# vim: syntax=yaml:ts=2:et apiVersion: v1 kind: Namespace metadata: name: portfolio --- apiVersion: v1 kind: Service metadata: name: website namespace: portfolio labels: app: portfolio spec: ports: - port: 80 selector: app: portfolio tier: website --- apiVersion: v1 kind: Service metadata: name: mysql namespace: portfolio labels: app: portfolio spec: ports: - port: 3306 selector: app: portfolio tier: mysql --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: mysql-pvc namespace: portfolio labels: app: portfolio spec: accessModes: - ReadWriteOnce resources: requests: storage: 2Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: website namespace: portfolio labels: app: portfolio spec: selector: matchLabels: app: portfolio tier: website template: metadata: namespace: portfolio labels: app: portfolio tier: website spec: containers: - image: website-image imagePullPolicy: Always name: website ports: - containerPort: 80 name: http volumeMounts: - name: env mountPath: /app/.env subPath: .env.production volumes: - name: env configMap: name: env-cm imagePullSecrets: - name: chaoticlogic-registry-login nodeSelector: beta.kubernetes.io/arch: amd64 --- apiVersion: apps/v1 kind: Deployment metadata: name: mysql namespace: portfolio labels: app: portfolio spec: selector: matchLabels: app: portfolio tier: mysql strategy: type: Recreate template: metadata: namespace: portfolio labels: app: portfolio tier: mysql spec: containers: - image: mysql:5 name: mysql env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: mysql-pass key: password ports: - containerPort: 3306 name: mysql volumeMounts: - name: mysql-persistent-storage mountPath: /var/lib/mysql volumes: - name: mysql-persistent-storage persistentVolumeClaim: claimName: mysql-pvc nodeSelector: on-master: "true" beta.kubernetes.io/arch: amd64 --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: ingress-https namespace: portfolio spec: entryPoints: - https routes: - match: Host(`danieldecloet.nl`) kind: Rule middlewares: - name: www-redirect services: - name: website port: 80 tls: certResolver: letsencrypt --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: ingress-http namespace: portfolio spec: entryPoints: - http routes: - match: Host(`danieldecloet.nl`) kind: Rule middlewares: - name: https-redirect - name: www-redirect services: - name: website port: 80 --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: ingress-https-www namespace: portfolio spec: entryPoints: - https routes: - match: Host(`www.danieldecloet.nl`) kind: Rule services: - name: website port: 80 tls: certResolver: letsencrypt --- apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: ingress-http-www namespace: portfolio spec: entryPoints: - http routes: - match: Host(`www.danieldecloet.nl`) kind: Rule middlewares: - name: https-redirect services: - name: website port: 80 --- apiVersion: traefik.containo.us/v1alpha1 kind: Middleware metadata: name: https-redirect namespace: portfolio spec: redirectScheme: scheme: https permanent: true --- apiVersion: traefik.containo.us/v1alpha1 kind: Middleware metadata: name: www-redirect namespace: portfolio spec: redirectRegex: regex: ^(https?://)danieldecloet.nl/(.*)$ replacement: ${1}www.danieldecloet.nl/${2} permanent: true