diff --git a/templates/cert-issuer.yml b/templates/cert-issuer.yml new file mode 100644 index 0000000..ff8ef0c --- /dev/null +++ b/templates/cert-issuer.yml @@ -0,0 +1,20 @@ +{{- if .Values.certissuer.enabled }} +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: {{ .Values.certissuer.name }} + namespace: {{ .Values.certissuer.namespace }} +spec: + acme: + # Email address used for ACME registration + email: {{ .Values.certissuer.acme.email }} + server: {{ .Values.certissuer.acme.server }} + privateKeySecretRef: + # Name of a secret used to store the ACME account private key + name: {{ .Values.certissuer.acme.secret }} + # Add a single challenge solver, HTTP01 using nginx + solvers: + - http01: + ingress: + class: nginx +{{- end }} \ No newline at end of file diff --git a/templates/netmaker-statefulset.yaml b/templates/netmaker-statefulset.yaml index 6137e78..54c9be1 100644 --- a/templates/netmaker-statefulset.yaml +++ b/templates/netmaker-statefulset.yaml @@ -20,29 +20,27 @@ spec: envFrom: - configMapRef: name: {{ include "netmaker.fullname" . }}-env - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} + image: "{{ .Values.server.image.repository }}:{{ .Values.server.image.tag }}" + imagePullPolicy: {{ .Values.server.image.pullPolicy }} ports: - containerPort: {{ .Values.service.restPort }} protocol: TCP + {{- if .Values.dns.enabled }} volumeMounts: - mountPath: /etc/netmaker/ name: shared-data - {{- if .Values.dns.enabled }} - mountPath: /root/config/dnsconfig name: {{ include "netmaker.fullname" . }}-dns-pvc - {{- end }} volumes: - name: shared-data persistentVolumeClaim: claimName: {{ include "netmaker.fullname" . }}-shared-data-pvc - {{- if .Values.dns.enabled }} - name: {{ include "netmaker.fullname" . }}-dns-pvc persistentVolumeClaim: claimName: {{ include "netmaker.fullname" . }}-dns-pvc - {{- end }} + {{- end }} --- - + {{- if .Values.dns.enabled }} apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -53,4 +51,5 @@ spec: - ReadWriteMany resources: requests: - storage: {{ .Values.server.storageSize }} \ No newline at end of file + storage: {{ .Values.server.storageSize }} +{{- end }} \ No newline at end of file diff --git a/templates/netmaker-ui-deployment.yaml b/templates/netmaker-ui-deployment.yaml index c4e0861..94c8cd9 100644 --- a/templates/netmaker-ui-deployment.yaml +++ b/templates/netmaker-ui-deployment.yaml @@ -16,7 +16,8 @@ spec: spec: containers: - name: {{ include "netmaker.fullname" . }}-ui - image: gravitl/netmaker-ui:{{ .Values.image.tag }} + image: "{{ .Values.ui.image.repository }}:{{ .Values.ui.image.tag }}" + imagePullPolicy: {{ .Values.ui.image.pullPolicy }} ports: - containerPort: {{ .Values.service.uiPort }} env: diff --git a/values.yaml b/values.yaml index 354fa88..3de1a2a 100644 --- a/values.yaml +++ b/values.yaml @@ -3,14 +3,7 @@ # Declare variables to be passed into your templates. -baseDomain: "nm.example.com" # required value -image: - # -- The image repo to pull Netmaker image from - repository: gravitl/netmaker - # -- Pull Policy for images - pullPolicy: Always - # -- Override the image tag to pull - tag: "latest" +baseDomain: "abhi-k8s.clustercat.com" # required value # -- override the name for netmaker objects nameOverride: "" @@ -36,6 +29,13 @@ podSecurityContext: {} ui: # -- how many UI replicas to create replicas: 2 + image: + # -- The image repo to pull Netmaker image from + repository: gravitl/netmaker-ui + # -- Pull Policy for images + pullPolicy: Always + # -- Override the image tag to pull + tag: "v0.21.2" mq: # -- how many MQTT replicas to create @@ -45,6 +45,13 @@ mq: server: # -- number of netmaker server replicas to create replicas: 2 + image: + # -- The image repo to pull Netmaker image from + repository: gravitl/netmaker + # -- Pull Policy for images + pullPolicy: Always + # -- Override the image tag to pull + tag: "v0.21.2" RWX: storageClassName: "" storageSize: 128Mi @@ -134,3 +141,11 @@ postgresql-ha: # -- size of postgres DB size: 1Gi +certissuer: + enabled: false + name: letsencrypt-prod + namespace: cert-manager + acme: + email: youremail@domain.com + secret: letsencrypt-prod + server: https://acme-v02.api.letsencrypt.org/directory