--- # tasks file for deploy-reverse-proxy.yml - name: Create Cert-Manager Certificate k8s: state: present definition: apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: proxy namespace: eom spec: secretName: proxy issuerRef: name: letsencrypt kind: Issuer group: cert-manager.io commonName: eom.dev dnsNames: - gitea.eom.dev - mediawiki.eom.dev - nextcloud.eom.dev - redmine.eom.dev - name: Create ConfigMap for httpd k8s: state: present api_version: v1 kind: ConfigMap name: proxy namespace: eom definition: data: httpd.conf: "{{ lookup('file', 'httpd.conf') }}" httpd-ssl.conf: "{{ lookup('file', 'httpd-ssl.conf') }}" mime.types: "{{ lookup('file', 'mime.types') }}" - name: Create a deployment k8s: definition: apiVersion: apps/v1 kind: Deployment metadata: name: proxy namespace: eom spec: replicas: 1 selector: matchLabels: app: proxy template: metadata: labels: app: proxy spec: containers: - name: proxy image: httpd volumeMounts: - name: httpd-conf mountPath: /usr/local/apache2/conf - name: letsencrypt mountPath: /usr/local/apache2/conf/ssl ports: - containerPort: 443 volumes: - name: httpd-conf configMap: name: proxy - name: letsencrypt secret: secretName: proxy - name: Expose deployment as a service k8s: definition: apiVersion: v1 kind: Service metadata: name: proxy namespace: eom spec: selector: app: proxy ports: - port: 443 protocol: TCP name: reverse-proxy-port-22 type: NodePort