init: 静态站点部署配置 + cyberstar 项目

- Gitea CI 自动 rsync 到服务器 - K8S Nginx 按子域名路由到对应项目目录 - cyberstar 首个项目
2026-04-08 17:56:59 +08:00 · 2026-04-08 17:56:59 +08:00 · 1ab9e67f21
commit 1ab9e67f21
5 changed files with 156 additions and 0 deletions
--- a/.gitea/workflows/deploy.yaml
+++ b/.gitea/workflows/deploy.yaml
@ -0,0 +1,36 @@
+name: Deploy Static Sites
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        run: |
+          git clone --depth=1 --branch=${{ github.ref_name }} https://gitea.airlabs.art/${{ github.repository }}.git .
+
+      - name: Sync to server
+        run: |
+          # 写入 SSH 私钥
+          mkdir -p ~/.ssh
+          printf '%s\n' '${{ secrets.INTERNAL_SERVER_SSH_KEY }}' > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa
+          ssh-keyscan -H 118.196.70.19 >> ~/.ssh/known_hosts 2>/dev/null
+
+          # 同步所有项目目录到服务器（排除 .gitea、k8s 等非项目目录）
+          rsync -avz --delete \
+            --exclude='.gitea/' \
+            --exclude='.git/' \
+            --exclude='k8s/' \
+            --exclude='README.md' \
+            ./ root@118.196.70.19:/data/static-sites/
+
+          echo "✓ 文件同步完成"
+
+      - name: Verify
+        run: |
+          ssh root@118.196.70.19 "ls -la /data/static-sites/"
--- a/cyberstar/index.html
+++ b/cyberstar/index.html
--- a/k8s/deployment.yaml
+++ b/k8s/deployment.yaml
@ -0,0 +1,55 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: static-sites
+  labels:
+    app: static-sites
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: static-sites
+  template:
+    metadata:
+      labels:
+        app: static-sites
+    spec:
+      containers:
+      - name: nginx
+        image: nginx:alpine
+        ports:
+        - containerPort: 80
+        volumeMounts:
+        - name: sites-data
+          mountPath: /usr/share/nginx/html
+          readOnly: true
+        - name: nginx-conf
+          mountPath: /etc/nginx/conf.d
+          readOnly: true
+        resources:
+          requests:
+            memory: "32Mi"
+            cpu: "25m"
+          limits:
+            memory: "128Mi"
+            cpu: "100m"
+      volumes:
+      - name: sites-data
+        hostPath:
+          path: /data/static-sites
+          type: DirectoryOrCreate
+      - name: nginx-conf
+        configMap:
+          name: static-sites-nginx-conf
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: static-sites
+spec:
+  selector:
+    app: static-sites
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 80
--- a/k8s/ingress.yaml
+++ b/k8s/ingress.yaml
@ -0,0 +1,35 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: static-sites-ingress
+  annotations:
+    kubernetes.io/ingress.class: "traefik"
+    cert-manager.io/cluster-issuer: "letsencrypt-prod"
+spec:
+  tls:
+  - hosts:
+    - cyberstar.airlabs.art
+    secretName: cyberstar-tls
+  rules:
+  # --- cyberstar ---
+  - host: cyberstar.airlabs.art
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: static-sites
+            port:
+              number: 80
+  # --- 新增项目：复制上面的 rule，改 host 即可 ---
+  # - host: xxx.airlabs.art
+  #   http:
+  #     paths:
+  #     - path: /
+  #       pathType: Prefix
+  #       backend:
+  #         service:
+  #           name: static-sites
+  #           port:
+  #             number: 80
--- a/k8s/nginx-conf.yaml
+++ b/k8s/nginx-conf.yaml
@ -0,0 +1,21 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: static-sites-nginx-conf
+data:
+  default.conf: |
+    server {
+        listen 80;
+        server_name ~^(?<project>.+)\.airlabs\.art$;
+
+        root /usr/share/nginx/html/$project;
+        index index.html;
+
+        location / {
+            try_files $uri $uri/ /index.html;
+        }
+
+        location ~ /\. {
+            deny all;
+        }
+    }