Jonas Juselius
211 lines
5.5 KiB
YAML
211 lines
5.5 KiB
YAML
---
|
|
# Source: geoserver/templates/serviceaccount.yaml
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: geoserver
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
---
|
|
# Source: geoserver/templates/secrets.yaml
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: geoserver
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
data:
|
|
geoserver_admin_password: "Z2Vvc2VydmVy"
|
|
---
|
|
# Source: geoserver/templates/persistence.yaml
|
|
kind: PersistentVolumeClaim
|
|
apiVersion: v1
|
|
metadata:
|
|
name: geoserver
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: "10Gi"
|
|
---
|
|
# Source: geoserver/templates/service.yaml
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: geoserver
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 8080
|
|
targetPort: geoserver
|
|
protocol: TCP
|
|
name: geoserver
|
|
selector:
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
---
|
|
# Source: geoserver/templates/deployment.yaml
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: geoserver
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
strategy:
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
spec:
|
|
serviceAccountName: geoserver
|
|
securityContext:
|
|
fsGroup: 2000
|
|
containers:
|
|
- name: geoserver
|
|
securityContext:
|
|
allowPrivilegeEscalation: true
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: false
|
|
runAsUser: 0
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
image: "docker.osgeo.org/geoserver:2.23.1"
|
|
imagePullPolicy: IfNotPresent
|
|
env:
|
|
- name: INSTALL_EXTENSIONS
|
|
value: "false"
|
|
- name: STABLE_EXTENSIONS
|
|
value: ""
|
|
- name: CORS_ENABLED
|
|
value: "true"
|
|
- name: GEOSERVER_CSRF_WHITELIST
|
|
value: "geoserver.beta.oceanbox.io"
|
|
- name: SKIP_DEMO_DATA
|
|
value: "true"
|
|
- name: EXTRA_JAVA_OPTS
|
|
value: "-Xms512m -Xmx2g"
|
|
- name: GEOSERVER_ADMIN_USER
|
|
value: admin
|
|
- name: GEOSERVER_ADMIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: geoserver
|
|
key: geoserver_admin_password
|
|
ports:
|
|
- name: geoserver
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
volumeMounts:
|
|
- name: geoserver
|
|
mountPath: /opt/geoserver_data
|
|
startupProbe:
|
|
httpGet:
|
|
path: /geoserver/web
|
|
port: geoserver
|
|
failureThreshold: 10
|
|
periodSeconds: 30
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /geoserver/web
|
|
port: geoserver
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /geoserver/web
|
|
port: geoserver
|
|
resources:
|
|
{}
|
|
volumes:
|
|
- name: geoserver
|
|
persistentVolumeClaim:
|
|
claimName: geoserver
|
|
---
|
|
# Source: geoserver/templates/ingress.yaml
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: geoserver
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-staging
|
|
nginx.ingress.kubernetes.io/backend-protocol: HTTP
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- "geoserver.beta.oceanbox.io"
|
|
secretName: staging-geoserver-tls
|
|
rules:
|
|
- host: "geoserver.beta.oceanbox.io"
|
|
http:
|
|
paths:
|
|
- path: /geoserver/
|
|
pathType: ImplementationSpecific
|
|
backend:
|
|
service:
|
|
name: geoserver
|
|
port:
|
|
number: 8080
|
|
---
|
|
# Source: geoserver/templates/tests/test-connection.yaml
|
|
apiVersion: v1
|
|
kind: Pod
|
|
metadata:
|
|
name: "geoserver-test-connection"
|
|
labels:
|
|
helm.sh/chart: geoserver-1.1.0
|
|
app.kubernetes.io/name: geoserver
|
|
app.kubernetes.io/instance: staging
|
|
app.kubernetes.io/version: "2.23.1"
|
|
app.kubernetes.io/managed-by: Helm
|
|
annotations:
|
|
"helm.sh/hook": test
|
|
spec:
|
|
containers:
|
|
- name: wget
|
|
image: busybox
|
|
command: ['wget']
|
|
args: ['geoserver:8080']
|
|
restartPolicy: Never
|