Cleaning up unused code

Adding wiki to DNS and opening it up on the ingress for public read access
Adding note regarding git.shockrah.xyz & code.shockrah.xyz
2026-01-07 00:02:11 -08:00 · 2026-01-06 19:12:31 -08:00 · 2026-01-06 19:06:23 -08:00 · 2026-01-06 00:06:47 -08:00 · 2026-01-03 23:07:33 -08:00 · 2026-01-03 21:43:16 -08:00
10 changed files with 116 additions and 80 deletions
--- a/infra/dns/shockrah-xyz.tf
+++ b/infra/dns/shockrah-xyz.tf
@@ -40,6 +40,7 @@ locals {
    { name = "sanity.shockrah.xyz",   records = [ var.vke_lb ] },
    { name = "uptime.shockrah.xyz",   records = [ var.vke_lb ] },
    { name = "code.shockrah.xyz",     records = [ var.vke_lb ] },
    { name = "wiki.shockrah.xyz",     records = [ var.vke_lb ] },
  ]
 }
--- a/infra/vultr-kubernetes/cluster.tf
+++ b/infra/vultr-kubernetes/cluster.tf
@@ -10,6 +10,7 @@ resource vultr_kubernetes athens {
    label         = var.cluster.pools["main"].label
    min_nodes     = var.cluster.pools["main"].min_nodes
    max_nodes     = var.cluster.pools["main"].max_nodes
    auto_scaler   = true
  }
 }
--- a/infra/vultr-kubernetes/firewall.tf
+++ b/infra/vultr-kubernetes/firewall.tf
@@ -8,16 +8,3 @@
 #   port = each.value
 # }
 resource vultr_firewall_group bastion {
  description = "For connections into and out of the bastion host"
 }
 resource vultr_firewall_rule bastion_inbound {
  firewall_group_id = vultr_firewall_group.bastion.id
  protocol = "tcp"
  ip_type = "v4"
  subnet = "0.0.0.0"
  subnet_size = 0
  port = 22
 }
--- a/infra/vultr-kubernetes/git.tf
+++ b/infra/vultr-kubernetes/git.tf
@@ -1,3 +1,6 @@
 # NOTE: this is a simple deployment for demo purposes only.
 # Currently it does support SSH access and lacks Gitea runners.
 # However a fully working setup can be found at: https://git.shockrah.xyz
 resource kubernetes_deployment gitea {
  metadata {
    name = "gitea"
@@ -28,7 +31,7 @@ resource kubernetes_deployment gitea {
            name = "gitea-main"
          }
          port {
-            container_port = 22
+            container_port = 2222
            name = "gitea-ssh"
          }
          volume_mount {
@@ -62,5 +65,10 @@ resource kubernetes_service gitea {
            port        = 3000
            name        = "http"
        }
        port {
          target_port = "gitea-ssh"
          port        = 2222
          name        = "ssh"
        }
    }
 }
--- a/infra/vultr-kubernetes/ingress.tf
+++ b/infra/vultr-kubernetes/ingress.tf
@@ -1,3 +1,11 @@
 locals {
  services = {
    code    = kubernetes_service.gitea
    sanity  = kubernetes_service.health
    uptime  = kubernetes_service.kuma
    wiki    = kubernetes_service.otterwiki
  }
 }
 resource kubernetes_ingress_v1 health {
    metadata {
        name = "health-ingress"
@@ -13,53 +21,25 @@ resource kubernetes_ingress_v1 health {
            hosts = [
                "sanity.shockrah.xyz",
                "uptime.shockrah.xyz",
-                "code.shockrah.xyz"
+                "code.shockrah.xyz",
                "wiki.shockrah.xyz"
            ]
            secret_name = "shockrah"
        }
-        rule {
+        dynamic "rule" {
-            host = "sanity.shockrah.xyz"
+          for_each = local.services
          content {
            host = "${rule.key}.shockrah.xyz"
            http {
-                path {
+              path {
-                    path = "/"
+                path = "/"
-                    backend {
+                backend {
-                        service {
+                  service {
-                            name = kubernetes_service.health.metadata[0].name
+                    name = rule.value.metadata[0].name
                            port {
                                number = kubernetes_service.health.spec[0].port[0].port
                            }
                        }
                    }
                }
            }
        }
        rule {
          host = "uptime.shockrah.xyz"
          http {
            path {
              path = "/" 
              backend {
                service {
                    name = kubernetes_service.kuma.metadata[0].name
                    port {
-                      number = kubernetes_service.kuma.spec[0].port[0].port
+                      number = rule.value.spec[0].port[0].port
                    }
                }
              }
            }
          }
        }
        rule {
          host = "code.shockrah.xyz"
          http {
            path {
              path = "/" 
              backend {
                service {
                    name = kubernetes_service.gitea.metadata[0].name
                    port {
                      number = kubernetes_service.gitea.spec[0].port[0].port
                    }
                  }
                }
              }
            }
--- a/infra/vultr-kubernetes/namespaces.tf
+++ b/infra/vultr-kubernetes/namespaces.tf
@@ -15,3 +15,4 @@ resource kubernetes_namespace openobserve {
    name = "openobserve"
    }
 }
