chaos/docker-images
2
1
Fork 0
Code Issues 1 Pull Requests Projects Releases 1 Wiki Activity

why _?111git statuskubectl apply -n kube-system -f descheduler-cronjob.yaml
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone Build is passing
Details

Browse Source
This commit is contained in:
Udo Waechter
2024-09-13 20:09:41 +02:00
parent d1247a3b02
commit c6a8464bb2
65 changed files with 0 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

172
apps/authelia/deployment.yaml Normal file
View File

@@ -0,0 +1,172 @@
#we use postgresql:
#create database authelia;
#create user authelia with encrypted password 'secret';
#grant all privileges on database authelia to authelia;
apiVersion: apps/v1
kind: Deployment
metadata:
name: authelia
labels:
app: authelia
release: latest
spec:
replicas: 1
selector:
matchLabels:
app: authelia
release: latest
template:
metadata:
labels:
app: authelia
release: latest
spec:
containers:
- name: authelia
image: authelia/authelia:latest
env:
#- name: AUTHELIA_SERVER_PORT
# value: "9091"
- name: TZ
value: "Europe/Berlin"
volumeMounts:
- name: authelia
mountPath: /config-nfs
- name: authelia-config
mountPath: /config
- name: pki
mountPath: /etc/pki
ports:
- name: http
containerPort: 9091
protocol: TCP
livenessProbe:
httpGet:
path: /
port: http
readinessProbe:
httpGet:
path: /
port: http
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "1000Mi"
cpu: "1500m"
enableServiceLinks: false
volumes:
- name: authelia
persistentVolumeClaim:
claimName: authelia
- name: authelia-config
configMap:
name: authelia-config
items:
- key: configuration.yml
path: configuration.yml
- name: pki
hostPath:
path: /etc/pki
type: Directory
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: authelia
labels:
app: authelia
spec:
storageClassName: nfs-ssd-ebin02
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: authelia
spec:
storageClassName: "nfs-ssd-ebin02"
nfs:
path: /data/raid1-ssd/k8s-data/authelia
server: ebin02
capacity:
storage: 100Mi
accessModes:
- ReadWriteOnce
volumeMode: Filesystem
persistentVolumeReclaimPolicy: Retain
claimRef:
kind: PersistentVolumeClaim
name: authelia
namespace: live-infra
---
apiVersion: v1
kind: Service
metadata:
name: authelia
labels:
app: authelia
spec:
ports:
- port: 80
targetPort: http
protocol: TCP
name: http
- port: 443
targetPort: http
name: https
selector:
app: authelia
release: latest
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: authelia
annotations:
kubernetes.io/ingress.class: nginx
nginx.ingress.kubernetes.io/auth-url: https://authelia.live-infra.svc.cluster.local/api/verify
nginx.ingress.kubernetes.io/auth-signin: https://auth.lan
nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
nginx.ingress.kubernetes.io/auth-snippet: |
proxy_set_header X-Forwarded-Method $request_method;
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_set_header X-Forwarded-Method $request_method;
spec:
rules:
- host: auth.lan
http:
paths:
- backend:
service:
name: authelia
port:
name: http
path: /
pathType: Prefix
- host: secure.auth.lan
http:
paths:
- backend:
service:
name: authelia
port:
name: http
path: /
pathType: Prefix
- host: public.auth.lan
http:
paths:
- backend:
service:
name: authelia
port:
name: http
path: /
pathType: Prefix