homelab/archive/2022.07.bxl-k3s-pi/apps/portal/app.yaml

apiVersion: v1
kind: Namespace
metadata:
  name: portal

---

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: heimdall-pvc
  namespace: portal
spec:
  storageClassName: longhorn-static
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 100Mi

---

apiVersion: apps/v1
kind: Deployment
metadata:
  name: heimdall
  namespace: portal
  labels:
    app: heimdall
  annotations:
    reloader.stakater.com/auto: "true"
spec:
  replicas: 1
  revisionHistoryLimit: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: heimdall
  template:
    metadata:
      labels:
        app: heimdall
    spec:
      containers:
      - name: heimdall
        image: lscr.io/linuxserver/heimdall:latest
        imagePullPolicy: IfNotPresent
        ports:
        - name: svc-ui
          containerPort: 80
          protocol: TCP
        volumeMounts:
        - name: heimdall
          mountPath: /config
        # - name: heimdall-config
        #   mountPath: /config/www/.env
        #   subPath: .env
        # - name: heimdall-config
        #   mountPath: /config/www/app.sqlite
        #   subPath: empty.sqlite
      volumes:
      - name: heimdall
        persistentVolumeClaim:
          claimName: heimdall-pvc
      # - name: heimdall-config
      #   secret:
      #     secretName: heimdall
  
---

apiVersion: v1
kind: Service
metadata:
  name: heimdall
  namespace: portal
spec:
  type: ClusterIP
  selector:
    app: heimdall
  ports:
  - name: http
    port: 80
    protocol: TCP

---

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: heimdall
  namespace: portal
  annotations:
    cert-manager.io/cluster-issuer: "bhasherca-k3s-issuer"
    cert-manager.io/common-name: "portal.bhasher.com"
    nginx.ingress.kubernetes.io/auth-signin: https://idp.bhasher.com
    nginx.ingress.kubernetes.io/auth-snippet: proxy_set_header X-Forwarded-Method $request_method;
    nginx.ingress.kubernetes.io/auth-url: https://idp.bhasher.com/api/verify
    nginx.ingress.kubernetes.io/configuration-snippet: proxy_set_header X-Forwarded-Method $request_method;
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - portal.bhasher.com
    secretName: portal-tls
  rules:
  - host: portal.bhasher.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: heimdall
            port:
              number: 80
Archives 2023-04-16 15:04:06 +02:00			`apiVersion: v1`
			`kind: Namespace`
			`metadata:`
			`name: portal`

			`---`

			`apiVersion: v1`
			`kind: PersistentVolumeClaim`
			`metadata:`
			`name: heimdall-pvc`
			`namespace: portal`
			`spec:`
			`storageClassName: longhorn-static`
			`accessModes:`
			`- ReadWriteOnce`
			`resources:`
			`requests:`
			`storage: 100Mi`

			`---`

			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: heimdall`
			`namespace: portal`
			`labels:`
			`app: heimdall`
			`annotations:`
			`reloader.stakater.com/auto: "true"`
			`spec:`
			`replicas: 1`
			`revisionHistoryLimit: 1`
			`strategy:`
			`type: Recreate`
			`selector:`
			`matchLabels:`
			`app: heimdall`
			`template:`
			`metadata:`
			`labels:`
			`app: heimdall`
			`spec:`
			`containers:`
			`- name: heimdall`
			`image: lscr.io/linuxserver/heimdall:latest`
			`imagePullPolicy: IfNotPresent`
			`ports:`
			`- name: svc-ui`
			`containerPort: 80`
			`protocol: TCP`
			`volumeMounts:`
			`- name: heimdall`
			`mountPath: /config`
			`# - name: heimdall-config`
			`# mountPath: /config/www/.env`
			`# subPath: .env`
			`# - name: heimdall-config`
			`# mountPath: /config/www/app.sqlite`
			`# subPath: empty.sqlite`
			`volumes:`
			`- name: heimdall`
			`persistentVolumeClaim:`
			`claimName: heimdall-pvc`
			`# - name: heimdall-config`
			`# secret:`
			`# secretName: heimdall`

			`---`

			`apiVersion: v1`
			`kind: Service`
			`metadata:`
			`name: heimdall`
			`namespace: portal`
			`spec:`
			`type: ClusterIP`
			`selector:`
			`app: heimdall`
			`ports:`
			`- name: http`
			`port: 80`
			`protocol: TCP`

			`---`

			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: heimdall`
			`namespace: portal`
			`annotations:`
			`cert-manager.io/cluster-issuer: "bhasherca-k3s-issuer"`
			`cert-manager.io/common-name: "portal.bhasher.com"`
			`nginx.ingress.kubernetes.io/auth-signin: https://idp.bhasher.com`
			`nginx.ingress.kubernetes.io/auth-snippet: proxy_set_header X-Forwarded-Method $request_method;`
			`nginx.ingress.kubernetes.io/auth-url: https://idp.bhasher.com/api/verify`
			`nginx.ingress.kubernetes.io/configuration-snippet: proxy_set_header X-Forwarded-Method $request_method;`
			`spec:`
			`ingressClassName: nginx`
			`tls:`
			`- hosts:`
			`- portal.bhasher.com`
			`secretName: portal-tls`
			`rules:`
			`- host: portal.bhasher.com`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: heimdall`
			`port:`
			`number: 80`