apiVersion: apps/v1 kind: Deployment metadata: name: phpmyadmin labels: app: phpmyadmin spec: # phpMyAdmin session handling is not really compatible with more replicas replicas: 1 selector: matchLabels: app: phpmyadmin template: metadata: labels: app: phpmyadmin spec: containers: - name: phpmyadmin image: phpmyadmin/phpmyadmin ports: - name: web containerPort: 80 protocol: TCP env: - name: PMA_ARBITRARY value: "1" - name: PMA_HOSTS value: mysql-cluster.authelia,mysql-cluster.etherpad,mariadb.authelia,mariadb.nextcloud,172.20.36.1 - name: PMA_PORTS value: 6446,6446,3306,3306,3306 - name: PMA_ABSOLUTE_URI value: https://phpmyadmin.k-space.ee/ - name: UPLOAD_LIMIT value: 10G --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: phpmyadmin annotations: kubernetes.io/ingress.class: traefik cert-manager.io/cluster-issuer: default traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.middlewares: traefik-sso@kubernetescrd traefik.ingress.kubernetes.io/router.tls: "true" external-dns.alpha.kubernetes.io/target: traefik.k-space.ee spec: rules: - host: phpmyadmin.k-space.ee http: paths: - pathType: Prefix path: "/" backend: service: name: phpmyadmin port: number: 80 tls: - hosts: - phpmyadmin.k-space.ee secretName: phpmyadmin-tls --- apiVersion: v1 kind: Service metadata: name: phpmyadmin labels: app: phpmyadmin spec: selector: app: phpmyadmin ports: - protocol: TCP port: 80 targetPort: 80 --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: phpmyadmin spec: podSelector: matchLabels: app: phpmyadmin policyTypes: - Ingress - Egress ingress: - from: - namespaceSelector: matchLabels: kubernetes.io/metadata.name: traefik ports: - protocol: TCP port: 80 egress: - # Allow connecting to MySQL instance in any namespace to: - namespaceSelector: {} ports: - port: 6446 - # Allow connecting to any MySQL instance outside the cluster to: - ipBlock: cidr: 0.0.0.0/0 ports: - protocol: TCP port: 3306