cerc-io
/
stack-orchestrator
mirror of https://github.com/cerc-io/stack-orchestrator
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

fix(k8s): persist Caddy TLS certificates with PVC 

Caddy ingress was using emptyDir for /data storage, causing TLS
certificates to be lost on pod restarts or cluster recreations.
This led to Let's Encrypt rate limit issues from repeatedly
requesting new certificates.

Add a PersistentVolumeClaim for Caddy's data directory to persist
ACME certificates across redeployments.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
A. F. Dudley 2026-01-24 18:57:55 -05:00
parent 55b76b9b57
commit d5e1a6652c
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
stack_orchestrator/data/k8s/components/ingress/ingress-caddy-kind-deploy.yaml
View File

@ -243,10 +243,26 @@ spec:
mountPath: /config mountPath: /config
volumes: volumes:
- name: caddy-data - name: caddy-data
emptyDir: {} persistentVolumeClaim:
claimName: caddy-data-pvc
- name: caddy-config - name: caddy-config
emptyDir: {} emptyDir: {}
--- ---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: caddy-data-pvc
namespace: caddy-system
labels:
app.kubernetes.io/name: caddy-ingress-controller
app.kubernetes.io/instance: caddy-ingress
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: networking.k8s.io/v1 apiVersion: networking.k8s.io/v1
kind: IngressClass kind: IngressClass
metadata: metadata: