tobru
/
gitops-tbrnt
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Activity
This repository has been archived on 2023-04-02. You can view files and clone it, but cannot push or open issues or pull requests.
gitops-tbrnt/mosquitto/app.yaml

203 lines
5.4 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: mosquitto
namespace: mosquitto
labels:
app: mosquitto
annotations:
secret.reloader.stakater.com/reload: "mosquitto-tls"
spec:
replicas: 1
selector:
matchLabels:
app: mosquitto
template:
metadata:
labels:
app: mosquitto
spec:
containers:
- name: mosquitto
image: docker.io/eclipse-mosquitto:1.6
imagePullPolicy: Always
ports:
- containerPort: 1883
name: mqtt
protocol: TCP
- containerPort: 8883
name: mqtts
protocol: TCP
- containerPort: 9002
name: mqttwebsocket
protocol: TCP
volumeMounts:
- mountPath: /mosquitto/config
name: config
- mountPath: /mosquitto/certificates
name: certificates
- mountPath: /mosquitto/acl
name: acl
- mountPath: /mosquitto/passwd
name: passwd
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 1
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 9002
timeoutSeconds: 1
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 1
periodSeconds: 10
successThreshold: 1
tcpSocket:
port: 9002
timeoutSeconds: 1
volumes:
- name: config
configMap:
name: mosquitto
- name: certificates
secret:
secretName: mosquitto-tls
- name: acl
secret:
secretName: mosquitto-acl
- name: passwd
secret:
secretName: mosquitto-passwd
---
apiVersion: v1
kind: Service
metadata:
name: mqtt-tls
namespace: mosquitto
labels:
app: mosquitto
spec:
ports:
- port: 8883
protocol: TCP
targetPort: mqtts
name: mqtts
selector:
app: mosquitto
type: LoadBalancer
---
apiVersion: v1
kind: Service
metadata:
name: mqtt-plain
namespace: mosquitto
labels:
app: mosquitto
spec:
ports:
- port: 1883
protocol: TCP
targetPort: mqtt
selector:
app: mosquitto
type: ClusterIP
---
apiVersion: v1
kind: ConfigMap
metadata:
name: mosquitto
namespace: mosquitto
data:
mosquitto.conf: |
# Config file for mosquitto
user mosquitto
sys_interval 10
max_inflight_messages 40
max_queued_messages 200
queue_qos0_messages false
message_size_limit 0
allow_zero_length_clientid true
persistent_client_expiration 3m
allow_duplicate_messages false
autosave_interval 60
autosave_on_changes false
# Persistence configuration
persistence false
# persistence_location /mosquitto/data/
# Logging
connection_messages true
log_dest stderr
log_dest stdout
log_type error
log_type warning
log_type notice
log_type information
log_type subscribe
#log_type all
#log_type debug
log_timestamp true
# Listeners
listener 1883
listener 8883
cafile /mosquitto/config/ca.crt
certfile /mosquitto/certificates/tls.crt
keyfile /mosquitto/certificates/tls.key
require_certificate false
listener 9002
protocol websockets
cafile /mosquitto/config/ca.crt
certfile /mosquitto/certificates/tls.crt
keyfile /mosquitto/certificates/tls.key
# Security
password_file /mosquitto/passwd/mosquitto.passwd
acl_file /mosquitto/acl/mosquitto.acl
ca.crt: |
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----
---
apiVersion: cert-manager.io/v1alpha2
kind: Certificate
metadata:
name: mosquitto-tls
namespace: mosquitto
spec:
dnsNames:
- mqtt.tbrnt.ch
issuerRef:
kind: ClusterIssuer
name: letsencrypt-prod
secretName: mosquitto-tls
Reference in New Issue View Git Blame Copy Permalink