--- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: app annotations: cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/proxy-body-size: "512M" spec: ingressClassName: nginx tls: - secretName: tls-app hosts: - "$BASE_URL" rules: - host: "$BASE_URL" http: paths: - path: / pathType: Prefix backend: service: name: app port: name: http --- apiVersion: v1 kind: Service metadata: name: app labels: app: app spec: selector: app: app ports: - name: http port: 80 targetPort: http --- apiVersion: apps/v1 kind: StatefulSet metadata: name: app labels: app: app spec: replicas: $NB_REPLICAS selector: matchLabels: app: app template: metadata: labels: app: app spec: containers: - name: app image: "$IMAGEAPP" ports: - name: http containerPort: 3000 - name: ssh containerPort: 2222 volumeMounts: - name: data mountPath: /var/lib/gitea/ - name: config mountPath: /etc/gitea/app.ini subPath: app.ini - name: secrets mountPath: /etc/gitea/secrets/ securityContext: fsGroup: 1000 volumes: - name: config configMap: name: gitea - name: secrets secret: secretName: gitea volumeClaimTemplates: - metadata: name: data spec: accessModes: - ReadWriteOnce storageClassName: nfs-csi resources: requests: storage: 1Gi