A

.gitignore

@@ -0,0 +1,2 @@
+/*-secrets.yml
+/*-secrets.yaml

roka1-ingress.yaml

@@ -0,0 +1,113 @@
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: roka-letsencrypt-staging
+spec:
+  acme:
+    server: https://acme-staging-v02.api.letsencrypt.org/directory
+    email: roka@bsch.ca
+    privateKeySecretRef:
+      name: roka-letsencrypt-staging
+    solvers:
+    - http01:
+        ingress:
+          class: nginx
+
+---
+
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: roka-letsencrypt-prod
+spec:
+  acme:
+    server: https://acme-v02.api.letsencrypt.org/directory
+    email: roka@bsch.ca
+    privateKeySecretRef:
+      name: roka-letsencrypt-prod
+    solvers:
+    - http01:
+        ingress:
+          class: nginx
+
+---
+
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: roka-ingress
+  annotations:
+    cert-manager.io/issuer: "roka-letsencrypt-prod"
+    nginx.ingress.kubernetes.io/proxy-body-size: 4096m
+#    nginx.ingress.kubernetes.io/ssl-redirect: "false"
+spec:
+  tls:
+  - hosts:
+      - roka1.bsch.ca
+      - content.roka1.bsch.ca
+      - s3.roka1.bsch.ca
+      - test.credolinx.ca
+      - test.credolinx.com
+      - data.roka1.bsch.ca
+    secretName: roka-tls-secret-prod
+  rules:
+  - host: roka1.bsch.ca
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: roka-dev-service
+            port:
+              number: 80
+  - host: data.roka1.bsch.ca
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: roka-server-test-service
+            port:
+              number: 8080
+  - host: test.credolinx.com
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: roka-test-service
+            port:
+              number: 80
+  - host: test.credolinx.ca
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: roka-test-service
+            port:
+              number: 80
+  - host: content.roka1.bsch.ca
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: ipfs-service
+            port:
+              number: 8080
+  - host: s3.roka1.bsch.ca
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: s3-external-service
+            port:
+              number: 9000

roka1-react.yaml

@@ -0,0 +1,188 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: ipfs-pv-volume
+  labels:
+    type: local
+spec:
+  storageClassName: slab
+  capacity:
+    storage: 300Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data"
+
+---
+
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: ipfs-pvc
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 250Gi
+  storageClassName: slab
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: roka-test-app-deployment
+  labels:
+    app: roka-test
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: roka-test
+  template:
+    metadata:
+      labels:
+        app: roka-test
+    spec:
+      containers:
+      - name: roka-test-app
+        image: dock.blake.lol/trin-react:1.0.0.35
+      imagePullSecrets:
+      - name: dock-blake-registry
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: roka-dev-app-deployment
+  labels:
+    app: roka-dev
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: roka-dev
+  template:
+    metadata:
+      labels:
+        app: roka-dev
+    spec:
+      containers:
+      - name: roka-dev-app
+        image: dock.blake.lol/trin-react:1.0.0.40
+      imagePullSecrets:
+      - name: dock-blake-registry
+
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: ipfs-deployment
+  labels:
+    app: ipfs
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: ipfs
+  template:
+    metadata:
+      labels:
+        app: ipfs
+    spec:
+      volumes:
+        - name: ipfs-pv-storage
+          persistentVolumeClaim:
+            claimName: ipfs-pvc
+      containers:
+      - name: ipfs
+        image: dock.blake.lol/ipfs-v3:1.0.0.2
+        env:
+        - name: API_ADDRESS
+          value: /ip4/0.0.0.0/tcp/5001
+        - name: GATEWAY_ADDRESS
+          value: /ip4/0.0.0.0/tcp/8080
+        - name: SWARM_ADDRESS
+          value: /ip4/0.0.0.0/tcp/40001
+        - name: SWARM_WS_ADDRESS
+          value: /ip4/0.0.0.0/tcp/40005/ws
+        - name: SWARM_KEY
+          value: 89ca3f508854c55c73ce5147b8fa327874c60d4e5d7a7d2240067424ee1781ab
+        volumeMounts:
+        - mountPath: "/home/ipfs/.ipfs"
+          name: ipfs-pv-storage
+      imagePullSecrets:
+      - name: dock-blake-registry
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+ name: s3-external-service
+spec:
+ type: ExternalName
+ externalName: s3.bsch.ca
+ ports:
+   - port: 9000
+     name: api-port
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: ipfs-service
+spec:
+  selector:
+    app: ipfs
+  ports:
+    - port: 5001
+      name: api-port
+    - port: 8080
+      name: gateway-port
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: ipfs-swarm-service
+spec:
+  type: NodePort
+  selector:
+    app: ipfs
+  ports:
+    - port: 40001
+      name: swarm-port
+      nodePort: 40001
+    - port: 40005
+      name: swarm-ws-port
+      nodePort: 40005
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: roka-test-service
+spec:
+  selector:
+    app: roka-test
+  ports:
+    - port: 80
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: roka-dev-service
+spec:
+  selector:
+    app: roka-dev
+  ports:
+    - port: 80

roka1-server.yaml

@@ -0,0 +1,51 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: roka-server-test-deployment
+  labels:
+    app: roka-server-test
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: roka-server-test
+  template:
+    metadata:
+      labels:
+        app: roka-server-test
+    spec:
+      containers:
+      - name: roka-server-test-app
+        env:
+        - name: GOOGLE_APPLICATION_CREDENTIALS
+          value: /etc/secret/roka-server-test/sa_credentials.json
+        - name: SPREADSHEET_ID
+          value: 1Ou4qK35oai8xshhtsFTHB_asZV_TvzJ-e7Yef6I2Eio
+        - name: CACHE_TTL_SECS
+          value: '60'
+        volumeMounts:
+        - name: service-account-credentials-volume
+          mountPath: /etc/secret/roka-server-test
+          readOnly: true
+        image: dock.blake.lol/trin-server:1.0.0.47
+      imagePullSecrets:
+      - name: dock-blake-registry
+      volumes:
+      - name: service-account-credentials-volume
+        secret:
+          secretName: roka-server-test-secret
+          items:
+          - key: sa_json
+            path: sa_credentials.json
+
+---
+
+kind: Service
+apiVersion: v1
+metadata:
+  name: roka-server-test-service
+spec:
+  selector:
+    app: roka-server-test
+  ports:
+    - port: 8080