cluster.fun/manifests/skooner/manifest.yaml

107 lines
2.1 KiB
YAML
Raw Normal View History

apiVersion: v1
kind: ServiceAccount
metadata:
name: skooner-user
labels:
app.kubernetes.io/name: skooner
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: skooner-user
labels:
app.kubernetes.io/name: skooner
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: cluster-admin
subjects:
- kind: ServiceAccount
name: skooner-user
namespace: skooner
---
kind: Deployment
apiVersion: apps/v1
metadata:
name: skooner
labels:
app.kubernetes.io/name: skooner
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: skooner
template:
metadata:
labels:
app.kubernetes.io/name: skooner
spec:
containers:
- name: skooner
image: ghcr.io/skooner-k8s/skooner:stable
imagePullPolicy: Always
ports:
- containerPort: 4654
livenessProbe:
httpGet:
scheme: HTTP
path: /
port: 4654
initialDelaySeconds: 30
timeoutSeconds: 30
---
kind: Service
apiVersion: v1
metadata:
name: skooner
labels:
app.kubernetes.io/name: skooner
spec:
ports:
- port: 80
targetPort: 4654
name: web
selector:
app.kubernetes.io/name: skooner
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: skooner
labels:
app.kubernetes.io/name: skooner
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
spec:
ingressClassName: nginx
tls:
- hosts:
- skooner.cluster.fun
secretName: skooner-ingress
rules:
- host: skooner.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: skooner
port:
name: web