This deployment is parameterized for use with `envsubst(1)`. You will need to set up the secret values and environment variables (see below). ```shell bash -c 'for f in *.yaml; do envsubst < $f | kubectl apply -f -; done' ``` ## Supported environment variables Set these environment variables in your shell before running the above command to apply the Kubernetes spec. - `COREID_DOMAIN` - domain name where CoreID is accessed (e.g. `coreid.mydomain.com`) - `DOCKER_REGISTRY` - host of the docker registry to pull the image from (e.g. `registry.mydomain.com`) - this is the same registry that is used by `yarn docker:build` and `yarn docker:push` - `COREID_DATABASE_HOST` - MongoDB host (e.g. `mongo.mylan.net`) - `COREID_DATABASE_NAME` - MongoDB database name to use (e.g. `coreid_p1`) - `COREID_LDAP_BASE_DC` - base DC to use for LDAP tree (e.g. `dc=platform,dc=local`) - `COREID_REDIS_HOST` - Redis host (e.g. `redis.mylan.net`) - `COREID_SMTP_HOST` - SMTP server host (e.g. `smtp.mymail.com`) ## Secret values The spec expects there to be a `coreid-secrets` secret in the `starship` namespace with the following values: - `SECRET` - hash seed used by CoreID (e.g. `df8db5a2-429b-4597-a013-18efee2465e0`) - `SMTP_USER` - username used to log-into SMTP server (e.g. `user@mymail.com`) - `SMTP_DEFAULT_SENDER` - email to use as FROM address. Usually same as `SMTP_USER` (e.g. `user@mymail.com`) - `SMTP_PASS` - password for `SMTP_USER` - `REDIS_PASS` - password for the Redis service - `X509_CERT` - contents of the x509 certificate to be used for SAML/LDAP/RADIUS - `X509_KEY` - contents of the x509 certificate key to be used for SAML/LDAP/RADIUS