Ghost on kubernetes with traefik
00-ghost-ns.yaml
apiVersion: v1
kind: Namespace
metadata:
name: ghost
01-ghost-pv.yaml
apiVersion: v1
kind: PersistentVolume
metadata:
name: ghost-pv
labels:
usage: ghost-data
app: ghost
spec:
storageClassName: "manual"
capacity:
storage: "10Gi"
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
hostPath:
path: "HOST_PV_PATH"
02-ghost-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
namespace: ghost
name: ghost-pvc
spec:
storageClassName: "manual"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: "10Gi"
selector:
matchLabels:
usage: ghost-data
03-ghost-deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: ghost
namespace: ghost
labels:
app: ghost
spec:
replicas: 1
selector:
matchLabels:
app: ghost
template:
metadata:
labels:
app: ghost
spec:
securityContext:
runAsUser: 65534
runAsGroup: 65534
containers:
- name: ghost-app
image: ghost:2
imagePullPolicy: Always
ports:
- containerPort: 2368
env:
- name: url
value: WEB_SITE_DOMAIN
volumeMounts:
- mountPath: /var/lib/ghost/content
name: ghost-data
volumes:
- name: ghost-data
persistentVolumeClaim:
claimName: ghost-pvc
04-ghost-service.yaml
apiVersion: v1
kind: Service
metadata:
name: ghost-svc
namespace: ghost
spec:
ports:
- name: web
port: 2368
selector:
app: ghost
05-ghost-ingressroute.yaml
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: ghost-ingress
namespace: ghost
spec:
entryPoints:
- websecure
routes:
- match: Host(`WEB_SITE_DOMAIN`)
kind: Rule
services:
- name: ghost-svc
namespace: ghost
port: 2368
tls:
certResolver: leresolver
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: ghost-ingress80
namespace: ghost
spec:
entryPoints:
- web
routes:
- match: Host(`WEB_SITE_DOMAIN`)
kind: Rule
services:
- name: ghost-svc
namespace: ghost
port: 2368
middlewares:
- name: https-only
namespace: traefik
kubectl create -f .