--- apiVersion: v1 kind: Service metadata: name: drone spec: type: ClusterIP ports: - port: 80 targetPort: http protocol: TCP name: http selector: app: drone --- apiVersion: apps/v1 kind: StatefulSet metadata: name: drone annotations: keel.sh/policy: minor keel.sh/trigger: poll keel.sh/pollSchedule: "@midnight" spec: serviceName: drone replicas: 1 selector: matchLabels: app: drone template: metadata: labels: app: drone spec: automountServiceAccountToken: false securityContext: {} containers: - name: server securityContext: {} image: drone/drone:2 ports: - name: http containerPort: 80 protocol: TCP livenessProbe: httpGet: path: / port: http env: - name: DRONE_GITEA_SERVER value: https://git.k-space.ee - name: DRONE_GIT_ALWAYS_AUTH value: "false" - name: DRONE_SERVER_HOST value: drone.k-space.ee - name: DRONE_SERVER_PROTO value: https - name: DRONE_USER_CREATE value: username:lauri,admin:true - name: DRONE_DEBUG value: "true" - name: DRONE_TRACE value: "true" envFrom: - secretRef: name: application-secrets volumeMounts: - name: drone-data mountPath: /data volumeClaimTemplates: - metadata: name: drone-data spec: storageClassName: longhorn accessModes: - ReadWriteOnce resources: requests: storage: 8Gi --- apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: name: redirect spec: redirectRegex: regex: ^https://(.*)/register$ replacement: https://${1}/ permanent: false --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: drone annotations: external-dns.alpha.kubernetes.io/target: traefik.k-space.ee kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" traefik.ingress.kubernetes.io/router.middlewares: drone-redirect@kubernetescrd spec: tls: - hosts: - "*.k-space.ee" rules: - host: "drone.k-space.ee" http: paths: - pathType: Prefix path: / backend: service: name: drone port: number: 80