thalla/lomavuokraus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
lomavuokraus/k8s/app.yaml
Tero Halla-aho 4201884609 Add testing environment deployment and DNS helpers
2025-12-06 17:33:17 +02:00

210 lines
4.9 KiB
YAML
Raw Blame History

apiVersion: v1
kind: ConfigMap
metadata:
name: lomavuokraus-web-config
namespace: ${K8S_NAMESPACE}
data:
NEXT_PUBLIC_SITE_URL: ${NEXT_PUBLIC_SITE_URL}
NEXT_PUBLIC_API_BASE: ${NEXT_PUBLIC_API_BASE}
APP_ENV: ${APP_ENV}
NEXT_PUBLIC_VERSION: ${APP_VERSION}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: lomavuokraus-web-varnish
namespace: ${K8S_NAMESPACE}
data:
default.vcl: |
vcl 4.1;
backend app {
.host = "127.0.0.1";
.port = "3000";
}
sub vcl_recv {
if (req.method != "GET" && req.method != "HEAD") {
return (pass);
}
# Never cache health
if (req.url ~ "^/api/health") {
return (pass);
}
# Cache image API responses
if (req.url ~ "^/api/images/") {
return (hash);
}
# Cache static assets
if (req.url ~ "^/_next/static" ||
req.url ~ "^/favicon" ||
req.url ~ "^/robots.txt" ||
req.url ~ "^/sitemap") {
return (hash);
}
return (pass);
}
sub vcl_backend_response {
# Default TTL
set beresp.ttl = 1h;
if (bereq.url ~ "^/api/images/") {
set beresp.ttl = 24h;
set beresp.http.Cache-Control = "public, max-age=86400, immutable";
} else if (bereq.url ~ "^/_next/static") {
set beresp.ttl = 7d;
set beresp.http.Cache-Control = "public, max-age=604800, immutable";
}
}
sub vcl_deliver {
if (obj.hits > 0) {
set resp.http.X-Cache = "HIT";
} else {
set resp.http.X-Cache = "MISS";
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: lomavuokraus-web
namespace: ${K8S_NAMESPACE}
labels:
app: lomavuokraus-web
spec:
replicas: ${APP_REPLICAS}
selector:
matchLabels:
app: lomavuokraus-web
template:
metadata:
labels:
app: lomavuokraus-web
spec:
imagePullSecrets:
- name: registry-halla
containers:
- name: varnish
image: varnish:7.5
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8080
name: http
args: ["-a", ":8080", "-f", "/etc/varnish/default.vcl", "-s", "malloc,256m"]
volumeMounts:
- name: varnish-vcl
mountPath: /etc/varnish/default.vcl
subPath: default.vcl
livenessProbe:
httpGet:
path: /api/health
port: http
initialDelaySeconds: 10
periodSeconds: 15
readinessProbe:
httpGet:
path: /api/health
port: http
initialDelaySeconds: 5
periodSeconds: 10
resources:
requests:
cpu: "50m"
memory: "128Mi"
limits:
cpu: "200m"
memory: "256Mi"
- name: lomavuokraus-web
image: ${K8S_IMAGE}
imagePullPolicy: IfNotPresent
ports:
- containerPort: 3000
name: app
envFrom:
- configMapRef:
name: lomavuokraus-web-config
envFrom:
- secretRef:
name: lomavuokraus-web-secrets
resources:
requests:
cpu: "100m"
memory: "256Mi"
limits:
cpu: "500m"
memory: "512Mi"
volumes:
- name: varnish-vcl
configMap:
name: lomavuokraus-web-varnish
---
apiVersion: v1
kind: Service
metadata:
name: lomavuokraus-web
namespace: ${K8S_NAMESPACE}
labels:
app: lomavuokraus-web
spec:
selector:
app: lomavuokraus-web
ports:
- name: http
port: 80
targetPort: http
type: ClusterIP
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: https-redirect
namespace: ${K8S_NAMESPACE}
spec:
redirectScheme:
scheme: https
permanent: true
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: lomavuokraus-web
namespace: ${K8S_NAMESPACE}
annotations:
cert-manager.io/cluster-issuer: ${CLUSTER_ISSUER}
kubernetes.io/ingress.class: ${INGRESS_CLASS}
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
traefik.ingress.kubernetes.io/router.middlewares: ${K8S_NAMESPACE}-https-redirect@kubernetescrd
spec:
ingressClassName: ${INGRESS_CLASS}
tls:
- hosts:
- ${APP_HOST}
- ${API_HOST}
secretName: lomavuokraus-web-tls
rules:
- host: ${APP_HOST}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: lomavuokraus-web
port:
number: 80
- host: ${API_HOST}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: lomavuokraus-web
port:
number: 80
Reference in a new issue View git blame Copy permalink