- name: Searx deployment k8s: namespace: default state: present definition: apiVersion: apps/v1 kind: Deployment metadata: name: searx spec: replicas: 2 selector: matchLabels: app: searx template: metadata: labels: app: searx spec: containers: - name: searx image: wonderfall/searx:latest imagePullPolicy: IfNotPresent ports: - containerPort: 8888 livenessProbe: httpGet: path: / port: 8888 readinessProbe: httpGet: path: / port: 8888 - name: Searx service k8s: namespace: default state: present definition: apiVersion: v1 kind: Service metadata: name: searx spec: type: ClusterIP ports: - port: 80 targetPort: 8888 selector: app: searx - name: Searx ingress k8s: namespace: default state: present definition: apiVersion: extensions/v1beta1 kind: Ingress metadata: name: searx annotation: traefik.ingress.kubernetes.io/redirect-entry-point: https traefik.ingress.kubernetes.io/redirect-permanent: "true" ingress.kubernetes.io/ssl-redirect: "true" ingress.kubernetes.io/ssl-temporary-redirect: "false" spec: rules: - host: "{{searx_domain}}" http: paths: - path: / backend: serviceName: searx servicePort: 80 tls: - secretName: searx-cert - name: Searx certificate k8s: namespace: default state: present definition: apiVersion: certmanager.k8s.io/v1alpha1 kind: Certificate metadata: name: searx-cert spec: secretName: traefik-cert issuerRef: name: "{{cert_manager_issuer}}" commonName: "{{searx_domain}}" acme: config: - http01: ingressClass: traefik domains: - "{{searx_domain}}"