diff --git a/Manifests/Mirror/CronJobs/almalinux.yml b/Manifests/Mirror/CronJobs/almalinux.yml
new file mode 100644
index 0000000..334fe45
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/almalinux.yml
@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-almalinux
+ namespace: default
+spec:
+ schedule: "35 */3 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-almalinux
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v2.0.0
+ env:
+ - name: TARGET
+ value: /ext/mirror/almalinux
+ - name: SOURCE
+ value: rsync://rsync.repo.almalinux.org/almalinux/
+ - name: LASTUPDATE
+ value: http://rsync.repo.almalinux.org/almalinux/timestamp.txt
+ - name: FIRST
+ value: "no"
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror/
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-almalinux
diff --git a/Manifests/Mirror/CronJobs/arch.yml b/Manifests/Mirror/CronJobs/arch.yml
new file mode 100644
index 0000000..8b44fcf
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/arch.yml
@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-arch
+ namespace: default
+spec:
+ schedule: "0 * * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-ubuntu
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v2.0.0
+ env:
+ - name: TARGET
+ value: /ext/mirror/arch
+ - name: SOURCE
+ value: rsync://arch.mirror.constant.com/archlinux/
+ - name: LASTUPDATE
+ value: https://arch.mirror.constant.com/archlinux/lastupdate
+ - name: FIRST
+ value: "not"
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror/
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-arch
diff --git a/Manifests/Mirror/CronJobs/blackarch.yml b/Manifests/Mirror/CronJobs/blackarch.yml
new file mode 100644
index 0000000..fababc9
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/blackarch.yml
@@ -0,0 +1,33 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-blackarch
+ namespace: default
+spec:
+ schedule: "45 */5 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-blackarch
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v1.0.0
+ env:
+ - name: TARGET
+ value: /ext/mirror/blackarch
+ - name: SOURCE
+ value: rsync://mirror.math.princeton.edu/pub/blackarch/
+ - name: LASTUPDATE
+ value: https://mirror.math.princeton.edu/pub/blackarch/lastupdate
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-blackarch
diff --git a/Manifests/Mirror/CronJobs/fedora-epel.yml b/Manifests/Mirror/CronJobs/fedora-epel.yml
new file mode 100644
index 0000000..3409631
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/fedora-epel.yml
@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-epel
+ namespace: default
+spec:
+ schedule: "35 */2 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-epel
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v2.0.0
+ env:
+ - name: TARGET
+ value: /ext/mirror/epel
+ - name: SOURCE
+ value: rsync://mirrors.rit.edu/epel
+ - name: LASTUPDATE
+ value: http://rsync.repo.epel.org/epel/timestamp.txt
+ - name: FIRST
+ value: "no"
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror/
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-truenas
\ No newline at end of file
diff --git a/Manifests/Mirror/CronJobs/kali-images.yml b/Manifests/Mirror/CronJobs/kali-images.yml
new file mode 100644
index 0000000..f7a5a41
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/kali-images.yml
@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-kali-images
+ namespace: default
+spec:
+ schedule: "0 */2 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-kali
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v2.0.0
+ env:
+ - name: TARGET
+ value: /ext/mirror/kali-images
+ - name: SOURCE
+ value: rsync://kali.mirror.rafal.ca/kali-images
+ - name: LASTUPDATE
+ value: https://mirrors.lug.mtu.edu/archlinux/lastupdate
+ - name: FIRST
+ value: "not"
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror/
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-kali-images
diff --git a/Manifests/Mirror/CronJobs/parrot.yaml b/Manifests/Mirror/CronJobs/parrot.yaml
new file mode 100644
index 0000000..98bdea6
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/parrot.yaml
@@ -0,0 +1,28 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-parrot
+ namespace: default
+spec:
+ schedule: "30 */5 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-parrot
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v0.0.4
+ command:
