mirror of
https://github.com/khuedoan/homelab.git
synced 2025-01-22 02:07:46 +07:00
e28bada08e
Previously PVCs need to define storage class explicitly because if a PVC was created before Longhorn is ready, it will stay pending forever until we delete and recreate it (ArgoCD didn't have sync wave for ApplicationSet back then). Kubernetes 1.28 has retroactive assignment of a default StorageClass for existing unbound persistent volume claims without any storage class assigned. https://kubernetes.io/blog/2023/08/15/kubernetes-v1-28-release/#automatic-retroactive-assignment-of-a-default-storageclass-graduates-to-stable
47 lines
1.2 KiB
YAML
47 lines
1.2 KiB
YAML
docker-registry:
|
|
ingress:
|
|
enabled: true
|
|
className: nginx
|
|
hosts:
|
|
- &host registry.khuedoan.com
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/proxy-body-size: "0"
|
|
tls:
|
|
- secretName: registry-tls-certificate
|
|
hosts:
|
|
- *host
|
|
extraVolumes:
|
|
- name: auth
|
|
emptyDir: {}
|
|
extraVolumeMounts:
|
|
- mountPath: /auth
|
|
name: auth
|
|
# TODO uncomment to enable auth
|
|
# extraEnvVars:
|
|
# - name: REGISTRY_AUTH
|
|
# value: "htpasswd"
|
|
# - name: REGISTRY_AUTH_HTPASSWD_REALM
|
|
# value: "Registry Realm"
|
|
# - name: REGISTRY_AUTH_HTPASSWD_PATH
|
|
# value: "/auth/htpasswd"
|
|
# initContainers:
|
|
# - name: htpasswd
|
|
# image: httpd:2-alpine
|
|
# command:
|
|
# - sh
|
|
# - -c
|
|
# - htpasswd -Bbn "${username}" "${password}" > /auth/htpasswd
|
|
# envFrom:
|
|
# - secretRef:
|
|
# name: registry-admin-secret
|
|
# volumeMounts:
|
|
# - mountPath: /auth
|
|
# name: auth
|
|
persistence:
|
|
enabled: true
|
|
size: 10Gi
|
|
garbageCollect:
|
|
enabled: true
|