cscott/n8n
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

re-org for argo

Browse Source
This commit is contained in:
Conan Scott
2025-12-30 20:47:52 +11:00
parent 630c70c95a
commit fc00bd5b4a
13 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
manifests/deploy.sh Normal file
View File

@@ -0,0 +1,12 @@
k apply -f namespace.yaml
k apply -f postgres-claim0-persistentvolumeclaim.yaml
k apply -f postgres-configmap.yaml
k apply -f postgres-secret.yaml
k apply -f postgres-deployment.yaml
k apply -f postgres-service.yaml
./scc-updates.sh
k apply -f n8n-pvc.yaml
k apply -f n8n-service.yaml
k apply -f n8n-deployment.yaml
k apply -f route.yaml
echo n8n Deployed!

80
manifests/n8n-deployment.yaml Normal file
View File

@@ -0,0 +1,80 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
service: n8n
name: n8n
namespace: n8n
spec:
replicas: 1
selector:
matchLabels:
service: n8n
strategy:
type: Recreate
template:
metadata:
labels:
service: n8n
spec:
serviceAccountName: n8n-sa
initContainers:
- name: volume-permissions
image: busybox:1.36
#command: ["sh", "-c", "chown 1000:1000 /data"]
command: ["sh", "-c", "ls /data"]
volumeMounts:
- name: n8n
mountPath: /data
containers:
- command:
- /bin/sh
args:
- -c
- sleep 5; n8n start
env:
- name: DB_TYPE
value: postgresdb
- name: DB_POSTGRESDB_HOST
value: postgres-service.n8n.svc.cluster.local
- name: DB_POSTGRESDB_PORT
value: "5432"
- name: DB_POSTGRESDB_DATABASE
value: n8n
- name: DB_POSTGRESDB_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_NON_ROOT_USER
- name: DB_POSTGRESDB_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_NON_ROOT_PASSWORD
- name: N8N_PROTOCOL
value: http
- name: N8N_PORT
value: "5678"
image: docker.io/n8nio/n8n
name: n8n
ports:
- containerPort: 5678
resources:
requests:
memory: "250Mi"
limits:
memory: "500Mi"
volumeMounts:
- mountPath: /home/node/.n8n
name: n8n
restartPolicy: Always
volumes:
- name: n8n
persistentVolumeClaim:
claimName: n8n
- name: n8n-secret
secret:
secretName: n8n-secret
- name: postgres-secret
secret:
secretName: postgres-secret

12
manifests/n8n-pvc.yaml Normal file
View File

@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: n8n
namespace: n8n
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
storageClassName: nfs-csi

16
manifests/n8n-service.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
labels:
service: n8n
name: n8n
namespace: n8n
spec:
type: LoadBalancer
ports:
- name: "5678"
port: 5678
targetPort: 5678
protocol: TCP
selector:
service: n8n

4
manifests/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: n8n

11
manifests/postgres-claim0-persistentvolumeclaim.yaml Normal file
View File

@@ -0,0 +1,11 @@
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: postgresql-pv
namespace: n8n
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi

19
manifests/postgres-configmap.yaml Normal file
View File

@@ -0,0 +1,19 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: init-data
namespace: n8n
data:
init-data.sh: |
#!/bin/bash
set -e;
if [ -n "${POSTGRES_NON_ROOT_USER:-}" ] && [ -n "${POSTGRES_NON_ROOT_PASSWORD:-}" ]; then
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
CREATE USER "${POSTGRES_NON_ROOT_USER}" WITH PASSWORD '${POSTGRES_NON_ROOT_PASSWORD}';
GRANT ALL PRIVILEGES ON DATABASE ${POSTGRES_DB} TO "${POSTGRES_NON_ROOT_USER}";
CREATE EXTENSION IF NOT EXISTS pgcrypto;
EOSQL
else
echo "SETUP INFO: No Environment variables given!"
fi

81
manifests/postgres-deployment.yaml Normal file
View File

@@ -0,0 +1,81 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
service: postgres-n8n
name: postgres
namespace: n8n
spec:
replicas: 1
selector:
matchLabels:
service: postgres-n8n
strategy:
rollingUpdate:
maxSurge: 1
maxUnavailable: 1
type: RollingUpdate
template:
metadata:
labels:
service: postgres-n8n
spec:
containers:
- image: docker.io/postgres:11
name: postgres
resources:
limits:
#cpu: "2"
#memory: 2Gi
requests:
cpu: "1"
memory: 1Gi
ports:
- containerPort: 5432
volumeMounts:
- name: postgresql-pv
mountPath: /var/lib/postgresql/data
- name: init-data
mountPath: /docker-entrypoint-initdb.d/init-n8n-user.sh
subPath: init-data.sh
env:
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_PASSWORD
- name: POSTGRES_DB
value: n8n
- name: POSTGRES_NON_ROOT_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_NON_ROOT_USER
- name: POSTGRES_NON_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_NON_ROOT_PASSWORD
- name: POSTGRES_HOST
value: postgres-service
- name: POSTGRES_PORT
value: "5432"
restartPolicy: Always
volumes:
- name: postgresql-pv
persistentVolumeClaim:
claimName: postgresql-pv
- name: postgres-secret
secret:
secretName: postgres-secret
- name: init-data
configMap:
name: init-data
defaultMode: 0744

13
manifests/postgres-secret.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Secret
metadata:
namespace: n8n
name: postgres-secret
type: Opaque
stringData:
POSTGRES_USER: root
POSTGRES_PASSWORD: th1rt33nletterS.
POSTGRES_DB: n8n
POSTGRES_NON_ROOT_USER: n8n
POSTGRES_NON_ROOT_PASSWORD: th1rt33nletterS.

16
manifests/postgres-service.yaml Normal file
View File

@@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
labels:
service: postgres-n8n
name: postgres-service
namespace: n8n
spec:
clusterIP: None
ports:
- name: "5432"
port: 5432
targetPort: 5432
protocol: TCP
selector:
service: postgres-n8n

22
manifests/route.yaml Normal file
View File

@@ -0,0 +1,22 @@
kind: Route
apiVersion: route.openshift.io/v1
metadata:
name: n8n-route
namespace: n8n
annotations:
cert-manager.io/issuer-kind: ClusterIssuer
cert-manager.io/issuer-name: letsencrypt-dns01-cloudflare
spec:
host: n8n.apilab.us
path: /
to:
kind: Service
name: n8n
weight: 100
port:
targetPort: 5678
tls:
termination: edge
certificate:
key:
wildcardPolicy: None

3
manifests/scc-updates.sh Executable file
View File

@@ -0,0 +1,3 @@
oc create sa n8n-sa -n n8n
oc adm policy add-scc-to-user anyuid -z n8n-sa -n n8n
oc adm policy add-scc-to-user privileged -z n8n-sa -n n8n