feat: deploy Mattermost in nextgen namespace

k8s/argocd-nextgen.yaml

@@ -0,0 +1,21 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: nextgen-mattermost
+  namespace: argocd
+spec:
+  project: default
+  source:
+    repoURL: http://gitea.geocrop.svc.cluster.local:3000/fchinembiri/geocrop-platform..git
+    targetRevision: HEAD
+    path: k8s/nextgen
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: nextgen
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+      - Validate=false

k8s/nextgen/00-namespace.yaml

@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: nextgen

k8s/nextgen/10-postgres.yaml

@@ -0,0 +1,72 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: postgres-secret
+  namespace: nextgen
+type: Opaque
+stringData:
+  postgres-password: "mattermost-db-password-change-me"
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: postgres-pvc
+  namespace: nextgen
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 10Gi
+  storageClassName: local-path
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: postgres
+  namespace: nextgen
+spec:
+  selector:
+    app: postgres
+  ports:
+    - port: 5432
+      targetPort: 5432
+  type: ClusterIP
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: postgres
+  namespace: nextgen
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: postgres
+  template:
+    metadata:
+      labels:
+        app: postgres
+    spec:
+      containers:
+        - name: postgres
+          image: postgres:15-alpine
+          env:
+            - name: POSTGRES_DB
+              value: mattermost
+            - name: POSTGRES_USER
+              value: mmuser
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-secret
+                  key: postgres-password
+          ports:
+            - containerPort: 5432
+          volumeMounts:
+            - name: postgres-data
+              mountPath: /var/lib/postgresql/data
+      volumes:
+        - name: postgres-data
+          persistentVolumeClaim:
+            claimName: postgres-pvc

k8s/nextgen/20-mattermost.yaml

@@ -0,0 +1,99 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: mattermost-secrets
+  namespace: nextgen
+type: Opaque
+stringData:
+  # DB Format: postgres://<user>:<password>@<host>:<port>/<db>?sslmode=disable&connect_timeout=10
+  MM_SQLSETTINGS_DATASOURCE: "postgres://mmuser:mattermost-db-password-change-me@postgres.nextgen.svc.cluster.local:5432/mattermost?sslmode=disable&connect_timeout=10"
+  MM_FILESETTINGS_AMAZONS3ACCESSKEYID: "minioadmin"
+  MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY: "minioadmin123"
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: mattermost
+  namespace: nextgen
+spec:
+  selector:
+    app: mattermost
+  ports:
+    - port: 8065
+      targetPort: 8065
+  type: ClusterIP
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: mattermost
+  namespace: nextgen
+  annotations:
+    kubernetes.io/ingress.class: nginx
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+    nginx.ingress.kubernetes.io/proxy-body-size: "50m"
+spec:
+  tls:
+    - hosts:
+        - chat.techarvest.co.zw
+      secretName: chat-techarvest-tls
+  rules:
+    - host: chat.techarvest.co.zw
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: mattermost
+                port:
+                  number: 8065
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mattermost
+  namespace: nextgen
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: mattermost
+  template:
+    metadata:
+      labels:
+        app: mattermost
+    spec:
+      containers:
+        - name: mattermost
+          image: mattermost/mattermost-team-edition:9.11
+          env:
+            - name: MM_SQLSETTINGS_DRIVERNAME
+              value: postgres
+            - name: MM_SQLSETTINGS_DATASOURCE
+              valueFrom:
+                secretKeyRef:
+                  name: mattermost-secrets
+                  key: MM_SQLSETTINGS_DATASOURCE
+            - name: MM_FILESETTINGS_DRIVERNAME
+              value: amazons3
+            - name: MM_FILESETTINGS_AMAZONS3ENDPOINT
+              value: "minio.geocrop.svc.cluster.local:9000"
+            - name: MM_FILESETTINGS_AMAZONS3ACCESSKEYID
+              valueFrom:
+                secretKeyRef:
+                  name: mattermost-secrets
+                  key: MM_FILESETTINGS_AMAZONS3ACCESSKEYID
+            - name: MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY
+              valueFrom:
+                secretKeyRef:
+                  name: mattermost-secrets
+                  key: MM_FILESETTINGS_AMAZONS3SECRETACCESSKEY
+            - name: MM_FILESETTINGS_AMAZONS3BUCKET
+              value: "mattermost"
+            - name: MM_FILESETTINGS_AMAZONS3SSL
+              value: "false"
+            - name: MM_SERVICESETTINGS_SITEURL
+              value: "https://chat.techarvest.co.zw"
+          ports:
+            - containerPort: 8065

k8s/nextgen/kustomization.yaml

@@ -0,0 +1,7 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - 00-namespace.yaml
+  - 10-postgres.yaml
+  - 20-mattermost.yaml