too many changes to itemize

infra/k8s/automation/003-ingress.yaml

@@ -1,5 +1,17 @@
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
+metadata:
+  name: cors
+  namespace: default
+spec:
+  headers:
+    customResponseHeaders:
+      Access-Control-Allow-Origin: "*"
+      Access-Control-Allow-Headers: "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"
+      Access-Control-Allow-Methods: "POST"
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
 metadata:
   name: strip-atem-prefix
   namespace: default
@@ -22,6 +34,8 @@ spec:
     middlewares:
       - name: strip-atem-prefix
         namespace: default
+      - name: cors
+        namespace: default
     services:
     - kind: Service
       name: atem-control

infra/k8s/database/003-database-service.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: postgres
-  namespace: matrixorg
+  namespace: database
 spec:
   selector:
     service: postgres

infra/k8s/database/graphql/001-deployment.yaml

@@ -0,0 +1,23 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgraphile
+spec:
+  selector:
+    matchLabels:
+      app: postgraphile
+  minReadySeconds: 5
+  template:
+    metadata:
+      labels:
+        app: postgraphile
+    spec:
+      containers:
+      - name: postgraphile
+        image: graphile/postgraphile:4
+        envFrom:
+        - secretRef:
+            name: postgres-secret-graphql
+        ports:
+          - name: web
+            containerPort: 5000

infra/k8s/database/graphql/002-service.yaml

@@ -0,0 +1,16 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: postgraphile
+spec:
+  type: ClusterIP
+  selector:
+    app: postgraphile 
+  ports:
+    # Three types of ports for a service
+    # nodePort - a static port assigned on each the node
+    # port - port exposed internally in the cluster
+    # targetPort - the container port to send requests to
+    - protocol: TCP
+      port: 5000
+      name: web

infra/k8s/database/graphql/003-ingress.yaml

@@ -0,0 +1,33 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  name: cors
+  namespace: default
+spec:
+  headers:
+    customResponseHeaders:
+      Access-Control-Allow-Origin: "*"
+      Access-Control-Allow-Headers: "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"
+      Access-Control-Allow-Methods: "POST"
+---
+kind: IngressRoute
+apiVersion: traefik.containo.us/v1alpha1
+metadata:
+  name: fk-frontend-prod-graphql-https
+  namespace: default
+spec:
+  entryPoints: 
+    - websecure
+  routes:
+  - match: (Host(`frikanalen.no`) || Host(`www.frikanalen.no`) || Host(`forrige.frikanalen.no`)) && PathPrefix(`/graphql`)
+    kind: Rule
+    middlewares:
+    - name: cors
+      namespace: default
+    services:
+    - kind: Service
+      name: postgraphile
+      scheme: http
+      port: 5000
+  tls:
+    certResolver: default

infra/k8s/django/000-nginx-config.yaml

@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: nginx-conf
+data:
+  site.conf: |
+    upstream website {
+        server localhost:8080;
+    }
+
+    server {
+        listen 80;
+        server_name _;
+        location /static {
+            alias /usr/share/nginx/html;
+        }
+
+       location / {
+            proxy_pass http://website;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+         }
+    }

infra/k8s/django/001-deployment.yaml

@@ -0,0 +1,54 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: django
+spec:
+  selector:
+    matchLabels:
+      app: django
+  minReadySeconds: 5
+  template:
+    metadata:
+      labels:
+        app: django
+    spec:
+      containers:
+      - name: django
+        image: toresbe/fk-django:latest
+        env:
+          - name: DJANGO_SETTINGS_MODULE
+            value: fkbeta.settings.production
+        envFrom:
+        - secretRef:
+            name: postgres-secret-django
+        ports:
+          - name: web
+            containerPort: 8080
+        volumeMounts:
+        - mountPath: /srv/collected_staticfiles
+          name: static-files
+        lifecycle:
+          postStart:
+            exec:
+              command: ["./manage.py", "collectstatic"]
+      - name: nginx
+        image: nginx
+        volumeMounts:
+        - mountPath: /etc/nginx/conf.d
+          readOnly: true
+          name: nginx-conf
+        - mountPath: /usr/share/nginx/html
+          name: static-files
+        ports:
+          - name: web
+            containerPort: 80
+      volumes:
+      - name: static-files
+        emptyDir: {}
+      - name: nginx-conf
+        configMap:
+          name: nginx-conf
+          items:
+            - key: site.conf
+              path: site.conf
+

infra/k8s/django/002-service.yaml

@@ -0,0 +1,16 @@
+kind: Service
+apiVersion: v1
+metadata:
+  name: django
+spec:
+  type: ClusterIP
+  selector:
+    app: django
+  ports:
+    # Three types of ports for a service
+    # nodePort - a static port assigned on each the node
+    # port - port exposed internally in the cluster
+    # targetPort - the container port to send requests to
+    - protocol: TCP
+      port: 80
+      name: web

