Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 565fcdcedf7b4d0e3fbdb87d14d4410a2026e0ce / . / apps / nebula / install.yaml
blob: 16a22ca9881231881d6dffef183c46d818910da4 [file] [log] [blame]
giolekva565fcdc2021-09-23 18:34:30 +0400[diff] [blame^]1---
2apiVersion: v1
3kind: Namespace
4metadata:
5 name: app-nebula
6---
7apiVersion: v1
8kind: Service
9metadata:
10 name: nebula
11 namespace: app-nebula
12spec:
13 type: LoadBalancer
14 selector:
15 app: nebula
16 ports:
17 - name: nebula
18 port: 4242
19 targetPort: nebula
20 protocol: UDP
21# ---
22# apiVersion: networking.k8s.io/v1
23# kind: Ingress
24# metadata:
25# name: ingress
26# namespace: app-nebula
27# annotations:
28# cert-manager.io/cluster-issuer: "letsencrypt-prod"
29# acme.cert-manager.io/http01-edit-in-place: "true"
30# spec:
31# ingressClassName: nginx
32# tls:
33# - hosts:
34# - woof.lekva.me
35# secretName: cert-woof.lekva.me
36# rules:
37# - host: woof.lekva.me
38# http:
39# paths:
40# - path: /
41# pathType: Prefix
42# backend:
43# service:
44# name: nebula
45# port:
46# name: http
47---
48apiVersion: apps/v1
49kind: Deployment
50metadata:
51 name: nebula
52 namespace: app-nebula
53spec:
54 selector:
55 matchLabels:
56 app: nebula
57 replicas: 1
58 template:
59 metadata:
60 labels:
61 app: nebula
62 spec:
63 volumes:
64 - name: lighthouse-cert
65 configMap:
66 name: lighthouse-cert
67 - name: ca-cert
68 configMap:
69 name: ca-cert
70 - name: config
71 configMap:
72 name: lighthouse-config
73 containers:
74 - name: nebula
75 image: giolekva/nebula:latest
76 imagePullPolicy: IfNotPresent
77 securityContext:
78 capabilities:
79 add:
80 - NET_ADMIN
81 privileged: true
82 ports:
83 - name: nebula
84 containerPort: 4242
85 protocol: UDP
86 command: ["nebula", "--config=/etc/nebula/config/lighthouse.yaml"]
87 volumeMounts:
88 - name: lighthouse-cert
89 mountPath: /etc/nebula/lighthouse
90 - name: ca-cert
91 mountPath: /etc/nebula/ca
92 - name: config
93 mountPath: /etc/nebula/config