Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f216f2ce0d1a1308d1875a1e7928339120c5ffab / . / scripts / homelab / installer / ingress-nginx.sh
blob: 05f131a01bb8b70820d3d0e6fd51da123555f80d [file] [log] [blame]
giolekvae4f767b2021-10-06 16:44:20 +0400[diff] [blame]1#!/bin/sh
2
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]3helm upgrade --create-namespace \
4 --namespace ingress-nginx \
5 nginx ingress-nginx/ingress-nginx \
6 --version 4.0.3 \
7 --set fullnameOverride=nginx \
8 --set controller.service.type=LoadBalancer \
9 --set controller.ingressClassByName=true \
10 --set controller.ingressClassResource.name=nginx \
11 --set controller.ingressClassResource.enabled=true \
12 --set controller.ingressClassResource.default=true \
13 --set controller.ingressClassResource.controllerValue="k8s.io/ingress-nginx" \
14 --set controller.extraArgs.default-ssl-certificate=ingress-nginx/cert-wildcard.lekva.me \
15 --set controller.config.proxy-body-size="100M"
giolekvae4f767b2021-10-06 16:44:20 +0400[diff] [blame]16
17# kubectl create configmap \
18# -n ingress-nginx-private \
giolekvae4f767b2021-10-06 16:44:20 +0400[diff] [blame]19# lighthouse-config \
giolekvab0f9c4f2021-10-20 12:53:50 +0400[diff] [blame]20# --from-file ../../core/nebula/lighthouse.yaml
giolekvac4e512f2021-10-24 10:38:35 +0400[diff] [blame]21# kubectl create configmap \
22# -n ingress-nginx-private \
23# nodes-lighthouse-config \
24# --from-file installer/nodes-lighthouse.yaml
giolekvae4f767b2021-10-06 16:44:20 +0400[diff] [blame]25
giolekva4a021b12021-11-03 18:12:45 +0400[diff] [blame]26# kubectl apply -f installer/nodes-infrastructure.yaml
giolekva86980ef2021-10-08 19:35:08 +0400[diff] [blame]27
28
29# kubectl apply -f installer/lighthouse-node.yaml
30
giolekva75ee2712021-11-26 13:57:12 +0400[diff] [blame]31# helm upgrade --create-namespace \
32# --namespace ingress-nginx-private \
33# nginx ingress-nginx/ingress-nginx \
34# --version 4.0.3 \
35# --set fullnameOverride=nginx-private \
36# --set controller.service.type=ClusterIP \
37# --set controller.ingressClassByName=true \
38# --set controller.ingressClassResource.name=nginx-private \
39# --set controller.ingressClassResource.enabled=true \
40# --set controller.ingressClassResource.default=false \
41# --set controller.ingressClassResource.controllerValue="k8s.io/ingress-nginx-private" \
42# --set controller.extraVolumes[0].name="lighthouse-cert" \
43# --set controller.extraVolumes[0].secret.secretName="node-lighthouse-cert" \
44# --set controller.extraVolumes[1].name=config \
45# --set controller.extraVolumes[1].configMap.name=lighthouse-config \
46# --set controller.extraContainers[0].name=lighthouse \
47# --set controller.extraContainers[0].image=giolekva/nebula:latest \
48# --set controller.extraContainers[0].imagePullPolicy=IfNotPresent \
49# --set controller.extraContainers[0].securityContext.capabilities.add[0]=NET_ADMIN \
50# --set controller.extraContainers[0].securityContext.privileged=true \
51# --set controller.extraContainers[0].ports[0].name=nebula \
52# --set controller.extraContainers[0].ports[0].containerPort=4242 \
53# --set controller.extraContainers[0].ports[0].protocol=UDP \
54# --set controller.extraContainers[0].command[0]="nebula" \
55# --set controller.extraContainers[0].command[1]="--config=/etc/nebula/config/lighthouse.yaml" \
56# --set controller.extraContainers[0].volumeMounts[0].name=lighthouse-cert \
57# --set controller.extraContainers[0].volumeMounts[0].mountPath=/etc/nebula/lighthouse \
58# --set controller.extraContainers[0].volumeMounts[1].name=config \
59# --set controller.extraContainers[0].volumeMounts[1].mountPath=/etc/nebula/config \
60# --set controller.config.bind-address="111.0.0.1" \
61# --set controller.config.proxy-body-size="0" \
62# --set udp.53="app-pihole/pihole-dns-udp:53" \
63# --set tcp.53="app-pihole/pihole-dns-tcp:53" \
64# --set tcp.143="app-maddy/maddy:143" \
65# --set tcp.465="app-maddy/maddy:465" \
66# --set tcp.587="app-maddy/maddy:587" \
67# --set tcp.993="app-maddy/maddy:993"
giolekva86980ef2021-10-08 19:35:08 +0400[diff] [blame]68
69 # # --set controller.extraVolumes[1].name=ca-cert \
70 # # --set controller.extraVolumes[1].configMap.name=ca-cert \
71
72 # # --set controller.extraContainers[0].volumeMounts[1].name=ca-cert \
73 # # --set controller.extraContainers[0].volumeMounts[1].mountPath=/etc/nebula/ca \
giolekvab0f9c4f2021-10-20 12:53:50 +0400[diff] [blame]74
75# kubectl apply -f installer/ingress-nginx-private-lightouse-service.yaml