Move infrastructure to terraform and kubernetes

.gitignore

@@ -9,4 +9,33 @@ target/
 # MSVC Windows builds of rustc generate these, which store debugging information
 *.pdb
 
-.env
+.env
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc

k8s/ingress.yaml

@@ -0,0 +1,20 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: tokei
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+
+spec:
+  rules:
+    - host: tokei.rs
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name:  tokei
+                port:
+                  number: 8000

k8s/rbac.yaml

@@ -0,0 +1,47 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: traefik-ingress-controller
+rules:
+  - apiGroups:
+      - ""
+    resources:
+      - services
+      - endpoints
+      - secrets
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+      - networking.k8s.io
+    resources:
+      - ingresses
+      - ingressclasses
+    verbs:
+      - get
+      - list
+      - watch
+  - apiGroups:
+      - extensions
+      - networking.k8s.io
+    resources:
+      - ingresses/status
+    verbs:
+      - update
+
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: traefik-ingress-controller
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: traefik-ingress-controller
+subjects:
+  - kind: ServiceAccount
+    name: traefik-ingress-controller
+    namespace: default

k8s/tokei.yaml

@@ -0,0 +1,48 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: tokei
+  labels:
+    app: xampprocky
+    name: tokei
+
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: xampprocky
+      task: tokei
+  template:
+    metadata:
+      labels:
+        app: xampprocky
+        task: tokei
+    spec:
+      containers:
+        - name: tokei
+          image: ghcr.io/xampprocky/tokei_rs:latest
+          ports:
+            - containerPort: 8000
+              name: http
+          volumeMounts:
+            - mountPath: /tmp
+              name: tmp
+              subPath: tmp
+
+      volumes:
+        - name: tmp
+          hostPath:
+            path: /tmp
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: tokei
+
+spec:
+  ports:
+    - name: http
+      port: 8000
+  selector:
+    app: xampprocky
+    task: tokei

k8s/traefik.yaml

@@ -0,0 +1,56 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: traefik-ingress-controller
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: traefik
+  labels:
+    app: traefik
+
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: traefik
+  template:
+    metadata:
+      labels:
+        app: traefik
+    spec:
+      serviceAccountName: traefik-ingress-controller
+      containers:
+        - name: traefik
+          image: traefik:v2.11
+          args:
+            - --entrypoints.web.address=:80
+            - --entrypoints.web.http.redirections.entryPoint.to=websecure
+            - --entrypoints.websecure.address=:443
+            - --providers.kubernetesingress
+            - --log.level=DEBUG
+          ports:
+            - name: web
+              containerPort: 80
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: traefik
+spec:
+  type: LoadBalancer
+  ipFamilyPolicy: PreferDualStack
+  selector:
+    app: traefik
+  ports:
+    - protocol: TCP
+      port: 80
+      name: web
+      targetPort: 80
+    - protocol: TCP
+      port: 443
+      name: websecure
+      targetPort: 443

terraform/main.tf

@@ -0,0 +1,51 @@
+terraform {
+  required_providers {
+    linode = {
+      source = "linode/linode"
+      version = "2.16.0"
+    }
+  }
+}
+//Use the Linode Provider
+provider "linode" {
+  token = var.token
+}
+
+//Use the linode_lke_cluster resource to create
+//a Kubernetes cluster
+resource "linode_lke_cluster" "tokei" {
+    k8s_version = var.k8s_version
+    label = var.label
+    region = var.region
+    tags = var.tags
+
+    dynamic "pool" {
+        for_each = var.pools
+        content {
+            type  = pool.value["type"]
+            count = pool.value["count"]
+        }
+    }
+}
+
+//Export this cluster's attributes
+output "kubeconfig" {
+  value = linode_lke_cluster.tokei.kubeconfig
+  sensitive = true
+}
+
+output "api_endpoints" {
+  value = linode_lke_cluster.tokei.api_endpoints
+}
+
+output "status" {
+  value = linode_lke_cluster.tokei.status
+}
+
+output "id" {
+  value = linode_lke_cluster.tokei.id
+}
+
+output "pool" {
+  value = linode_lke_cluster.tokei.pool
+}

terraform/terraform.tfvars

@@ -0,0 +1,9 @@
+label = "tokei"
+k8s_version = "1.28"
+region = "eu-central"
+pools = [
+  {
+    type : "g6-standard-1"
+    count : 3
+  }
+]

terraform/variables.tf

@@ -0,0 +1,38 @@
+variable "token" {
+  description = "Your Linode API Personal Access Token. (required)"
+}
+
+variable "k8s_version" {
+  description = "The Kubernetes version to use for this cluster. (required)"
+  default = "1.26"
+}
+
+variable "label" {
+  description = "The unique label to assign to this cluster. (required)"
+  default = "default-lke-cluster"
+}
+
+variable "region" {
+  description = "The region where your cluster will be located. (required)"
+  default = "us-east"
+}
+
+variable "tags" {
+  description = "Tags to apply to your cluster for organizational purposes. (optional)"
+  type = list(string)
+  default = ["tokei"]
+}
+
+variable "pools" {
+  description = "The Node Pool specifications for the Kubernetes cluster. (required)"
+  type = list(object({
+    type = string
+    count = number
+  }))
+  default = [
+    {
+      type = "g6-standard-1"
+      count = 3
+    }
+  ]
+}