From b98f173441ceff26ece9eb288c3e7d72f1443640 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= Date: Thu, 24 Aug 2023 08:48:33 +0300 Subject: [PATCH] wildduck: Add operator --- wildduck/wildduck-operator-rbac.yaml | 40 +++++++++++++++++ wildduck/wildduck-operator.yaml | 64 ++++++++++++++++++++++++++++ 2 files changed, 104 insertions(+) create mode 100644 wildduck/wildduck-operator-rbac.yaml create mode 100644 wildduck/wildduck-operator.yaml diff --git a/wildduck/wildduck-operator-rbac.yaml b/wildduck/wildduck-operator-rbac.yaml new file mode 100644 index 0000000..83fd57c --- /dev/null +++ b/wildduck/wildduck-operator-rbac.yaml @@ -0,0 +1,40 @@ +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: codemowers-io-wildduck-operator +rules: + - apiGroups: + - codemowers.io + resources: + - oidcgatewayusers + verbs: + - get + - list + - watch + - apiGroups: + - codemowers.io + resources: + - oidcgatewayusers/status + verbs: + - patch + - update +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: codemowers-io-wildduck-operator + namespace: wildduck +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: codemowers-io-wildduck-operator +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: codemowers-io-wildduck-operator +subjects: + - kind: ServiceAccount + name: codemowers-io-wildduck-operator + namespace: wildduck diff --git a/wildduck/wildduck-operator.yaml b/wildduck/wildduck-operator.yaml new file mode 100644 index 0000000..94ce547 --- /dev/null +++ b/wildduck/wildduck-operator.yaml @@ -0,0 +1,64 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: wildduck-operator + namespace: wildduck +spec: + replicas: 1 + selector: + matchLabels: + app: wildduck-operator + serviceName: wildduck-operator + template: + metadata: + labels: + app: wildduck-operator + spec: + containers: + - image: docker.io/codemowers/wildduck-operator:latest + name: wildduck-operator + env: + - name: MANAGED_DOMAIN + value: k-space.ee + - name: ALLOWED_GROUPS + value: k-space:friends,k-space:floor + - name: WILDDUCK_API_URL + value: http://mail2.k-space.ee:8080 + - name: WILDDUCK_API_TOKEN + valueFrom: + secretKeyRef: + name: wildduck + key: WILDDUCK_API_TOKEN + ports: + - containerPort: 8000 + name: metrics + enableServiceLinks: false + serviceAccountName: codemowers-io-wildduck-operator +--- +apiVersion: v1 +kind: Service +metadata: + labels: + app: wildduck-operator + name: wildduck-operator + namespace: wildduck +spec: + ports: + - name: metrics + port: 8000 + protocol: TCP + selector: + app: wildduck-operator +--- +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: wildduck-operator + namespace: wildduck +spec: + endpoints: + - port: metrics + selector: + matchLabels: + app: wildduck-operator