imfreedom/k8s-cluster
Clone
Summary
Browse
Changes
Graph
Move the xmpp hosts to the main ingress so the cert is created properly, also tweak a few more things in the prosody config.
2020-01-27, Gary Kramlich
6b927366e97d
Move the xmpp hosts to the main ingress so the cert is created properly, also tweak a few more things in the prosody config.
# hub is a deployment of jetbrains hub software which we use for a centralized
# authentication platform.
---
apiVersion
:
extensions/v1beta1
kind
:
Ingress
metadata
:
namespace
:
imfreedom
name
:
hub
annotations
:
cert-manager.io/issuer
:
letsencrypt
nginx.ingress.kubernetes.io/configuration-snippet
:
|
more_set_headers "X-Frame-Options: SAMEORIGIN";
labels
:
app
:
hub
spec
:
rules
:
-
host
:
hub.imfreedom.org
http
:
paths
:
-
backend
:
serviceName
:
hub
servicePort
:
8080
path
:
/
tls
:
-
hosts
:
-
hub.imfreedom.org
secretName
:
hub-tls
---
apiVersion
:
v1
kind
:
Service
metadata
:
namespace
:
imfreedom
labels
:
app
:
hub
name
:
hub
spec
:
ports
:
-
port
:
8080
protocol
:
TCP
selector
:
app
:
hub
---
apiVersion
:
networking.k8s.io/v1
kind
:
NetworkPolicy
metadata
:
namespace
:
imfreedom
name
:
hub
labels
:
app
:
hub
spec
:
podSelector
:
matchLabels
:
app
:
hub
ingress
:
-
from
:
-
namespaceSelector
:
matchLabels
:
name
:
kube-public
podSelector
:
matchLabels
:
app
:
ingress
role
:
controller
ports
:
-
port
:
8080
protocol
:
TCP
---
apiVersion
:
apps/v1
kind
:
Deployment
metadata
:
namespace
:
imfreedom
name
:
hub
labels
:
app
:
hub
spec
:
replicas
:
1
selector
:
matchLabels
:
app
:
hub
strategy
:
type
:
Recreate
template
:
metadata
:
labels
:
app
:
hub
spec
:
containers
:
-
name
:
hub
image
:
docker.io/jetbrains/hub:2019.1.11738
ports
:
-
containerPort
:
8080
resources
:
limits
:
cpu
:
250m
memory
:
1024Mi
requests
:
cpu
:
100m
memory
:
512Mi
volumeMounts
:
-
mountPath
:
/opt/hub/data/
name
:
hub
readOnly
:
false
subPath
:
data
-
mountPath
:
/opt/hub/conf/
name
:
hub
readOnly
:
false
subPath
:
conf
-
mountPath
:
/opt/hub/logs/
name
:
hub
readOnly
:
false
subPath
:
logs
-
mountPath
:
/opt/hub/backups/
name
:
hub
readOnly
:
false
subPath
:
backups
securityContext
:
fsGroup
:
13001
runAsUser
:
13001
volumes
:
-
name
:
hub
persistentVolumeClaim
:
claimName
:
hub
---
apiVersion
:
v1
kind
:
PersistentVolumeClaim
metadata
:
namespace
:
imfreedom
name
:
hub
labels
:
app
:
hub
spec
:
accessModes
:
-
ReadWriteOnce
resources
:
requests
:
storage
:
1Gi
---
