apiVersion: v1 kind: ConfigMap metadata: name: application-config data: DRONE_GITEA_SERVER: "https://git.k-space.ee" DRONE_GIT_ALWAYS_AUTH: "false" DRONE_PROMETHEUS_ANONYMOUS_ACCESS: "true" DRONE_SERVER_HOST: "drone.k-space.ee" DRONE_SERVER_PROTO: "https" DRONE_USER_CREATE: "username:lauri,admin:true" --- apiVersion: v1 kind: Service metadata: name: drone spec: type: ClusterIP ports: - port: 80 targetPort: http protocol: TCP name: http selector: app: drone --- apiVersion: apps/v1 kind: StatefulSet metadata: name: drone annotations: keel.sh/policy: minor keel.sh/trigger: poll keel.sh/pollSchedule: "@midnight" spec: serviceName: drone replicas: 1 selector: matchLabels: app: drone template: metadata: labels: app: drone spec: automountServiceAccountToken: false securityContext: {} containers: - name: server securityContext: {} image: drone/drone:2 ports: - name: http containerPort: 80 protocol: TCP livenessProbe: httpGet: path: / port: http envFrom: - secretRef: name: application-secrets - configMapRef: name: application-config volumeMounts: - name: drone-data mountPath: /data volumeClaimTemplates: - metadata: name: drone-data spec: storageClassName: longhorn accessModes: - ReadWriteOnce resources: requests: storage: 8Gi --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: drone annotations: external-dns.alpha.kubernetes.io/target: traefik.k-space.ee kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" spec: tls: - hosts: - "*.k-space.ee" rules: - host: "drone.k-space.ee" http: paths: - pathType: Prefix path: / backend: service: name: drone port: number: 80