furyhawk/cloudy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add initial Kubernetes conversion for swarm services

Browse Source
This commit is contained in:
furyhawk
2026-03-25 12:00:04 +08:00
parent c20d2be439
commit c27fee72ba
7 changed files with 1502 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
cluster/swarm-converted/00-namespace.yaml
+4
View File
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: swarm-converted
cluster/swarm-converted/01-config.yaml
+57
View File
@@ -0,0 +1,57 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: swarm-converted-config
namespace: swarm-converted
data:
DOMAIN: REPLACE_DOMAIN
DATABASE__HOSTNAME: postgres-db
DATABASE__PORT: "5432"
DATABASE__DB: app
SECURITY__BACKEND_CORS_ORIGINS: https://REPLACE_DOMAIN
SECURITY__ALLOWED_HOSTS: api.REPLACE_DOMAIN,REPLACE_DOMAIN
POSTGRES_DB: app
TZ: Asia/Singapore
LANG: en_US.utf8
PGDATA: /var/lib/postgresql/data
OSRM_ALGORITHM: mld
OSRM_THREADS: "2"
OSRM_PORT: "5000"
OSRM_PROFILE: /opt/car.lua
OSRM_MAP_NAME: singapore
OSRM_GEOFABRIK_PATH: /data
OSRM_NOTIFY_FILEPATH: /data/osrm_notify.txt
STREAMLIT_FIN_SERVER_PORT: "8501"
STREAMLIT_BAI_SERVER_PORT: "8502"
BAI_LOCATION: ""
ADMINER_DESIGN: pepa-linha-dark
NODE_ENV: production
---
apiVersion: v1
kind: Secret
metadata:
name: swarm-converted-secret
namespace: swarm-converted
type: Opaque
stringData:
POSTGRES_USER: change-me
POSTGRES_PASSWORD: change-me
SECURITY__JWT_SECRET_KEY: change-me
MINIO_ROOT_USER: minioadmin
MINIO_ROOT_PASSWORD: minioadmin
GROQ_API_KEY: change-me
PGADMIN_DEFAULT_EMAIL: admin@example.com
PGADMIN_DEFAULT_PASSWORD: change-me
---
apiVersion: v1
kind: Secret
metadata:
name: traefik-basic-auth
namespace: swarm-converted
type: Opaque
stringData:
users: user:$apr1$replace$replacehashedvalue
cluster/swarm-converted/02-traefik.yaml
+60
View File
@@ -0,0 +1,60 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: admin-auth
namespace: swarm-converted
spec:
basicAuth:
secret: traefik-basic-auth
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: rate-limit
namespace: swarm-converted
spec:
rateLimit:
average: 384
burst: 128
period: 10s
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: no-www
namespace: swarm-converted
spec:
redirectRegex:
regex: ^https://www\.(.*)$
replacement: https://$1
permanent: true
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-resume
namespace: swarm-converted
spec:
redirectRegex:
regex: ^https://resume\.REPLACE_DOMAIN/(.*)
replacement: https://info.REPLACE_DOMAIN/resume/$1
permanent: true
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-blog
namespace: swarm-converted
spec:
redirectRegex:
regex: ^https://blog\.REPLACE_DOMAIN/(.*)
replacement: https://furyhawk.github.io/124c41/$1
permanent: true
cluster/swarm-converted/03-storage.yaml
+123
View File
@@ -0,0 +1,123 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: minio-data
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-data
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: adminer-data
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jellyfin-config
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jellyfin-cache
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: jellyfin-media
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: privatebin-data
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: bai-cache
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: site-content
namespace: swarm-converted
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
cluster/swarm-converted/10-services-stack.yaml
+532
View File
@@ -0,0 +1,532 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: api-server
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: api-server
template:
metadata:
labels:
app: api-server
spec:
containers:
- name: api-server
image: furyhawk/listen:v0.1.17
ports:
- containerPort: 8000
name: http
env:
- name: DATABASE__HOSTNAME
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DATABASE__HOSTNAME
- name: DATABASE__USERNAME
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: POSTGRES_USER
- name: DATABASE__PASSWORD
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: POSTGRES_PASSWORD
- name: DATABASE__PORT
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DATABASE__PORT
- name: DATABASE__DB
