apiVersion: v1 kind: Service metadata: name: unifi-tcp labels: run: unifi annotations: metallb.universe.tf/allow-shared-ip: "unifi" spec: ports: - name: unifi-device-communication protocol: TCP port: 8080 targetPort: 8080 - name: unifi-management protocol: TCP port: 8443 targetPort: 8443 - name: unifi-guest-https protocol: TCP port: 8843 targetPort: 8843 - name: unifi-guest-http protocol: TCP port: 8880 targetPort: 8880 - name: unifi-mobile-throughput protocol: TCP port: 6789 targetPort: 6789 selector: run: unifi type: LoadBalancer loadBalancerIP: 10.42.42.240 --- apiVersion: v1 kind: Service metadata: name: unifi-udp labels: run: unifi annotations: metallb.universe.tf/allow-shared-ip: "unifi" spec: ports: - name: stun protocol: UDP port: 3478 targetPort: 3478 - name: ap-discovery protocol: UDP port: 10001 targetPort: 10001 - name: unifi-make-controller-discoverable protocol: UDP port: 1900 targetPort: 1900 - name: unifi-syslog protocol: UDP port: 5514 targetPort: 5514 selector: run: unifi type: LoadBalancer loadBalancerIP: 10.42.42.240 --- apiVersion: v1 kind: PersistentVolume metadata: name: unifi spec: capacity: storage: 5Mi volumeMode: Filesystem accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Retain # Keep 4eva storageClassName: default mountOptions: - hard - nfsvers=3 nfs: path: /mnt/DroboFS/Shares/Kubernetes/volumes/static/unifi server: 10.42.42.10 claimRef: name: unifi namespace: default --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: unifi annotations: nfs.io/storage-path: "unifi" spec: storageClassName: default accessModes: - ReadWriteMany resources: requests: storage: 5Mi status: {} --- apiVersion: apps/v1 kind: Deployment metadata: name: unifi spec: replicas: 1 selector: matchLabels: run: unifi strategy: type: Recreate template: metadata: labels: run: unifi spec: terminationGracePeriodSeconds: 30 containers: - image: linuxserver/unifi-controller imagePullPolicy: "Always" name: unifi env: - name: TZ value: US/Michigan # PUID and PGID are for volume permissions # - name: PUID # value: "1000" # - name: PGID # value: "1000" - name: MEM_LIMIT value: "1024" ports: - containerPort: 3478 protocol: UDP - containerPort: 10001 protocol: UDP - containerPort: 8080 protocol: TCP - containerPort: 8443 protocol: TCP - containerPort: 1900 protocol: UDP - containerPort: 8843 protocol: TCP - containerPort: 8880 protocol: TCP - containerPort: 6789 protocol: TCP - containerPort: 5514 protocol: UDP resources: limits: memory: "2Gi" cpu: "1500m" requests: memory: "500Mi" cpu: "500m" volumeMounts: - mountPath: /config name: unifi restartPolicy: Always volumes: - name: unifi persistentVolumeClaim: claimName: unifi dnsPolicy: "None" dnsConfig: nameservers: - 10.42.42.239 - 10.42.42.1 searches: - default.svc.cluster.local - svc.cluster.local - cluster.local options: - name: ndots value: "2" - name: edns0 - name: trust-ad status: {} --- # Hosting apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: unifi-management annotations: nginx.ingress.kubernetes.io/backend-protocol: "HTTPS" nginx.ingress.kubernetes.io/proxy-ssl-verify: "off" cert-manager.io/cluster-issuer: "letsencrypt-prod" spec: tls: - hosts: - unifi.monkeybox.org secretName: unifi-tls rules: - host: unifi.monkeybox.org http: paths: - path: / pathType: Prefix backend: service: name: unifi-tcp port: number: 8443