+ - /scripts/parrot-clone.sh
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-parrot
diff --git a/Manifests/Mirror/CronJobs/ubnt-releases.yaml b/Manifests/Mirror/CronJobs/ubnt-releases.yaml
new file mode 100644
index 0000000..140484a
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/ubnt-releases.yaml
@@ -0,0 +1,28 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-ubnt-releases
+ namespace: default
+spec:
+ schedule: "30 */5 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-ubuntu
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v0.0.4
+ command:
+ - /scripts/ubuntu-release-clone.sh
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-ubuntu-iso
diff --git a/Manifests/Mirror/CronJobs/ubuntu.yml b/Manifests/Mirror/CronJobs/ubuntu.yml
new file mode 100644
index 0000000..d94a44a
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/ubuntu.yml
@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mirrorupdate-ubuntu
+ namespace: default
+spec:
+ schedule: "15 */6 * * *"
+ successfulJobsHistoryLimit: 0
+ failedJobsHistoryLimit: 0
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ template:
+ spec:
+ containers:
+ - name: mirrorupdate-ubuntu
+ imagePullPolicy: Always
+ image: ghcr.io/0xemma/mirror-updater:v2.0.0
+ env:
+ - name: TARGET
+ value: /ext/mirror/ubuntu
+ - name: SOURCE
+ value: rsync://archive.ubuntu.com/ubuntu
+ - name: LASTUPDATE
+ value: https://mirror.math.princeton.edu/pub/blackarch/lastupdate
+ - name: FIRST
+ value: "not"
+ volumeMounts:
+ - name: mirror-pvc
+ mountPath: /ext/mirror/
+ restartPolicy: OnFailure
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-truenas
\ No newline at end of file
diff --git a/Manifests/Mirror/CronJobs/voidlinux.yml b/Manifests/Mirror/CronJobs/voidlinux.yml
new file mode 100644
index 0000000..3da3ef2
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/voidlinux.yml
@@ -0,0 +1,35 @@
+# apiVersion: batch/v1
+# kind: CronJob
+# metadata:
+# name: mirrorupdate-voidlinux
+# namespace: default
+# spec:
+# schedule: "25 */3 * * *"
+# successfulJobsHistoryLimit: 0
+# failedJobsHistoryLimit: 0
+# concurrencyPolicy: Forbid
+# jobTemplate:
+# spec:
+# template:
+# spec:
+# containers:
+# - name: mirrorupdate-voidlinux
+# imagePullPolicy: Always
+# image: ghcr.io/0xemma/mirror-updater:v2.0.0
+# env:
+# - name: TARGET
+# value: /ext/mirror/voidlinux
+# - name: SOURCE
+# value: rsync://repo-sync.voidlinux.org/voidlinux
+# - name: LASTUPDATE
+# value: http://rsync.repo.almalinux.org/almalinux/timestamp.txt
+# - name: FIRST
+# value: "no"
+# volumeMounts:
+# - name: mirror-pvc
+# mountPath: /ext/mirror/
+# restartPolicy: OnFailure
+# volumes:
+# - name: mirror-pvc
+# persistentVolumeClaim:
+# claimName: mirror-truenas
\ No newline at end of file
diff --git a/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml b/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml
new file mode 100644
index 0000000..cb808a0
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml
@@ -0,0 +1,43 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: rsync-config
+ labels:
+ app: mirror-rsync
+data:
+ rsync.conf: |-
+ read only = yes
+ [arch]
+ path = /mnt/arch/arch
+ comment = Arch Mirror
+ [ubuntu]
+ path = /mirror/ubuntu
+ comment = Ubuntu Archive
+ [ubuntu-releases]
+ path = /mnt/ubnt-iso/ubuntu-releases
+ comment = Ubuntu ISO
+ [parrot]
+ path = /mnt/parrot/parrot
+ comment = Parrot
+ [parrot-iso]
+ path = /mnt/parrot/parrot
+ exclude = pool dists
+ comment = Parrot ISO
+ [blackarch]
+ path = /mnt/blackarch/blackarch
+ comment = BlackArch
+ [almalinux]
+ path = /mnt/almalinux/almalinux
+ comment = AlmaLinux
+ [kali]
+ path = /mnt/kali/
+ comment = Kali Repo
+ [kali-images]
+ path = /mnt/kali-iso/kali-images
+ comment = Kali Images
+ [stream]
+ path = /mirror/stream
+ [epel]
+ path = /mirror/epel
+ [void]
+ path = /mirror/voidlinux
diff --git a/Manifests/Mirror/Mirror-Rsync/mirror-rsync-svc.yml b/Manifests/Mirror/Mirror-Rsync/mirror-rsync-svc.yml
new file mode 100644
index 0000000..befa238
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Rsync/mirror-rsync-svc.yml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-rsync
+ namespace: default
+spec:
+ selector:
+ app: mirror-rsync
+ type: LoadBalancer
+ externalTrafficPolicy: Local
+ ports:
+ - name: mirror-rsync
+ protocol: TCP
+ port: 873
\ No newline at end of file
