diff --git a/kube/deploy/apps/zigbee2mqtt/app/hr.yaml b/kube/deploy/apps/zigbee2mqtt/app/hr.yaml index 54c6da8c..ee969a09 100644 --- a/kube/deploy/apps/zigbee2mqtt/app/hr.yaml +++ b/kube/deploy/apps/zigbee2mqtt/app/hr.yaml @@ -48,7 +48,7 @@ spec: ZIGBEE2MQTT_CONFIG_MQTT_INCLUDE_DEVICE_INFORMATION: true ZIGBEE2MQTT_CONFIG_MQTT_KEEPALIVE: 60 ZIGBEE2MQTT_CONFIG_MQTT_REJECT_UNAUTHORIZED: true - ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtt://emqx-listeners.emqx.svc.cluster.local + ZIGBEE2MQTT_CONFIG_MQTT_SERVER: mqtts://${APP_DNS_EMQX}:8883 ZIGBEE2MQTT_CONFIG_MQTT_VERSION: 5 ZIGBEE2MQTT_CONFIG_PERMIT_JOIN: false ZIGBEE2MQTT_CONFIG_SERIAL_BAUDRATE: 115200 diff --git a/kube/deploy/core/db/emqx/cluster/emqx.yaml b/kube/deploy/core/db/emqx/cluster/emqx.yaml index 387f42fc..41753843 100644 --- a/kube/deploy/core/db/emqx/cluster/emqx.yaml +++ b/kube/deploy/core/db/emqx/cluster/emqx.yaml @@ -47,26 +47,12 @@ spec: fail_if_no_peer_cert = false } } - # bootstrapAPIKeys: - # - secretRef: - # key: - # secretName: emqx-secrets - # secretKey: X_EMQX_APIKEY_KEY - # secret: - # secretName: emqx-secrets - # secretKey: X_EMQX_APIKEY_SECRET coreTemplate: spec: replicas: 2 envFrom: &envFrom - secretRef: name: emqx-secrets - #volumeClaimTemplates: - # storageClassName: local - # accessModes: [ReadWriteOnce] - # resources: - # requests: - # storage: 1Gi extraVolumes: - name: emqx-secrets secret: @@ -91,18 +77,10 @@ spec: subPath: tls.key mountPath: /tls/key.pem readOnly: true - # topologySpreadConstraints: - # - maxSkew: 1 - # topologyKey: kubernetes.io/hostname - # whenUnsatisfiable: DoNotSchedule - # labelSelector: - # matchLabels: - # apps.emqx.io/instance: *app - # apps.emqx.io/db-role: core - # listenersServiceTemplate: - # metadata: - # annotations: - # coredns.io/hostname: "${APP_DNS_EMQX}" - # io.cilium/lb-ipam-ips: "${APP_IP_EMQX}" - # spec: - # type: LoadBalancer + listenersServiceTemplate: + metadata: + annotations: + coredns.io/hostname: "${APP_DNS_EMQX}" # TLS SNI + io.cilium/lb-ipam-ips: "${APP_IP_EMQX}" + spec: + type: LoadBalancer