diff --git a/Gitea/copyGiteaDB b/Gitea/copyGiteaDB new file mode 100755 index 00000000..2a01821e --- /dev/null +++ b/Gitea/copyGiteaDB @@ -0,0 +1,24 @@ +# Backup date + +today=$(date "+%Y_%m_%d-%H_%M_%S") + +echo "Current date: $today" + +# build up filename + +# destination folder (change to your own needs) + +BACKUP_FOLDER=/tmp + +file_name=$BACKUP_FOLDER/bkup_gitea +new_name=$file_name-$today.sql +echo "Backup file name: " "$new_name" + +kubectl --kubeconfig /home/creylopez/.kube/config -n gitea-repo exec -ti deployment.apps/db -- /usr/lib/postgresql/15/bin/pg_dump --username=creylopez --dbname=gitea > $new_name + +message="Backup stored "$today + +#sudo -u creylopez cat $new_name | mail -s "Jugar al Pádel backup finished" "creylopez@yahoo.es" +sudo -u creylopez echo "Gitea - backup adjunto" |mail -s "Backup de gitea" creylopez@yahoo.es -A $new_name + +#sudo rm $new_name diff --git a/GiteaLatest/010-deployment.yaml b/GiteaLatest/010-deployment.yaml new file mode 100644 index 00000000..9cc456a1 --- /dev/null +++ b/GiteaLatest/010-deployment.yaml @@ -0,0 +1,45 @@ +################################################### +# Namespace Gitea +################################################### +apiVersion: v1 +kind: Namespace +metadata: + name: gitea-latest + +############################### +# Deplyoment Gitea +############################### +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: gitea + namespace: gitea-latest + labels: + app: gitea +spec: + replicas: 1 + selector: + matchLabels: + app: gitea + template: + metadata: + labels: + app: gitea + spec: + containers: + - name: gitea + image: gitea/gitea:latest + ports: + - containerPort: 3000 + name: gitea + - containerPort: 22 + name: git-ssh + volumeMounts: + - mountPath: /data + name: git-data + volumes: + - name: git-data + persistentVolumeClaim: + claimName: git-pvc + diff --git a/GiteaLatest/020-volumes.yaml b/GiteaLatest/020-volumes.yaml new file mode 100644 index 00000000..827e4527 --- /dev/null +++ b/GiteaLatest/020-volumes.yaml @@ -0,0 +1,34 @@ +--- +################################################### +# Persistence Volume Claim +################################################### +kind: PersistentVolume +apiVersion: v1 +metadata: + name: git-pv-latest + namespace: gitea-latest +spec: + capacity: + storage: 5Gi + accessModes: + - ReadWriteOnce + claimRef: + namespace: gitea-latest + name: git-pvc + hostPath: + path: /mnt/Externo/gitea-latest/data + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: git-pvc + namespace: gitea-latest +spec: + accessModes: + - ReadWriteOnce + storageClassName: "" + resources: + requests: + storage: 5Gi + volumeName: "git-pv-latest" diff --git a/GiteaLatest/030-network.yaml b/GiteaLatest/030-network.yaml new file mode 100644 index 00000000..44c924c7 --- /dev/null +++ b/GiteaLatest/030-network.yaml @@ -0,0 +1,19 @@ +############################### +# Service +############################### +--- +kind: Service +apiVersion: v1 +metadata: + name: gitea + namespace: gitea-latest +spec: + selector: + app: gitea + type: NodePort + ports: + - name: gitea-http + nodePort: 30781 + port: 3000 + - name: gitea-ssh + port: 22 diff --git