--- apiVersion: apps/v1 kind: Deployment metadata: name: coreid-www namespace: starship spec: selector: matchLabels: app: coreid template: metadata: name: coreid labels: app: coreid spec: volumes: - name: coreid-secrets-vol secret: secretName: coreid-secrets optional: false containers: - name: coreid-web image: ${DOCKER_REGISTRY}/starship/coreid imagePullPolicy: Always volumeMounts: - mountPath: /secrets readOnly: true name: coreid-secrets-vol env: - name: APP_URL value: "https://${COREID_DOMAIN}/" - name: DATABASE_HOST value: '${COREID_DATABASE_HOST}' - name: DATABASE_NAME value: '${COREID_DATABASE_NAME}' - name: LDAP_BASE_DC value: '${COREID_LDAP_BASE_DC}' - name: REDIS_HOST value: '${COREID_REDIS_HOST}' - name: SMTP_HOST value: '${COREID_SMTP_HOST}' - name: SECRET valueFrom: secretKeyRef: key: SECRET name: coreid-secrets optional: false - name: SMTP_USER valueFrom: secretKeyRef: key: SMTP_USER name: coreid-secrets optional: false - name: SMTP_DEFAULT_SENDER valueFrom: secretKeyRef: key: SMTP_DEFAULT_SENDER name: coreid-secrets optional: false - name: SMTP_PASS valueFrom: secretKeyRef: key: SMTP_PASS name: coreid-secrets optional: false - name: REDIS_PASS valueFrom: secretKeyRef: key: REDIS_PASS name: coreid-secrets optional: false - name: APP_NAME value: "Starship CoreID" - name: SERVER_PORT value: '8000' - name: DATABASE_PORT value: '27017' - name: DATABASE_AUTH value: 'false' - name: ENVIRONMENT value: production - name: SSL_ENABLE value: 'false' - name: LDAP_SERVER_PORT value: '636' - name: LDAP_SSL_ENABLE value: 'true' - name: LDAP_CERT_PATH value: '/secrets/X509_CERT' - name: LDAP_CERT_KEY_PATH value: '/secrets/X509_KEY' - name: SAML_CERT_FILE value: '/secrets/X509_CERT' - name: SAML_KEY_FILE value: '/secrets/X509_KEY' - name: RADIUS_CERT_FILE value: '/secrets/X509_CERT' - name: RADIUS_KEY_FILE value: '/secrets/X509_KEY' - name: REDIS_PORT value: '6379' - name: SMTP_PORT value: '587' - name: OPENID_CONNECT_PROXY value: 'true' - name: SESSION_MAX_AGE value: '1209600000' --- apiVersion: apps/v1 kind: Deployment metadata: name: coreid-jobs namespace: starship spec: selector: matchLabels: app: coreid-jobs template: metadata: name: coreid labels: app: coreid-jobs spec: volumes: - name: coreid-secrets-vol secret: secretName: coreid-secrets optional: false containers: - name: coreid-job-worker image: ${DOCKER_REGISTRY}/starship/coreid imagePullPolicy: Always command: ["node", "/app/flitter", "worker", "main"] volumeMounts: - mountPath: /secrets readOnly: true name: coreid-secrets-vol env: - name: APP_URL value: "https://${COREID_DOMAIN}/" - name: DATABASE_HOST value: '${COREID_DATABASE_HOST}' - name: DATABASE_NAME value: '${COREID_DATABASE_NAME}' - name: LDAP_BASE_DC value: '${COREID_LDAP_BASE_DC}' - name: REDIS_HOST value: '${COREID_REDIS_HOST}' - name: SMTP_HOST value: '${COREID_SMTP_HOST}' - name: SECRET valueFrom: secretKeyRef: key: SECRET name: coreid-secrets optional: false - name: SMTP_USER valueFrom: secretKeyRef: key: SMTP_USER name: coreid-secrets optional: false - name: SMTP_DEFAULT_SENDER valueFrom: secretKeyRef: key: SMTP_DEFAULT_SENDER name: coreid-secrets optional: false - name: SMTP_PASS valueFrom: secretKeyRef: key: SMTP_PASS name: coreid-secrets optional: false - name: REDIS_PASS valueFrom: secretKeyRef: key: REDIS_PASS name: coreid-secrets optional: false - name: APP_NAME value: "Starship CoreID" - name: SERVER_PORT value: '8000' - name: DATABASE_PORT value: '27017' - name: DATABASE_AUTH value: 'false' - name: ENVIRONMENT value: production - name: SSL_ENABLE value: 'false' - name: LDAP_SERVER_PORT value: '636' - name: LDAP_SSL_ENABLE value: 'true' - name: LDAP_CERT_PATH value: '/secrets/X509_CERT' - name: LDAP_CERT_KEY_PATH value: '/secrets/X509_KEY' - name: SAML_CERT_FILE value: '/secrets/X509_CERT' - name: SAML_KEY_FILE value: '/secrets/X509_KEY' - name: RADIUS_CERT_FILE value: '/secrets/X509_CERT' - name: RADIUS_KEY_FILE value: '/secrets/X509_KEY' - name: REDIS_PORT value: '6379' - name: SMTP_PORT value: '587' - name: OPENID_CONNECT_PROXY value: 'true' - name: SESSION_MAX_AGE value: '1209600000'