ghp/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
82c5f35eda
ansible/roles/registry/defaults/main.yaml
ace 82c5f35eda
add short names 
add publish conditions for services

use official gitea helm chart
2021-01-25 21:04:57 +03:00

61 lines
2.1 KiB
YAML
Raw Blame History

registry_enabled: true
registry_publish: false
registry_short_name: "registry"
registry_default_values:
service:
type: ClusterIP
ingress:
enabled: true
annotations:
kubernetes.io/ingress.class: "{{ external_ingress_class if registry_publish else internal_ingress_class }}"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
cert-manager.io/acme-dns01-provider: "rfc2136"
cert-manager.io/acme-challenge-type: "dns01"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
hosts:
- "{{ registry_short_name }}.{{ domain }}"
tls:
- secretName: "{{ registry_short_name }}.{{ domain }}-tls"
hosts:
- "{{ registry_short_name }}.{{ domain }}"
persistence:
enabled: true
storageClass: "{{ registry_storage | default('nfs-hdd') }}"
size: "{{ registry_size | default('15Gi') }}"
accessMode: "{{ registry_storage_mode | default('ReadWriteMany') }}"
registry_readonly_ingress_definition: |
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
annotations:
cert-manager.io/acme-challenge-type: dns01
cert-manager.io/acme-dns01-provider: rfc2136
cert-manager.io/cluster-issuer: letsencrypt-prod
kubernetes.io/ingress.class: "{{ external_ingress_class }}"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
nginx.ingress.kubernetes.io/configuration-snippet: |-
limit_except GET {
deny all;
}
name: docker-registry-public
namespace: "{{ registry_namespace | default(namespace) }}"
spec:
rules:
- host: "{{ registry_readonly_ingress }}"
http:
paths:
- backend:
serviceName: docker-registry
servicePort: 5000
path: /
tls:
- hosts:
- "{{ registry_readonly_ingress }}"
secretName: "{{ registry_readonly_ingress }}-tls"
Reference in New Issue View Git Blame Copy Permalink