fixed geoip tag
This commit is contained in:
+97
-97
@@ -49,74 +49,74 @@ spec:
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
containers:
|
||||
- name: code-server
|
||||
image: codercom/code-server:4.108.0
|
||||
args:
|
||||
- --bind-addr=0.0.0.0:8080
|
||||
- --auth=none
|
||||
- --disable-telemetry
|
||||
- --disable-update-check
|
||||
env:
|
||||
- name: TZ
|
||||
value: "Europe/Budapest"
|
||||
- name: HOME
|
||||
value: "/home/coder"
|
||||
- name: USER
|
||||
value: "coder"
|
||||
# Proxy trust for headers
|
||||
- name: CS_DISABLE_PROXY_TRUST
|
||||
value: "false"
|
||||
- name: GIT_CONFIG_GLOBAL
|
||||
value: "/home/coder/.config/git/config"
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
command: ["/bin/sh", "-c", "mkdir -p /home/coder/.config/git"]
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: http
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 4Gi
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /home/coder/.config
|
||||
- name: workspace
|
||||
mountPath: /home/coder/workspace
|
||||
- name: local
|
||||
mountPath: /home/coder/.local
|
||||
- name: config
|
||||
mountPath: /home/coder/.ssh
|
||||
subPath: ssh
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: http
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 30
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: http
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
- name: code-server
|
||||
image: codercom/code-server:4.108.0
|
||||
args:
|
||||
- --bind-addr=0.0.0.0:8080
|
||||
- --auth=none
|
||||
- --disable-telemetry
|
||||
- --disable-update-check
|
||||
env:
|
||||
- name: TZ
|
||||
value: "Europe/Budapest"
|
||||
- name: HOME
|
||||
value: "/home/coder"
|
||||
- name: USER
|
||||
value: "coder"
|
||||
# Proxy trust for headers
|
||||
- name: CS_DISABLE_PROXY_TRUST
|
||||
value: "false"
|
||||
- name: GIT_CONFIG_GLOBAL
|
||||
value: "/home/coder/.config/git/config"
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
command: ["/bin/sh", "-c", "mkdir -p /home/coder/.config/git"]
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
name: http
|
||||
resources:
|
||||
requests:
|
||||
cpu: 200m
|
||||
memory: 512Mi
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 4Gi
|
||||
volumeMounts:
|
||||
- name: config
|
||||
mountPath: /home/coder/.config
|
||||
- name: workspace
|
||||
mountPath: /home/coder/workspace
|
||||
- name: local
|
||||
mountPath: /home/coder/.local
|
||||
- name: config
|
||||
mountPath: /home/coder/.ssh
|
||||
subPath: ssh
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: http
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 30
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /healthz
|
||||
port: http
|
||||
initialDelaySeconds: 10
|
||||
periodSeconds: 10
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
volumes:
|
||||
- name: config
|
||||
persistentVolumeClaim:
|
||||
claimName: code-server-config
|
||||
- name: workspace
|
||||
persistentVolumeClaim:
|
||||
claimName: code-server-workspace
|
||||
- name: local
|
||||
persistentVolumeClaim:
|
||||
claimName: code-server-local
|
||||
- name: config
|
||||
persistentVolumeClaim:
|
||||
claimName: code-server-config
|
||||
- name: workspace
|
||||
persistentVolumeClaim:
|
||||
claimName: code-server-workspace
|
||||
- name: local
|
||||
persistentVolumeClaim:
|
||||
claimName: code-server-local
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
@@ -129,9 +129,9 @@ metadata:
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: http
|
||||
port: 8080
|
||||
targetPort: http
|
||||
- name: http
|
||||
port: 8080
|
||||
targetPort: http
|
||||
selector:
|
||||
app.kubernetes.io/instance: code-server
|
||||
app.kubernetes.io/name: code-server
|
||||
@@ -161,36 +161,36 @@ metadata:
|
||||
nginx.ingress.kubernetes.io/auth-snippet: |
|
||||
proxy_set_header X-Forwarded-Host $http_host;
|
||||
nginx.ingress.kubernetes.io/configuration-snippet: |
|
||||
if ($geoip2_city_country_code != "HU") {
|
||||
if ($geoip2_country_code != "HU") {
|
||||
return 403 "Access restricted to Hungary";
|
||||
}
|
||||
spec:
|
||||
ingressClassName: nginx-internal
|
||||
rules:
|
||||
- host: code.dooplex.hu
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: code-server
|
||||
port:
|
||||
number: 8080
|
||||
- host: code.home
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: code-server
|
||||
port:
|
||||
number: 8080
|
||||
- host: code.dooplex.hu
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: code-server
|
||||
port:
|
||||
number: 8080
|
||||
- host: code.home
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: code-server
|
||||
port:
|
||||
number: 8080
|
||||
tls:
|
||||
- hosts:
|
||||
- code.dooplex.hu
|
||||
secretName: code-server-tls
|
||||
- hosts:
|
||||
- code.dooplex.hu
|
||||
secretName: code-server-tls
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
@@ -204,7 +204,7 @@ metadata:
|
||||
recurring-job.longhorn.io/source: enabled
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
- ReadWriteOnce
|
||||
storageClassName: longhorn
|
||||
resources:
|
||||
requests:
|
||||
@@ -222,7 +222,7 @@ metadata:
|
||||
recurring-job.longhorn.io/source: enabled
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
- ReadWriteOnce
|
||||
storageClassName: longhorn
|
||||
resources:
|
||||
requests:
|
||||
@@ -238,7 +238,7 @@ metadata:
|
||||
app.kubernetes.io/name: code-server-local
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
- ReadWriteOnce
|
||||
storageClassName: longhorn
|
||||
resources:
|
||||
requests:
|
||||
|
||||
Reference in New Issue
Block a user