From 21f653cae12b5618e0e6518f0c4190fcd0bba1cd Mon Sep 17 00:00:00 2001
From: Vassiliy Yegorov <va@egorovanet.ru>
Date: Sun, 6 Jul 2025 11:43:09 +0700
Subject: [PATCH] =?UTF-8?q?=D0=9E=D0=B1=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5?=
 =?UTF-8?q?=D0=BD=D1=8B=20=D1=80=D0=B5=D1=81=D1=83=D1=80=D1=81=D1=8B=20?=
 =?UTF-8?q?=D0=B2=20kustomization.yaml=20=D0=B8=20=D1=83=D0=B4=D0=B0=D0=BB?=
 =?UTF-8?q?=D0=B5=D0=BD=D1=8B=20=D0=BD=D0=B5=D0=B8=D1=81=D0=BF=D0=BE=D0=BB?=
 =?UTF-8?q?=D1=8C=D0=B7=D1=83=D0=B5=D0=BC=D1=8B=D0=B5=20=D1=84=D0=B0=D0=B9?=
 =?UTF-8?q?=D0=BB=D1=8B=20=D0=BA=D0=BE=D0=BD=D1=84=D0=B8=D0=B3=D1=83=D1=80?=
 =?UTF-8?q?=D0=B0=D1=86=D0=B8=D0=B8.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 talos-k8s-flux/manifests/cnpg.yaml            | 14 ++++
 .../manifests/nginx-test-with-csi.yaml        | 80 +++++++++++++++++++
 talos-k8s-flux/manifests/nginx-test.yaml      | 59 ++++++++++++++
 3 files changed, 153 insertions(+)
 create mode 100644 talos-k8s-flux/manifests/cnpg.yaml
 create mode 100644 talos-k8s-flux/manifests/nginx-test-with-csi.yaml
 create mode 100644 talos-k8s-flux/manifests/nginx-test.yaml

diff --git a/talos-k8s-flux/manifests/cnpg.yaml b/talos-k8s-flux/manifests/cnpg.yaml
new file mode 100644
index 0000000..c053e1a
--- /dev/null
+++ b/talos-k8s-flux/manifests/cnpg.yaml
@@ -0,0 +1,14 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: cluster-example-custom
+spec:
+  instances: 1
+  postgresql:
+    parameters:
+      max_worker_processes: "60"
+    pg_hba:
+      - host all all all md5
+  storage:
+    size: 1Gi
+    storageClass: piraeus-storage
diff --git a/talos-k8s-flux/manifests/nginx-test-with-csi.yaml b/talos-k8s-flux/manifests/nginx-test-with-csi.yaml
new file mode 100644
index 0000000..1248a16
--- /dev/null
+++ b/talos-k8s-flux/manifests/nginx-test-with-csi.yaml
@@ -0,0 +1,80 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: data-volume
+  namespace: default
+spec:
+  storageClassName: piraeus-storage
+  resources:
+    requests:
+      storage: 1Gi
+  accessModes:
+    - ReadWriteOnce
+---
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: nginx
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: nginx
+        app: nginx
+    spec:
+      containers:
+        - name: nginx
+          image: nginx:1.25.2-alpine
+          ports:
+            - containerPort: 8080
+          # securityContext:
+            # allowPrivilegeEscalation: false
+            # capabilities:
+            #   drop:
+            #     - ALL
+            # runAsNonRoot: true
+            # seccompProfile:
+            #   type: RuntimeDefault
+          volumeMounts:
+            - mountPath: /usr/share/nginx/html
+              name: data
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: data-volume
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  selector:
+    app: nginx
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: nginx-ingress
+  namespace: default
+spec:
+  rules:
+    - host: test.talos.loc
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: nginx
+                port:
+                  number: 80
diff --git a/talos-k8s-flux/manifests/nginx-test.yaml b/talos-k8s-flux/manifests/nginx-test.yaml
new file mode 100644
index 0000000..1e0f272
--- /dev/null
+++ b/talos-k8s-flux/manifests/nginx-test.yaml
@@ -0,0 +1,59 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: nginx
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: nginx
+        app: nginx
+    spec:
+      containers:
+        - name: nginx
+          image: nginx:1.25.2-alpine
+          ports:
+            - containerPort: 8080
+          # securityContext:
+            # allowPrivilegeEscalation: false
+            # capabilities:
+            #   drop:
+            #     - ALL
+            # runAsNonRoot: true
+            # seccompProfile:
+            #   type: RuntimeDefault
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: nginx
+  namespace: default
+spec:
+  selector:
+    app: nginx
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8080
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: nginx-ingress
+  namespace: default
+spec:
+  rules:
+    - host: test.talos.loc
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: nginx
+                port:
+                  number: 80