tec3/ublue-forge
tec3/ublue-forge
1
0
Fork 0
mirror of https://github.com/ublue-os/forge.git synced 2025-04-12 09:43:44 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: add container registry and mini ca (#3,#4)

Browse source
This commit is contained in:
Stephan Lüscher 2023-04-27 17:20:18 +00:00
parent d5d03e710f
commit 0714214247
No known key found for this signature in database
GPG key ID: 445779060FF3D3CF
3 changed files with 54 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
forge-pod.yml Normal file
View file

@ -0,0 +1,38 @@
# uBlue-OS forge podman deployment
---
apiVersion: v1
kind: Pod
metadata:
name: ublue-os_forge
spec:
restartPolicy: Always
volumes:
- name: ublue-os_forge-minica-pvc
persistentVolumeClaim:
claimName: ublue-os_forge-minica
- name: ublue-os_forge-registry-pvc
persistentVolumeClaim:
claimName: ublue-os_forge-registry
containers:
- name: registry.ublue.local
image: registry
resources:
limits:
memory: 512Mi
cpu: 200m
volumeMounts:
- mountPath: /certs
name: ublue-os_forge-minica-pvc
subPath: _.ublue.local
- mountPath: /var/lib/registry
name: ublue-os_forge-registry-pvc
ports:
- containerPort: 5000
hostPort: 9001
protocol: TCP
initContainers:
- name: minica.ublue.local
image: minica
volumeMounts:
- mountPath: /certs
name: ublue-os_forge-minica-pvc

10
minica/Containerfile Normal file
View file

@ -0,0 +1,10 @@
# Source Image
FROM docker.io/library/golang:1.20
# Install minica
RUN go install github.com/jsha/minica@latest
# Generate wildcard certificate
WORKDIR /certs
RUN minica --domains "*.ublue.local,ublue.local,localhost" \
--ip-addresses 127.0.0.1

6
registry/Containerfile Normal file
View file

@ -0,0 +1,6 @@
# Source Image
FROM docker.io/library/registry:2.8
# Configure TLS certificates
ENV REGISTRY_HTTP_TLS_CERTIFICATE="/certs/cert.pem"
ENV REGISTRY_HTTP_TLS_KEY="/certs/key.pem"