177 lines
3.7 KiB
YAML
177 lines
3.7 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: unifi-app
|
|
namespace: unifi
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 10Gi
|
|
storageClassName: unifi
|
|
---
|
|
kind: StatefulSet
|
|
apiVersion: apps/v1
|
|
metadata:
|
|
name: unifi
|
|
namespace: unifi
|
|
spec:
|
|
serviceName: "unifi"
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
name: unifi
|
|
template:
|
|
metadata:
|
|
name: unifi
|
|
labels:
|
|
name: unifi
|
|
spec:
|
|
containers:
|
|
- name: unifi
|
|
image: lscr.io/linuxserver/unifi-network-application:latest
|
|
env:
|
|
- name: PUID
|
|
value: '1000'
|
|
- name: GUID
|
|
value: '1000'
|
|
- name: TZ
|
|
value: Etc/UTC
|
|
envFrom:
|
|
- secretRef:
|
|
name: unifi
|
|
ports:
|
|
- containerPort: 3478
|
|
protocol: UDP
|
|
- containerPort: 10001
|
|
protocol: UDP
|
|
- containerPort: 8080
|
|
protocol: TCP
|
|
- containerPort: 8443
|
|
protocol: TCP
|
|
- containerPort: 1900
|
|
protocol: UDP
|
|
- containerPort: 8843
|
|
protocol: TCP
|
|
- containerPort: 8880
|
|
protocol: TCP
|
|
- containerPort: 6789
|
|
protocol: TCP
|
|
- containerPort: 5514
|
|
protocol: UDP
|
|
volumeMounts:
|
|
- name: unifi-persistent-storage
|
|
mountPath: /config
|
|
volumes:
|
|
- name: unifi-persistent-storage
|
|
persistentVolumeClaim:
|
|
claimName: unifi-app
|
|
---
|
|
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: lb-unifi
|
|
namespace: unifi
|
|
annotations:
|
|
metallb.io/allow-shared-ip: 'true'
|
|
traefik.ingress.kubernetes.io/service.serverstransport: unifi-unifi@kubernetescrd
|
|
spec:
|
|
type: LoadBalancer
|
|
externalTrafficPolicy: Local
|
|
loadBalancerIP: 172.21.102.1
|
|
selector:
|
|
name: unifi
|
|
ports:
|
|
- name: '8080'
|
|
protocol: TCP
|
|
port: 8080
|
|
targetPort: 8080
|
|
- name: '8443'
|
|
protocol: TCP
|
|
port: 8443
|
|
targetPort: 8443
|
|
- name: '1900'
|
|
protocol: TCP
|
|
port: 1900
|
|
targetPort: 1900
|
|
- name: '8843'
|
|
protocol: TCP
|
|
port: 8843
|
|
targetPort: 8843
|
|
- name: '8880'
|
|
protocol: TCP
|
|
port: 8880
|
|
targetPort: 8880
|
|
- name: '6789'
|
|
protocol: TCP
|
|
port: 6789
|
|
targetPort: 6789
|
|
---
|
|
kind: Service
|
|
apiVersion: v1
|
|
metadata:
|
|
name: lb-unifi-udp
|
|
namespace: unifi
|
|
annotations:
|
|
metallb.io/allow-shared-ip: 'true'
|
|
spec:
|
|
type: LoadBalancer
|
|
externalTrafficPolicy: Local
|
|
loadBalancerIP: 172.21.102.1
|
|
selector:
|
|
name: unifi
|
|
ports:
|
|
- name: '3478'
|
|
protocol: UDP
|
|
port: 3478
|
|
targetPort: 3478
|
|
- name: '10001'
|
|
protocol: UDP
|
|
port: 10001
|
|
targetPort: 10001
|
|
- name: '5514'
|
|
protocol: UDP
|
|
port: 5514
|
|
targetPort: 5514
|
|
---
|
|
apiVersion: traefik.io/v1alpha1
|
|
kind: ServersTransport
|
|
metadata:
|
|
name: unifi
|
|
namespace: unifi
|
|
spec:
|
|
insecureSkipVerify: true
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: unifi
|
|
namespace: unifi
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
kubernetes.io/ingress.class: traefik
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
|
|
spec:
|
|
rules:
|
|
- host: "unifi.k-space.ee"
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: lb-unifi
|
|
port:
|
|
number: 8443
|
|
---
|
|
apiVersion: codemowers.cloud/v1beta1
|
|
kind: OIDCMiddlewareClient
|
|
metadata:
|
|
name: unifi
|
|
namespace: unifi
|
|
spec:
|
|
uri: 'https://unifi.k-space.ee/'
|