create acme-dns deployment

ansible-5/roles/prod.k3s/defaults/main.yml

@@ -133,3 +133,9 @@ apps:
     namespace: bunkerweb
     state: absent
 
+  acme_dns:
+    name: acme-dns
+    enabled: true
+    namespace: acme-dns
+    version: latest
+    state: present

ansible-5/roles/prod.k3s/tasks/deployments/acme-dns.yaml

@@ -0,0 +1,24 @@
+---
+# Acme-DNS application deployment
+
+- name: Create a namespace for {{apps.acme_dns.name}}
+  k8s:
+    kubeconfig: "/etc/rancher/k3s/k3s.yaml"
+    name: "{{apps.acme_dns.namespace}}"
+    api_version: v1
+    kind: Namespace
+    state: "{{apps.acme_dns.state}}"
+  become: true
+
+- name: create {{apps.acme_dns.name}} resources
+  kubernetes.core.k8s:
+    kubeconfig: "/etc/rancher/k3s/k3s.yaml"
+    state: "{{apps.acme_dns.state}}"
+    definition: "{{ lookup('template', item) | from_yaml }}"
+  loop:
+    - acme-dns/deployment.yaml
+    - acme-dns/pv-config.yaml
+    - acme-dns/pv-data.yaml
+    - acme-dns/pv-config-claim.yaml
+    - acme-dns/pv-data-claim.yaml
+  become: true

ansible-5/roles/prod.k3s/tasks/main.yml

@@ -71,6 +71,10 @@
   include_tasks: deployments/bunkerweb.yaml
   when: apps.bunkerweb.enabled
 
+- name: deploy acme-dns
+  include_tasks: deployments/acme-dns.yaml
+  when: apps.acme_dns.enabled
+
 #- name: deploy metallb
 #  include_tasks: deployments/metallb.yaml
 #  when: apps.metallb.enabled

ansible-5/roles/prod.k3s/templates/acme-dns/deployment.yaml

@@ -0,0 +1,25 @@
+apiVersion: v1
+kind: Pod
+metadata:
+  name: acme-dns-pod
+  namespace: "{{apps.acme_dns.namespace}}"
+  labels:
+    app: acme-dns
+spec:
+  containers:
+    - name: acme-dns
+      image: "joohoi/acme-dns:{{apps.acme_dns.version}}"
+      volumeMounts:
+        - name: config
+          mountPath: "/etc/acme-dns"
+          readOnly: true
+        - name: data
+          mountPath: "/var/lib/acme-dns"
+  volumes:
+    - name: config
+      persistentVolumeClaim:
+        claimName: acme-dns-config-0
+    - name: data
+      persistentVolumeClaim:
+        claimName: acme-dns-data-0
+

ansible-5/roles/prod.k3s/templates/acme-dns/pv-config-claim.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: acme-dns-config-0
+  namespace: "{{apps.acme_dns.namespace}}"
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi

ansible-5/roles/prod.k3s/templates/acme-dns/pv-config.yaml

@@ -0,0 +1,17 @@
+---
+# persistent volume
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: acme-dns-pv-config-local
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/opt/data/T2/shared/acme-dns/config"
+

ansible-5/roles/prod.k3s/templates/acme-dns/pv-data-claim.yaml

@@ -0,0 +1,13 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: acme-dns-data-0
+  namespace: "{{apps.acme_dns.namespace}}"
+spec:
+  storageClassName: manual
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 1Gi

ansible-5/roles/prod.k3s/templates/acme-dns/pv-data.yaml

@@ -0,0 +1,17 @@
+---
+# persistent volume
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: acme-dns-pv-data-local
+  labels:
+    type: local
+spec:
+  storageClassName: manual
+  capacity:
+    storage: 1Gi
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/opt/data/T2/shared/acme-dns/data"
+