apiVersion: apps/v1
kind: Deployment
metadata:
  name: nginx-https
spec:
  replicas: 1
  selector:
    matchLabels: 
      app: nginx-https
  template:
    metadata:
      labels:
        app: nginx-https
    spec:
      containers:
      - name: nginx-https
        image: nginx
        ports:
        - name: web
          containerPort: 80
        - name: secureweb
          containerPort: 443
        volumeMounts:
        - name: nginx-https-cm
          mountPath: /etc/nginx
        - name: nginx-https-secret
          mountPath: /etc/nginx/ssl
          readOnly: true
        - name: nginx-https-vol
          mountPath: /usr/share/nginx/html
      volumes:
      - name: nginx-https-cm
        configMap:
          name: nginx-https-cm
      - name: nginx-https-secret
        secret:
          secretName: nginx-https-secret
      - name: nginx-https-vol
        hostPath:
          path: /var/nginxserver
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: nginx-https-cm
data:
  nginx.conf: |
    user nginx;
    worker_processes 1;
    events {
      worker_connections  10240;
    }
    http {
      server {
        listen       80;
        listen       443 ssl;

        server_name  _;

        ssl_certificate     /etc/nginx/ssl/server-cert.pem;
        ssl_certificate_key /etc/nginx/ssl/server-key.pem;

        location / {
            root   /usr/share/nginx/html;
            index  index.html index.htm;
        }
      }
    }