got to exercise

2026-02-24 06:33:27 +00:00 · 2026-02-24 06:33:27 +00:00 · 0465146fec
commit 0465146fec
parent 47dcffc97a
1 changed files with 164 additions and 37 deletions
--- a/exercise/exercise.yaml
+++ b/exercise/exercise.yaml
@ -1,5 +1,21 @@
 # ======================================================
-# WGER - PRODUCTION (exercise.juntekim.com)
+# WGER - PRODUCTION ARCHITECTURE
+# Traefik → nginx → wger → postgres
+# ======================================================
+
+# -------------------------
+# STORAGE CLASS
+# -------------------------
+---
+apiVersion: storage.k8s.io/v1
+kind: StorageClass
+metadata:
+  name: wger-local-storage
+provisioner: kubernetes.io/no-provisioner
+volumeBindingMode: WaitForFirstConsumer
+
+# ======================================================
+# PERSISTENT VOLUMES
 # ======================================================

 # -------------------------
@ -13,8 +29,7 @@ metadata:
 spec:
  capacity:
    storage: 2Gi
-  accessModes:
-    - ReadWriteOnce
+  accessModes: [ReadWriteOnce]
  storageClassName: wger-local-storage
  persistentVolumeReclaimPolicy: Retain
  local:
@ -25,17 +40,49 @@ spec:
        - matchExpressions:
            - key: kubernetes.io/hostname
              operator: In
-              values:
-                - mist
-
+              values: [mist]
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: wger-postgres-pvc
 spec:
-  accessModes:
-    - ReadWriteOnce
+  accessModes: [ReadWriteOnce]
+  storageClassName: wger-local-storage
+  resources:
+    requests:
+      storage: 2Gi
+
+# -------------------------
+# STATIC PV
+# -------------------------
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: wger-static-pv
+spec:
+  capacity:
+    storage: 2Gi
+  accessModes: [ReadWriteOnce]
+  storageClassName: wger-local-storage
+  persistentVolumeReclaimPolicy: Retain
+  local:
+    path: /home/kimjunte/k8s_storage/wger/static
+  nodeAffinity:
+    required:
+      nodeSelectorTerms:
+        - matchExpressions:
+            - key: kubernetes.io/hostname
+              operator: In
+              values: [mist]
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: wger-static-pvc
+spec:
+  accessModes: [ReadWriteOnce]
  storageClassName: wger-local-storage
  resources:
    requests:
@ -52,8 +99,7 @@ metadata:
 spec:
  capacity:
    storage: 5Gi
-  accessModes:
-    - ReadWriteOnce
+  accessModes: [ReadWriteOnce]
  storageClassName: wger-local-storage
  persistentVolumeReclaimPolicy: Retain
  local:
@ -64,25 +110,23 @@ spec:
        - matchExpressions:
            - key: kubernetes.io/hostname
              operator: In
-              values:
-                - mist
-
+              values: [mist]
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: wger-media-pvc
 spec:
-  accessModes:
-    - ReadWriteOnce
+  accessModes: [ReadWriteOnce]
  storageClassName: wger-local-storage
  resources:
    requests:
      storage: 5Gi

-# -------------------------
+# ======================================================
 # POSTGRES
-# -------------------------
+# ======================================================
+
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -129,9 +173,10 @@ spec:
  ports:
    - port: 5432

-# -------------------------
+# ======================================================
 # REDIS
-# -------------------------
+# ======================================================
+
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -152,8 +197,6 @@ spec:
      containers:
        - name: redis
          image: redis:7-alpine
-          ports:
-            - containerPort: 6379

 ---
 apiVersion: v1
@ -166,9 +209,10 @@ spec:
  ports:
    - port: 6379

-# -------------------------
+# ======================================================
 # WGER APP
-# -------------------------
+# ======================================================
+
 ---
 apiVersion: apps/v1
 kind: Deployment
@ -190,26 +234,27 @@ spec:
        - name: wger
          image: wger/server:latest
          env:
-            - name: DJANGO_SECRET_KEY
-              value: replace-with-long-random-string
-
            - name: DATABASE_URL
              value: postgres://wger:wgerpassword@wger-postgres:5432/wger
-
            - name: CACHE_URL
              value: redis://wger-redis:6379/1
-
+            - name: DJANGO_SECRET_KEY
+              value: replace-with-long-random-string
            - name: ALLOWED_HOSTS
-              value: exercise.juntekim.com
-
+              value: "*"
+            - name: CSRF_TRUSTED_ORIGINS
+              value: https://exercise.juntekim.com
          ports:
            - containerPort: 8000
-
          volumeMounts:
+            - name: static-storage
+              mountPath: /home/wger/static
            - name: media-storage
              mountPath: /home/wger/media
-
      volumes:
+        - name: static-storage
+          persistentVolumeClaim:
+            claimName: wger-static-pvc
        - name: media-storage
          persistentVolumeClaim:
            claimName: wger-media-pvc
@ -223,12 +268,95 @@ spec:
  selector:
    app: wger
  ports:
-    - port: 80
+    - port: 8000
      targetPort: 8000

-# -------------------------
+# ======================================================
+# NGINX (STATIC + PROXY)
+# ======================================================
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: wger-nginx-config
+data:
+  default.conf: |
+    server {
+        listen 80;
+
+        location /static/ {
+            alias /home/wger/static/;
+        }
+
+        location /media/ {
+            alias /home/wger/media/;
+        }
+
+        location / {
+            proxy_pass http://wger:8000;
+            proxy_set_header Host $host;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: wger-nginx
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: wger-nginx
+  template:
+    metadata:
+      labels:
+        app: wger-nginx
+    spec:
+      nodeSelector:
+        kubernetes.io/hostname: mist
+      containers:
+        - name: nginx
+          image: nginx:alpine
+          ports:
+            - containerPort: 80
+          volumeMounts:
+            - name: static-storage
+              mountPath: /home/wger/static
+            - name: media-storage
+              mountPath: /home/wger/media
+            - name: nginx-config
+              mountPath: /etc/nginx/conf.d
+      volumes:
+        - name: static-storage
+          persistentVolumeClaim:
+            claimName: wger-static-pvc
+        - name: media-storage
+          persistentVolumeClaim:
+            claimName: wger-media-pvc
+        - name: nginx-config
+          configMap:
+            name: wger-nginx-config
+
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: wger-nginx
+spec:
+  selector:
+    app: wger-nginx
+  ports:
+    - port: 80
+      targetPort: 80
+
+# ======================================================
 # TRAEFIK INGRESS
-# -------------------------
+# ======================================================
+
 ---
 apiVersion: traefik.io/v1alpha1
 kind: IngressRoute
@ -241,8 +369,7 @@ spec:
    - match: Host(`exercise.juntekim.com`)
      kind: Rule
      services:
-        - name: wger
+        - name: wger-nginx
          port: 80
-          passHostHeader: true
  tls:
    certResolver: myresolver