From 8ddbe875fa0e501366393c2551626778c41ee39d Mon Sep 17 00:00:00 2001
From: Emma Samms <emma@0xem.ma>
Date: Tue, 24 Sep 2024 12:06:14 -0400
Subject: [PATCH] Create Rocky

---
 Manifests/Mirror/CronJobs/rockylinux.yml      | 35 +++++++++++
 .../Mirror-Rsync/mirror-rsync-config.yml      |  2 +
 .../Mirror/Mirror-Rsync/mirror-rsync.yml      |  5 ++
 .../Mirror/Mirror-Web/rockylinux/ingress.yml  | 31 ++++++++++
 .../Mirror/Mirror-Web/rockylinux/svc.yml      | 13 ++++
 .../Mirror/Mirror-Web/rockylinux/web.yaml     | 59 +++++++++++++++++++
 6 files changed, 145 insertions(+)
 create mode 100644 Manifests/Mirror/CronJobs/rockylinux.yml
 create mode 100644 Manifests/Mirror/Mirror-Web/rockylinux/ingress.yml
 create mode 100644 Manifests/Mirror/Mirror-Web/rockylinux/svc.yml
 create mode 100644 Manifests/Mirror/Mirror-Web/rockylinux/web.yaml

diff --git a/Manifests/Mirror/CronJobs/rockylinux.yml b/Manifests/Mirror/CronJobs/rockylinux.yml
new file mode 100644
index 0000000..a18112a
--- /dev/null
+++ b/Manifests/Mirror/CronJobs/rockylinux.yml
@@ -0,0 +1,35 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+  name: mirrorupdate-rockylinux
+  namespace: default
+spec:
+  schedule: "48 */5 * * *"
+  successfulJobsHistoryLimit: 0
+  failedJobsHistoryLimit: 0
+  concurrencyPolicy: Forbid
+  jobTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+            - name: mirrorupdate-rockylinux
+              imagePullPolicy: Always
+              image: ghcr.io/0xemma/mirror-updater:v2.0.0
+              env:
+                - name: TARGET
+                  value: /ext/mirror/rockylinux
+                - name: SOURCE
+                  value: rsync://mirror.cpsc.ucalgary.ca/rocky
+                - name: LASTUPDATE
+                  value: https://mirror.math.princeton.edu/pub/blackarch/lastupdate
+                - name: FIRST
+                  value: "not"
+              volumeMounts:
+                - name: mirror-pvc
+                  mountPath: /ext/mirror/
+          restartPolicy: OnFailure
+          volumes:
+            - name: mirror-pvc
+              persistentVolumeClaim:
+                claimName: mirror-rockylinux
diff --git a/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml b/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml
index cb808a0..8619f24 100644
--- a/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml
+++ b/Manifests/Mirror/Mirror-Rsync/mirror-rsync-config.yml
@@ -41,3 +41,5 @@ data:
       path = /mirror/epel
     [void]
       path = /mirror/voidlinux
+    [rockylinux]
+      path = /mnt/rockylinux
diff --git a/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml b/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml
index fc46bf0..e9bf386 100644
--- a/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml
+++ b/Manifests/Mirror/Mirror-Rsync/mirror-rsync.yml
@@ -56,6 +56,8 @@ spec:
               mountPath: /mnt/kali
             - name: blackarch
               mountPath: /mnt/blackarch
+            - name: rockylinux
+              mountPath: /mnt/rockylinux
       volumes:
         - name: config
           configMap:
@@ -84,4 +86,7 @@ spec:
         - name: blackarch
           persistentVolumeClaim:
             claimName: mirror-blackarch-zfs
+        - name: rockylinux
+          persistentVolumeClim:
+            claimName: mirror-rockylinux
       restartPolicy: Always
diff --git a/Manifests/Mirror/Mirror-Web/rockylinux/ingress.yml b/Manifests/Mirror/Mirror-Web/rockylinux/ingress.yml
new file mode 100644
index 0000000..68f137b
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/rockylinux/ingress.yml
@@ -0,0 +1,31 @@
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: mirror-ingress-tls-rockylinux
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: Host(`mirror.0xem.ma`) && PathPrefix(`/rockylinux`)
+      kind: Rule
+      services:
+        - name: mirror-rockylinux
+          kind: Service
+          port: 80
+  tls:
+    secretName: emma-tls
+---
+apiVersion: traefik.io/v1alpha1
+kind: IngressRoute
+metadata:
+  name: mirror-ingress-rockylinux
+spec:
+  entryPoints:
+    - web
+  routes:
+    - match: Host(`mirror.0xem.ma`) && PathPrefix(`/rockylinux`)
+      kind: Rule
+      services:
+        - name: mirror-rockylinux
+          kind: Service
+          port: 80
diff --git a/Manifests/Mirror/Mirror-Web/rockylinux/svc.yml b/Manifests/Mirror/Mirror-Web/rockylinux/svc.yml
new file mode 100644
index 0000000..5a5d78e
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/rockylinux/svc.yml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: mirror-rockylinux
+  namespace: default
+spec:
+  selector:
+    app: mirror-rockylinux
+  ports:
+    - name: mirror-rockylinux
+      protocol: TCP
+      port: 80
+      targetPort: 80
diff --git a/Manifests/Mirror/Mirror-Web/rockylinux/web.yaml b/Manifests/Mirror/Mirror-Web/rockylinux/web.yaml
new file mode 100644
index 0000000..7ce95d0
--- /dev/null
+++ b/Manifests/Mirror/Mirror-Web/rockylinux/web.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: mirror-rockylinux
+  namespace: default
+  labels:
+    app: mirror-rockylinux
+    id: mirror-web
+  annotations:
+    operator.1password.io/auto-restart: "true"
+spec:
+  revisionHistoryLimit: 2
+  selector:
+    matchLabels:
+      app: mirror-rockylinux
+  replicas: 2
+  strategy:
+    rollingUpdate:
+      maxSurge: 25%
+      maxUnavailable: 25%
+    type: RollingUpdate
+  template:
+    metadata:
+      labels:
+        app: mirror-rockylinux
+        id: mirror-web
+    spec:
+      containers:
+        - name: mirror-rockylinux
+          image: 0xemma/nginx-autoindex:json-4
+          resources:
+            limits:
+              memory: 8000Mi
+            requests:
+              cpu: 100m
+              memory: 8000Mi
+          env:
+            - name: API_KEY
+              valueFrom:
+                secretKeyRef:
+                  key: AMPLIFY_API_KEY
+                  name: amplify-secret
+            - name: AMPLIFY_IMAGENAME
+              value: "rockylinux"
+          volumeMounts:
+            - mountPath: /var/lib/nginx/html
+              name: mirror-rockylinux
+          ports:
+            - containerPort: 80
+          readinessProbe:
+            httpGet:
+              path: /
+              port: 80
+            initialDelaySeconds: 5
+            periodSeconds: 10
+      volumes:
+        - name: mirror-pvc
+          persistentVolumeClaim:
+            claimName: mirror-rockylinux