sjenkins/Anterior-IaC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Anterior-IaC/uisp/templates/deployment.yaml
sjenkins 770eb1a5db work towards stable
2025-03-05 16:15:22 -06:00

333 lines
7.6 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: fluentd
spec:
replicas: 1
selector:
matchLabels:
app: fluentd
template:
metadata:
labels:
app: fluentd
spec:
containers:
- name: fluentd
image: ubnt/unms-fluentd:2.4.188
ports:
- containerPort: 24224
volumeMounts:
- name: logs
mountPath: /fluentd/log
envFrom:
- configMapRef:
name: fluentd-config
volumes:
- name: logs
persistentVolumeClaim:
claimName: fluentd-logs-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: siridb
spec:
replicas: 1
selector:
matchLabels:
app: siridb
template:
metadata:
labels:
app: siridb
spec:
containers:
- name: siridb
image: ubnt/unms-siridb:2.4.188
volumeMounts:
- name: siridb-data
mountPath: /var/lib/siridb
- name: siridb-cores
mountPath: /cores
envFrom:
- configMapRef:
name: siridb-config
securityContext:
capabilities:
add: ["SYS_PTRACE"]
volumes:
- name: siridb-data
persistentVolumeClaim:
claimName: siridb-data-pvc
- name: siridb-cores
persistentVolumeClaim:
claimName: siridb-cores-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
spec:
replicas: 1
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
initContainers:
- name: init-postgres
image: busybox
command: ["sh", "-c"]
args:
- |
mkdir -p /var/lib/postgresql/data/pgdata
chown -R 999:999 /var/lib/postgresql/data/pgdata
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
containers:
- name: postgres
image: ubnt/unms-postgres:2.4.188
args: ["postgres", "-c", "deadlock_timeout=5000", "-c", "max_connections=570"]
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
envFrom:
- configMapRef:
name: postgres-config
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: uisp-secrets
key: POSTGRES_PASSWORD
- name: UNMS_POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: uisp-secrets
key: UNMS_POSTGRES_PASSWORD
- name: UCRM_POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: uisp-secrets
key: UCRM_POSTGRES_PASSWORD
volumes:
- name: postgres-data
persistentVolumeClaim:
claimName: postgres-data-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: rabbitmq
spec:
replicas: 1
selector:
matchLabels:
app: rabbitmq
template:
metadata:
labels:
app: rabbitmq
spec:
containers:
- name: rabbitmq
image: rabbitmq:3.7.28-alpine
ports:
- containerPort: 5672
volumeMounts:
- name: rabbitmq-data
mountPath: /var/lib/rabbitmq
envFrom:
- configMapRef:
name: rabbitmq-config
volumes:
- name: rabbitmq-data
persistentVolumeClaim:
claimName: rabbitmq-data-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: unms
spec:
replicas: 1
selector:
matchLabels:
app: unms
template:
metadata:
labels:
app: unms
spec:
containers:
- name: unms
image: ubnt/unms:2.4.188
ports:
- containerPort: 81
- containerPort: 443
- containerPort: 8081
- containerPort: 8082
- containerPort: 8083
volumeMounts:
- name: unms-data
mountPath: /home/app/unms/data
envFrom:
- configMapRef:
name: unms-config
env:
- name: UNMS_PG_PASSWORD
valueFrom:
secretKeyRef:
name: uisp-secrets
key: UNMS_POSTGRES_PASSWORD
- name: SECURE_LINK_SECRET
valueFrom:
configMapKeyRef:
name: unms-config
key: SECURE_LINK_SECRET
securityContext:
capabilities:
add: ["NET_ADMIN"]
volumes:
- name: unms-data
persistentVolumeClaim:
claimName: unms-data-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ucrm
spec:
replicas: 1
selector:
matchLabels:
app: ucrm
template:
metadata:
labels:
app: ucrm
spec:
containers:
- name: ucrm
image: ubnt/unms-crm:4.4.30
ports:
- containerPort: 81
- containerPort: 443
args: ["server_with_migrate"]
volumeMounts:
- name: ucrm-data
mountPath: /data
envFrom:
- configMapRef:
name: ucrm-config
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: uisp-secrets
key: UCRM_POSTGRES_PASSWORD
volumes:
- name: ucrm-data
persistentVolumeClaim:
claimName: ucrm-data-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
spec:
replicas: 1
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
dnsPolicy: ClusterFirst
initContainers:
- name: init-cert-generator
image: alpine:3.12
command: ["/bin/sh", "-c"]
args:
- |
# Install OpenSSL
apk add --no-cache openssl
# Ensure the /cert directory exists and has the correct permissions
mkdir -p /cert
chown 1000:1000 /cert
chmod 700 /cert
# Generate SSL certificate keys
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /cert/nginx.key -out /cert/nginx.crt -subj "/CN=localhost"
volumeMounts:
- name: cert
mountPath: /cert
# initContainers:
# - name: init-cert-generator
# image: alpine:3.12
# command: ["/bin/sh", "-c"]
# args:
# - |
# # Ensure the /cert directory exists and has the correct permissions
# mkdir -p /cert
# chown 1000:1000 /cert
# chmod 700 /cert
containers:
- name: nginx
image: ubnt/unms-nginx:2.4.188
ports:
- containerPort: 80
- containerPort: 443
- containerPort: 81
- containerPort: 8089
volumeMounts:
- name: cert
mountPath: /cert
- name: firmwares
mountPath: /www/firmwares
envFrom:
- configMapRef:
name: nginx-config
env:
- name: SECURE_LINK_SECRET
valueFrom:
configMapKeyRef:
name: unms-config
key: SECURE_LINK_SECRET
volumes:
- name: cert
persistentVolumeClaim:
claimName: nginx-cert-pvc
- name: firmwares
persistentVolumeClaim:
claimName: nginx-firmwares-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: netflow
spec:
replicas: 1
selector:
matchLabels:
app: netflow
template:
metadata:
labels:
app: netflow
spec:
containers:
- name: netflow
image: ubnt/unms-netflow:2.4.188
ports:
- containerPort: 2055
protocol: UDP
envFrom:
- configMapRef:
name: netflow-config
Reference in New Issue View Git Blame Copy Permalink