diff --git a/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml b/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml
new file mode 100644
index 0000000..6ef9e8c
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml
@@ -0,0 +1,87 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-rsync
+ namespace: default
+ labels:
+ app: mirror-rsync
+spec:
+ selector:
+ matchLabels:
+ app: mirror-rsync
+ replicas: 1
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-rsync
+ spec:
+ # initContainers:
+ # Init containers are exactly like regular containers, except:
+ # - Init containers always run to completion.
+ # - Each init container must complete successfully before the next one starts.
+ containers:
+ - name: mirror-rsync
+ image: ghcr.io/0xemma/rsync-daemon-docker:v0.0.2
+ resources:
+ requests:
+ cpu: 100m
+ memory: 100Mi
+ limits:
+ cpu: 1000m
+ memory: 1000Mi
+ ports:
+ - containerPort: 873
+ name: rsync
+ volumeMounts:
+ - name: config
+ mountPath: /config/
+ - name: mirror
+ mountPath: /mirror/
+ - name: ubuntu-iso
+ mountPath: /mnt/ubnt-iso
+ - name: kali-iso
+ mountPath: /mnt/kali-iso
+ - name: arch
+ mountPath: /mnt/arch
+ - name: alma
+ mountPath: /mnt/almalinux
+ - name: parrot
+ mountPath: /mnt/parrot
+ - name: kali
+ mountPath: /mnt/kali
+ - name: blackarch
+ mountPath: /mnt/blackarch
+ volumes:
+ - name: config
+ configMap:
+ name: rsync-config
+ - name: mirror
+ persistentVolumeClaim:
+ claimName: mirror-truenas
+ - name: ubuntu-iso
+ persistentVolumeClaim:
+ claimName: mirror-ubuntu-iso
+ - name: kali-iso
+ persistentVolumeClaim:
+ claimName: mirror-kali-images
+ - name: arch
+ persistentVolumeClaim:
+ claimName: mirror-arch
+ - name: alma
+ persistentVolumeClaim:
+ claimName: mirror-almalinux
+ - name: parrot
+ persistentVolumeClaim:
+ claimName: mirror-parrot
+ - name: kali
+ persistentVolumeClaim:
+ claimName: mirror-kali
+ - name: blackarch
+ persistentVolumeClaim:
+ claimName: mirror-blackarch
+ restartPolicy: Always
diff --git a/Manifests/Mirror/Mirror-Web/Amplify_Secret.yaml b/Manifests/Mirror/Mirror-Web/Amplify_Secret.yaml
new file mode 100644
index 0000000..8cd41e6
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/Amplify_Secret.yaml
@@ -0,0 +1,6 @@
+apiVersion: onepassword.com/v1
+kind: OnePasswordItem
+metadata:
+ name: amplify-secret
+spec:
+ itemPath: "vaults/K8S/items/Amplify"
\ No newline at end of file
diff --git a/Manifests/Mirror/Mirror-Web/Mainpage/index.html b/Manifests/Mirror/Mirror-Web/Mainpage/index.html
new file mode 100644
index 0000000..ea4e3c9
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/Mainpage/index.html
@@ -0,0 +1,82 @@
+
+
+
+
+
+ Document
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Manifests/Mirror/Mirror-Web/Mainpage/mirror-configmap.yml b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-configmap.yml
new file mode 100644
index 0000000..c774588
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-configmap.yml
@@ -0,0 +1,96 @@
+kind: ConfigMap
+apiVersion: v1
+metadata:
+ name: caddy-config-mirror
+ namespace: default
+data:
+ index.html: |
+
+
+
+
+
+ 0xEmma's Mirrors
+
+
+
+
+
+
+ robots.txt: |
+ user-agent: *
+ Allow: /$
+ Disallow: /
+
+ User-agent: ClaudeBot
+ Disallow: /
diff --git a/Manifests/Mirror/Mirror-Web/Mainpage/mirror-deployment.yml b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-deployment.yml
new file mode 100644
index 0000000..4544cfe
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-deployment.yml
@@ -0,0 +1,47 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror
+ namespace: default
+ labels:
+ app: mirror
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror
+ spec:
+ containers:
+ - name: mirror
+ image: 0xemma/nginx-autoindex:json-2
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - name: config
+ mountPath: /var/lib/nginx/html
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: config
+ configMap:
+ name: caddy-config-mirror
diff --git a/Manifests/Mirror/Mirror-Web/Mainpage/mirror-ingress.yml b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-ingress.yml
new file mode 100644
index 0000000..9e64b8e
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`)
+ kind: Rule
+ services:
+ - name: mirror
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`)
+ kind: Rule
+ services:
+ - name: mirror
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/Mainpage/mirror-svc.yml b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-svc.yml
