38def02bf4
- Add new command "front" with flags for replica count and vendor - Implement front app build logic in maker.AppFront method - Add minio to make command list - Add minio and minio-init images to image list - Change EMQX dependency path to "dependency/emqx" - Update app OEM logic to use model.GetVendor for vendor info - Fix app OEM download and rename logic with updated vendor fields - Modify nginx deployment manifest to allow configurable replicas - Update user app mysql address to mysql-cluster-mysql-master.db-mysql:3306 - Add server_license_init.conf generation script for configmap upsert - Clean and reformat imports across several files - Remove unused package files for make.mysql.go, make.redis.go, make.longhorn.go
210 lines
6.1 KiB
YAML
210 lines
6.1 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: nginx-deployment
|
|
namespace: hsv2
|
|
spec:
|
|
replicas: %d
|
|
selector:
|
|
matchLabels:
|
|
app: nginx
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: nginx
|
|
spec:
|
|
topologySpreadConstraints:
|
|
- maxSkew: 1
|
|
topologyKey: kubernetes.io/hostname
|
|
whenUnsatisfiable: ScheduleAnyway
|
|
labelSelector:
|
|
matchLabels:
|
|
app: nginx
|
|
containers:
|
|
- name: nginx
|
|
image: hub.yizhisec.com/external/nginx:1.29.1-alpine3.22
|
|
imagePullPolicy: IfNotPresent
|
|
volumeMounts:
|
|
- name: nginx-main
|
|
mountPath: /etc/nginx/nginx.conf
|
|
subPath: nginx.conf
|
|
readOnly: true
|
|
- name: nginx-user
|
|
mountPath: /etc/nginx/sites-enabled/user.conf
|
|
subPath: user.conf
|
|
readOnly: true
|
|
- name: nginx-gateway
|
|
mountPath: /etc/nginx/sites-enabled/gateway.conf
|
|
subPath: gateway.conf
|
|
readOnly: true
|
|
- name: nginx-web
|
|
mountPath: /etc/nginx/sites-enabled/web.conf
|
|
subPath: web.conf
|
|
readOnly: true
|
|
- name: nginx-client
|
|
mountPath: /etc/nginx/sites-enabled/client.conf
|
|
subPath: client.conf
|
|
readOnly: true
|
|
- name: nginx-common
|
|
mountPath: /etc/nginx/common/common.conf
|
|
subPath: common.conf
|
|
readOnly: true
|
|
- name: ssl-ffdhe2048
|
|
mountPath: /etc/nginx/ssl/ffdhe2048.txt
|
|
subPath: ffdhe2048.txt
|
|
readOnly: true
|
|
- name: ssl-ca-crt
|
|
mountPath: /yizhisec/ssl/ca.crt
|
|
subPath: ca.crt
|
|
readOnly: true
|
|
- name: ssl-server-crt
|
|
mountPath: /yizhisec/ssl/server.crt
|
|
subPath: server.crt
|
|
readOnly: true
|
|
- name: ssl-server-key
|
|
mountPath: /yizhisec/ssl/server.key
|
|
subPath: server.key
|
|
readOnly: true
|
|
- name: ssl-mqtt-crt
|
|
mountPath: /etc/nginx/ssl/mqtt.server.crt
|
|
subPath: mqtt.server.crt
|
|
readOnly: true
|
|
- name: ssl-mqtt-key
|
|
mountPath: /etc/nginx/ssl/mqtt.server.key
|
|
subPath: mqtt.server.key
|
|
readOnly: true
|
|
- name: ssl-client-server-crt
|
|
mountPath: /etc/nginx/ssl/client.server.crt
|
|
subPath: client.server.crt
|
|
readOnly: true
|
|
- name: ssl-client-server-key
|
|
mountPath: /etc/nginx/ssl/client.server.key
|
|
subPath: client.server.key
|
|
readOnly: true
|
|
- name: ssl-web-server-crt
|
|
mountPath: /etc/nginx/ssl/web.server.crt
|
|
subPath: web.server.crt
|
|
readOnly: true
|
|
- name: ssl-web-server-key
|
|
mountPath: /etc/nginx/ssl/web.server.key
|
|
subPath: web.server.key
|
|
readOnly: true
|
|
volumes:
|
|
- name: nginx-main
|
|
configMap:
|
|
name: nginx-main
|
|
items:
|
|
- key: nginx.conf
|
|
path: nginx.conf
|
|
- name: nginx-user
|
|
configMap:
|
|
name: nginx-user
|
|
items:
|
|
- key: user.conf
|
|
path: user.conf
|
|
- name: nginx-gateway
|
|
configMap:
|
|
name: nginx-gateway
|
|
items:
|
|
- key: gateway.conf
|
|
path: gateway.conf
|
|
- name: nginx-web
|
|
configMap:
|
|
name: nginx-web
|
|
items:
|
|
- key: web.conf
|
|
path: web.conf
|
|
- name: nginx-client
|
|
configMap:
|
|
name: nginx-client
|
|
items:
|
|
- key: client.conf
|
|
path: client.conf
|
|
- name: nginx-common
|
|
configMap:
|
|
name: nginx-common
|
|
items:
|
|
- key: common.conf
|
|
path: common.conf
|
|
- name: ssl-ffdhe2048
|
|
configMap:
|
|
name: ssl-ffdhe2048
|
|
items:
|
|
- key: ffdhe2048.txt
|
|
path: ffdhe2048.txt
|
|
- name: ssl-ca-crt
|
|
configMap:
|
|
name: ssl-ca-crt
|
|
items:
|
|
- key: ca.crt
|
|
path: ca.crt
|
|
- name: ssl-server-crt
|
|
configMap:
|
|
name: ssl-server-crt
|
|
items:
|
|
- key: server.crt
|
|
path: server.crt
|
|
- name: ssl-server-key
|
|
configMap:
|
|
name: ssl-server-key
|
|
items:
|
|
- key: server.key
|
|
path: server.key
|
|
- name: ssl-mqtt-crt
|
|
configMap:
|
|
name: ssl-mqtt-crt
|
|
items:
|
|
- key: mqtt.server.crt
|
|
path: mqtt.server.crt
|
|
- name: ssl-mqtt-key
|
|
configMap:
|
|
name: ssl-mqtt-key
|
|
items:
|
|
- key: mqtt.server.key
|
|
path: mqtt.server.key
|
|
- name: ssl-client-server-crt
|
|
configMap:
|
|
name: ssl-client-server-crt
|
|
items:
|
|
- key: client.server.crt
|
|
path: client.server.crt
|
|
- name: ssl-client-server-key
|
|
configMap:
|
|
name: ssl-client-server-key
|
|
items:
|
|
- key: client.server.key
|
|
path: client.server.key
|
|
- name: ssl-web-server-crt
|
|
configMap:
|
|
name: ssl-web-server-crt
|
|
items:
|
|
- key: web.server.crt
|
|
path: web.server.crt
|
|
- name: ssl-web-server-key
|
|
configMap:
|
|
name: ssl-web-server-key
|
|
items:
|
|
- key: web.server.key
|
|
path: web.server.key
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: nginx-service
|
|
namespace: hsv2
|
|
spec:
|
|
selector:
|
|
app: nginx
|
|
ports:
|
|
- protocol: TCP
|
|
name: o-443
|
|
port: 443
|
|
targetPort: 23443
|
|
nodePort: 31443
|
|
- protocol: TCP
|
|
name: o-8443
|
|
port: 8443
|
|
targetPort: 8443
|
|
nodePort: 32443
|
|
type: NodePort
|