m

docker/docker-compose.yml

@@ -1,4 +1,5 @@
 services:
+<<<<<<< HEAD
     # We need to run the FPM container for our application
     laravel.fpm:
         build:
@@ -89,4 +90,116 @@ networks:
     laravel-in-kubernetes:
 
 volumes:
-    laravel-in-kubernetes-mysql:
+    laravel-in-kubernetes-mysql:
+=======
+
+  php:
+    build:
+      context: "."
+      dockerfile: "Dockerfile"
+    restart: unless-stopped
+    #ports:
+    #   - 9000:9000
+    volumes:
+      - ./:/var/www/html
+      - ./docker/php-fpm/php-fpm.ini:/opt/bitnami/php/etc/php-fpm.conf
+      - ./docker/php-fpm/php.ini:/usr/local/etc/php/php.ini-production
+      - ./docker/php-fpm/php-dev.ini:/usr/local/etc/php/php.ini-development
+    environment:
+      PHP_UPLOAD_MAX_FILESIZE: '2000M'
+      PHP_POST_MAX_SIZE: '2000M'
+      PHP_MAX_EXECUTION_TIME: '300'
+      PHP_MEMORY_LIMIT: '50000M'
+    expose:
+      - 9000
+    networks:
+    #  - public_network
+      - internal_network
+    deploy:
+      mode: replicated
+      replicas: 2
+
+    #depends_on:
+    #    - nginx
+  nginx:
+    image: nginx:1.27.0
+    restart: unless-stopped
+    ports:
+     - 80:80
+     - 443:443
+    volumes:
+      - ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf
+      - ./docker/nginx/site.conf:/etc/nginx/conf.d/default.conf
+      - ./docker/nginx/ssl:/etc/nginx/ssl
+      - ./:/var/www/html
+      - ./docker/certbot/conf:/etc/letsencrypt
+      - ./docker/certbot/html:/var/www/certbot
+    depends_on:
+      - php
+    environment:
+      DOMAIN_NAME: superzaki.com
+    networks:
+      - internal_network
+      - public_network
+
+  db:
+    image: mysql:8.0.36
+    restart: unless-stopped
+    ports:
+      - "${DB_PORT-3306}:3307"
+    volumes:
+      -  /mnt/blockstorage/mysql:/var/lib/mysql_docker
+      - ./docker/mysql/my.cnf:/etc/mysql/conf.d/my.cnf
+      - ./docker/mysql/init.sql:/docker-entrypoint-initdb.d/init.sql
+    environment:
+      MYSQL_DATABASE: ${DB_DATABASE}
+      MYSQL_ROOT_PASSWORD: ${DB_PASSWORD}
+      MYSQL_PASSWORD: ${DB_PASSWORD}
+      MYSQL_ROOT_HOST: "%"
+      #MYSQL_USER: ${DB_USERNAME}
+      MYSQL_ALLOW_EMPTY_PASSWORD: true
+    networks:
+      - internal_network
+
+  composer:
+    image: composer
+    volumes:
+      - ./docker/php-composer/entrypoint.sh:/entrypoint.sh
+      - ./:/var/www/html
+      - ./docker/php-composer/.composer_json_hash:/var/www/composer_json_hash/.composer_json_hash
+    working_dir: /var/www/html
+    entrypoint: /bin/sh -c '/entrypoint.sh'
+    environment:
+      COMPOSER_ALLOW_SUPERUSER: '1'
+    depends_on:
+      - php
+      - nginx
+
+  certbot:
+    image: certbot/certbot:latest
+    volumes:
+      - ./docker/certbot/entrypoint.sh:/entrypoint.sh
+      - ./docker/certbot/conf:/etc/letsencrypt
+      - ./docker/certbot/html:/var/www/certbot
+      - ./docker/nginx/site.conf:/var/www/nginx/site.conf
+      - ./docker/nginx/ssl:/var/www/nginx/ssl
+    environment:
+      - APP_URL=${APP_URL}
+      - DOMAIN_NAME=superzaki.com
+    entrypoint: /bin/sh -c '/entrypoint.sh'
+    depends_on:
+      - nginx
+    restart: "no"
+
+
+networks:
+  public_network:
+     driver: bridge
+
+  internal_network:
+     internal: true
+
+
+#networks:
+#  network:
+>>>>>>> 48300f898e165367a43d20c975bac0c51e37efe0

docker/kube/installed

@@ -0,0 +1,58 @@
+1-create volume and attach it to storage-pool
+-----
+kubectl get nodes
+kubectl cordon <node_id>
+-----
+login to storage-pool
+mkdir /home/ubuntu/shared/<mysitename.com>
+link volume to storage-pool node in /home/ubuntu/shared/
+(parted -s /dev/vdX mklabel gpt && parted -s /dev/vdX unit mib mkpart primary 0% 100% && mkfs.ext4 /dev/vdX1) by default X is b (never run this command more than one for single volume)
+--
+put data into volumes inside (mkdir /home/ubuntu/shared/mysitename.com)
+useful commands 
+fdisk -l => list all volumes
+sudo blkid /dev/vdb1 => get UUID for volumes
+inside /etc/fstab
+UUID="d14dae78-435f-4f2f-bf88-b943e3a3a310" /home/ubuntu/shared/  ext4  defaults,noatime,nofail  0  0
+sudo mount -a
+--
+#install nfs-server
+sudo apt update -y && sudo apt install nfs-kernel-server -y 
+sudo mkdir -p /home/ubuntu/shared
+sudo chown -R nobody:nogroup /home/ubuntu/shared
+sudo chmod 777 -R /home/ubuntu/shared
+sudo nano /etc/exports and add
+/home/ubuntu/shared/ 10.244.0.0/16(rw,sync,no_subtree_check) #10.244.0.0/16 is Cluster Subnet
+/home/ubuntu/shared/ 10.96.0.0/16(rw,sync,no_subtree_check) #10.96.0.0/12 is service Subnet
+sudo exportfs -a
+sudo ufw allow from 10.244.0.0/16 to any port nfs
+sudo ufw allow from 10.96.0.0/16 to any port nfs
+sudo ufw enable # and press yes
+---------------
+#install helm
+curl https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 | bash
+#Add Necessary Helm Repositories
+helm repo add jetstack https://charts.jetstack.io
+helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
+helm repo add stable https://charts.helm.sh/stable
+helm repo update
+#install packages
+helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.9.1 --set installCRDs=true
+helm install my-nginx-ingress ingress-nginx/ingress-nginx --namespace default --version 4.11.1
+helm install nfs-provisioner stable/nfs-server-provisioner --namespace default --version 1.1.3
+#use helm search repo nfs-server-provisioner is you need to search
+------
+#set github secrets
+kubectl create secret generic github-mysitename-token --from-literal=token=<your-github-token>
+----------------------------------------------------------
+steps for single site
+generate github token for site [] 
+kubectl create secret generic github-mysitename-token --from-literal=token=<your-github-token>
+
+link cloudflare []
+configure and deploy
+-init
+-pvc
+-deploy
+-service
+-ingress