| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194 |
- #{
- # "infoklinika.ru": {
- # "username":"8aeaadb6-1dcc-495a-899b-00519a76aacf",
- # "password":"8HLvFMfIA1b6pz8FiiKPRjzZ-1rzxwpLml9S_ENt",
- # "fulldomain":"d3747323-b9d9-4112-8db4-90b4f7bd62ed.auth.infoklinika.ru",
- # "subdomain":"d3747323-b9d9-4112-8db4-90b4f7bd62ed",
- # "allowfrom":[]
- # }
- #}
- ---
- apiVersion: v1
- kind: ConfigMap
- metadata:
- name: acme-cfg
- data:
- config.cfg: |
- [general]
- listen = ":53"
- protocol = "both"
- domain = "auth.infoklinika.ru"
- nsname = "nsauth.infoklinika.ru"
- nsadmin = "admin.infoklinika.ru"
- records = [
- "nsauth.infoklinika.ru. A 95.131.180.106",
- "auth.infoklinika.ru. NS nsauth.infoklinika.ru.",
- ]
- debug = true
- [database]
- engine = "sqlite3"
- connection = "/var/lib/acme-dns/acme-dns.db"
- [api]
- api_domain = ""
- disable_registration = false
- #autocert_port = "80"
- ip = ""
- port = "80"
- tls = "none"
- corsorigins = [
- "*"
- ]
- use_header = false
- header_name = "X-Forwarded-For"
- [logconfig]
- loglevel = "debug"
- logtype = "stdout"
- logformat = "text"
- ---
- apiVersion: v1
- kind: PersistentVolume
- metadata:
- name: acme-db
- labels:
- purpose: acme-db
- spec:
- accessModes:
- - ReadWriteOnce
- capacity:
- storage: 100Mi
- local:
- path: /dev/shared-iscsi/acme-dns
- fsType: xfs
- nodeAffinity:
- required:
- nodeSelectorTerms:
- - matchExpressions:
- - key: kubernetes.io/os
- operator: In
- values:
- - linux
- persistentVolumeReclaimPolicy: Delete
- storageClassName: local-storage
- volumeMode: Filesystem
- ---
- apiVersion: v1
- kind: PersistentVolumeClaim
- metadata:
- name: acme-db
- spec:
- accessModes:
- - ReadWriteOnce
- resources:
- requests:
- storage: 100Mi
- selector:
- matchLabels:
- purpose: acme-db
- storageClassName: local-storage
- ---
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: acme-dns
- spec:
- selector:
- matchLabels:
- app: acme-dns
- replicas: 1
- template:
- metadata:
- labels:
- app: acme-dns
- spec:
- containers:
- - name: acme-dns
- image: joohoi/acme-dns:latest
- ports:
- - containerPort: 80
- - containerPort: 53
- - containerPort: 53
- protocol: UDP
- volumeMounts:
- - mountPath: /etc/acme-dns
- name: acme-cfg
- - mountPath: /var/lib/acme-dns
- name: acme-db
- volumes:
- - name: acme-cfg
- configMap:
- name: acme-cfg
- - name: acme-db
- persistentVolumeClaim:
- claimName: acme-db
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: acme-http
- spec:
- ports:
- - port: 80
- selector:
- app: acme-dns
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: acme-dns
- annotations:
- metallb.universe.tf/allow-shared-ip: nginx-ingress
- spec:
- ports:
- - name: dns-tcp
- port: 53
- selector:
- app: acme-dns
- type: LoadBalancer
- loadBalancerIP: 192.168.201.130
- ---
- apiVersion: v1
- kind: Service
- metadata:
- name: acme-dns-udp
- annotations:
- metallb.universe.tf/allow-shared-ip: nginx-ingress
- spec:
- ports:
- - name: dns-udp
- port: 53
- protocol: UDP
- selector:
- app: acme-dns
- type: LoadBalancer
- loadBalancerIP: 192.168.201.130
- ---
- apiVersion: extensions/v1beta1
- kind: Ingress
- metadata:
- name: nginx-ingress
- annotations:
- kubernetes.io/ingress.class: "nginx"
- spec:
- rules:
- - host: nsauth.infoklinika.ru
- http:
- paths:
- - path: /
- backend:
- serviceName: acme-http
- servicePort: 80
|
