apiVersion: v1 kind: Namespace metadata: name: legendary --- apiVersion: apps/v1 kind: Deployment metadata: name: legendary namespace: legendary spec: replicas: 2 selector: matchLabels: app: legendary template: metadata: labels: app: legendary spec: containers: - name: app image: registry.gitlab.com/mythic-insight/legendary:3.0.3 command: ["elixir"] args: - "--name" - "$(NAME)@$(POD_IP)" - "--cookie" - "$(SECRET_KEY_BASE)" - "-S" - "mix" - "phx.server" ports: - containerPort: 4000 - containerPort: 4369 env: - name: HOSTNAME value: legendaryframework.org - name: EMAIL_FROM value: no-reply@legendaryframework.org - name: NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: NAME value: legendary-doc-site - name: POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: DATABASE_URL valueFrom: secretKeyRef: name: database key: url - name: SECRET_KEY_BASE valueFrom: secretKeyRef: name: legendary key: secret-key-base - name: LIVE_VIEW_SIGNING_SALT valueFrom: secretKeyRef: name: legendary key: live-view-signing-salt - name: SMTP_HOST valueFrom: secretKeyRef: name: legendary key: smtp-host - name: SMTP_USERNAME valueFrom: secretKeyRef: name: legendary key: smtp-username - name: SMTP_PASSWORD valueFrom: secretKeyRef: name: legendary key: smtp-password - name: SMTP_HOST valueFrom: secretKeyRef: name: legendary key: smtp-host - name: SMTP_USERNAME valueFrom: secretKeyRef: name: legendary key: smtp-username - name: SMTP_PASSWORD valueFrom: secretKeyRef: name: legendary key: smtp-password --- apiVersion: v1 kind: Service metadata: name: legendary namespace: legendary spec: selector: app: legendary ports: - protocol: TCP port: 80 targetPort: 4000 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: legendary namespace: legendary annotations: kubernetes.io/ingress.class: nginx cert-manager.io/cluster-issuer: letsencrypt spec: rules: - host: legendary-demo.mythicinsight.com http: paths: - backend: service: name: legendary port: number: 80 path: / pathType: Prefix tls: - hosts: - legendary-demo.mythicinsight.com secretName: legendary-demo-cert --- kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: legendary name: pod-watcher rules: - apiGroups: [""] resources: ["pods"] verbs: ["list"] --- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: namespace: legendary name: pod-watcher-binding subjects: - kind: ServiceAccount namespace: legendary name: default roleRef: kind: Role name: pod-watcher apiGroup: rbac.authorization.k8s.io