diff --git a/manifests/scp-archives.yaml b/manifests/scp-archives.yaml new file mode 100644 index 0000000..18b677d --- /dev/null +++ b/manifests/scp-archives.yaml @@ -0,0 +1,97 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: scp +--- +apiVersion: v1 +kind: Secret +metadata: + name: scp-s3 + namespace: scp + annotations: + kube-1password: d5dgclm3qrxd4fntivv26ec3ee + kube-1password/vault: Kubernetes +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + name: scp + namespace: scp +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: 80 + name: web + selector: + app: scp +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: scp + namespace: scp +spec: + replicas: 2 + selector: + matchLabels: + app: scp + template: + metadata: + labels: + app: scp + spec: + containers: + - name: web + image: pottava/s3-proxy:2.0 + imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 + name: web + env: + - name: AWS_REGION + value: fr-par + - name: AWS_S3_BUCKET + value: scp-archives + - name: AWS_API_ENDPOINT + value: https://s3.fr-par.scw.cloud + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: scp-s3 + key: username + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: scp-s3 + key: password + resources: + limits: + memory: 200Mi + requests: + memory: 200Mi +--- +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: scp + namespace: scp + annotations: + cert-manager.io/cluster-issuer: letsencrypt + traefik.ingress.kubernetes.io/frontend-entry-points: http,https + traefik.ingress.kubernetes.io/redirect-entry-point: https + traefik.ingress.kubernetes.io/redirect-permanent: "true" +spec: + tls: + - hosts: + - scp-archives.cluster.fun + secretName: scp-ingress + rules: + - host: scp-archives.cluster.fun + http: + paths: + - path: / + backend: + serviceName: scp + servicePort: 80