--- apiVersion: v1 kind: Secret metadata: name: piwigo-mysql-pass annotations: "helm.sh/resource-policy": "keep" type: Opaque data: {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "piwigo-mysql-pass") | default dict }} {{- $secretData := (get $secretObj "data") | default dict }} {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }} password: {{ $pass | quote }} --- apiVersion: v1 kind: Secret metadata: name: piwigo-mysql-root-pass annotations: "helm.sh/resource-policy": "keep" type: Opaque data: {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "piwigo-mysql-root-pass") | default dict }} {{- $secretData := (get $secretObj "data") | default dict }} {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }} password: {{ $pass | quote }} --- apiVersion: v1 kind: Secret metadata: name: piwigo-admin annotations: "helm.sh/resource-policy": "keep" type: Opaque data: {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "piwigo-admin") | default dict }} {{- $secretData := (get $secretObj "data") | default dict }} {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }} password: {{ $pass | quote }} --- --- # apiVersion: extensions/v1beta1 apiVersion: v1 kind: ConfigMap metadata: name: piwigo-mysql-config labels: app: piwigo-mysql data: MYSQL_DATABASE: piwigo_db MYSQL_USER: piwigo --- apiVersion: apps/v1 kind: Deployment metadata: name: piwigo-mysql labels: app: piwigo-mysql spec: replicas: 1 selector: matchLabels: app: piwigo-mysql template: metadata: labels: app: piwigo-mysql name: piwigo-mysql spec: containers: - name: piwigo-mysql image: mysql imagePullPolicy: "IfNotPresent" ports: - containerPort: 3306 envFrom: - configMapRef: name: piwigo-mysql-config env: - name: MYSQL_ROOT_PASSWORD valueFrom: secretKeyRef: name: piwigo-mysql-root-pass key: password - name: MYSQL_PASSWORD valueFrom: secretKeyRef: name: piwigo-mysql-pass key: password volumeMounts: - mountPath: /var/lib/mysql subPath: backup/piwigo/db name: piwigo-mysql-db volumes: - name: piwigo-mysql-db persistentVolumeClaim: claimName: homey-pvc-nfs --- apiVersion: v1 kind: Service metadata: name: piwigo-mysql labels: app: piwigo-mysql spec: ports: - port: 3306 selector: app: piwigo-mysql --- apiVersion: apps/v1 kind: Deployment metadata: name: piwigo spec: replicas: 1 selector: matchLabels: app: piwigo template: metadata: labels: app: piwigo spec: containers: - name: piwigo image: linuxserver/piwigo volumeMounts: - name: piwigo-persistent-storage mountPath: /config subPath: backup/piwigo/config - name: piwigo-persistent-storage mountPath: /gallery subPath: backup/piwigo/gallery volumes: - name: piwigo-persistent-storage persistentVolumeClaim: claimName: homey-pvc-nfs --- apiVersion: v1 kind: Service metadata: name: piwigo-svc spec: ports: - name: http protocol: TCP port: 80 targetPort: 80 selector: app: piwigo --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: piwigo-ingress annotations: # nginx.ingress.kubernetes.io/whitelist-source-range: "10.0.0.0/16" nginx.ingress.kubernetes.io/auth-type: forward nginx.ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80 nginx.ingress.kubernetes.io/proxy-body-size: 5g spec: ingressClassName: {{ .Values.homey.ingress_class }} tls: - hosts: - piwigo.{{ .Values.homey.url }} secretName: {{ .Values.homey.certname }} rules: - host: piwigo.{{ .Values.homey.url }} http: paths: - path: / pathType: Prefix backend: service: name: piwigo-svc port: number: 80