--- apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }}-nginx spec: selector: matchLabels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: nginx replicas: 1 template: metadata: labels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: nginx spec: containers: - name: nginx image: ungleich/ungleich-certbot:0.3.2 ports: - containerPort: 443 name: https - containerPort: 80 name: http env: - name: DOMAIN value: "{{ tpl .Values.fqdn . }}" - name: EMAIL value: "{{ .Values.email }}" - name: NGINX value: "yes" {{ if eq .Values.letsencryptStaging "no" }} - name: STAGING value: "no" {{ end }} volumeMounts: - name: nginx-config mountPath: "/etc/nginx/conf.d/" - name: etcletsencrypt mountPath: "/etc/letsencrypt" volumes: - name: etcletsencrypt persistentVolumeClaim: claimName: {{ .Release.Name }}-letsencrypt-certs - name: nginx-config configMap: name: {{ .Release.Name }}-nginx-config --- apiVersion: v1 kind: Service metadata: name: {{ .Release.Name }} labels: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: nginx spec: type: ClusterIP ports: - port: 80 name: http - port: 443 name: https selector: app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/component: nginx --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: {{ .Release.Name }}-letsencrypt-certs spec: accessModes: - ReadWriteOnce resources: requests: storage: {{ .Values.storage.letsencrypt.size }} storageClassName: {{ .Values.storage.letsencrypt.storageClass }}