ungleich-public/ungleich-k8s
6
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

zammad: using ungleich-certbot container

Browse source
This commit is contained in:
Nico Schottelius 2021-10-10 16:24:04 +09:00
parent e54622f81b
commit 52b4fbead7
1 changed files with 37 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

95
apps/zammad/templates/deployment.yaml
View file

@ -112,15 +112,15 @@ spec:
checksum/config: {{ include (print $.Template.BasePath "/nginxconf.yaml") . | sha256sum }} checksum/config: {{ include (print $.Template.BasePath "/nginxconf.yaml") . | sha256sum }}
spec: spec:
initContainers: initContainers:
- name: wait-for-cert # - name: wait-for-cert
image: busybox # image: busybox
command: # command:
- sh # - sh
- -c # - -c
- until ls /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem; do sleep 5; done # - until ls /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem; do sleep 5; done
volumeMounts: # volumeMounts:
- name: etcletsencrypt # - name: etcletsencrypt
mountPath: "/etc/letsencrypt" # mountPath: "/etc/letsencrypt"
- name: change-permissions - name: change-permissions
image: busybox image: busybox
command: command:
@ -160,9 +160,23 @@ spec:
mountPath: "/opt/zammad" mountPath: "/opt/zammad"
containers: containers:
- name: nginx - name: nginx
image: nginx:1.21.3-alpine image: ungleich/ungleich-certbot:0.2.0
ports: ports:
- containerPort: 443 - containerPort: 443
name: https
- containerPort: 80
name: http
env:
- name: DOMAIN
value: "{{ tpl .Values.fqdn . }}"
- name: EMAIL
value: "{{ .Values.email }}"
- name: NGINX
value: "yes"
{{ if eq .Values.letsencryptStaging "no" }}
- name: STAGING
value: "no"
{{ end }}
volumeMounts: volumeMounts:
- name: nginx-config - name: nginx-config
mountPath: "/etc/nginx/conf.d/" mountPath: "/etc/nginx/conf.d/"
@ -170,18 +184,18 @@ spec:
mountPath: "/etc/letsencrypt" mountPath: "/etc/letsencrypt"
- name: zammad-data - name: zammad-data
mountPath: "/opt/zammad" mountPath: "/opt/zammad"
# Is it ready to work? # # Is it ready to work?
readinessProbe: # readinessProbe:
tcpSocket: # tcpSocket:
port: 443 # port: 443
initialDelaySeconds: 5 # initialDelaySeconds: 5
periodSeconds: 10 # periodSeconds: 10
# Is it still working? # # Is it still working?
livenessProbe: # livenessProbe:
tcpSocket: # tcpSocket:
port: 443 # port: 443
initialDelaySeconds: 15 # initialDelaySeconds: 15
periodSeconds: 20 # periodSeconds: 20
- name: memcached - name: memcached
image: memcached:1.6.12-alpine image: memcached:1.6.12-alpine
resources: resources:
@ -429,42 +443,7 @@ spec:
requests: requests:
storage: {{ .Values.dbsizeingb }}Gi storage: {{ .Values.dbsizeingb }}Gi
storageClassName: rook-ceph-block storageClassName: rook-ceph-block
---
apiVersion: batch/v1
kind: Job
metadata:
name: {{ tpl .Values.identifier . }}-getcert
spec:
template:
metadata:
labels:
app: {{ .Release.Name }}-zammad
spec:
restartPolicy: Never
containers:
- name: certbot
image: ungleich/ungleich-certbot
ports:
- containerPort: 80
env:
- name: ONLYGETCERT
value: "yes"
- name: DOMAIN
value: "{{ tpl .Values.fqdn . }}"
- name: EMAIL
value: "{{ .Values.email }}"
{{ if eq .Values.letsencryptStaging "no" }}
- name: STAGING
value: "no"
{{ end }}
volumeMounts:
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
volumes:
- name: etcletsencrypt
persistentVolumeClaim:
claimName: {{ tpl .Values.identifier . }}-letsencrypt-certs
backoffLimit: 3
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret