--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-https spec: selector: matchLabels: nginx: {{ .Release.Name }} replicas: 1 template: metadata: labels: app: {{ .Release.Name }} nginx: {{ .Release.Name }} spec: containers: - name: etherpad image: etherpad/etherpad:1.8.13 ports: - containerPort: 9001 volumeMounts: - name: etherpadconfig mountPath: "/opt/etherpad-lite/settings.json" subPath: settings.json - name: nginx image: nginx:1.21.0-alpine ports: - containerPort: 80 - containerPort: 443 volumeMounts: - name: nginx-config mountPath: "/etc/nginx/conf.d/" - name: etcletsencrypt mountPath: "/etc/letsencrypt" - name: webroot mountPath: "/usr/share/nginx/html" volumes: - name: nginx-config configMap: name: {{ .Release.Name }}-nginx-config - name: etcletsencrypt persistentVolumeClaim: claimName: {{ .Release.Name }}-letsencrypt-certs - name: webroot persistentVolumeClaim: claimName: {{ .Release.Name }}-webroot --- apiVersion: v1 kind: Service metadata: name: {{ .Release.Name }}-{{ .Values.serviceName }} labels: app: {{ .Release.Name }}-{{ .Values.serviceName }} spec: type: ClusterIP ports: - port: 80 name: http - port: 443 targetPort: 9001 name: https selector: app: {{ .Release.Name }} --- apiVersion: v1 kind: ConfigMap metadata: name: {{ .Release.Name }}-nginx-config data: {{ tpl (.Files.Glob "etherpad/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ .Release.Name }}-letsencrypt-certs spec: accessModes: - ReadWriteMany resources: requests: storage: 50Mi storageClassName: rook-cephfs --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ .Release.Name }}-webroot spec: accessModes: - ReadWriteMany resources: requests: storage: 100Mi storageClassName: rook-cephfs --- apiVersion: batch/v1 kind: Job metadata: name: {{ .Release.Name }}-getcert spec: template: metadata: labels: app: {{ .Release.Name }} spec: restartPolicy: Never containers: - name: certbot image: ungleich/ungleich-certbot ports: - containerPort: 80 env: - name: DOMAIN value: "{{ .Release.Name }}-{{ .Values.serviceName }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}" - name: EMAIL value: "{{ .Values.email }}" volumeMounts: - name: etcletsencrypt mountPath: "/etc/letsencrypt" volumes: - name: etcletsencrypt persistentVolumeClaim: claimName: {{ .Release.Name }}-letsencrypt-certs backoffLimit: 3