176 lines
4.4 KiB
Text
176 lines
4.4 KiB
Text
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: legendary-doc-site
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: legendary-doc-site
|
|
namespace: legendary-doc-site
|
|
spec:
|
|
replicas: 2
|
|
selector:
|
|
matchLabels:
|
|
app: legendary-doc-site
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: legendary-doc-site
|
|
spec:
|
|
containers:
|
|
- name: app
|
|
image: registry.gitlab.com/mythic-insight/legendary-doc-site:{{=it.version}}
|
|
command: ["elixir"]
|
|
args:
|
|
- "--name"
|
|
- "$(NAME)@$(POD_IP)"
|
|
- "--cookie"
|
|
- "$(SECRET_KEY_BASE)"
|
|
- "-S"
|
|
- "mix"
|
|
- "phx.server"
|
|
ports:
|
|
- containerPort: 4000
|
|
- containerPort: 4369
|
|
env:
|
|
- name: HOSTNAME
|
|
value: legendaryframework.org
|
|
- name: POOL_SIZE
|
|
value: "25"
|
|
- name: EMAIL_FROM
|
|
value: no-reply@legendaryframework.org
|
|
- name: NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: NAME
|
|
value: legendary-doc-site
|
|
- name: POD_IP
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: status.podIP
|
|
- name: DATABASE_URL
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: database
|
|
key: url
|
|
- name: SECRET_KEY_BASE
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: secret-key-base
|
|
- name: LIVE_VIEW_SIGNING_SALT
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: live-view-signing-salt
|
|
- name: OBJECT_STORAGE_ACCESS_KEY_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: object-storage-access-key-id
|
|
- name: OBJECT_STORAGE_SECRET_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: object-storage-secret-access-key
|
|
- name: SMTP_HOST
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: smtp-host
|
|
- name: SMTP_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: smtp-username
|
|
- name: SMTP_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: legendary-doc-site
|
|
key: smtp-password
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: legendary-doc-site
|
|
namespace: legendary-doc-site
|
|
spec:
|
|
selector:
|
|
app: legendary-doc-site
|
|
ports:
|
|
- protocol: TCP
|
|
port: 80
|
|
targetPort: 4000
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: legendary-doc-site
|
|
namespace: legendary-doc-site
|
|
annotations:
|
|
kubernetes.io/ingress.class: nginx
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
spec:
|
|
rules:
|
|
- host: legendary-doc-site.mythicinsight.com
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: legendary-doc-site
|
|
port:
|
|
number: 80
|
|
path: /
|
|
pathType: Prefix
|
|
- host: legendaryframework.com
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: legendary-doc-site
|
|
port:
|
|
number: 80
|
|
path: /
|
|
pathType: Prefix
|
|
- host: legendaryframework.org
|
|
http:
|
|
paths:
|
|
- backend:
|
|
service:
|
|
name: legendary-doc-site
|
|
port:
|
|
number: 80
|
|
path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- hosts:
|
|
- legendary-doc-site.mythicinsight.com
|
|
- legendaryframework.org
|
|
- legendaryframework.com
|
|
secretName: legendary-doc-site-cert
|
|
---
|
|
kind: Role
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
namespace: legendary-doc-site
|
|
name: pod-watcher
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods"]
|
|
verbs: ["list"]
|
|
---
|
|
kind: RoleBinding
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
metadata:
|
|
namespace: legendary-doc-site
|
|
name: pod-watcher-binding
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
namespace: legendary-doc-site
|
|
name: default
|
|
roleRef:
|
|
kind: Role
|
|
name: pod-watcher
|
|
apiGroup: rbac.authorization.k8s.io
|