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DATABASE__DB
- name: SECURITY__JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: SECURITY__JWT_SECRET_KEY
- name: SECURITY__BACKEND_CORS_ORIGINS
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: SECURITY__BACKEND_CORS_ORIGINS
- name: SECURITY__ALLOWED_HOSTS
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: SECURITY__ALLOWED_HOSTS
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
---
apiVersion: v1
kind: Service
metadata:
name: api-server
namespace: swarm-converted
spec:
selector:
app: api-server
ports:
- name: http
port: 8000
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: api-server
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`api.REPLACE_DOMAIN`)
services:
- name: api-server
port: 8000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: dozzle
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: dozzle
template:
metadata:
labels:
app: dozzle
spec:
containers:
- name: dozzle
image: amir20/dozzle:latest
ports:
- containerPort: 8080
name: http
env:
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
volumeMounts:
- name: docker-sock
mountPath: /var/run/docker.sock
readOnly: true
volumes:
- name: docker-sock
hostPath:
path: /var/run/docker.sock
type: Socket
---
apiVersion: v1
kind: Service
metadata:
name: dozzle
namespace: swarm-converted
spec:
selector:
app: dozzle
ports:
- name: http
port: 8080
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: dozzle
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`log.REPLACE_DOMAIN`)
middlewares:
- name: admin-auth
services:
- name: dozzle
port: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: minio-common
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: minio-common
template:
metadata:
labels:
app: minio-common
spec:
containers:
- name: minio-common
image: minio/minio:latest
args:
- server
- /data
- --address
- :9000
- --console-address
- :9001
ports:
- containerPort: 9000
name: api
- containerPort: 9001
name: console
env:
- name: MINIO_ROOT_USER
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: MINIO_ROOT_USER
- name: MINIO_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: MINIO_ROOT_PASSWORD
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
volumeMounts:
- name: minio-data
mountPath: /data
volumes:
- name: minio-data
persistentVolumeClaim:
claimName: minio-data
---
apiVersion: v1
kind: Service
metadata:
name: minio-common
namespace: swarm-converted
spec:
selector:
app: minio-common
ports:
- name: api
port: 9000
targetPort: api
- name: console
port: 9001
targetPort: console
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: minio-console
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`drive.REPLACE_DOMAIN`) || Host(`storage.REPLACE_DOMAIN`)
services:
- name: minio-common
port: 9001
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: minio-api
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`minio.REPLACE_DOMAIN`) || Host(`s3.REPLACE_DOMAIN`)
services:
- name: minio-common
port: 9000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: osrm-backend
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: osrm-backend
template:
metadata:
labels:
app: osrm-backend
spec:
containers:
- name: osrm-backend
image: furyhawk/osrm-backend:latest
ports:
- containerPort: 5000
name: http
env:
- name: OSRM_ALGORITHM
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_ALGORITHM
- name: OSRM_THREADS
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_THREADS
- name: OSRM_PORT
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_PORT
- name: OSRM_PROFILE
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_PROFILE
- name: OSRM_MAP_NAME
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_MAP_NAME
- name: OSRM_GEOFABRIK_PATH
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_GEOFABRIK_PATH
- name: OSRM_NOTIFY_FILEPATH
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: OSRM_NOTIFY_FILEPATH
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
---
apiVersion: v1
kind: Service
metadata:
name: osrm-backend
namespace: swarm-converted
spec:
selector:
app: osrm-backend
ports:
- name: http
port: 5000
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: osrm-backend
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`osrm.REPLACE_DOMAIN`)
middlewares:
