--- apiVersion: codemowers.io/v1alpha1 kind: OIDCGWClient metadata: name: walias spec: displayName: Wildduck disposable alias generator uri: "https://walias.k-space.ee/auth-oidc" redirectUris: - "https://walias.k-space.ee/auth-oidc/callback" grantTypes: - "authorization_code" - "refresh_token" responseTypes: - "code" availableScopes: - "openid" - "profile" - "offline_access" tokenEndpointAuthMethod: "client_secret_basic" pkce: true --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: walias annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure traefik.ingress.kubernetes.io/router.tls: "true" external-dns.alpha.kubernetes.io/target: traefik.k-space.ee spec: rules: - host: walias.k-space.ee http: paths: - pathType: Prefix path: "/" backend: service: name: walias port: number: 3030 tls: - hosts: - "*.k-space.ee" --- apiVersion: v1 kind: Service metadata: name: walias spec: type: ClusterIP selector: app: walias ports: - protocol: TCP port: 3030 --- apiVersion: apps/v1 kind: Deployment metadata: name: walias labels: app: walias spec: selector: matchLabels: app: walias replicas: 1 template: metadata: labels: app: walias spec: containers: - name: walias image: harbor.k-space.ee/k-space/walias:latest ports: - containerPort: 3030 env: - name: CLIENT_URL value: https://walias.k-space.ee - name: WILDDUCK_DOMAIN value: k6.ee - name: NODE_ENV value: prod - name: WILDDUCK_URL value: https://mail.k-space.ee - name: WILDDUCK_TOKEN valueFrom: secretKeyRef: name: wildduck key: WILDDUCK_API_TOKEN envFrom: - secretRef: name: oidc-client-walias-owner-secrets