new file mode 100644
index 0000000..b20fe9a
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/Mainpage/mirror-svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror
+ namespace: default
+spec:
+ selector:
+ app: mirror
+ ports:
+ - name: mirror
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/almalinux/ingress.yml b/Manifests/Mirror/Mirror-Web/almalinux/ingress.yml
new file mode 100644
index 0000000..1da4be5
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/almalinux/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-almalinux
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/almalinux`)
+ kind: Rule
+ services:
+ - name: mirror-almalinux
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-almalinux
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/almalinux`)
+ kind: Rule
+ services:
+ - name: mirror-almalinux
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/almalinux/pvc.yaml b/Manifests/Mirror/Mirror-Web/almalinux/pvc.yaml
new file mode 100644
index 0000000..7cc9a27
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/almalinux/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-almalinux
+ namespace: default
+ labels:
+ app: mirror-almalinux
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 750Gi
diff --git a/Manifests/Mirror/Mirror-Web/almalinux/svc.yml b/Manifests/Mirror/Mirror-Web/almalinux/svc.yml
new file mode 100644
index 0000000..191eb07
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/almalinux/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-almalinux
+ namespace: default
+spec:
+ selector:
+ app: mirror-almalinux
+ ports:
+ - name: mirror-almalinux
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/almalinux/web.yaml b/Manifests/Mirror/Mirror-Web/almalinux/web.yaml
new file mode 100644
index 0000000..61b873e
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/almalinux/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-almalinux
+ namespace: default
+ labels:
+ app: mirror-almalinux
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-almalinux
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-almalinux
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-almalinux
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "almalinux"
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-almalinux
diff --git a/Manifests/Mirror/Mirror-Web/arch/ingress.yml b/Manifests/Mirror/Mirror-Web/arch/ingress.yml
new file mode 100644
index 0000000..1e018b7
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/arch/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-arch
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/arch`)
+ kind: Rule
+ services:
+ - name: mirror-arch
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-arch
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/arch`)
+ kind: Rule
+ services:
+ - name: mirror-arch
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/arch/pvc.yaml b/Manifests/Mirror/Mirror-Web/arch/pvc.yaml
new file mode 100644
index 0000000..7aa0381
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/arch/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-arch
+ namespace: default
+ labels:
+ app: mirror-arch
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 150Gi
diff --git a/Manifests/Mirror/Mirror-Web/arch/svc.yml b/Manifests/Mirror/Mirror-Web/arch/svc.yml
new file mode 100644
index 0000000..10274fa
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/arch/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-arch
+ namespace: default
+spec:
+ selector:
+ app: mirror-arch
+ ports:
+ - name: mirror-arch
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/arch/web.yaml b/Manifests/Mirror/Mirror-Web/arch/web.yaml
new file mode 100644
index 0000000..ab85d90
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/arch/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-arch
+ namespace: default
+ labels:
+ app: mirror-arch
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-arch
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-arch
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-arch
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "arch"
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-arch
diff --git a/Manifests/Mirror/Mirror-Web/blackarch/blackarch-ingress.yml b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-ingress.yml
new file mode 100644
