apiVersion: apps/v1 kind: Deployment metadata: name: drone-server labels: app: drone-server spec: replicas: 1 selector: matchLabels: app: drone-server template: metadata: labels: app: drone-server spec: containers: - name: drone image: drone/drone:latest env: - name: DRONE_SERVER_PORT # because the deployment is called drone-server, override this var again! value: ":80" - name: DRONE_GITEA_SERVER value: https://git.kluster.moll.re - name: DRONE_USER_CREATE value: username:remoll,admin:true - name: DRONE_GITEA_CLIENT_ID valueFrom: secretKeyRef: name: drone-server-secret key: client_id - name: DRONE_GITEA_CLIENT_SECRET valueFrom: secretKeyRef: name: drone-server-secret key: client_secret - name: DRONE_RPC_SECRET valueFrom: secretKeyRef: name: drone-server-secret key: rpc_secret - name: DRONE_SERVER_HOST value: drone.kluster.moll.re - name: DRONE_SERVER_PROTO value: https resources: requests: memory: "1Gi" cpu: 1.5 volumeMounts: - mountPath: /data name: drone-data-nfs volumes: - name: drone-data-nfs persistentVolumeClaim: claimName: drone-data-nfs --- apiVersion: v1 kind: Service metadata: name: drone-server labels: app: drone-server spec: type: ClusterIP ports: - port: 80 name: http selector: app: drone-server --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: drone-server-ingress spec: entryPoints: - websecure routes: - match: Host(`drone.kluster.moll.re`) kind: Rule services: - name: drone-server port: 80 tls: certResolver: default-tls --- apiVersion: v1 kind: PersistentVolume metadata: name: drone-data-nfs spec: capacity: storage: "1Gi" accessModes: - ReadWriteOnce nfs: path: /export/kluster/drone server: 192.168.1.157 --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: drone-data-nfs spec: storageClassName: "" accessModes: - ReadWriteOnce resources: requests: storage: "1Gi" volumeName: drone-data-nfs