From 660c889b5fa2f0960dbb7cd350dd4f8a99b219e2 Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Sat, 15 May 2021 10:05:31 +1200 Subject: [PATCH] Add PoC example --- k8s-manifests/README.org | 82 ++++++++++++++----------- k8s-manifests/plausible-deployment.yaml | 2 +- k8s-manifests/plausible-ingress.yaml | 20 ++++++ k8s-manifests/plausible-service.yaml | 1 - 4 files changed, 68 insertions(+), 37 deletions(-) create mode 100644 k8s-manifests/plausible-ingress.yaml diff --git a/k8s-manifests/README.org b/k8s-manifests/README.org index e06ae47..4fe701e 100644 --- a/k8s-manifests/README.org +++ b/k8s-manifests/README.org @@ -12,58 +12,70 @@ * Setup #+NAME: create namespace -#+begin_src shell :results silent - kubectl create ns plausible +#+begin_src tmate :window plausible-setup +kubectl create ns plausible #+end_src +#+NAME: label the namespace +#+BEGIN_SRC tmate :window plausible-setup +kubectl label ns plausible cert-manager-tls=sync --overwrite +#+END_SRC + #+NAME: create the database secrets -#+begin_src shell :results silent - kubectl -n plausible create secret generic postgres-configuration \ - --from-literal=POSTGRES_DB=plausible \ - --from-literal=POSTGRES_USER=plausible \ - --from-literal=POSTGRES_PASSWORD=plausible \ - --from-literal=PGUSER=plausible \ - --from-literal=PGPASSWORD=plausible \ - --from-literal=PGDATABASE=plausible +#+begin_src tmate :window plausible-setup +kubectl -n plausible create secret generic postgres-configuration \ + --from-literal=POSTGRES_DB=plausible \ + --from-literal=POSTGRES_USER=plausible \ + --from-literal=POSTGRES_PASSWORD=plausible \ + --from-literal=PGUSER=plausible \ + --from-literal=PGPASSWORD=plausible \ + --from-literal=PGDATABASE=plausible \ + --dry-run=client \ + -o yaml | kubectl apply -f - #+end_src #+NAME: install Postgres -#+begin_src shell :pwd ./ :results silent - kubectl -n plausible apply -f postgres.yaml +#+begin_src tmate :window plausible-setup +kubectl -n plausible apply -f postgres.yaml #+end_src #+NAME: create secrets -#+begin_src shell :results silent - kubectl -n plausible create secret generic plausible \ - --from-literal=ADMIN_USER_EMAIL=myemail@example.com \ - --from-literal=ADMIN_USER_NAME="Example User" \ - --from-literal=ADMIN_USER_PWD="password" \ - --from-literal=SECRET_KEY_BASE="$(openssl rand -base64 64)" \ - --from-literal=DATABASE_URL="postgres://plausible:plausible@postgres/plausible?ssl=false" \ - --from-literal=CLICKHOUSE_DATABASE_URL=http://plausible-events-db:8123/plausible -#+end_src - -#+NAME: apply the service -#+begin_src shell :results silent - kubectl -n plausible apply -f plausible-service.yaml +#+begin_src tmate :window plausible-setup +kubectl -n plausible create secret generic plausible \ + --from-literal=ADMIN_USER_EMAIL="$GIT_AUTHOR_EMAIL" \ + --from-literal=ADMIN_USER_NAME="$GIT_AUTHOR_NAME" \ + --from-literal=ADMIN_USER_PWD="password" \ + --from-literal=SECRET_KEY_BASE="$(openssl rand -base64 64)" \ + --from-literal=DATABASE_URL="postgres://plausible:plausible@postgres/plausible?ssl=false" \ + --from-literal=CLICKHOUSE_DATABASE_URL=http://plausible-events-db:8123/plausible \ + --dry-run=client \ + -o yaml | kubectl apply -f - #+end_src #+NAME: create configuration -#+begin_src shell :results silent - kubectl -n plausible create configmap plausible \ - --from-literal=BASE_URL=http://$(minikube ip):$(kubectl -n plausible get svc plausible -o=jsonpath='{.spec.ports[0].nodePort}') +#+begin_src tmate :window plausible-setup +kubectl -n plausible create configmap plausible \ + --from-literal=BASE_URL=https://plausible.$SHARINGIO_PAIR_BASE_DNS_NAME \ + --dry-run=client \ + -o yaml | kubectl apply -f - #+end_src #+NAME: install Plausible -#+begin_src shell :results silent - kubectl -n plausible apply \ - -f event-data-persistentvolumeclaim.yaml \ - -f mail-deployment.yaml \ - -f plausible-deployment.yaml \ - -f plausible-events-db-deployment.yaml \ - -f plausible-events-db-service.yaml +#+begin_src tmate :window plausible-setup +kubectl -n plausible apply \ + -f event-data-persistentvolumeclaim.yaml \ + -f mail-deployment.yaml \ + -f plausible-deployment.yaml \ + -f plausible-service.yaml \ + -f plausible-ingress.yaml \ + -f plausible-events-db-deployment.yaml \ + -f plausible-events-db-service.yaml #+end_src +#+BEGIN_SRC tmate :window plausible-setup +kubectl -n plausible exec -it statefulset/postgres -- psql -c "UPDATE users SET email_verified = true;" +#+END_SRC + * Notes and references - https://docs.plausible.io/self-hosting-configuration/ - https://github.com/plausible/hosting/blob/c5146231aa0bf8d7a0da11370845e11a4973373e/docker-compose.yml diff --git a/k8s-manifests/plausible-deployment.yaml b/k8s-manifests/plausible-deployment.yaml index 6a01409..e5b779c 100644 --- a/k8s-manifests/plausible-deployment.yaml +++ b/k8s-manifests/plausible-deployment.yaml @@ -77,7 +77,7 @@ spec: readOnlyRootFilesystem: true allowPrivilegeEscalation: false command: - - bash + - sh - -c - /app/createdb.sh && /app/migrate.sh && /app/init-admin.sh env: diff --git a/k8s-manifests/plausible-ingress.yaml b/k8s-manifests/plausible-ingress.yaml new file mode 100644 index 0000000..fb188f1 --- /dev/null +++ b/k8s-manifests/plausible-ingress.yaml @@ -0,0 +1,20 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: plausible +spec: + rules: + - host: plausible.bobymcbobs-weekend.pair.sharing.io + http: + paths: + - backend: + service: + name: plausible + port: + number: 8000 + path: / + pathType: ImplementationSpecific + tls: + - hosts: + - plausible.bobymcbobs-weekend.pair.sharing.io + secretName: letsencrypt-prod diff --git a/k8s-manifests/plausible-service.yaml b/k8s-manifests/plausible-service.yaml index a9b3cb0..b03417f 100644 --- a/k8s-manifests/plausible-service.yaml +++ b/k8s-manifests/plausible-service.yaml @@ -9,6 +9,5 @@ spec: - name: http port: 8000 targetPort: 8000 - type: NodePort selector: app: plausible