Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / e4f767b63071d41f5c0e04d671a2a37d39ab8f8f / . / scripts / homelab / installer / ingress-nginx.sh
blob: 65a45aa66e0d7285fc3ecfd64f5a1fc8ee20841c [file] [log] [blame]
giolekvae4f767b2021-10-06 16:44:20 +0400[diff] [blame^]1#!/bin/sh
2
3helm upgrade --create-namespace \
4 --namespace ingress-nginx \
5 nginx ingress-nginx/ingress-nginx \
6 --version 4.0.3 \
7 --set fullNameOverride=nginx \
8 --set controller.service.type=LoadBalancer \
9 --set controller.ingressClassByName=true \
10 --set controller.ingressClassResource.name=nginx \
11 --set controller.ingressClassResource.enabled=true \
12 --set controller.ingressClassResource.default=true \
13 --set controller.ingressClassResource.controllerValue="k8s.io/ingress-nginx" \
14 --set controller.extraArgs.default-ssl-certificate=ingress-nginx/cert-wildcard.lekva.me \
15 --set controller.config.proxy-body-size="100M" \
16 --set tcp.25="app-maddy/maddy:25" \
17 --set tcp.143="app-maddy/maddy:143" \
18 --set tcp.993="app-maddy/maddy:993" \
19 --set tcp.587="app-maddy/maddy:587" \
20 --set tcp.465="app-maddy/maddy:465"
21# # --set udp.4242="ingress-nginx-private/lighthouse:4242"
22
23# kubectl create configmap \
24# -n ingress-nginx-private \
25# lighthouse-cert \
26# --from-file ../../apps/nebula/lighthouse-cert/
27# kubectl create configmap \
28# -n ingress-nginx-private \
29# ca-cert \
30# --from-file ../../apps/nebula/ca-cert/ca.crt
31# kubectl create configmap \
32# -n ingress-nginx-private \
33# lighthouse-config \
34# --from-file ../../apps/nebula/lighthouse.yaml
35
36helm upgrade --create-namespace \
37 --namespace ingress-nginx-private \
38 nginx ingress-nginx/ingress-nginx \
39 --version 4.0.3 \
40 --set fullnameOverride=nginx-private \
41 --set controller.service.type=ClusterIP \
42 --set controller.ingressClassByName=true \
43 --set controller.ingressClassResource.name=nginx-private \
44 --set controller.ingressClassResource.enabled=true \
45 --set controller.ingressClassResource.default=false \
46 --set controller.ingressClassResource.controllerValue="k8s.io/ingress-nginx-private" \
47 --set controller.extraVolumes[0].name="lighthouse-cert" \
48 --set controller.extraVolumes[0].configMap.name="lighthouse-cert" \
49 --set controller.extraVolumes[1].name=ca-cert \
50 --set controller.extraVolumes[1].configMap.name=ca-cert \
51 --set controller.extraVolumes[2].name=config \
52 --set controller.extraVolumes[2].configMap.name=lighthouse-config \
53 --set controller.extraContainers[0].name=nebula \
54 --set controller.extraContainers[0].image=giolekva/nebula:latest \
55 --set controller.extraContainers[0].imagePullPolicy=IfNotPresent \
56 --set controller.extraContainers[0].securityContext.capabilities.add[0]=NET_ADMIN \
57 --set controller.extraContainers[0].securityContext.privileged=true \
58 --set controller.extraContainers[0].ports[0].name=nebula \
59 --set controller.extraContainers[0].ports[0].containerPort=4242 \
60 --set controller.extraContainers[0].ports[0].protocol=UDP \
61 --set controller.extraContainers[0].command[0]="nebula" \
62 --set controller.extraContainers[0].command[1]="--config=/etc/nebula/config/lighthouse.yaml" \
63 --set controller.extraContainers[0].volumeMounts[0].name=lighthouse-cert \
64 --set controller.extraContainers[0].volumeMounts[0].mountPath=/etc/nebula/lighthouse \
65 --set controller.extraContainers[0].volumeMounts[1].name=ca-cert \
66 --set controller.extraContainers[0].volumeMounts[1].mountPath=/etc/nebula/ca \
67 --set controller.extraContainers[0].volumeMounts[2].name=config \
68 --set controller.extraContainers[0].volumeMounts[2].mountPath=/etc/nebula/config \
69 --set controller.config.bind-address="111.0.0.1" \
70 --set controller.config.proxy-body-size="0" \
71 --set udp.53="pihole/pihole-dns-udp:53" \
72 --set tcp.53="pihole/pihole-dns-tcp:53"