index 0000000..b06755c
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-blackarch
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/blackarch`)
+ kind: Rule
+ services:
+ - name: mirror-blackarch
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-blackarch
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/blackarch`)
+ kind: Rule
+ services:
+ - name: mirror-blackarch
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/blackarch/blackarch-pvc.yaml b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-pvc.yaml
new file mode 100644
index 0000000..4e9f8a9
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-blackarch
+ namespace: default
+ labels:
+ app: mirror-blackarch
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 100Gi
diff --git a/Manifests/Mirror/Mirror-Web/blackarch/blackarch-svc.yml b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-svc.yml
new file mode 100644
index 0000000..c728050
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-blackarch
+ namespace: default
+spec:
+ selector:
+ app: mirror-blackarch
+ ports:
+ - name: mirror-blackarch
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/blackarch/blackarch-web.yaml b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-web.yaml
new file mode 100644
index 0000000..125a4e8
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/blackarch/blackarch-web.yaml
@@ -0,0 +1,57 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-blackarch
+ namespace: default
+ labels:
+ app: mirror-blackarch
+ id: mirror-web
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-blackarch
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-blackarch
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-blackarch
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "backarch"
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-blackarch
diff --git a/Manifests/Mirror/Mirror-Web/epel/ingress.yml b/Manifests/Mirror/Mirror-Web/epel/ingress.yml
new file mode 100644
index 0000000..d739bc0
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/epel/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-epel
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/epel`)
+ kind: Rule
+ services:
+ - name: mirror-epel
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-epel
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/epel`)
+ kind: Rule
+ services:
+ - name: mirror-epel
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/epel/svc.yml b/Manifests/Mirror/Mirror-Web/epel/svc.yml
new file mode 100644
index 0000000..90ab919
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/epel/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-epel
+ namespace: default
+spec:
+ selector:
+ app: mirror-epel
+ ports:
+ - name: mirror-epel
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/epel/web.yaml b/Manifests/Mirror/Mirror-Web/epel/web.yaml
new file mode 100644
index 0000000..5161510
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/epel/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-epel
+ namespace: default
+ labels:
+ app: mirror-epel
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-epel
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-epel
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-epel
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 16000Mi
+ requests:
+ cpu: 100m
+ memory: 15000Mi
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "epel"
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-truenas
diff --git a/Manifests/Mirror/Mirror-Web/kali-iso/ingress.yml b/Manifests/Mirror/Mirror-Web/kali-iso/ingress.yml
new file mode 100644
index 0000000..5e6a545
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali-iso/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-kali-images
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/kali-images`)
+ kind: Rule
+ services:
+ - name: mirror-kali-images
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-kali-images
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/kali-images`)
+ kind: Rule
+ services:
+ - name: mirror-kali-images
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/kali-iso/pvc.yaml b/Manifests/Mirror/Mirror-Web/kali-iso/pvc.yaml
new file mode 100644
index 0000000..6342abb
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali-iso/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-kali-images
+ namespace: default
+ labels:
