initial commit

2025-11-23 18:58:51 +01:00
commit 376a944abc
1553 changed files with 314731 additions and 0 deletions
--- a/riscv/nexus/nexus-passthrough.yaml
+++ b/riscv/nexus/nexus-passthrough.yaml
@@ -0,0 +1,156 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nexus
+  namespace: nexus
+  labels:
+    app: nexus
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nexus
+  template:
+    metadata:
+      labels:
+        app: nexus
+    spec:
+      containers:
+      - name: nexus
+        image: allardkrings/riscv64-nexus
+        resources:
+          requests:
+            memory: "2Gi"
+            cpu: "1000m"
+          limits:
+            memory: "4Gi"
+            cpu: "2000m"
+        ports:
+        - containerPort: 8081
+          name: web
+        - containerPort: 8443
+          name: websecure
+        - containerPort: 8444
+          name: docker
+        volumeMounts:
+        # Nexus work directory
+        - mountPath: /opt/sonatype/sonatype-work/nexus3
+          name: nexus-data
+          subPath: data-dir
+        # SSL keystore
+        - mountPath: /opt/sonatype/nexus/etc/ssl
+          name: nexus-data
+          subPath: ssl
+        env:
+        - name: INSTALL4J_ADD_VM_PARAMS
+          value: "-XX:ActiveProcessorCount=4 -Djava.util.prefs.userRoot=/opt/sonatype/sonatype-work/nexus3/javaprefs"
+        - name: NEXUS_SECURITY_SSL_KEYSTORE_PATH
+          value: /opt/sonatype/nexus/etc/ssl/allarddcs.nl.p12
+        - name: NEXUS_SECURITY_SSL_KEYSTORE_PASSWORD
+          value: "password"
+      volumes:
+      - name: nexus-data
+        persistentVolumeClaim:
+          claimName: nexus-pvc
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nexus
+  namespace: nexus
+spec:
+  ports:
+  - name: web
+    targetPort: 8081
+    port: 8081
+  - name: websecure
+    targetPort: 8443
+    port: 8443
+  - name: docker
+    targetPort: 8444
+    port: 8444
+  selector:
+    app: nexus
+  type: ClusterIP
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: nexus-http
+  namespace: nexus
+spec:
+  entryPoints:
+    - web
+  routes:
+  - match: Host(`nexus-riscv.allarddcs.nl`)
+    kind: Rule
+    services:
+    - name: nexus
+      port: 8081
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRouteTCP
+metadata:
+  name: nexus-tls
+  namespace: nexus
+spec:
+  entryPoints:
+    - websecure
+  routes:
+    - match: HostSNI(`nexus-riscv.allarddcs.nl`)
+      services:
+        - name: nexus
+          port: 8443
+  tls:
+    passthrough: true
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRouteTCP
+metadata:
+  name: registry-tcp-tls
+  namespace: nexus
+spec:
+  entryPoints:
+  - docker
+  routes:
+  - match: HostSNI(`registry-riscv.allarddcs.nl`)
+    services:
+    - name: nexus
+      port: 8444
+  tls:
+    passthrough: true
+---
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: nexus-pv
+spec:
+  storageClassName: ""
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteMany
+  persistentVolumeReclaimPolicy: Retain
+  mountOptions:
+    - hard
+    - nfsvers=4.1
+  nfs:
+    server: 192.168.2.110
+    path: /mnt/nfs_share/nexus/riscv
+    readOnly: false
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: nexus-pvc
+  namespace: nexus
+spec:
+  storageClassName: ""
+  volumeName: nexus-pv
+  accessModes:
+    - ReadWriteMany
+  volumeMode: Filesystem
+  resources:
+    requests:
+      storage: 1Gi
+