apiVersion: v1 kind: ConfigMap metadata: name: lomavuokraus-web-config namespace: ${K8S_NAMESPACE} data: NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_SITE_URL} NEXT_PUBLIC_API_BASE: ${NEXT_PUBLIC_API_BASE} APP_ENV: ${APP_ENV} --- apiVersion: apps/v1 kind: Deployment metadata: name: lomavuokraus-web namespace: ${K8S_NAMESPACE} labels: app: lomavuokraus-web spec: replicas: 2 selector: matchLabels: app: lomavuokraus-web template: metadata: labels: app: lomavuokraus-web spec: containers: - name: lomavuokraus-web image: ${K8S_IMAGE} imagePullPolicy: IfNotPresent ports: - containerPort: 3000 name: http envFrom: - secretRef: name: lomavuokraus-web-secrets livenessProbe: httpGet: path: /api/health port: http initialDelaySeconds: 10 periodSeconds: 15 readinessProbe: httpGet: path: /api/health port: http initialDelaySeconds: 5 periodSeconds: 10 resources: requests: cpu: "100m" memory: "256Mi" limits: cpu: "500m" memory: "512Mi" --- apiVersion: v1 kind: Service metadata: name: lomavuokraus-web namespace: ${K8S_NAMESPACE} labels: app: lomavuokraus-web spec: selector: app: lomavuokraus-web ports: - name: http port: 80 targetPort: http type: ClusterIP --- apiVersion: traefik.io/v1alpha1 kind: Middleware metadata: name: https-redirect namespace: ${K8S_NAMESPACE} spec: redirectScheme: scheme: https permanent: true --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: lomavuokraus-web namespace: ${K8S_NAMESPACE} annotations: cert-manager.io/cluster-issuer: ${CLUSTER_ISSUER} kubernetes.io/ingress.class: ${INGRESS_CLASS} traefik.ingress.kubernetes.io/router.entrypoints: web,websecure traefik.ingress.kubernetes.io/router.middlewares: ${K8S_NAMESPACE}-https-redirect@kubernetescrd spec: ingressClassName: ${INGRESS_CLASS} tls: - hosts: - ${APP_HOST} secretName: lomavuokraus-web-tls rules: - host: ${APP_HOST} http: paths: - path: / pathType: Prefix backend: service: name: lomavuokraus-web port: number: 80