- name: rate-limit
services:
- name: osrm-backend
port: 5000
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres-db
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: postgres-db
template:
metadata:
labels:
app: postgres-db
spec:
containers:
- name: postgres-db
image: postgres:16
command:
- postgres
- -c
- log_connections=on
ports:
- containerPort: 5432
name: postgres
env:
- name: POSTGRES_DB
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: POSTGRES_DB
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: POSTGRES_PASSWORD
- name: PGDATA
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: PGDATA
- name: LANG
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: LANG
- name: TZ
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: TZ
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
volumes:
- name: postgres-data
persistentVolumeClaim:
claimName: postgres-data
---
apiVersion: v1
kind: Service
metadata:
name: postgres-db
namespace: swarm-converted
spec:
selector:
app: postgres-db
ports:
- name: postgres
port: 5432
targetPort: postgres
---
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: postgres-db
namespace: swarm-converted
spec:
entryPoints:
- postgres
routes:
- match: HostSNI(`*`)
services:
- name: postgres-db
port: 5432
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: whoami
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: whoami
template:
metadata:
labels:
app: whoami
spec:
containers:
- name: whoami
image: traefik/whoami
ports:
- containerPort: 80
name: http
---
apiVersion: v1
kind: Service
metadata:
name: whoami
namespace: swarm-converted
spec:
selector:
app: whoami
ports:
- name: http
port: 80
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: whoami
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`whoami.REPLACE_DOMAIN`)
services:
- name: whoami
port: 80
cluster/swarm-converted/11-apps-stack.yaml
+683
View File
@@ -0,0 +1,683 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: adminer
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: adminer
template:
metadata:
labels:
app: adminer
spec:
containers:
- name: adminer
image: adminer
ports:
- containerPort: 8080
name: http
env:
- name: PGADMIN_DEFAULT_EMAIL
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: PGADMIN_DEFAULT_EMAIL
- name: PGADMIN_DEFAULT_PASSWORD
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: PGADMIN_DEFAULT_PASSWORD
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- name: PYTHONPATH
value: /pgadmin4
- name: TZ
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: TZ
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
- name: ADMINER_DESIGN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: ADMINER_DESIGN
volumeMounts:
- name: adminer-data
mountPath: /var/lib/pgadmin
volumes:
- name: adminer-data
persistentVolumeClaim:
claimName: adminer-data
---
apiVersion: v1
kind: Service
metadata:
name: adminer
namespace: swarm-converted
spec:
selector:
app: adminer
ports:
- name: http
port: 8080
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: adminer
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`adminer.REPLACE_DOMAIN`) || Host(`dbadmin.REPLACE_DOMAIN`)
services:
- name: adminer
port: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cheatsheets-app
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: cheatsheets-app
template:
metadata:
labels:
app: cheatsheets-app
spec:
containers:
- name: cheatsheets-app
image: furyhawk/cheatsheets:latest
ports:
- containerPort: 80
name: http
---
apiVersion: v1
kind: Service
metadata:
name: cheatsheets-app
namespace: swarm-converted
spec:
selector:
app: cheatsheets-app
ports:
- name: http
port: 80
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: cheatsheets-app
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`cheat.REPLACE_DOMAIN`)
services:
- name: cheatsheets-app
port: 80
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: heynote-app
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: heynote-app
template:
metadata:
labels:
app: heynote-app
spec:
containers:
- name: heynote-app
image: furyhawk/heynote:latest
ports:
- containerPort: 5173
name: http
env:
- name: NODE_ENV
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: NODE_ENV
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
---
