Howto: NGINX-public_html
- create a
~/public_html/domain.tldongate0.t3m4.net sudoor ping mail@redimp.de to add the folder to/etc/exportsand runexportfs -a- create a
domain-tld.yamldefinition for a deployment, a service and an ingress andkubectl apply -f domain-tld.yamlit.
Please consider all files in the exported folders as public, since any k8s pod can mount it via nfs. name the directories accordingly, e.g. public_html or share.
k8s deployment, service and ingress
An example for an nginx deployment can be found below. Make sure to replace all the
- domain-tld
- domain.tld
- username
entries.
--- apiVersion: apps/v1 kind: Deployment metadata: name: nginx-domain-tld namespace: username-vserver spec: selector: matchLabels: app: nginx-domain-tld replicas: 1 template: metadata: labels: app: nginx-domain-tld spec: containers: - name: nginx image: nginx:1.14.2 command: - /bin/sh - -c - | sed -i '/^nginx/d' /etc/passwd sed -i '/^nginx/d' /etc/group echo "nginx:x:101:101:nginx user,,,:/nonexistent:/bin/false" >> /etc/passwd echo "nginx:x:101:" >> /etc/group nginx -g 'daemon off;' ports: - containerPort: 80 volumeMounts: - name: nfs-public-html mountPath: /usr/share/nginx/html volumes: - name: nfs-public-html nfs: server: 10.1.0.2 path: /home/username/public_html/domain.tld --- apiVersion: v1 kind: Service metadata: name: nginx-domain-tld namespace: username-vserver spec: ports: - port: 80 targetPort: 80 protocol: TCP selector: app: nginx-domain-tld --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: nginx-domain-tld namespace: username-vserver annotations: cert-manager.io/cluster-issuer: "letsencrypt-production" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/server-alias: "www.domain.tld" spec: ingressClassName: "nginx" tls: - hosts: - domain.tld - www.domain.tld secretName: domain-tld-tls rules: - host: domain.tld http: paths: - path: / pathType: Prefix backend: service: name: nginx-domain-tld port: number: 80