smatsiievskyi/kube
1
0
Fork 0
forked from k-space/kube
Code Issues Pull Requests Packages Projects Activity
Files
995360f105a443d9f62759b0d37cec2815632516
kube/wiki/application.yml

139 lines
3.7 KiB
YAML
Raw Blame History

---
apiVersion: codemowers.cloud/v1beta1
kind: OIDCClient
metadata:
name: wiki
spec:
displayName: Wiki
uri: https://wiki.k-space.ee
redirectUris:
- https://wiki.k-space.ee/login/a4cdccdc-c879-4387-a64a-6584a02a85e9/callback
allowedGroups:
- k-space:floor
grantTypes:
- authorization_code
- refresh_token
responseTypes:
- code
availableScopes:
- openid
- profile
tokenEndpointAuthMethod: client_secret_post
pkce: false
secretRefreshPod:
apiVersion: v1
kind: Pod
metadata:
name: reset-oidc-config
spec:
volumes:
- name: tmp
emptyDir: {}
initContainers:
- name: jq
image: mirror.gcr.io/alpine/k8s:1.31.76@sha256:2a3fdd639c71c6cad69fbc8cac2467648855dac29961efec3b155466cc4fa730
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /tmp
name: tmp
envFrom:
- secretRef:
name: oidc-client-wiki-owner-secrets
command:
- /bin/bash
- -c
- jq '{"strategyKey":"oidc","config":{"clientId":$ENV.OIDC_CLIENT_ID,"clientSecret":$ENV.OIDC_CLIENT_SECRET,"authorizationURL":$ENV.OIDC_IDP_AUTH_URI,"tokenURL":$ENV.OIDC_IDP_TOKEN_URI,"userInfoURL":$ENV.OIDC_IDP_USERINFO_URI,"skipUserProfile":false,"issuer":$ENV.OIDC_IDP_URI,"emailClaim":"email","displayNameClaim":"name","mapGroups":false,"groupsClaim":"groups","logoutURL":$ENV.OIDC_IDP_URI,"acrValues":""}} | "UPDATE authentication SET config=\(.config|tostring|@sh) WHERE strategyKey=\(.strategyKey|tostring|@sh) LIMIT 1"' -n -r > /tmp/update.sql
containers:
- name: mysql
image: mirror.gcr.io/library/mysql
imagePullPolicy: IfNotPresent
volumeMounts:
- mountPath: /tmp
name: tmp
env:
- name: MYSQL_PWD
valueFrom:
secretKeyRef:
name: wikijs-secrets
key: DB_PASS
command:
- /bin/bash
- -c
- mysql -u kspace_wiki kspace_wiki -h 172.20.36.1 -p${MYSQL_PWD} < /tmp/update.sql
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: wikijs
labels:
app.kubernetes.io/name: wikijs
spec:
serviceName: wikijs
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: wikijs
template:
metadata:
labels:
app.kubernetes.io/name: wikijs
spec:
containers:
- name: wikijs
image: mirror.gcr.io/requarks/wiki:2
env:
- name: DB_TYPE
value: mysql
- name: DB_HOST
value: mariadb.infra.k-space.ee
- name: DB_PORT
value: "3306"
- name: DB_USER
value: kspace_wiki
- name: DB_NAME
value: kspace_wiki
- name: DB_PASS
valueFrom:
secretKeyRef:
name: wikijs-secrets
key: DB_PASS
ports:
- containerPort: 3000
name: http
---
apiVersion: v1
kind: Service
metadata:
name: wikijs
spec:
selector:
app.kubernetes.io/name: wikijs
ports:
- port: 80
name: http
targetPort: http
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: wikijs
annotations:
kubernetes.io/ingress.class: traefik
traefik.ingress.kubernetes.io/router.entrypoints: websecure
external-dns.alpha.kubernetes.io/target: traefik.k-space.ee
spec:
rules:
- host: wiki.k-space.ee
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: wikijs
port:
name: http
tls:
- hosts:
- "*.k-space.ee"
Reference in New Issue View Git Blame Copy Permalink