1.6 KiB
1.6 KiB
This deployment is parameterized for use with envsubst(1)
.
You will need to set up the secret values and environment variables (see below).
bash -c 'for f in *.yaml; do envsubst < $f | kubectl apply -f -; done'
Supported environment variables
Set these environment variables in your shell before running the above command to apply the Kubernetes spec.
COREID_DOMAIN
- domain name where CoreID is accessed (e.g.coreid.mydomain.com
)DOCKER_REGISTRY
- host of the docker registry to pull the image from (e.g.registry.mydomain.com
)- this is the same registry that is used by
yarn docker:build
andyarn docker:push
- this is the same registry that is used by
COREID_DATABASE_HOST
- MongoDB host (e.g.mongo.mylan.net
)COREID_DATABASE_NAME
- MongoDB database name to use (e.g.coreid_p1
)COREID_LDAP_BASE_DC
- base DC to use for LDAP tree (e.g.dc=platform,dc=local
)COREID_REDIS_HOST
- Redis host (e.g.redis.mylan.net
)COREID_SMTP_HOST
- SMTP server host (e.g.smtp.mymail.com
)
Secret values
The spec expects there to be a coreid-secrets
secret in the starship
namespace with the following values:
SECRET
- hash seed used by CoreID (e.g.df8db5a2-429b-4597-a013-18efee2465e0
)SMTP_USER
- username used to log-into SMTP server (e.g.user@mymail.com
)SMTP_DEFAULT_SENDER
- email to use as FROM address. Usually same asSMTP_USER
(e.g.user@mymail.com
)SMTP_PASS
- password forSMTP_USER
REDIS_PASS
- password for the Redis serviceX509_CERT
- contents of the x509 certificate to be used for SAML/LDAP/RADIUSX509_KEY
- contents of the x509 certificate key to be used for SAML/LDAP/RADIUS