124 lines
No EOL
2.7 KiB
YAML
124 lines
No EOL
2.7 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: darkdork-dev
|
|
---
|
|
kind: StorageClass
|
|
apiVersion: storage.k8s.io/v1
|
|
metadata:
|
|
name: longhorn-ssd
|
|
namespace: darkdork-dev
|
|
provisioner: driver.longhorn.io
|
|
allowVolumeExpansion: true
|
|
parameters:
|
|
numberOfReplicas: "3"
|
|
staleReplicaTimeout: "2880" # 48 hours in minutes
|
|
fromBackup: ""
|
|
fsType: "xfs"
|
|
# backupTargetName: "default"
|
|
# mkfsParams: "-I 256 -b 4096 -O ^metadata_csum,^64bit"
|
|
# diskSelector: "ssd,fast"
|
|
# nodeSelector: "storage,fast"
|
|
# recurringJobSelector: '[
|
|
# {
|
|
# "name":"snap",
|
|
# "isGroup":true,
|
|
# },
|
|
# {
|
|
# "name":"backup",
|
|
# "isGroup":false,
|
|
# }
|
|
# ]'
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: pleroma
|
|
namespace: darkdork-dev
|
|
annotations:
|
|
cert-manager.io/issuer: "letsencrypt-prod"
|
|
spec:
|
|
ingressClassName: nginx
|
|
tls:
|
|
- hosts:
|
|
- darkdork.dev
|
|
secretName: tls-secret
|
|
rules:
|
|
- host: darkdork.dev
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: pleroma
|
|
port:
|
|
number: 80
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: minio
|
|
namespace: darkdork-dev
|
|
annotations:
|
|
cert-manager.io/issuer: "letsencrypt-prod"
|
|
nginx.ingress.kubernetes.io/rewrite-target: /pleroma.darkdork.dev/$1
|
|
spec:
|
|
ingressClassName: nginx
|
|
tls:
|
|
- hosts:
|
|
- media.darkdork.dev
|
|
secretName: tls-secret-media
|
|
rules:
|
|
- host: media.darkdork.dev
|
|
http:
|
|
paths:
|
|
- path: /(.+)
|
|
pathType: ImplementationSpecific
|
|
backend:
|
|
service:
|
|
name: minio
|
|
port:
|
|
number: 80
|
|
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Issuer
|
|
metadata:
|
|
namespace: darkdork-dev
|
|
name: letsencrypt-staging
|
|
spec:
|
|
acme:
|
|
# The ACME server URL
|
|
server: https://acme-staging-v02.api.letsencrypt.org/directory
|
|
# Email address used for ACME registration
|
|
email: pwm@crlf.ninja
|
|
# Name of a secret used to store the ACME account private key
|
|
privateKeySecretRef:
|
|
name: letsencrypt-staging
|
|
# Enable the HTTP-01 challenge provider
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
ingressClassName: nginx
|
|
---
|
|
apiVersion: cert-manager.io/v1
|
|
kind: Issuer
|
|
metadata:
|
|
namespace: darkdork-dev
|
|
name: letsencrypt-prod
|
|
spec:
|
|
acme:
|
|
# The ACME server URL
|
|
server: https://acme-v02.api.letsencrypt.org/directory
|
|
# Email address used for ACME registration
|
|
email: pwm@crlf.ninja
|
|
# Name of a secret used to store the ACME account private key
|
|
privateKeySecretRef:
|
|
name: letsencrypt-prod
|
|
# Enable the HTTP-01 challenge provider
|
|
solvers:
|
|
- http01:
|
|
ingress:
|
|
ingressClassName: nginx |