@@ -127,8 +127,8 @@ 
     koti.lan:53 {
         kubernetes koti.lan
 
-        rewrite name dav.koti.lan caddy-ingress-caddy-ingress-controller.caddy-system.svc.koti.lan
-        rewrite name rss.koti.lan caddy-ingress-caddy-ingress-controller.caddy-system.svc.koti.lan
+        rewrite name dav.koti.lan radicale.default.svc.koti.lan
+        rewrite name rss.koti.lan yarr.default.svc.koti.lan
     }
 
     import /etc/coredns/custom/*.server

@@ -22,13 +22,33 @@ imagePullPolicy: IfNotPresent
           volumeMounts:
             - name: collections
               mountPath: /data/collections
+            - name: tls
+              mountPath: /tls
           ports:
             - name: http
               containerPort: 5232
+          command: ["/venv/bin/radicale", "--config", "/config/config"]
+          args:
+            - --ssl 
+            - "true"
+            - -c
+            - /tls/tls.crt
+            - -k 
+            - /tls/tls.key
       volumes:
         - name: collections
           persistentVolumeClaim:
             claimName: radicale-collections
+        - name: tls
+          projected:
+            sources:
+              - secret:
+                  name: dav-koti-lan
+                  items:
+                  - key: tls.crt
+                    path: tls.crt
+                  - key: tls.key
+                    path: tls.key
 ---
 apiVersion: v1
 kind: Service
@@ -38,8 +58,8 @@ spec:
   selector:
     app: radicale
   ports:
-    - name: http
-      port: 80
+    - name: https
+      port: 443
       targetPort: 5232
 ---
 apiVersion: v1
@@ -53,27 +73,3 @@ - ReadWriteOnce
   resources:
     requests:
       storage: 100Mi
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  name: dav.koti.lan
-  namespace: default
-spec:
-  ingressClassName: caddy
-  rules:
-  - host: dav.koti.lan
-    http:
-      paths:
-      - path: /
-        pathType: Prefix
-        backend:
-          service:
-            name: radicale
-            port:
-              number: 80
-  tls:
-    - secretName: koti-lan-tls
-      hosts:
-        - dav.koti.lan
-

@@ -1,12 +0,0 @@ 
-FROM golang:alpine AS build
-RUN apk add build-base git
-WORKDIR /src
-COPY . .
-RUN make build_linux
-
-FROM alpine:latest
-RUN apk add --no-cache ca-certificates && \
-    update-ca-certificates
-COPY --from=build /src/_output/linux/yarr /usr/local/bin/yarr
-EXPOSE 7070
-CMD ["/usr/local/bin/yarr", "-addr", "0.0.0.0:7070", "-db", "/data/yarr.db"]

@@ -1,1 +0,0 @@ 
-

@@ -13,29 +13,24 @@ metadata:
       labels:
         app: yarr
     spec:
-      imagePullSecrets:
-        - name: registry-creds
-      nodeSelector:
-        arch: "arm"
       containers:
         - name: yarr
-          image: reg.icyphox.sh/yarr
+          image: sini:5000/yarr:latest
           imagePullPolicy: Always
-          volumeMounts:
-            - name: auth
-              mountPath: "/config"
-              readOnly: true
           ports:
             - name: http
               containerPort: 7070
-          command: ["/bin/sh"]
           args:
-            - -c
-            - /usr/local/bin/yarr -auth-file /config/auth -addr 0.0.0.0:7070
+            - -addr 
+            - 0.0.0.0:7070
+          volumeMounts:
+            - name: db
+              mountPath: /data
       volumes:
-        - name: auth
-          secret:
-            secretName: yarr-auth
+        - name: db 
+          persistentVolumeClaim:
+            claimName: yarr-db
+
 ---
 apiVersion: v1
 kind: Service
@@ -46,5 +41,17 @@ selector:
     app: yarr
   ports:
     - name: http
-      port: 7070
+      port: 80
       targetPort: 7070
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: yarr-db
+spec:
+  storageClassName: local-path
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 200Mi