--- apiVersion: codemowers.io/v1alpha1 kind: OIDCGWClient metadata: name: wildflock spec: displayName: Wildduck disposable alias generator uri: "https://wildflock.k-space.ee/auth-oidc" redirectUris: - "https://wildflock.k-space.ee/auth-oidc/callback" grantTypes: - "authorization_code" - "refresh_token" responseTypes: - "code" availableScopes: - "openid" - "profile" - "offline_access" tokenEndpointAuthMethod: "client_secret_basic" pkce: true --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: wildflock annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" external-dns.alpha.kubernetes.io/target: traefik.k-space.ee spec: rules: - host: wildflock.k-space.ee http: paths: - pathType: Prefix path: "/" backend: service: name: wildflock port: number: 3030 tls: - hosts: - "*.k-space.ee" --- apiVersion: v1 kind: Service metadata: name: wildflock spec: type: ClusterIP selector: app: wildflock ports: - protocol: TCP port: 3030 --- apiVersion: apps/v1 kind: Deployment metadata: name: wildflock labels: app: wildflock spec: selector: matchLabels: app: wildflock replicas: 2 template: metadata: labels: app: wildflock spec: containers: - name: wildflock image: harbor.k-space.ee/k-space/walias:latest ports: - containerPort: 3030 env: - name: REDIS_URL valueFrom: secretKeyRef: name: redis-webmail-owner-secrets key: REDIS_MASTER_1_URI - name: CLIENT_URL value: https://wildflock.k-space.ee - name: WILDDUCK_DOMAIN value: k6.ee - name: NODE_ENV value: prod - name: WILDDUCK_URL value: https://mail.k-space.ee - name: WILDDUCK_TOKEN valueFrom: secretKeyRef: name: wildduck key: WILDDUCK_API_TOKEN envFrom: - secretRef: name: oidc-client-wildflock-owner-secrets