apiVersion: apps/v1 kind: Deployment metadata: name: itop namespace: itop spec: replicas: 1 selector: matchLabels: app: itop template: metadata: labels: app: itop spec: securityContext: fsGroup: 33 # ensures www-data can write to volumes containers: - name: itop image: vbkunin/itop:latest imagePullPolicy: Always ports: - containerPort: 80 env: - name: ITOP_DB_HOST value: mariadb.mariadb - name: ITOP_DB_NAME value: itop - name: ITOP_DB_USER value: itop - name: ITOP_DB_PASS value: itop volumeMounts: - name: conf mountPath: /var/www/html/conf - name: env-production mountPath: /var/www/html/env-production - name: data mountPath: /var/www/html/data - name: log mountPath: /var/www/html/log - name: extensions mountPath: /var/www/html/extensions - name: apache2-logs mountPath: /var/log/apache2 volumes: - name: conf persistentVolumeClaim: claimName: itop-conf-pvc - name: env-production persistentVolumeClaim: claimName: itop-env-pvc - name: data persistentVolumeClaim: claimName: itop-data-pvc - name: log persistentVolumeClaim: claimName: itop-log-pvc - name: extensions persistentVolumeClaim: claimName: itop-extensions-pvc - name: apache2-logs persistentVolumeClaim: claimName: itop-apache2-logs-pvc --- apiVersion: v1 kind: Service metadata: name: itop namespace: itop spec: selector: app.kubernetes.io/name: itop ports: - protocol: TCP port: 80 targetPort: 80 selector: app: itop --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: itop-http namespace: itop spec: entryPoints: - web routes: - match: Host(`itop-dev.allarddcs.nl`) kind: Rule services: - name: itop port: 80 --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: itop-tls namespace: itop spec: entryPoints: - websecure routes: - match: Host(`itop-dev.allarddcs.nl`) kind: Rule services: - name: itop port: 80 tls: certResolver: letsencrypt