork 2
Code Issues 29 Pull requests 10 Projects Releases Packages Wiki Activity

static-site: initial implementation with f3.forgefriends.org #502

Closed
GhostPLACEHOLDER wants to merge 0 commits from refs/pull/68/head90f371fb5afd0bab0fe5693f65ac5a0f23502ae2 into mainb7623d4bc2060d7314b1fa148acb2e859c9894df
pull from: refs/pull/68/head90f371fb5afd0bab0fe5693f65ac5a0f23502ae2
merge into: infrastructure:mainb7623d4bc2060d7314b1fa148acb2e859c9894df
Conversation 4 Commits - Files changed -
GhostPLACEHOLDER commented 2025-05-29 20:27:19 +00:00
First-time contributor
Copy link

I would have liked to have a ready-made solution where the following was possible to deploy a static website from a git repository. Since it does not exist, I tried an implementation with a local chart. The sha from which the site is updated will then be updated by a workflow similar to the one in next-digest.

The website deployed as an example is f3.forgefriends.forgejo.org which is already hosted on the Forgejo infrastructure. When this works, the next step will be to switch forgejo.org itself and leave uberspace.

# https://fluxcd.io/flux/components/helm/helmreleases/
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: f3-documentation
spec:
  chart:
    spec:
      chart: https://example.com/static-chart
  releaseName: f3-documentation
  values:
    git: https://code.forgejo.org/f3/html-documentation
    sha: 8d8d7387fc46bd96abe90502305117350656949a
    host: f3.forgefriends.forgejo.org

Testing

flux/apps$ helm template --set-string sha=SHA,git=http://something.com,host=something.com --namespace forgejo-next f3-documentation charts/static-site

---
# Source: static-site/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: static-site-f3-documentation
  namespace: forgejo-next
spec:
  selector:
    app.kubernetes.io/name: static-site-f3-documentation
  ports:
    - port: 80
      targetPort: http
      name: http
---
# Source: static-site/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: static-site-f3-documentation
  namespace: forgejo-next
spec:
  template:
    spec:
      volumes:
      - name: static-files
        emptyDir: {}
      initContainers:
        - name: static-site-git-f3-documentation
          image: docker.io/bitnami/git:2.47
          command:
          - sh
          - -c
          - |
            git init &&
            git remote add origin http://something.com &&
            git fetch --depth=1 SHA &&
            git worktree add /nginx/html SHA &&
          volumeMounts:
          - name: static-files
            mountPath: /nginx
      containers:
        - name: static-site-nginx-f3-documentation
          image: docker.io/bitnami/nginx:1.26
          volumeMounts:
          - name: static-files
            mountPath: /usr/share/nginx
          ports:
            - name: http
              containerPort: 80
---
# Source: static-site/templates/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: static-site-f3-documentation
  namespace: forgejo-next
  annotations:
    # https://cert-manager.io/docs/usage/ingress/#supported-annotations
    # https://github.com/cert-manager/cert-manager/issues/2239
    cert-manager.io/cluster-issuer: letsencrypt-http
    cert-manager.io/private-key-algorithm: ECDSA
    cert-manager.io/private-key-size: 384
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
spec:
  tls:
  - hosts:
      - something.com
    secretName: tls-static-site-f3-documentation-http
  rules:
  - host: something.com
    http:
      paths:
      - pathType: Prefix
        path: /
        backend:
          service:
            name: static-site-f3-documentation
            port:
              name: http
I would have liked to have a ready-made solution where the following was possible to deploy a static website from a git repository. Since it does not exist, I tried an implementation with a local chart. The sha from which the site is updated will then be updated by a workflow similar to the one in next-digest. The website deployed as an example is f3.forgefriends.forgejo.org which is already hosted on the Forgejo infrastructure. When this works, the next step will be to switch forgejo.org itself and leave uberspace. ```yaml # https://fluxcd.io/flux/components/helm/helmreleases/ apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: f3-documentation spec: chart: spec: chart: https://example.com/static-chart releaseName: f3-documentation values: git: https://code.forgejo.org/f3/html-documentation sha: 8d8d7387fc46bd96abe90502305117350656949a host: f3.forgefriends.forgejo.org ``` ## Testing `flux/apps$ helm template --set-string sha=SHA,git=http://something.com,host=something.com --namespace forgejo-next f3-documentation charts/static-site` <details> ```yaml --- # Source: static-site/templates/service.yaml apiVersion: v1 kind: Service metadata: name: static-site-f3-documentation namespace: forgejo-next spec: selector: app.kubernetes.io/name: static-site-f3-documentation ports: - port: 80 targetPort: http name: http --- # Source: static-site/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: static-site-f3-documentation namespace: forgejo-next spec: template: spec: volumes: - name: static-files emptyDir: {} initContainers: - name: static-site-git-f3-documentation image: docker.io/bitnami/git:2.47 command: - sh - -c - | git init && git remote add origin http://something.com && git fetch --depth=1 SHA && git worktree add /nginx/html SHA && volumeMounts: - name: static-files mountPath: /nginx containers: - name: static-site-nginx-f3-documentation image: docker.io/bitnami/nginx:1.26 volumeMounts: - name: static-files mountPath: /usr/share/nginx ports: - name: http containerPort: 80 --- # Source: static-site/templates/ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: static-site-f3-documentation namespace: forgejo-next annotations: # https://cert-manager.io/docs/usage/ingress/#supported-annotations # https://github.com/cert-manager/cert-manager/issues/2239 cert-manager.io/cluster-issuer: letsencrypt-http cert-manager.io/private-key-algorithm: ECDSA cert-manager.io/private-key-size: 384 kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure spec: tls: - hosts: - something.com secretName: tls-static-site-f3-documentation-http rules: - host: something.com http: paths: - pathType: Prefix path: / backend: service: name: static-site-f3-documentation port: name: http ``` </details>
GhostPLACEHOLDER commented 2025-05-29 20:27:20 +00:00
Author
First-time contributor
Copy link