+ app: mirror-kali-images
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 250Gi
diff --git a/Manifests/Mirror/Mirror-Web/kali-iso/svc.yml b/Manifests/Mirror/Mirror-Web/kali-iso/svc.yml
new file mode 100644
index 0000000..1ee1c53
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali-iso/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-kali-images
+ namespace: default
+spec:
+ selector:
+ app: mirror-kali-images
+ ports:
+ - name: mirror-kali-images
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/kali-iso/web.yaml b/Manifests/Mirror/Mirror-Web/kali-iso/web.yaml
new file mode 100644
index 0000000..49e7d79
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali-iso/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-kali-images
+ namespace: default
+ labels:
+ app: mirror-kali-images
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-kali-images
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-kali-images
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-kali-images
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "kali-iso"
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-kali-images
diff --git a/Manifests/Mirror/Mirror-Web/kali/ingress.yml b/Manifests/Mirror/Mirror-Web/kali/ingress.yml
new file mode 100644
index 0000000..940d485
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-kali
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/kali`)
+ kind: Rule
+ services:
+ - name: mirror-kali
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-kali
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/kali`)
+ kind: Rule
+ services:
+ - name: mirror-kali
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/kali/pvc.yaml b/Manifests/Mirror/Mirror-Web/kali/pvc.yaml
new file mode 100644
index 0000000..f89b1f1
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-kali
+ namespace: default
+ labels:
+ app: mirror-kali
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 700Gi
diff --git a/Manifests/Mirror/Mirror-Web/kali/svc.yml b/Manifests/Mirror/Mirror-Web/kali/svc.yml
new file mode 100644
index 0000000..1642333
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-kali
+ namespace: default
+spec:
+ selector:
+ app: mirror-kali
+ ports:
+ - name: mirror-kali
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/kali/web.yaml b/Manifests/Mirror/Mirror-Web/kali/web.yaml
new file mode 100644
index 0000000..8f86719
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/kali/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-kali
+ namespace: default
+ labels:
+ app: mirror-kali
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-kali
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-kali
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-kali
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html/kali
+ name: mirror-pvc
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "kali"
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-kali
diff --git a/Manifests/Mirror/Mirror-Web/parrot/ingress.yml b/Manifests/Mirror/Mirror-Web/parrot/ingress.yml
new file mode 100644
index 0000000..b4e1bd5
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/parrot/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-parrot
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/parrot`)
+ kind: Rule
+ services:
+ - name: mirror-parrot
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-parrot
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/parrot`)
+ kind: Rule
+ services:
+ - name: mirror-parrot
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/parrot/pvc.yaml b/Manifests/Mirror/Mirror-Web/parrot/pvc.yaml
new file mode 100644
index 0000000..2a6f700
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/parrot/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-parrot
+ namespace: default
+ labels:
+ app: mirror-parrot
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 700Gi
diff --git a/Manifests/Mirror/Mirror-Web/parrot/svc.yml b/Manifests/Mirror/Mirror-Web/parrot/svc.yml
new file mode 100644
index 0000000..4658786
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/parrot/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-parrot
+ namespace: default
+spec:
+ selector:
+ app: mirror-parrot
+ ports:
+ - name: mirror-parrot
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/parrot/web.yaml b/Manifests/Mirror/Mirror-Web/parrot/web.yaml
new file mode 100644