infra/k8s/django/003-ingress.yaml

@@ -0,0 +1,53 @@
+---
+#kind: IngressRoute
+#apiVersion: traefik.containo.us/v1alpha1
+#metadata:
+#  name: django-http
+#  namespace: default
+#spec:
+#  entryPoints: 
+#    - web
+#  routes:
+#  - match: Host(`beta.frikanalen.no`) 
+#    kind: Rule
+#    middlewares:
+#      - name: scheme-redirect
+#    services:
+#      - name: dummy
+kind: IngressRoute
+apiVersion: traefik.containo.us/v1alpha1
+metadata:
+  name: django-http
+  namespace: default
+spec:
+  entryPoints: 
+    - web
+  routes:
+    - match: Host(`forrige.frikanalen.no`) 
+      kind: Rule
+      services:
+      - kind: Service
+        name: django
+        scheme: http
+        port: 80
+      middlewares:
+        - name: scheme-redirect
+---
+kind: IngressRoute
+apiVersion: traefik.containo.us/v1alpha1
+metadata:
+  name: django-https
+  namespace: default
+spec:
+  entryPoints: 
+    - websecure
+  routes:
+  - match: Host(`forrige.frikanalen.no`)
+    kind: Rule
+    services:
+    - kind: Service
+      name: django
+      scheme: http
+      port: 80
+  tls:
+    certResolver: default

infra/k8s/frontend/000-prod/000-config.yaml

@@ -4,5 +4,5 @@ metadata:
   name: frontend-prod-config
   namespace: default
 data:
-  API_BASE_URL: "https://forrige.frikanalen.no/api/"
-  GRAPHQL_URL: "https://forrige.frikanalen.no/graphql"
+  API_BASE_URL: "https://frikanalen.no/api/"
+  GRAPHQL_URL: "https://frikanalen.no/graphql"

infra/k8s/frontend/000-prod/003-ingress.yaml

@@ -14,18 +14,6 @@
 #      - name: scheme-redirect
 #    services:
 #      - name: dummy
-apiVersion: apiextensions.k8s.io/v1beta1
-kind: CustomResourceDefinition
-metadata:
-  name: middlewares.traefik.containo.us
-spec:
-  group: traefik.containo.us
-  version: v1alpha1
-  names:
-    kind: Middleware
-    plural: middlewares
-    singular: middleware
-  scope: Namespaced
 ---
 apiVersion: traefik.containo.us/v1alpha1
 kind: Middleware
@@ -66,7 +54,7 @@ spec:
   entryPoints: 
     - websecure
   routes:
-  - match: Host(`frikanalen.no`) || Host(`www.frikanalen.no`) 
+  - match: Host(`frikanalen.no`)
     kind: Rule
     services:
     - kind: Service
@@ -75,3 +63,22 @@ spec:
       port: 3000
   tls:
     certResolver: default
+---
+kind: IngressRoute
+apiVersion: traefik.containo.us/v1alpha1
+metadata:
+  name: fk-frontend-prod-api-https
+  namespace: default
+spec:
+  entryPoints: 
+    - websecure
+  routes:
+  - match: (Host(`frikanalen.no`) || Host(`www.frikanalen.no`)) && (PathPrefix(`/api`) || PathPrefix(`/static`) || PathPrefix(`/xmltv`))
+    kind: Rule
+    services:
+    - kind: Service
+      name: django
+      scheme: http
+      port: 80
+  tls:
+    certResolver: default

infra/k8s/ingress/001-custom-resources.yaml

@@ -0,0 +1,77 @@
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: ingressroutes.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  version: v1alpha1
+  names:
+    kind: IngressRoute
+    plural: ingressroutes
+    singular: ingressroute
+  scope: Namespaced
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: ingressroutetcps.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  version: v1alpha1
+  names:
+    kind: IngressRouteTCP
+    plural: ingressroutetcps
+    singular: ingressroutetcp
+  scope: Namespaced
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: middlewares.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  version: v1alpha1
+  names:
+    kind: Middleware
+    plural: middlewares
+    singular: middleware
+  scope: Namespaced
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: tlsoptions.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  version: v1alpha1
+  names:
+    kind: TLSOption
+    plural: tlsoptions
+    singular: tlsoption
+  scope: Namespaced
+
+---
+apiVersion: apiextensions.k8s.io/v1beta1
+kind: CustomResourceDefinition
+metadata:
+  name: traefikservices.traefik.containo.us
+
+spec:
+  group: traefik.containo.us
+  version: v1alpha1
+  names:
+    kind: TraefikService
+    plural: traefikservices
+    singular: traefikservice
+  scope: Namespaced
+
+
+---