@viceice this is an early draft, not really ready for a detailed review. Could you let me know if I'm heading in the right direction?

@viceice this is an early draft, not really ready for a detailed review. Could you let me know if I'm heading in the right direction?
GhostPLACEHOLDER commented 2025-05-29 20:27:20 +00:00
Author
First-time contributor
Copy link

maybe there is no need for a persistent volume since it can be checked out every time, I'll remove that. It needs a volume, just not persistent.

maybe there is no need for a persistent volume since it can be checked out every time, I'll remove that. It needs a volume, just not persistent.
GhostPLACEHOLDER commented 2025-05-29 20:27:20 +00:00
Author
First-time contributor
Copy link

flux/apps$ helm template --set-string sha=SHA,git=http://something.com,host=something.com --namespace forgejo-next f3-documentation charts/static-site

output added to the description for verification

`flux/apps$ helm template --set-string sha=SHA,git=http://something.com,host=something.com --namespace forgejo-next f3-documentation charts/static-site` output added to the description for verification
GhostPLACEHOLDER commented 2025-05-29 20:27:20 +00:00
Author
First-time contributor
Copy link

flux/apps$ helm template --set-string sha=8d8d7387fc46bd96abe90502305117350656949a,git=https://code.forgejo.org/f3/html-documentation,host=f3.forgefriends.forgejo.org --namespace static-site f3-documentation charts/static-site

