From b564c6c11124e54d278f321d71e5d3204ffa8c0d Mon Sep 17 00:00:00 2001 From: fchinembiri Date: Thu, 28 May 2026 21:23:37 +0200 Subject: [PATCH] feat: deploy Mattermost in nextgen namespace --- k8s/argocd-nextgen.yaml | 21 ++++++++ k8s/nextgen/00-namespace.yaml | 4 ++ k8s/nextgen/10-postgres.yaml | 72 +++++++++++++++++++++++++ k8s/nextgen/20-mattermost.yaml | 99 ++++++++++++++++++++++++++++++++++ k8s/nextgen/kustomization.yaml | 7 +++ 5 files changed, 203 insertions(+) create mode 100644 k8s/argocd-nextgen.yaml create mode 100644 k8s/nextgen/00-namespace.yaml create mode 100644 k8s/nextgen/10-postgres.yaml create mode 100644 k8s/nextgen/20-mattermost.yaml create mode 100644 k8s/nextgen/kustomization.yaml diff --git a/k8s/argocd-nextgen.yaml b/k8s/argocd-nextgen.yaml new file mode 100644 index 0000000..bafb2a5 --- /dev/null +++ b/k8s/argocd-nextgen.yaml @@ -0,0 +1,21 @@ +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: nextgen-mattermost + namespace: argocd +spec: + project: default + source: + repoURL: http://gitea.geocrop.svc.cluster.local:3000/fchinembiri/geocrop-platform..git + targetRevision: HEAD + path: k8s/nextgen + destination: + server: https://kubernetes.default.svc + namespace: nextgen + syncPolicy: + automated: + prune: true + selfHeal: true + syncOptions: + - CreateNamespace=true + - Validate=false diff --git a/k8s/nextgen/00-namespace.yaml b/k8s/nextgen/00-namespace.yaml new file mode 100644 index 0000000..26c5f1c --- /dev/null +++ b/k8s/nextgen/00-namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: nextgen diff --git a/k8s/nextgen/10-postgres.yaml b/k8s/nextgen/10-postgres.yaml new file mode 100644 index 0000000..fce4428 --- /dev/null +++ b/k8s/nextgen/10-postgres.yaml @@ -0,0 +1,72 @@ +apiVersion: v1 +kind: Secret +metadata: + name: postgres-secret + namespace: nextgen +type: Opaque +stringData: + postgres-password: "mattermost-db-password-change-me" +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: postgres-pvc + namespace: nextgen +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + storageClassName: local-path +--- +apiVersion: v1 +kind: Service +metadata: + name: postgres + namespace: nextgen +spec: + selector: + app: postgres + ports: + - port: 5432 + targetPort: 5432 + type: ClusterIP +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: postgres + namespace: nextgen +spec: + replicas: 1 + selector: + matchLabels: + app: postgres + template: + metadata: + labels: + app: postgres + spec: + containers: + - name: postgres + image: postgres:15-alpine + env: + - name: POSTGRES_DB + value: mattermost + - name: POSTGRES_USER + value: mmuser + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgres-password + ports: + - containerPort: 5432 + volumeMounts: + - name: postgres-data + mountPath: /var/lib/postgresql/data + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: postgres-pvc diff --git a/k8s/nextgen/20-mattermost.yaml b/k8s/nextgen/20-mattermost.yaml new file mode 100644 index 0000000..0cf7dc7 --- /dev/null +++ b/k8s/nextgen/20-mattermost.yaml @@ -0,0 +1,99 @@ +apiVersion: v1 +kind: Secret +metadata: + name: mattermost-secrets + namespace: nextgen +type: Opaque +stringData: + # DB Format: postgres://:@:/?sslmode=disable&connect_timeout=10 + MM_SQLSETTINGS_DATASOURCE: "postgres://mmuser:mattermost-db-password-change-me@postgres.nextgen.svc.cluster.local:5432/mattermost?sslmode=disable&connect_timeout=10" + MM_FILESETTINGS_AMAZONS3ACCESSKEYID: "minioadmin" + MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: "minioadmin123" +--- +apiVersion: v1 +kind: Service +metadata: + name: mattermost + namespace: nextgen +spec: + selector: + app: mattermost + ports: + - port: 8065 + targetPort: 8065 + type: ClusterIP +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: mattermost + namespace: nextgen + annotations: + kubernetes.io/ingress.class: nginx + cert-manager.io/cluster-issuer: letsencrypt-prod + nginx.ingress.kubernetes.io/proxy-body-size: "50m" +spec: + tls: + - hosts: + - chat.techarvest.co.zw + secretName: chat-techarvest-tls + rules: + - host: chat.techarvest.co.zw + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: mattermost + port: + number: 8065 +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mattermost + namespace: nextgen +spec: + replicas: 1 + selector: + matchLabels: + app: mattermost + template: + metadata: + labels: + app: mattermost + spec: + containers: + - name: mattermost + image: mattermost/mattermost-team-edition:9.11 + env: + - name: MM_SQLSETTINGS_DRIVERNAME + value: postgres + - name: MM_SQLSETTINGS_DATASOURCE + valueFrom: + secretKeyRef: + name: mattermost-secrets + key: MM_SQLSETTINGS_DATASOURCE + - name: MM_FILESETTINGS_DRIVERNAME + value: amazons3 + - name: MM_FILESETTINGS_AMAZONS3ENDPOINT + value: "minio.geocrop.svc.cluster.local:9000" + - name: MM_FILESETTINGS_AMAZONS3ACCESSKEYID + valueFrom: + secretKeyRef: + name: mattermost-secrets + key: MM_FILESETTINGS_AMAZONS3ACCESSKEYID + - name: MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY + valueFrom: + secretKeyRef: + name: mattermost-secrets + key: MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY + - name: MM_FILESETTINGS_AMAZONS3BUCKET + value: "mattermost" + - name: MM_FILESETTINGS_AMAZONS3SSL + value: "false" + - name: MM_SERVICESETTINGS_SITEURL + value: "https://chat.techarvest.co.zw" + ports: + - containerPort: 8065 diff --git a/k8s/nextgen/kustomization.yaml b/k8s/nextgen/kustomization.yaml new file mode 100644 index 0000000..68bed7e --- /dev/null +++ b/k8s/nextgen/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: + - 00-namespace.yaml + - 10-postgres.yaml + - 20-mattermost.yaml