| local kube = import "../../kube/kube.libsonnet"; |
| |
| { |
| local rc3 = self, |
| deploy: kube.Deployment("rc3-data") { |
| metadata+: { |
| namespace: "personal-q3k", |
| }, |
| spec+: { |
| template+: { |
| spec+: { |
| containers_: { |
| default: kube.Container("default") { |
| image: "registry.k0.hswaw.net/q3k/rc3-data:1610640062", |
| ports_: { |
| http: { containerPort: 8080 }, |
| }, |
| }, |
| }, |
| securityContext: { |
| // nginx:nginx |
| runAsUser: 101, |
| runAsGroup: 101, |
| }, |
| }, |
| }, |
| }, |
| }, |
| svc: kube.Service("rc3-data") { |
| metadata+: { |
| namespace: "personal-q3k", |
| }, |
| target_pod:: rc3.deploy.spec.template, |
| }, |
| ingress: kube.Ingress("rc3-data") { |
| metadata+: { |
| namespace: "personal-q3k", |
| annotations+: { |
| "kubernetes.io/tls-acme": "true", |
| "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod", |
| "nginx.ingress.kubernetes.io/proxy-body-size": "0", |
| }, |
| }, |
| spec+: { |
| tls: [ |
| { hosts: [ "rc3-data.q3k.org"], secretName: "rc3-data-tls", }, |
| ], |
| rules: [ |
| { |
| host: "rc3-data.q3k.org", |
| http: { |
| paths: [ |
| { path: "/", backend: rc3.svc.name_port }, |
| ], |
| }, |
| }, |
| ], |
| }, |
| }, |
| } |