apiVersion: v1
kind: Service
metadata:
name: heynote-app
namespace: swarm-converted
spec:
selector:
app: heynote-app
ports:
- name: http
port: 5173
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: heynote-app
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`note.REPLACE_DOMAIN`) || Host(`note0.REPLACE_DOMAIN`) || Host(`n.REPLACE_DOMAIN`) || Host(`pad.REPLACE_DOMAIN`)
services:
- name: heynote-app
port: 5173
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: jellyfin
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: jellyfin
template:
metadata:
labels:
app: jellyfin
spec:
containers:
- name: jellyfin
image: jellyfin/jellyfin
ports:
- containerPort: 8096
name: http
env:
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
- name: JELLYFIN_PublishedServerUrl
value: https://media.REPLACE_DOMAIN
volumeMounts:
- name: jellyfin-config
mountPath: /config
- name: jellyfin-cache
mountPath: /cache
- name: jellyfin-media
mountPath: /media
volumes:
- name: jellyfin-config
persistentVolumeClaim:
claimName: jellyfin-config
- name: jellyfin-cache
persistentVolumeClaim:
claimName: jellyfin-cache
- name: jellyfin-media
persistentVolumeClaim:
claimName: jellyfin-media
---
apiVersion: v1
kind: Service
metadata:
name: jellyfin
namespace: swarm-converted
spec:
selector:
app: jellyfin
ports:
- name: http
port: 8096
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: jellyfin
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`media.REPLACE_DOMAIN`)
services:
- name: jellyfin
port: 8096
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: meshtastic-web
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: meshtastic-web
template:
metadata:
labels:
app: meshtastic-web
spec:
containers:
- name: meshtastic-web
image: ghcr.io/meshtastic/web
ports:
- containerPort: 8080
name: http
- containerPort: 8443
name: https-alt
---
apiVersion: v1
kind: Service
metadata:
name: meshtastic-web
namespace: swarm-converted
spec:
selector:
app: meshtastic-web
ports:
- name: http
port: 8080
targetPort: http
- name: https-alt
port: 8443
targetPort: https-alt
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: meshtastic-web
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`mesh.REPLACE_DOMAIN`)
services:
- name: meshtastic-web
port: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: privatebin
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: privatebin
template:
metadata:
labels:
app: privatebin
spec:
containers:
- name: privatebin
image: privatebin/nginx-fpm-alpine:latest
ports:
- containerPort: 8080
name: http
volumeMounts:
- name: privatebin-data
mountPath: /srv/data
volumes:
- name: privatebin-data
persistentVolumeClaim:
claimName: privatebin-data
---
apiVersion: v1
kind: Service
metadata:
name: privatebin
namespace: swarm-converted
spec:
selector:
app: privatebin
ports:
- name: http
port: 8080
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: privatebin
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`bin.REPLACE_DOMAIN`) || Host(`paste.REPLACE_DOMAIN`)
services:
- name: privatebin
port: 8080
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: streamlit-bai
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: streamlit-bai
template:
metadata:
labels:
app: streamlit-bai
spec:
containers:
- name: streamlit-bai
image: furyhawk/beyondallinfo:latest
command:
- sh
- -c
args:
- streamlit run --server.port=$STREAMLIT_BAI_SERVER_PORT --server.address=0.0.0.0 --server.baseUrlPath=$BAI_LOCATION src/app.py
ports:
- containerPort: 8502
name: http
env:
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
- name: STREAMLIT_BAI_SERVER_PORT
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: STREAMLIT_BAI_SERVER_PORT
- name: BAI_LOCATION
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: BAI_LOCATION
- name: GROQ_API_KEY
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: GROQ_API_KEY
volumeMounts:
- name: bai-cache
mountPath: /app/cache
volumes:
- name: bai-cache
persistentVolumeClaim:
claimName: bai-cache
---
apiVersion: v1
kind: Service
metadata:
name: streamlit-bai
namespace: swarm-converted
spec:
selector:
app: streamlit-bai
ports:
- name: http
port: 8502
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: streamlit-bai
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`bai.REPLACE_DOMAIN`)
