--- apiVersion: v1 kind: Namespace metadata: name: piston --- apiVersion: v1 kind: ServiceAccount metadata: name: piston-sa namespace: piston --- apiVersion: v1 kind: ConfigMap metadata: name: piston-config namespace: piston data: piston.domain: "piston.khongisa.co.za" piston.rooturl: "https://piston.khongisa.co.za" --- apiVersion: v1 kind: Secret metadata: name: piston-ui-secret namespace: piston type: Opaque data: password: QmxhY2tzdGFyMkBob21l --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: piston-pvc namespace: piston spec: accessModes: ["ReadWriteOnce"] storageClassName: nfs-storage resources: requests: storage: 50Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: piston namespace: piston spec: replicas: 1 selector: matchLabels: app: piston template: metadata: labels: app: piston spec: serviceAccountName: piston-sa hostNetwork: false hostPID: false hostIPC: false containers: - name: piston image: ghcr.io/engineer-man/piston:latest securityContext: privileged: true allowPrivilegeEscalation: true runAsNonRoot: false ports: - containerPort: 2000 volumeMounts: - name: packages mountPath: /piston-data/packages resources: requests: cpu: "500m" memory: "1Gi" limits: cpu: "1" memory: "2Gi" - name: ui image: codercom/code-server:latest ports: - containerPort: 8080 resources: requests: cpu: "500m" memory: "1Gi" limits: cpu: "1" memory: "2Gi" env: - name: PASSWORD valueFrom: secretKeyRef: name: piston-ui-secret key: password volumeMounts: - name: packages mountPath: /home/coder/project volumes: - name: packages persistentVolumeClaim: claimName: piston-pvc --- apiVersion: v1 kind: Service metadata: name: piston-service namespace: piston spec: type: NodePort selector: app: piston ports: - name: http protocol: TCP port: 80 targetPort: 8080 nodePort: 31003