a/GiteaLatest/Makefile b/GiteaLatest/Makefile new file mode 100644 index 00000000..20a498b4 --- /dev/null +++ b/GiteaLatest/Makefile @@ -0,0 +1,57 @@ +export ARQUITECTURA := $(shell lscpu |grep itectur | tr -d ' '| cut -f2 -d':') +#export REGISTRY=localhost:5000 +export REGISTRY=registry.reymota.es + +export IMG_VERSION = 0.27 +export IMG_NGINX_VERSION = 2.3 + +# limpia todo +all: imagen clean install + +imagen: + cd ../; make + +install: + -kubectl create -f namespace.yaml + -kubectl create -f reg-secret.yaml + -kubectl create -f env-prod-configmap.yaml + -kubectl create -f env-prod-db-configmap.yaml + + -kubectl create -f pv-local-jugaralpadel.yaml + -kubectl create -f jugaralpadel-prod-persistentvolumeclaim.yaml + -kubectl create -f static-volume-persistentvolumeclaim.yaml + -kubectl create -f postgres-data-persistentvolumeclaim.yaml + + -kubectl create -f db-deployment.yaml + -kubectl create -f db-service.yaml + + -envsubst < jugaralpadel-deployment.yaml |kubectl create -f - + -envsubst < nginx-deployment.yaml |kubectl create -f - + -kubectl create -f nginx-service.yaml + +clean: + -envsubst < nginx-deployment.yaml |kubectl delete -f - + -kubectl delete -f nginx-service.yaml + -envsubst < jugaralpadel-deployment.yaml |kubectl delete -f - + + -kubectl delete -f db-deployment.yaml + -kubectl delete -f db-service.yaml + + -kubectl delete -f env-prod-configmap.yaml + -kubectl delete -f env-prod-db-configmap.yaml + + -kubectl delete -f postgres-data-persistentvolumeclaim.yaml + -kubectl delete -f static-volume-persistentvolumeclaim.yaml + -kubectl delete -f jugaralpadel-prod-persistentvolumeclaim.yaml + -kubectl delete -f pv-local-jugaralpadel.yaml + -kubectl delete -f reg-secret.yaml + -kubectl delete -f namespace.yaml + +nginx: + cd ../nginx; make + +verimg: + docker run -it ${REGISTRY}/jugaralpadel-${ARQUITECTURA}:${IMG_VERSION} bash + +backup: + kubectl --kubeconfig /home/creylopez/.kube/config -n jugaralpadel exec -ti deployment.apps/db -- /usr/lib/postgresql/15/bin/pg_dump --username=creylopez --dbname=jugaralpadel > jugaralpadel-$(IMG_VERSION).sql diff --git a/GiteaLatest/README.md b/GiteaLatest/README.md new file mode 100644 index 00000000..b8b506ba --- /dev/null +++ b/GiteaLatest/README.md @@ -0,0 +1,8 @@ +# Fuente + +https://ralph.blog.imixs.com/2021/02/25/running-gitea-on-kubernetes/ + + +# habilitar ssh + +https://docs.github.com/en/authentication/troubleshooting-ssh/error-permission-denied-publickey#verify-the-public-key-is-attached-to-your-account diff --git a/GiteaLatest/app.ini b/GiteaLatest/app.ini new file mode 100644 index 00000000..7297cd15 --- /dev/null +++ b/GiteaLatest/app.ini @@ -0,0 +1,96 @@ +APP_NAME = Gitea: Git with a cup of tea +RUN_MODE = prod +RUN_USER = git + +[repository] +ROOT = /data/git/repositories + +[repository.local] +LOCAL_COPY_PATH = /data/gitea/tmp/local-repo + +[repository.upload] +TEMP_PATH = /data/gitea/uploads + +[server] +APP_DATA_PATH = /data/gitea +DOMAIN = gitea.reymota.es +SSH_DOMAIN = gitea.reymota.es +HTTP_PORT = 3000 +ROOT_URL = http://gitea.reymota.es/ +DISABLE_SSH = false +SSH_PORT = 22 +SSH_LISTEN_PORT = 22 +LFS_START_SERVER = true +LFS_CONTENT_PATH = /data/git/lfs +LFS_JWT_SECRET = 6ModusVwufuDW1L7Zc0qpTzKpPvUgUvrLoSL06Rjnzw +OFFLINE_MODE = false + +[database] +PATH = /data/gitea/gitea.db +DB_TYPE = postgres +HOST = db +NAME = gitea +USER = creylopez +PASSWD = Dsa-0213 +LOG_SQL = false +SCHEMA = +SSL_MODE = disable +CHARSET = utf8 + +[indexer] +ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve + +[session] +PROVIDER_CONFIG = /data/gitea/sessions +PROVIDER = file + +[picture] +AVATAR_UPLOAD_PATH = /data/gitea/avatars +REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars +DISABLE_GRAVATAR = false +ENABLE_FEDERATED_AVATAR = true + +[attachment] +PATH = /data/gitea/attachments + +[log] +MODE = console +LEVEL = info +REDIRECT_MACARON_LOG = true +MACARON = console +ROUTER = console +ROOT_PATH = /data/gitea/log + +[security] +INSTALL_LOCK = true +SECRET_KEY = dQGbKrt11gvXjFhgQBii8GEHcSeOvwnYgzOZzDWCYEkYCK2VBen3leTCrm4wj51C +INTERNAL_TOKEN = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYmYiOjE3MjQzMTY3NzB9.OIOG6TZy5BggmK13E03esKO3pSwNnGm7Xpu4lrXtNu4 + +[service] +DISABLE_REGISTRATION = false +REQUIRE_SIGNIN_VIEW = false +REGISTER_EMAIL_CONFIRM = false +ENABLE_NOTIFY_MAIL = false +ALLOW_ONLY_EXTERNAL_REGISTRATION = false +ENABLE_CAPTCHA = false +DEFAULT_KEEP_EMAIL_PRIVATE = false +DEFAULT_ALLOW_CREATE_ORGANIZATION = true +DEFAULT_ENABLE_TIMETRACKING = true +NO_REPLY_ADDRESS = noreply.gitea.reymota.es + +[oauth2] +JWT_SECRET = N01RzNp7lfiQuJyCpWYPzQwriBAFYwtZ-Gjt7XaW3Qw + +[mailer] +ENABLED = true +FROM = "Administrador de Gitea" +HOST = smtp.mail.yahoo.com:465 +SMTP_ADDR = smtp.mail.yahoo.com +SMTP_PORT = 465 +USER = celestino_rey@ymail.com +PASSWD = 'kbryvwxkockqckss' + +[openid] +ENABLE_OPENID_SIGNIN = true +ENABLE_OPENID_SIGNUP = true + diff --git a/GiteaLatest/creaTodo.sh b/GiteaLatest/creaTodo.sh new file mode 100755 index 00000000..fd1f34f5 --- /dev/null +++ b/GiteaLatest/creaTodo.sh @@ -0,0 +1,2 @@ +kubectl create -f pv-local-pg-gitea.yaml +kubectl create -k ./ diff --git a/GiteaLatest/db-deployment.yaml b/GiteaLatest/db-deployment.yaml new file mode 100644 index 00000000..56fc44dc --- /dev/null +++ b/GiteaLatest/db-deployment.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.34.0 (cbf2835db) + labels: + io.kompose.service: db + name: db + namespace: gitea-latest +spec: + replicas: 1 + selector: + matchLabels: + io.kompose.service: db + strategy: + type: Recreate + template: + metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.34.0 (cbf2835db) + labels: + io.kompose.service: db + spec: + containers: + - env: + - name: POSTGRES_DB + valueFrom: + configMapKeyRef: + key: POSTGRES_DB + name: env-prod-db + - name: POSTGRES_PASSWORD + valueFrom: + configMapKeyRef: + key: POSTGRES_PASSWORD + name: env-prod-db + - name: POSTGRES_USER + valueFrom: + configMapKeyRef: + key: POSTGRES_USER + name: env-prod-db + image: postgres:15 + name: db + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + restartPolicy: Always + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: postgres-data diff --git a/GiteaLatest/db-service.yaml b/GiteaLatest/db-service.yaml new file mode 100644 index 00000000..afc42c45 --- /dev/null +++ b/GiteaLatest/db-service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.34.0 (cbf2835db) + labels: + io.kompose.service: db + name: db + namespace: gitea-latest +spec: + ports: + - name: "5432" + port: 5432 + targetPort: 5432 + selector: + io.kompose.service: db diff --git a/GiteaLatest/entraPsql.sh b/GiteaLatest/entraPsql.sh new file mode 100644 index 00000000..e81dac30 --- /dev/null +++ b/GiteaLatest/entraPsql.sh @@ -0,0 +1 @@ +kubectl -n gitea-latest exec -ti deployment.apps/db -- psql --username=creylopez --dbname=gitea diff --git a/GiteaLatest/env-prod-db-configmap.yaml b/GiteaLatest/env-prod-db-configmap.yaml new file mode 100644 index 00000000..e5c39df4 --- /dev/null +++ b/GiteaLatest/env-prod-db-configmap.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +data: + POSTGRES_DB: gitea + POSTGRES_PASSWORD: Dsa-0213 + POSTGRES_USER: creylopez +kind: ConfigMap +metadata: + labels: + io.kompose.service: db-env-prod-db + name: env-prod-db + namespace: gitea-latest diff --git a/GiteaLatest/kustomization.yaml b/GiteaLatest/kustomization.yaml new file mode 100644 index 00000000..d9ec5be6 --- /dev/null +++ b/GiteaLatest/kustomization.yaml @@ -0,0 +1,16 @@ +secretGenerator: +- name: sqlgitea-pass + namespace: gitea-latest + literals: + - password=Dsa-0213 + - db_user=root + - db_passwd=Dsa-0213 +resources: + - reg-secret.yaml + - env-prod-db-configmap.yaml + - postgres-data-persistentvolumeclaim.yaml + - db-deployment.yaml + - db-service.yaml + - 010-deployment.yaml + - 020-volumes.yaml + - 030-network.yaml diff --git a/GiteaLatest/nginx-deployment.yaml b/GiteaLatest/nginx-deployment.yaml new file mode 100644 index 00000000..4047af8e --- /dev/null +++ b/GiteaLatest/nginx-deployment.yaml @@ -0,0 +1,34 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.34.0 (cbf2835db) + labels: + io.kompose.service: nginx + name: nginx + namespace: gitea-latest +spec: + replicas: 1 + selector: + matchLabels: + io.kompose.service: nginx + strategy: + type: Recreate + template: + metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.34.0 (cbf2835db) + labels: + io.kompose.service: nginx + spec: + containers: + - image: registry.reymota.es/nginx-gitea-x86_64:1.18 + name: nginx + ports: + - containerPort: 80 + protocol: TCP + imagePullSecrets: + - name: myregistrykey + restartPolicy: Always diff --git a/GiteaLatest/nginx-service.yaml b/GiteaLatest/nginx-service.yaml new file mode 100644 index 00000000..08fca25d --- /dev/null +++ b/GiteaLatest/nginx-service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + annotations: + kompose.cmd: kompose convert + kompose.version: 1.34.0 (cbf2835db) + labels: + io.kompose.service: nginx + name: nginx + namespace: gitea-latest +spec: + type: NodePort + ports: + - name: "80" + port: 80 + nodePort: 30780 + targetPort: 80 + selector: + io.kompose.service: nginx + diff --git a/GiteaLatest/nginx/Dockerfile b/GiteaLatest/nginx/Dockerfile new file mode 100644 index 00000000..8328a0e5 --- /dev/null +++ b/GiteaLatest/nginx/Dockerfile @@ -0,0 +1,4 @@ +FROM nginx:1.25 + +RUN rm /etc/nginx/conf.d/default.conf +COPY nginx.conf /etc/nginx/conf.d diff --git a/GiteaLatest/nginx/Makefile b/GiteaLatest/nginx/Makefile new file mode 100644 index 00000000..778014ab --- /dev/null +++ b/GiteaLatest/nginx/Makefile @@ -0,0 +1,11 @@ +export ARQUITECTURA := $(shell lscpu |grep itectur | tr -d ' '| cut -f2 -d':') +export IMG_NGINX_VERSION = 1.18 + +install: + + echo "Creando imagen con version ${IMG_NGINX_VERSION} para la arquitectura ${ARQUITECTURA}" + + docker build --no-cache -t registry.reymota.es/nginx-gitea-${ARQUITECTURA}:${IMG_NGINX_VERSION} . + docker push registry.reymota.es/nginx-gitea-${ARQUITECTURA}:${IMG_NGINX_VERSION} + + diff --git a/GiteaLatest/nginx/nginx.conf b/GiteaLatest/nginx/nginx.conf new file mode 100644 index 00000000..315fba80 --- /dev/null +++ b/GiteaLatest/nginx/nginx.conf @@ -0,0 +1,17 @@ +upstream gitea { + server gitea:3000; +} + +server { + + listen 80; + + location / { + proxy_pass http://gitea; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_redirect off; + client_max_body_size 100M; + } + +} diff --git a/GiteaLatest/paraTodo.sh b/GiteaLatest/paraTodo.sh new file mode 100755 index 00000000..0f35be79 --- /dev/null +++ b/GiteaLatest/paraTodo.sh @@ -0,0 +1,2 @@ +kubectl delete -k ./ +kubectl delete -f pv-local-pg-gitea.yaml diff --git a/GiteaLatest/postgres-data-persistentvolumeclaim.yaml b/GiteaLatest/postgres-data-persistentvolumeclaim.yaml new file mode 100644 index 00000000..7c6b2f97 --- /dev/null +++ b/GiteaLatest/postgres-data-persistentvolumeclaim.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + labels: + io.kompose.service: postgres-data + name: postgres-data + namespace: gitea-latest +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 20Gi diff --git a/GiteaLatest/pv-local-pg-gitea.yaml b/GiteaLatest/pv-local-pg-gitea.yaml new file mode 100644 index 00000000..52303c44 --- /dev/null +++ b/GiteaLatest/pv-local-pg-gitea.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + name: gitea-data-latest +spec: + capacity: + storage: 20Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/mnt/Externo/gitea-latest/pg" diff --git a/GiteaLatest/reg-secret.yaml b/GiteaLatest/reg-secret.yaml new file mode 100644 index 00000000..3e23fecb --- /dev/null +++ b/GiteaLatest/reg-secret.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Secret +metadata: + name: myregistrykey + namespace: gitea-latest +data: + .dockerconfigjson: ewoJImF1dGhzIjogewoJCSJyZWdpc3RyeS5yZXltb3RhLmVzIjogewoJCQkiYXV0aCI6ICJZM0psZVd4dmNHVjZPbEpsZVMweE1UYzIiCgkJfQoJfQp9 +type: kubernetes.io/dockerconfigjson diff --git a/GiteaLatest/terminapv.sh b/GiteaLatest/terminapv.sh new file mode 100644 index 00000000..9b1dd5cf --- /dev/null +++ b/GiteaLatest/terminapv.sh @@ -0,0 +1,3 @@ + +kubectl patch pv gitea-folder -p '{"metadata":{"finalizers":null}}' +kubectl patch pv gitea-data -p '{"metadata":{"finalizers":null}}' diff --git a/HelmCharts/nextcloud.md b/HelmCharts/nextcloud.md new file mode 100644 index 00000000..5275432a --- /dev/null +++ b/HelmCharts/nextcloud.md @@ -0,0 +1,11 @@ +# Habilitar IP bloqueada por multiples reintentos. + +## Entrar en el pod + +kubectl -n nextcloud exec -ti deployment.apps/nextcloud-server -- /bin/bash + +## Desbloquear IP +(tiene que ser la ip publica - https://www.cualesmiip.com) + +php /var/www/nextcloud/occ security:bruteforce:reset 95.21.128.141 +