add vikunja

Signed-off-by: gwg313 <gwg313@pm.me>
This commit is contained in:
gwg313 2026-06-18 20:14:49 -04:00
parent 67a2318a96
commit 854f70e8ee
Signed by: gwg313
GPG key ID: 60FF63B4826B7400
9 changed files with 171 additions and 0 deletions

View file

@ -0,0 +1,51 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: vikunja
namespace: vikunja
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: vikunja
template:
metadata:
labels:
app: vikunja
spec:
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
containers:
- name: vikunja
image: vikunja/vikunja:0.24.6
securityContext:
allowPrivilegeEscalation: false
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
ports:
- containerPort: 3456
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
volumeMounts:
- name: vikunja-data
mountPath: /app/vikunja/files
subPath: files
- name: vikunja-data
mountPath: /db
subPath: db
volumes:
- name: vikunja-data
persistentVolumeClaim:
claimName: vikunja-data

View file

@ -0,0 +1,10 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- namespace.yaml
- pvc.yaml
- network-policy.yaml
- deployment.yaml
- service.yaml
- route.yaml

View file

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: vikunja

View file

@ -0,0 +1,17 @@
apiVersion: cilium.io/v2
kind: CiliumNetworkPolicy
metadata:
name: allow-ingress
namespace: vikunja
spec:
endpointSelector:
matchLabels:
app: vikunja
ingress:
- fromEntities:
- ingress
toPorts:
- ports:
- port: "3456"
protocol: TCP

12
apps/vikunja/pvc.yaml Normal file
View file

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: vikunja-data
namespace: vikunja
spec:
storageClassName: nfs-retain
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi

41
apps/vikunja/route.yaml Normal file
View file

@ -0,0 +1,41 @@
apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
name: vikunja
namespace: vikunja
spec:
parentRefs:
- group: gateway.networking.k8s.io
kind: Gateway
name: shared-edge-gateway
namespace: cilium-ingress
hostnames:
- todo.local.gwg313.xyz
- todo.gwg313.xyz
- todo.zerotier.gwg313.xyz
rules:
- matches:
- path:
type: PathPrefix
value: /
backendRefs:
- group: ""
kind: Service
name: vikunja
port: 80
weight: 1
---
apiVersion: gateway.networking.k8s.io/v1beta1
kind: ReferenceGrant
metadata:
name: allow-gateway-to-vikunja
namespace: vikunja
spec:
from:
- group: gateway.networking.k8s.io
kind: Gateway
namespace: cilium-ingress
to:
- group: ""
kind: Service
name: vikunja

12
apps/vikunja/service.yaml Normal file
View file

@ -0,0 +1,12 @@
apiVersion: v1
kind: Service
metadata:
name: vikunja
namespace: vikunja
spec:
selector:
app: vikunja
ports:
- port: 80
targetPort: 3456
protocol: TCP