services:
- name: streamlit-bai
port: 8502
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: streamlit-fin
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: streamlit-fin
template:
metadata:
labels:
app: streamlit-fin
spec:
containers:
- name: streamlit-fin
image: furyhawk/llama3toolsfin:main
ports:
- containerPort: 8501
name: http
env:
- name: DOMAIN
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: DOMAIN
- name: STREAMLIT_FIN_SERVER_PORT
valueFrom:
configMapKeyRef:
name: swarm-converted-config
key: STREAMLIT_FIN_SERVER_PORT
- name: GROQ_API_KEY
valueFrom:
secretKeyRef:
name: swarm-converted-secret
key: GROQ_API_KEY
---
apiVersion: v1
kind: Service
metadata:
name: streamlit-fin
namespace: swarm-converted
spec:
selector:
app: streamlit-fin
ports:
- name: http
port: 8501
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: streamlit-fin
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`fin.REPLACE_DOMAIN`)
services:
- name: streamlit-fin
port: 8501
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: site-server
namespace: swarm-converted
spec:
replicas: 1
selector:
matchLabels:
app: site-server
template:
metadata:
labels:
app: site-server
spec:
containers:
- name: site-server
image: nginx:alpine
ports:
- containerPort: 80
name: http
volumeMounts:
- name: site-content
mountPath: /usr/share/nginx/html
readOnly: true
volumes:
- name: site-content
persistentVolumeClaim:
claimName: site-content
---
apiVersion: v1
kind: Service
metadata:
name: site-server
namespace: swarm-converted
spec:
selector:
app: site-server
ports:
- name: http
port: 80
targetPort: http
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: site-server
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`REPLACE_DOMAIN`) || Host(`www.REPLACE_DOMAIN`) || Host(`info.REPLACE_DOMAIN`) || Host(`124c41.REPLACE_DOMAIN`)
middlewares:
- name: no-www
services:
- name: site-server
port: 80
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: resume-redirect
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`resume.REPLACE_DOMAIN`)
middlewares:
- name: redirect-resume
services:
- name: site-server
port: 80
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: blog-redirect
namespace: swarm-converted
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`blog.REPLACE_DOMAIN`)
middlewares:
- name: redirect-blog
services:
- name: site-server
port: 80
cluster/swarm-converted/README.md
+43
View File
@@ -0,0 +1,43 @@
# Swarm To Kubernetes Conversion
This directory contains a first-pass Kubernetes conversion of the main Swarm application stacks from:
- `swarm/core.yml`
- `swarm/services.yml`
- `swarm/apps.yml`
Scope and assumptions:
- The conversion targets the core public-facing services, not every file under `swarm/`.
- Swarm-only constructs such as overlay networks, placement constraints, and `deploy.labels` were mapped into Kubernetes `Service`, `Deployment`, `PersistentVolumeClaim`, `IngressRoute`, and `Middleware` resources.
- Resource names use Kubernetes-safe hyphenated names where Swarm used underscores.
- Public routes keep Traefik semantics through Traefik CRDs, so the cluster must already have Traefik and its CRDs installed.
- `LOCALDOMAIN` routes were intentionally omitted.
- Persistent host paths from Swarm were converted to PVCs so the manifests are more portable.
- The Traefik Swarm deployment itself was not copied directly; this directory assumes a Kubernetes Traefik controller already exists.
Before applying:
1. Replace every `REPLACE_DOMAIN` placeholder.
2. Review `01-config.yaml` and set real secrets.
3. Review PVC sizing and storage classes in `03-storage.yaml`.
4. Confirm Traefik entry points `websecure` and `postgres` exist in the cluster.
Suggested apply order:
```bash
kubectl apply -f cluster/swarm-converted/00-namespace.yaml
kubectl apply -f cluster/swarm-converted/01-config.yaml
kubectl apply -f cluster/swarm-converted/02-traefik.yaml
kubectl apply -f cluster/swarm-converted/03-storage.yaml
kubectl apply -f cluster/swarm-converted/10-services-stack.yaml
kubectl apply -f cluster/swarm-converted/11-apps-stack.yaml
```
Useful checks:
```bash
kubectl get all -n swarm-converted
kubectl get ingressroute,ingressroutetcp,middleware -n swarm-converted
kubectl describe pod -n swarm-converted
```