commit 565fcdcedf7b4d0e3fbdb87d14d4410a2026e0ce
author giolekva <giolekva@gmail.com> Thu Sep 23 18:34:30 2021 +0400
committer giolekva <giolekva@gmail.com> Thu Sep 23 18:34:30 2021 +0400
tree 5ad54313f8168746e2abc74ba29051c982bfba60
parent c40b13debda6f85b5ef7c3e65ae3bf200ae1c19e

maddy + nebula submodules

apps/nebula/Dockerfile

diff --git a/apps/nebula/Dockerfile b/apps/nebula/Dockerfile
new file mode 100644
index 0000000..a9bc502
--- /dev/null
+++ b/apps/nebula/Dockerfile
@@ -0,0 +1,6 @@
+FROM alpine:latest
+
+COPY nebula/build/linux-arm64/nebula /usr/bin
+COPY nebula/build/linux-arm64/nebula-cert /usr/bin
+RUN chmod +x /usr/bin/nebula
+RUN chmod +x /usr/bin/nebula-cert

apps/nebula/Makefile

diff --git a/apps/nebula/Makefile b/apps/nebula/Makefile
new file mode 100644
index 0000000..e19816e
--- /dev/null
+++ b/apps/nebula/Makefile
@@ -0,0 +1,12 @@
+build:
+	make -C nebula build/linux-arm64/nebula
+	make -C nebula build/linux-arm64/nebula-cert
+
+clean:
+	rm -f nebula/build
+
+image: clean build
+	docker build --tag=giolekva/nebula .
+
+push: image
+	docker push giolekva/nebula:latest

apps/nebula/install.yaml

diff --git a/apps/nebula/install.yaml b/apps/nebula/install.yaml
new file mode 100644
index 0000000..16a22ca
--- /dev/null
+++ b/apps/nebula/install.yaml
@@ -0,0 +1,93 @@
+---
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: app-nebula
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nebula
+  namespace: app-nebula
+spec:
+  type: LoadBalancer
+  selector:
+    app: nebula
+  ports:
+  - name: nebula
+    port: 4242
+    targetPort: nebula
+    protocol: UDP
+# ---
+# apiVersion: networking.k8s.io/v1
+# kind: Ingress
+# metadata:
+#   name: ingress
+#   namespace: app-nebula
+#   annotations:
+#     cert-manager.io/cluster-issuer: "letsencrypt-prod"
+#     acme.cert-manager.io/http01-edit-in-place: "true"
+# spec:
+#   ingressClassName: nginx
+#   tls:
+#   - hosts:
+#     - woof.lekva.me
+#     secretName: cert-woof.lekva.me
+#   rules:
+#   - host: woof.lekva.me
+#     http:
+#       paths:
+#       - path: /
+#         pathType: Prefix
+#         backend:
+#           service:
+#             name: nebula
+#             port:
+#               name: http
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nebula
+  namespace: app-nebula
+spec:
+  selector:
+    matchLabels:
+      app: nebula
+  replicas: 1
+  template:
+    metadata:
+      labels:
+        app: nebula
+    spec:
+      volumes:
+      - name: lighthouse-cert
+        configMap:
+          name: lighthouse-cert
+      - name: ca-cert
+        configMap:
+          name: ca-cert
+      - name: config
+        configMap:
+          name: lighthouse-config
+      containers:
+      - name: nebula
+        image: giolekva/nebula:latest
+        imagePullPolicy: IfNotPresent
+        securityContext:
+          capabilities:
+            add:
+            - NET_ADMIN
+          privileged: true
+        ports:
+        - name: nebula
+          containerPort: 4242
+          protocol: UDP
+        command: ["nebula", "--config=/etc/nebula/config/lighthouse.yaml"]
+        volumeMounts:
+        - name: lighthouse-cert
+          mountPath: /etc/nebula/lighthouse
+        - name: ca-cert
+          mountPath: /etc/nebula/ca
+        - name: config
+          mountPath: /etc/nebula/config

apps/nebula/nebula

diff --git a/apps/nebula/nebula b/apps/nebula/nebula
new file mode 160000
index 0000000..9f34c5e
--- /dev/null
+++ b/apps/nebula/nebula
@@ -0,0 +1 @@
+Subproject commit 9f34c5e2baa7b05b34bcbb13b62beb1bafd92530