index 0000000..29da515
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/parrot/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-parrot
+ namespace: default
+ labels:
+ app: mirror-parrot
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-parrot
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-parrot
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-parrot
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "parrot"
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-parrot
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu-iso/ingress.yml b/Manifests/Mirror/Mirror-Web/ubuntu-iso/ingress.yml
new file mode 100644
index 0000000..81c7e7e
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu-iso/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-ubuntureleases
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/ubuntu-releases`)
+ kind: Rule
+ services:
+ - name: mirror-ubuntureleases
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-ubuntureleases
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/ubuntu-releases`)
+ kind: Rule
+ services:
+ - name: mirror-ubuntureleases
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu-iso/pvc.yaml b/Manifests/Mirror/Mirror-Web/ubuntu-iso/pvc.yaml
new file mode 100644
index 0000000..2b9351a
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu-iso/pvc.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-ubuntu-iso
+ namespace: default
+ labels:
+ app: mirror-ubuntureleases
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 60Gi
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu-iso/svc.yml b/Manifests/Mirror/Mirror-Web/ubuntu-iso/svc.yml
new file mode 100644
index 0000000..36f87a8
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu-iso/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-ubuntureleases
+ namespace: default
+spec:
+ selector:
+ app: mirror-ubuntureleases
+ ports:
+ - name: mirror-ubuntureleases
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu-iso/web.yaml b/Manifests/Mirror/Mirror-Web/ubuntu-iso/web.yaml
new file mode 100644
index 0000000..b165e48
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu-iso/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-ubuntureleases
+ namespace: default
+ labels:
+ app: mirror-ubuntureleases
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-ubuntureleases
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-ubuntureleases
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-ubuntureleases
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "ubuntu-iso"
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-ubuntu-iso
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu/ingress.yml b/Manifests/Mirror/Mirror-Web/ubuntu/ingress.yml
new file mode 100644
index 0000000..7695687
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-ubuntu
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/ubuntu`)
+ kind: Rule
+ services:
+ - name: mirror-ubuntu
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-ubuntu
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/ubuntu`)
+ kind: Rule
+ services:
+ - name: mirror-ubuntu
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu/svc.yml b/Manifests/Mirror/Mirror-Web/ubuntu/svc.yml
new file mode 100644
index 0000000..f2fdd94
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-ubuntu
+ namespace: default
+spec:
+ selector:
+ app: mirror-ubuntu
+ ports:
+ - name: mirror-ubuntu
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/ubuntu/web.yaml b/Manifests/Mirror/Mirror-Web/ubuntu/web.yaml
new file mode 100644
index 0000000..860aa6a
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/ubuntu/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-ubuntu
+ namespace: default
+ labels:
+ app: mirror-ubuntu
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-ubuntu
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-ubuntu
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-ubuntu
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "ubuntu"
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-truenas
diff --git a/Manifests/Mirror/Mirror-Web/voidlinux/ingress.yml b/Manifests/Mirror/Mirror-Web/voidlinux/ingress.yml
new file mode 100644
index 0000000..92d32eb
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/voidlinux/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-tls-voidlinux
+spec:
+ entryPoints:
