Last active
July 19, 2022 18:26
-
-
Save madalinignisca/93339ec774b00bc5589b3a45fc968eb5 to your computer and use it in GitHub Desktop.
WordPress on MicroK8s
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -euo pipefail | |
| USERNAME=wpk8s # TODO: Customize the sudo non-root username here | |
| # Create user and immediately expire password to force a change on login | |
| useradd --create-home --shell "/bin/bash" --groups sudo "${USERNAME}" | |
| passwd --delete "${USERNAME}" | |
| chage --lastday 0 "${USERNAME}" | |
| # Create SSH directory for sudo user and move keys over | |
| home_directory="$(eval echo ~${USERNAME})" | |
| mkdir --parents "${home_directory}/.ssh" | |
| cp /root/.ssh/authorized_keys "${home_directory}/.ssh" | |
| chmod 0700 "${home_directory}/.ssh" | |
| chmod 0600 "${home_directory}/.ssh/authorized_keys" | |
| chown --recursive "${USERNAME}":"${USERNAME}" "${home_directory}/.ssh" | |
| # Disable root SSH login with password | |
| sed --in-place 's/^PermitRootLogin.*/PermitRootLogin prohibit-password/g' /etc/ssh/sshd_config | |
| if sshd -t -q; then systemctl restart sshd fi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| secretGenerator: | |
| - name: mysql-root-pass | |
| literals: | |
| - password=password123 | |
| - name: mysql-user | |
| literals: | |
| - user=wordpress | |
| - name: mysql-pass | |
| literals: | |
| - password=wordpress | |
| - name: mysql-database | |
| literals: | |
| - database=wordpress | |
| resources: | |
| - mysql.yaml | |
| - wordpress.yaml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl https://raw.githubusercontent.com/longhorn/longhorn/v1.2.4/deploy/longhorn.yaml | sed -e 's/#- name: KUBELET_ROOT_DIR/- name: KUBELET_ROOT_DIR/g' -e 's$# value: /var/lib/rancher/k3s/agent/kubelet$ value: /var/snap/microk8s/common/var/lib/kubelet$g' | sudo microk8s kubectl apply -f - |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: wordpress-mysql | |
| labels: | |
| app: wordpress | |
| spec: | |
| ports: | |
| - port: 3306 | |
| selector: | |
| app: wordpress | |
| tier: mysql | |
| clusterIP: None | |
| --- | |
| apiVersion: apps/v1 | |
| kind: StatefulSet | |
| metadata: | |
| name: wordpress-mysql | |
| labels: | |
| app: wordpress | |
| spec: | |
| selector: | |
| matchLabels: | |
| app: wordpress | |
| tier: mysql | |
| serviceName: wordpress-mysql | |
| template: | |
| metadata: | |
| labels: | |
| app: wordpress | |
| tier: mysql | |
| spec: | |
| containers: | |
| - image: mariadb:10.5 | |
| name: mysql | |
| env: | |
| - name: MARIADB_ROOT_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-root-pass | |
| key: password | |
| - name: MARIADB_DATABASE | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-database | |
| key: database | |
| - name: MARIADB_USER | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-user | |
| key: user | |
| - name: MARIADB_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-pass | |
| key: password | |
| - name: MARIADB_AUTO_UPGRADE | |
| value: "true" | |
| ports: | |
| - containerPort: 3306 | |
| name: mysql | |
| volumeMounts: | |
| - name: wordpress-mysql | |
| mountPath: /var/lib/mysql | |
| volumeClaimTemplates: | |
| - metadata: | |
| name: wordpress-mysql | |
| spec: | |
| accessModes: [ "ReadWriteOnce" ] | |
| resources: | |
| requests: | |
| storage: 10Gi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: wordpress | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 2Gi |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| apiVersion: networking.k8s.io/v1 | |
| kind: Ingress | |
| metadata: | |
| name: wordpress | |
| labels: | |
| app: wordpress | |
| spec: | |
| rules: | |
| - host: wordpress.k8s | |
| http: | |
| paths: | |
| - pathType: Prefix | |
| path: "/" | |
| backend: | |
| service: | |
| name: wordpress | |
| port: | |
| number: 80 | |
| --- | |
| apiVersion: v1 | |
| kind: Service | |
| metadata: | |
| name: wordpress | |
| labels: | |
| app: wordpress | |
| spec: | |
| ports: | |
| - port: 80 | |
| protocol: TCP | |
| selector: | |
| app: wordpress | |
| tier: frontend | |
| --- | |
| apiVersion: v1 | |
| kind: PersistentVolumeClaim | |
| metadata: | |
| name: wordpress | |
| spec: | |
| accessModes: | |
| - ReadWriteOnce | |
| resources: | |
| requests: | |
| storage: 2Gi | |
| --- | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: wordpress | |
| labels: | |
| app: wordpress | |
| spec: | |
| selector: | |
| matchLabels: | |
| app: wordpress | |
| tier: frontend | |
| template: | |
| metadata: | |
| labels: | |
| app: wordpress | |
| tier: frontend | |
| spec: | |
| initContainers: | |
| - name: init-mysql | |
| image: busybox | |
| command: ['sh', '-c', 'until nslookup wordpress-mysql; do echo waiting for mysql; sleep 2; done;'] | |
| containers: | |
| - image: wordpress | |
| name: wordpress | |
| env: | |
| - name: WORDPRESS_DB_HOST | |
| value: wordpress-mysql | |
| - name: WORDPRESS_DB_USER | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-user | |
| key: user | |
| - name: WORDPRESS_DB_NAME | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-database | |
| key: database | |
| - name: WORDPRESS_DB_PASSWORD | |
| valueFrom: | |
| secretKeyRef: | |
| name: mysql-pass | |
| key: password | |
| ports: | |
| - containerPort: 80 | |
| name: wordpress | |
| volumeMounts: | |
| - name: wordpress | |
| mountPath: /var/www/html | |
| volumes: | |
| - name: wordpress |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment