218 lines
6.5 KiB
YAML
218 lines
6.5 KiB
YAML
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: coreid-www
|
|
namespace: starship
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: coreid
|
|
template:
|
|
metadata:
|
|
name: coreid
|
|
labels:
|
|
app: coreid
|
|
spec:
|
|
volumes:
|
|
- name: coreid-secrets-vol
|
|
secret:
|
|
secretName: coreid-secrets
|
|
optional: false
|
|
containers:
|
|
- name: coreid-web
|
|
image: ${DOCKER_REGISTRY}/starship/coreid
|
|
imagePullPolicy: Always
|
|
volumeMounts:
|
|
- mountPath: /secrets
|
|
readOnly: true
|
|
name: coreid-secrets-vol
|
|
env:
|
|
- name: APP_URL
|
|
value: "https://${COREID_DOMAIN}/"
|
|
- name: DATABASE_HOST
|
|
value: '${COREID_DATABASE_HOST}'
|
|
- name: DATABASE_NAME
|
|
value: '${COREID_DATABASE_NAME}'
|
|
- name: LDAP_BASE_DC
|
|
value: '${COREID_LDAP_BASE_DC}'
|
|
- name: REDIS_HOST
|
|
value: '${COREID_REDIS_HOST}'
|
|
- name: SMTP_HOST
|
|
value: '${COREID_SMTP_HOST}'
|
|
- name: SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SECRET
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: SMTP_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SMTP_USER
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: SMTP_DEFAULT_SENDER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SMTP_DEFAULT_SENDER
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: SMTP_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SMTP_PASS
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: REDIS_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: REDIS_PASS
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: APP_NAME
|
|
value: "Starship CoreID"
|
|
- name: SERVER_PORT
|
|
value: '8000'
|
|
- name: DATABASE_PORT
|
|
value: '27017'
|
|
- name: DATABASE_AUTH
|
|
value: 'false'
|
|
- name: ENVIRONMENT
|
|
value: production
|
|
- name: SSL_ENABLE
|
|
value: 'false'
|
|
- name: LDAP_SERVER_PORT
|
|
value: '636'
|
|
- name: LDAP_SSL_ENABLE
|
|
value: 'true'
|
|
- name: LDAP_CERT_PATH
|
|
value: '/secrets/X509_CERT'
|
|
- name: LDAP_CERT_KEY_PATH
|
|
value: '/secrets/X509_KEY'
|
|
- name: SAML_CERT_FILE
|
|
value: '/secrets/X509_CERT'
|
|
- name: SAML_KEY_FILE
|
|
value: '/secrets/X509_KEY'
|
|
- name: RADIUS_CERT_FILE
|
|
value: '/secrets/X509_CERT'
|
|
- name: RADIUS_KEY_FILE
|
|
value: '/secrets/X509_KEY'
|
|
- name: REDIS_PORT
|
|
value: '6379'
|
|
- name: SMTP_PORT
|
|
value: '587'
|
|
- name: OPENID_CONNECT_PROXY
|
|
value: 'true'
|
|
- name: SESSION_MAX_AGE
|
|
value: '1209600000'
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: coreid-jobs
|
|
namespace: starship
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: coreid-jobs
|
|
template:
|
|
metadata:
|
|
name: coreid
|
|
labels:
|
|
app: coreid-jobs
|
|
spec:
|
|
volumes:
|
|
- name: coreid-secrets-vol
|
|
secret:
|
|
secretName: coreid-secrets
|
|
optional: false
|
|
containers:
|
|
- name: coreid-job-worker
|
|
image: ${DOCKER_REGISTRY}/starship/coreid
|
|
imagePullPolicy: Always
|
|
command: ["node", "/app/flitter", "worker", "main"]
|
|
volumeMounts:
|
|
- mountPath: /secrets
|
|
readOnly: true
|
|
name: coreid-secrets-vol
|
|
env:
|
|
- name: APP_URL
|
|
value: "https://${COREID_DOMAIN}/"
|
|
- name: DATABASE_HOST
|
|
value: '${COREID_DATABASE_HOST}'
|
|
- name: DATABASE_NAME
|
|
value: '${COREID_DATABASE_NAME}'
|
|
- name: LDAP_BASE_DC
|
|
value: '${COREID_LDAP_BASE_DC}'
|
|
- name: REDIS_HOST
|
|
value: '${COREID_REDIS_HOST}'
|
|
- name: SMTP_HOST
|
|
value: '${COREID_SMTP_HOST}'
|
|
- name: SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SECRET
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: SMTP_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SMTP_USER
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: SMTP_DEFAULT_SENDER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SMTP_DEFAULT_SENDER
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: SMTP_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: SMTP_PASS
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: REDIS_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: REDIS_PASS
|
|
name: coreid-secrets
|
|
optional: false
|
|
- name: APP_NAME
|
|
value: "Starship CoreID"
|
|
- name: SERVER_PORT
|
|
value: '8000'
|
|
- name: DATABASE_PORT
|
|
value: '27017'
|
|
- name: DATABASE_AUTH
|
|
value: 'false'
|
|
- name: ENVIRONMENT
|
|
value: production
|
|
- name: SSL_ENABLE
|
|
value: 'false'
|
|
- name: LDAP_SERVER_PORT
|
|
value: '636'
|
|
- name: LDAP_SSL_ENABLE
|
|
value: 'true'
|
|
- name: LDAP_CERT_PATH
|
|
value: '/secrets/X509_CERT'
|
|
- name: LDAP_CERT_KEY_PATH
|
|
value: '/secrets/X509_KEY'
|
|
- name: SAML_CERT_FILE
|
|
value: '/secrets/X509_CERT'
|
|
- name: SAML_KEY_FILE
|
|
value: '/secrets/X509_KEY'
|
|
- name: RADIUS_CERT_FILE
|
|
value: '/secrets/X509_CERT'
|
|
- name: RADIUS_KEY_FILE
|
|
value: '/secrets/X509_KEY'
|
|
- name: REDIS_PORT
|
|
value: '6379'
|
|
- name: SMTP_PORT
|
|
value: '587'
|
|
- name: OPENID_CONNECT_PROXY
|
|
value: 'true'
|
|
- name: SESSION_MAX_AGE
|
|
value: '1209600000'
|