--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-bind9 spec: selector: matchLabels: app: {{ .Release.Name }}-bind9 replicas: 1 template: metadata: labels: app: {{ .Release.Name }}-bind9 use-as-service: {{ .Release.Name }} spec: initContainers: containers: - name: bind9 image: resystit/bind9:latest ports: - containerPort: 53 volumeMounts: - name: bind9config mountPath: "/etc/bind" volumes: - name: bind9config persistentVolumeClaim: claimName: {{ .Release.Name }}-bind9config --- apiVersion: v1 kind: Service metadata: name: {{ tpl .Values.identifier . }} labels: app: {{ tpl .Values.identifier . }} spec: type: ClusterIP ports: - protocol: TCP port: 53 name: dns-tcp - protocol: UDP port: 53 name: dns-udp selector: use-as-service: {{ .Release.Name }} --- apiVersion: v1 kind: ConfigMap metadata: name: {{ tpl .Values.identifier . }}-bind9config data: {{ tpl (.Files.Glob "bind9/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ tpl .Values.identifier . }}-letsencrypt-certs spec: accessModes: - ReadWriteMany resources: requests: storage: 50Mi storageClassName: rook-cephfs --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ tpl .Values.identifier . }}-data spec: accessModes: - ReadWriteMany resources: requests: storage: 100Mi storageClassName: rook-cephfs --- apiVersion: batch/v1 kind: Job metadata: name: {{ tpl .Values.identifier . }}-getcert spec: template: metadata: labels: app: certbot-letsencrypt-getcert use-as-service: {{ .Release.Name }} spec: restartPolicy: Never containers: - name: certbot image: ungleich/ungleich-certbot ports: - containerPort: 80 env: - name: DOMAIN value: "{{ tpl .Values.fqdn . }}" - name: EMAIL value: "{{ .Values.email }}" {{ if eq .Values.letsencryptStaging "no" }} - name: STAGING value: "no" {{ end }} volumeMounts: - name: etcletsencrypt mountPath: "/etc/letsencrypt" volumes: - name: etcletsencrypt persistentVolumeClaim: claimName: {{ tpl .Values.identifier . }}-letsencrypt-certs backoffLimit: 3