| .. | ||
| 0-namespace.yaml | ||
| 1-deployment.yaml | ||
| 2-service.yaml | ||
| 3-certificate.yaml | ||
| 4-ingress.yaml | ||
| README.md | ||
This deployment is parameterized for use with envsubst(1).
You will need to set up the secret values and environment variables (see below).
bash -c 'for f in *.yaml; do envsubst < $f | kubectl apply -f -; done'
Supported environment variables
Set these environment variables in your shell before running the above command to apply the Kubernetes spec.
COREID_DOMAIN- domain name where CoreID is accessed (e.g.coreid.mydomain.com)DOCKER_REGISTRY- host of the docker registry to pull the image from (e.g.registry.mydomain.com)- this is the same registry that is used by
yarn docker:buildandyarn docker:push
- this is the same registry that is used by
COREID_DATABASE_HOST- MongoDB host (e.g.mongo.mylan.net)COREID_DATABASE_NAME- MongoDB database name to use (e.g.coreid_p1)COREID_LDAP_BASE_DC- base DC to use for LDAP tree (e.g.dc=platform,dc=local)COREID_REDIS_HOST- Redis host (e.g.redis.mylan.net)COREID_SMTP_HOST- SMTP server host (e.g.smtp.mymail.com)
Secret values
The spec expects there to be a coreid-secrets secret in the starship namespace with the following values:
SECRET- hash seed used by CoreID (e.g.df8db5a2-429b-4597-a013-18efee2465e0)SMTP_USER- username used to log-into SMTP server (e.g.user@mymail.com)SMTP_DEFAULT_SENDER- email to use as FROM address. Usually same asSMTP_USER(e.g.user@mymail.com)SMTP_PASS- password forSMTP_USERREDIS_PASS- password for the Redis serviceX509_CERT- contents of the x509 certificate to be used for SAML/LDAP/RADIUSX509_KEY- contents of the x509 certificate key to be used for SAML/LDAP/RADIUS