From cab0ec481952ea4b7fe55367ec82f4c6120fdf00 Mon Sep 17 00:00:00 2001 From: richard Date: Mon, 6 Apr 2026 13:09:46 -0400 Subject: [PATCH] create acme-dns deployment --- ansible-5/roles/prod.k3s/defaults/main.yml | 6 +++++ .../prod.k3s/tasks/deployments/acme-dns.yaml | 24 ++++++++++++++++++ ansible-5/roles/prod.k3s/tasks/main.yml | 4 +++ .../templates/acme-dns/deployment.yaml | 25 +++++++++++++++++++ .../templates/acme-dns/pv-config-claim.yaml | 13 ++++++++++ .../templates/acme-dns/pv-config.yaml | 17 +++++++++++++ .../templates/acme-dns/pv-data-claim.yaml | 13 ++++++++++ .../prod.k3s/templates/acme-dns/pv-data.yaml | 17 +++++++++++++ 8 files changed, 119 insertions(+) create mode 100644 ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/deployment.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/pv-config-claim.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/pv-config.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/pv-data-claim.yaml create mode 100644 ansible-5/roles/prod.k3s/templates/acme-dns/pv-data.yaml diff --git a/ansible-5/roles/prod.k3s/defaults/main.yml b/ansible-5/roles/prod.k3s/defaults/main.yml index 0096bd6..3811575 100644 --- a/ansible-5/roles/prod.k3s/defaults/main.yml +++ b/ansible-5/roles/prod.k3s/defaults/main.yml @@ -133,3 +133,9 @@ apps: namespace: bunkerweb state: absent + acme_dns: + name: acme-dns + enabled: true + namespace: acme-dns + version: latest + state: present diff --git a/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml b/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml new file mode 100644 index 0000000..1d31ac4 --- /dev/null +++ b/ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml @@ -0,0 +1,24 @@ +--- +# Acme-DNS application deployment + +- name: Create a namespace for {{apps.acme_dns.name}} + k8s: + kubeconfig: "/etc/rancher/k3s/k3s.yaml" + name: "{{apps.acme_dns.namespace}}" + api_version: v1 + kind: Namespace + state: "{{apps.acme_dns.state}}" + become: true + +- name: create {{apps.acme_dns.name}} resources + kubernetes.core.k8s: + kubeconfig: "/etc/rancher/k3s/k3s.yaml" + state: "{{apps.acme_dns.state}}" + definition: "{{ lookup('template', item) | from_yaml }}" + loop: + - acme-dns/deployment.yaml + - acme-dns/pv-config.yaml + - acme-dns/pv-data.yaml + - acme-dns/pv-config-claim.yaml + - acme-dns/pv-data-claim.yaml + become: true diff --git a/ansible-5/roles/prod.k3s/tasks/main.yml b/ansible-5/roles/prod.k3s/tasks/main.yml index 35e7059..9aca75c 100644 --- a/ansible-5/roles/prod.k3s/tasks/main.yml +++ b/ansible-5/roles/prod.k3s/tasks/main.yml @@ -71,6 +71,10 @@ include_tasks: deployments/bunkerweb.yaml when: apps.bunkerweb.enabled +- name: deploy acme-dns + include_tasks: deployments/acme-dns.yaml + when: apps.acme_dns.enabled + #- name: deploy metallb # include_tasks: deployments/metallb.yaml # when: apps.metallb.enabled diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/deployment.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/deployment.yaml new file mode 100644 index 0000000..089c370 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/deployment.yaml @@ -0,0 +1,25 @@ +apiVersion: v1 +kind: Pod +metadata: + name: acme-dns-pod + namespace: "{{apps.acme_dns.namespace}}" + labels: + app: acme-dns +spec: + containers: + - name: acme-dns + image: "joohoi/acme-dns:{{apps.acme_dns.version}}" + volumeMounts: + - name: config + mountPath: "/etc/acme-dns" + readOnly: true + - name: data + mountPath: "/var/lib/acme-dns" + volumes: + - name: config + persistentVolumeClaim: + claimName: acme-dns-config-0 + - name: data + persistentVolumeClaim: + claimName: acme-dns-data-0 + diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/pv-config-claim.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-config-claim.yaml new file mode 100644 index 0000000..b2e16e8 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-config-claim.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: acme-dns-config-0 + namespace: "{{apps.acme_dns.namespace}}" +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/pv-config.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-config.yaml new file mode 100644 index 0000000..1fb3493 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-config.yaml @@ -0,0 +1,17 @@ +--- +# persistent volume +apiVersion: v1 +kind: PersistentVolume +metadata: + name: acme-dns-pv-config-local + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/opt/data/T2/shared/acme-dns/config" + diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/pv-data-claim.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-data-claim.yaml new file mode 100644 index 0000000..a383783 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-data-claim.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: acme-dns-data-0 + namespace: "{{apps.acme_dns.namespace}}" +spec: + storageClassName: manual + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi diff --git a/ansible-5/roles/prod.k3s/templates/acme-dns/pv-data.yaml b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-data.yaml new file mode 100644 index 0000000..64df0e4 --- /dev/null +++ b/ansible-5/roles/prod.k3s/templates/acme-dns/pv-data.yaml @@ -0,0 +1,17 @@ +--- +# persistent volume +apiVersion: v1 +kind: PersistentVolume +metadata: + name: acme-dns-pv-data-local + labels: + type: local +spec: + storageClassName: manual + capacity: + storage: 1Gi + accessModes: + - ReadWriteOnce + hostPath: + path: "/opt/data/T2/shared/acme-dns/data" +