--- a/infra/vultr-kubernetes/variables.tf
+++ b/infra/vultr-kubernetes/variables.tf
@@ -40,22 +40,10 @@ variable cluster {
 variable playground {
  type = object({
    namespace = string
-    health = object({
+    # TODO: Re-incorporate this var for templating later
      dns = string
    })
    tls = object({
      email = string
    })
  })
 }
 variable bastion {
  type = object({
    plan  = string
    os    = string
    label = string
  })
 }
--- a/infra/vultr-kubernetes/variables.tfvars
+++ b/infra/vultr-kubernetes/variables.tfvars
@@ -5,7 +5,7 @@ cluster = {
  pools = {
    main = {
      node_quantity = 1
-      plan          =  "vc2-1c-2gb"
+      plan          =  "vc2-2c-4gb"
      label         = "main"
      min_nodes     = 1
      max_nodes     = 2
@@ -18,17 +18,7 @@ playground = {
  namespace = "playground"
  # Sanity check service that is used purely for the sake of ensuring
  # things are ( at a basic level ) functional
  health = {
    dns = "health"
  }
  tls = {
    email = "dev@shockrah.xyz"
  }
 }
 bastion = {
  plan  = "vc2-1c-2gb"
  label = "bastion"
  os    = "1743"
 }
--- a/infra/vultr-kubernetes/volumes.tf
+++ b/infra/vultr-kubernetes/volumes.tf
@@ -30,3 +30,20 @@ resource kubernetes_persistent_volume_claim_v1 gitea {
      }
    }
 }
 resource kubernetes_persistent_volume_claim_v1 otterwiki {
    metadata {
      name = "otterwiki-data"
      namespace = var.playground.namespace
    }
    spec {
      volume_mode = "Filesystem"
      access_modes = [ "ReadWriteOnce"]
      resources {
        requests = {
          storage = "10Gi"
        }
      }
    }
 }
--- a/infra/vultr-kubernetes/wiki.tf
+++ b/infra/vultr-kubernetes/wiki.tf
@@ -0,0 +1,63 @@
 resource kubernetes_deployment otterwiki {
    metadata {
        name = "otterwiki"
        namespace = var.playground.namespace
        labels = {
            "app" = "otterwiki"
        }
    }
    spec {
        replicas = 1
        selector {
            match_labels = {
                "app" = "otterwiki"
            }
        }
        template {
            metadata {
                labels = {
                    "app" = "otterwiki"
                }
            }
            spec {
                container {
                    name  = "otterwiki"
                    image = "redimp/otterwiki:2"
                    port {
                        container_port = 8080
                        name = "otterwiki-main"
                    }
                    volume_mount {
                        name       = "otterwiki-data"
                        mount_path = "/var/lib/otterwiki"
                    }
                }
                volume {
                    name = "otterwiki-data"
                    persistent_volume_claim {
                        claim_name = kubernetes_persistent_volume_claim_v1.otterwiki.metadata[0].name
                    }
                }
            }
        }
    }
 }
 resource kubernetes_service otterwiki {
    metadata {
        name = "otterwiki"
        namespace = var.playground.namespace
    }
    spec {
        selector = {
            "app" = "otterwiki"
        }
        port {
            port        = 80
            target_port = "otterwiki-main"
            protocol    = "TCP"
            name        = "http"
        }
    }
 }
Author	SHA1	Message	Date
shockrah	79cb4eb1a6	Cleaning up unused code Some checks failed Ansible Linting / ansible-lint (push) Has been cancelled Details Secops Linting and Safety Checks / checkov-scan-s3 (push) Has been cancelled Details	2026-01-07 00:02:11 -08:00
shockrah	e8817fe093	Adding wiki to DNS and opening it up on the ingress for public read access	2026-01-06 19:12:31 -08:00
shockrah	97bffd2042	Adding note regarding git.shockrah.xyz & code.shockrah.xyz	2026-01-06 19:06:23 -08:00
shockrah	37305fd74e	Exposing 2222 in gitea service however ingress still needs configuration Some checks failed Ansible Linting / ansible-lint (push) Has been cancelled Details Secops Linting and Safety Checks / checkov-scan-s3 (push) Has been cancelled Details	2026-01-06 00:06:47 -08:00
shockrah	555124bf2f	Shortening ingress definition	2026-01-03 23:07:33 -08:00
shockrah	e209da949b	Adding wiki service with a basic page for now	2026-01-03 21:43:16 -08:00
shockrah	caa2eba639	Removing unused helm charts	2025-12-28 19:30:13 -08:00
shockrah	982669ed4a	Cleaning up the logging namespace and resource as they are not getting value	2025-12-12 14:41:29 -08:00
shockrah	4446ef813f	Fixing auto_scaler issue with root node pool in athens cluster	2025-12-12 14:40:54 -08:00
shockrah	9dc2f1d769	Adding sample filese and fluent bit configs which still need some work	2025-11-10 14:18:05 -08:00
shockrah	01b7b4ced8	Moving logging related things to the new logging namespace	2025-11-05 21:55:40 -08:00
shockrah	29cdfcb695	openobserve inimal setup running now with it's own namespace and volumes	2025-11-04 23:24:16 -08:00
shockrah	bbbc9ed477	Upsizing the singular node to accomodate the new observability stack	2025-11-04 23:20:03 -08:00