From b54bc7b15853b01df4ae3fba80e61b7ab2e4ff67 Mon Sep 17 00:00:00 2001 From: Seth Call Date: Sat, 14 Mar 2026 07:33:57 -0600 Subject: [PATCH] infra: add staging web application --- k8s/applications/templates/web.yaml | 22 ++++++ k8s/jam-cloud/web.yaml | 113 ++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+) create mode 100644 k8s/applications/templates/web.yaml create mode 100644 k8s/jam-cloud/web.yaml diff --git a/k8s/applications/templates/web.yaml b/k8s/applications/templates/web.yaml new file mode 100644 index 0000000..c16fb77 --- /dev/null +++ b/k8s/applications/templates/web.yaml @@ -0,0 +1,22 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: web + namespace: argocd + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: default + source: + repoURL: 'git@bitbucket.org:jamkazam/video-iac.git' + targetRevision: HEAD + path: k8s/jam-cloud + directory: + include: '{namespace.yaml,web.yaml}' + destination: + server: https://kubernetes.default.svc + namespace: jam-cloud + syncPolicy: + automated: + prune: true + selfHeal: true diff --git a/k8s/jam-cloud/web.yaml b/k8s/jam-cloud/web.yaml new file mode 100644 index 0000000..f2c3e4c --- /dev/null +++ b/k8s/jam-cloud/web.yaml @@ -0,0 +1,113 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: web + namespace: jam-cloud +spec: + replicas: 1 + selector: + matchLabels: + app: web + template: + metadata: + labels: + app: web + spec: + imagePullSecrets: + - name: gitea-registry + containers: + - name: web + image: git.staging.jamkazam.com/jamkazam/web:latest + imagePullPolicy: Always + ports: + - containerPort: 3000 + readinessProbe: + httpGet: + path: / + port: 3000 + initialDelaySeconds: 30 + periodSeconds: 10 + env: + - name: RAILS_ENV + value: production + - name: RAILS_LOG_TO_STDOUT + value: "true" + - name: RAILS_SERVE_STATIC_FILES + value: "true" + - name: DATABASE_URL + value: postgresql://jam:jam@egress-proxy.jam-cloud-infra.svc.cluster.local:5432/jam?sslmode=disable + - name: REDIS_URL + value: redis://redis.jam-cloud-infra.svc.cluster.local:6379/0 + - name: REDIS_HOST + value: redis.jam-cloud-infra.svc.cluster.local:6379 + - name: RABBITMQ_HOST + value: rabbitmq.jam-cloud-infra.svc.cluster.local + - name: RABBITMQ_PORT + value: "5672" + - name: EXTERNAL_HOSTNAME + value: web.staging.jamkazam.com + - name: EXTERNAL_PROTOCOL + value: https:// + - name: EXTERNAL_PORT + value: "443" + - name: ADMIN_ROOT_URL + value: https://admin.staging.jamkazam.com + - name: WEBSOCKET_GATEWAY_URI + value: ws://websocket-gateway.staging.jamkazam.com/websocket + - name: WEBSOCKET_GATEWAY_TRUSTED_URI + value: ws://websocket-gateway.staging.jamkazam.com/websocket + - name: WEBSOCKET_GATEWAY_URI_SSL + value: wss://websocket-gateway.staging.jamkazam.com/websocket + - name: WEBSOCKET_GATEWAY_TRUSTED_URI_SSL + value: wss://websocket-gateway.staging.jamkazam.com/websocket + - name: AWS_KEY + value: AKIAJAXEHQBDOZ5WAWKA + - name: AWS_SECRET + value: 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 + - name: AWS_ACCESS_KEY_ID + value: AKIAJAXEHQBDOZ5WAWKA + - name: AWS_SECRET_ACCESS_KEY + value: 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 + - name: AWS_REGION + value: us-east-1 + - name: AWS_BUCKET + value: jamkazam-staging + - name: AWS_BUCKET_PUBLIC + value: jamkazam-staging-public +--- +apiVersion: v1 +kind: Service +metadata: + name: web + namespace: jam-cloud +spec: + ports: + - port: 80 + targetPort: 3000 + selector: + app: web +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: web + namespace: jam-cloud + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-nginx-production +spec: + tls: + - hosts: + - web.staging.jamkazam.com + secretName: web-tls + rules: + - host: web.staging.jamkazam.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: web + port: + number: 80