+ - websecure
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/voidlinux`)
+ kind: Rule
+ services:
+ - name: mirror-voidlinux
+ kind: Service
+ port: 80
+ tls:
+ secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+ name: mirror-ingress-voidlinux
+spec:
+ entryPoints:
+ - web
+ routes:
+ - match: Host(`mirror.0xem.ma`) && PathPrefix(`/voidlinux`)
+ kind: Rule
+ services:
+ - name: mirror-voidlinux
+ kind: Service
+ port: 80
diff --git a/Manifests/Mirror/Mirror-Web/voidlinux/svc.yml b/Manifests/Mirror/Mirror-Web/voidlinux/svc.yml
new file mode 100644
index 0000000..7a7ae9b
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/voidlinux/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: mirror-voidlinux
+ namespace: default
+spec:
+ selector:
+ app: mirror-voidlinux
+ ports:
+ - name: mirror-voidlinux
+ protocol: TCP
+ port: 80
+ targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/voidlinux/web.yaml b/Manifests/Mirror/Mirror-Web/voidlinux/web.yaml
new file mode 100644
index 0000000..d60ee39
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/voidlinux/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mirror-voidlinux
+ namespace: default
+ labels:
+ app: mirror-voidlinux
+ id: mirror-web
+ annotations:
+ operator.1password.io/auto-restart: "true"
+spec:
+ revisionHistoryLimit: 2
+ selector:
+ matchLabels:
+ app: mirror-voidlinux
+ replicas: 2
+ strategy:
+ rollingUpdate:
+ maxSurge: 25%
+ maxUnavailable: 25%
+ type: RollingUpdate
+ template:
+ metadata:
+ labels:
+ app: mirror-voidlinux
+ id: mirror-web
+ spec:
+ containers:
+ - name: mirror-voidlinux
+ image: 0xemma/nginx-autoindex:json-4
+ resources:
+ limits:
+ memory: 8000Mi
+ requests:
+ cpu: 100m
+ memory: 8000Mi
+ volumeMounts:
+ - mountPath: /var/lib/nginx/html
+ name: mirror-pvc
+ env:
+ - name: API_KEY
+ valueFrom:
+ secretKeyRef:
+ key: AMPLIFY_API_KEY
+ name: amplify-secret
+ - name: AMPLIFY_IMAGENAME
+ value: "voidlinux"
+ ports:
+ - containerPort: 80
+ readinessProbe:
+ httpGet:
+ path: /
+ port: 80
+ initialDelaySeconds: 5
+ periodSeconds: 10
+ volumes:
+ - name: mirror-pvc
+ persistentVolumeClaim:
+ claimName: mirror-truenas
diff --git a/Manifests/Mirror/README.md b/Manifests/Mirror/README.md
new file mode 100644
index 0000000..5c6e072
--- /dev/null
+++ b/Manifests/Mirror/README.md
@@ -0,0 +1,19 @@
+# Linux Mirrors
+
+## Cronjobs/
+Contains the Kubernetes CronJobs to update the mirror source via rsync, using a custom image that will be in containers/eventually
+
+## Mirror-Rsync
+Provides the RSync Daemon Server
+
+## Mirror-Web
+Provides PVC, Ingress, SVC, Pod per Mirror.
+
+Doing a pod per mirror was chosen to make doing stats via loki logs easier. Using a slightly custom image of NGINX w/Amplify, and autoindex turned on, and a JSON Log format for ingest into Loki
+
+## Misc.
+
+- Mirror-PVC.yaml
+ - Provides a single PVC used by Ubuntu & EPEL together, since its stored on a seperate storage class due to my flash-ceph cluster being full.
+- Network-Policy.yaml
+ - Restricts the pods to only allow inbound from traefik, and outbound to amplify + kube-dns
\ No newline at end of file
diff --git a/Manifests/Mirror/mirror-pvc.yml b/Manifests/Mirror/mirror-pvc.yml
new file mode 100644
index 0000000..d7d8277
--- /dev/null
+++ b/Manifests/Mirror/mirror-pvc.yml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: mirror-truenas
+ namespace: default
+ labels:
+ app: mirror-truenas
+spec:
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 11000Gi
+ storageClassName: freenas-nfs-csi
diff --git a/Manifests/Mirror/network-policy.yaml b/Manifests/Mirror/network-policy.yaml
new file mode 100644
index 0000000..4c3aae9
--- /dev/null
+++ b/Manifests/Mirror/network-policy.yaml
@@ -0,0 +1,36 @@
+apiVersion: cilium.io/v2
+kind: CiliumNetworkPolicy
+metadata:
+ name: mirror-network-policy
+ namespace: default
+spec:
+ endpointSelector:
+ matchLabels:
+ id: mirror-web
+ ingress:
+ - fromEndpoints:
+ - matchLabels:
+ app.kubernetes.io/name: traefik
+ io.kubernetes.pod.namespace: kube-system
+ toPorts:
+ - ports:
+ - port: "80"
+ egress:
+ - toEndpoints:
+ - matchLabels:
+ io.kubernetes.pod.namespace: kube-system
+ k8s-app: kube-dns
+ toPorts:
+ - ports:
+ - port: "53"
+ protocol: UDP
+ rules:
+ dns:
+ - matchPattern: "*"
+ - toFQDNs:
+ - matchName: receiver.amplify.nginx.com
+ toPorts:
+ - ports:
+ - port: "443"
+ - ports:
+ - port: "80"