---
# Source: static-site/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
  name: static-site-f3-documentation
  namespace: static-site
spec:
  selector:
    app.kubernetes.io/name: static-site-f3-documentation
  ports:
    - port: 80
      targetPort: http
      name: http
---
# Source: static-site/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: static-site-f3-documentation
  namespace: static-site
spec:
  template:
    spec:
      volumes:
      - name: static-files
        emptyDir: {}
      initContainers:
        - name: static-site-git-f3-documentation
          image: docker.io/bitnami/git:2.47.0
          command:
          - sh
          - -c
          - |
            git init &&
            git remote add origin https://code.forgejo.org/f3/html-documentation &&
            git fetch --depth=1 8d8d7387fc46bd96abe90502305117350656949a &&
            git worktree add /nginx/html 8d8d7387fc46bd96abe90502305117350656949a &&
          volumeMounts:
          - name: static-files
            mountPath: /nginx
      containers:
        - name: static-site-nginx-f3-documentation
          image: docker.io/bitnami/nginx:1.26
          volumeMounts:
          - name: static-files
            mountPath: /usr/share/nginx
          ports:
            - name: http
              containerPort: 80
---
# Source: static-site/templates/ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: static-site-f3-documentation
  namespace: static-site
  annotations:
    # https://cert-manager.io/docs/usage/ingress/#supported-annotations
    # https://github.com/cert-manager/cert-manager/issues/2239
    cert-manager.io/cluster-issuer: letsencrypt-http
    cert-manager.io/private-key-algorithm: ECDSA
    cert-manager.io/private-key-size: 384
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
spec:
  tls:
  - hosts:
      - f3.forgefriends.forgejo.org
    secretName: tls-static-site-f3-documentation-http
  rules:
  - host: f3.forgefriends.forgejo.org
    http:
      paths:
      - pathType: Prefix
        path: /
        backend:
          service:
            name: static-site-f3-documentation
            port:
              name: http
`flux/apps$ helm template --set-string sha=8d8d7387fc46bd96abe90502305117350656949a,git=https://code.forgejo.org/f3/html-documentation,host=f3.forgefriends.forgejo.org --namespace static-site f3-documentation charts/static-site` <details> ```yaml --- # Source: static-site/templates/service.yaml apiVersion: v1 kind: Service metadata: name: static-site-f3-documentation namespace: static-site spec: selector: app.kubernetes.io/name: static-site-f3-documentation ports: - port: 80 targetPort: http name: http --- # Source: static-site/templates/deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: static-site-f3-documentation namespace: static-site spec: template: spec: volumes: - name: static-files emptyDir: {} initContainers: - name: static-site-git-f3-documentation image: docker.io/bitnami/git:2.47.0 command: - sh - -c - | git init && git remote add origin https://code.forgejo.org/f3/html-documentation && git fetch --depth=1 8d8d7387fc46bd96abe90502305117350656949a && git worktree add /nginx/html 8d8d7387fc46bd96abe90502305117350656949a && volumeMounts: - name: static-files mountPath: /nginx containers: - name: static-site-nginx-f3-documentation image: docker.io/bitnami/nginx:1.26 volumeMounts: - name: static-files mountPath: /usr/share/nginx ports: - name: http containerPort: 80 --- # Source: static-site/templates/ingress.yaml apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: static-site-f3-documentation namespace: static-site annotations: # https://cert-manager.io/docs/usage/ingress/#supported-annotations # https://github.com/cert-manager/cert-manager/issues/2239 cert-manager.io/cluster-issuer: letsencrypt-http cert-manager.io/private-key-algorithm: ECDSA cert-manager.io/private-key-size: 384 kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure spec: tls: - hosts: - f3.forgefriends.forgejo.org secretName: tls-static-site-f3-documentation-http rules: - host: f3.forgefriends.forgejo.org http: paths: - pathType: Prefix path: / backend: service: name: static-site-f3-documentation port: name: http ``` </details>
root closed this pull request 2025-05-29 20:27:20 +00:00

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
bug

Something is not working

  
cleanup

   
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
forgefriends

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/sync.yml

  
help wanted

Need some help

  
invalid

Something is wrong

  
label workflow

a workflow is associated with this issue and will trigger when labels are updated

  
need more info

   
question

More information is needed

  
refactor

No functional change, reorganization

  
static-site

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/sync.yml

  
sync

https://code.forgejo.org/infrastructure/k8s-cluster/src/branch/main/.forgejo/workflows/build.yml

  
wontfix

This won't be fixed

No labels
bug
cleanup
duplicate
enhancement
forgefriends
help wanted
invalid
label workflow
need more info
question
refactor
static-site
sync
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: infrastructure/k8s-cluster#502
No description provided.
Delete branch "refs/pull/68/head90f371fb5afd0bab0fe5693f65ac5a0f23502ae2"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?