Skip to content
Snippets Groups Projects
Normal view History Permalink
app.yml 3.83 KiB
Newer Older
Pierre Ozoux's avatar
Fixes name.
Pierre Ozoux committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 
apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/component: app
    app.kubernetes.io/instance: ${FQDN}
    app.kubernetes.io/name: hedgedoc 
    app.kubernetes.io/part-of: hedgedoc 
  name: ${FQDN}-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/component: app
      app.kubernetes.io/instance: ${FQDN}
      app.kubernetes.io/name: hedgedoc 
      app.kubernetes.io/part-of: hedgedoc 
  template:
    metadata:
      labels:
        app.kubernetes.io/component: app
        app.kubernetes.io/instance: ${FQDN}
        app.kubernetes.io/name: hedgedoc 
        app.kubernetes.io/part-of: hedgedoc 
    spec:
      volumes:
      containers:
      - env:
        - name: CMD_DB_URL
          valueFrom:
            secretKeyRef:
              key: postgresql-url
              name: ${FQDN}
        - name: CMD_SESSION_SECRET
          valueFrom:
            secretKeyRef:
              key: session
              name: ${FQDN}
        - name: CMD_MINIO_ACCESS_KEY
          valueFrom:
            secretKeyRef:
              key: AWS_ACCESS_KEY_ID
              name: ${FQDN}-s3
        - name: CMD_MINIO_SECRET_KEY
          valueFrom:
            secretKeyRef:
              key: AWS_SECRET_ACCESS_KEY
              name: ${FQDN}-s3
{{if .ConfigureOAuth}}
        - name: CMD_OAUTH2_CLIENT_ID
          valueFrom:
            secretKeyRef:
              key: client-id 
              name: ${FQDN}-oidc
        - name: CMD_OAUTH2_CLIENT_SECRET
          valueFrom:
            secretKeyRef:
              key: client-secret
              name: ${FQDN}-oidc
{{end}}
        envFrom:
        - configMapRef:
            name: ${FQDN}-config
        image: indiehosters/codimd:1.6.0
        imagePullPolicy: IfNotPresent
        name: hedgedoc
        ports:
        - containerPort: 3000
          name: http
          protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/component: app
    app.kubernetes.io/instance: ${FQDN}
    app.kubernetes.io/name: hedgedoc 
    app.kubernetes.io/part-of: hedgedoc 
  name: ${FQDN}-app
  namespace: ${DOMAIN}
spec:
  ports:
  - name: http
    port: 3000
    protocol: TCP
    targetPort: http
  selector:
    app.kubernetes.io/component: app
    app.kubernetes.io/instance: ${FQDN}
    app.kubernetes.io/name: hedgedoc 
    app.kubernetes.io/part-of: hedgedoc 
  type: ClusterIP
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/tls-acme: "true"
  labels:
    app.kubernetes.io/component: app
    app.kubernetes.io/instance: ${FQDN}
    app.kubernetes.io/name: hedgedoc 
    app.kubernetes.io/part-of: hedgedoc 
  name: ${FQDN}-app
  namespace: ${DOMAIN}
spec:
  rules:
  - host: ${FQDN_DOTS} 
    http:
      paths:
      - backend:
          serviceName: ${FQDN}-app
          servicePort: http
        path: /
  tls:
  - hosts:
    - ${FQDN_DOTS}
    secretName: ${FQDN}-tls
---
kind: ConfigMap
metadata:
  name: ${FQDN}-config
apiVersion: v1
data:
{{ if .ConfigureOAuth }}
  CMD_OAUTH2_USER_PROFILE_URL: https://id.indie.host/auth/realms/${DOMAIN}/protocol/openid-connect/userinfo
  CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR: preferred_username
  CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR: name
  CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR: email
  CMD_OAUTH2_TOKEN_URL: https://id.indie.host/auth/realms/${DOMAIN}/protocol/openid-connect/token
  CMD_OAUTH2_AUTHORIZATION_URL: https://id.indie.host/auth/realms/${DOMAIN}/protocol/openid-connect/auth
  CMD_OAUTH2_PROVIDERNAME: Liiibre
Pierre Ozoux's avatar
Fixes string.  
Pierre Ozoux committed
134 
  CMD_EMAIL: "false"
Pierre Ozoux's avatar
Fixes name.
Pierre Ozoux committed
135 136 137 138 139 140 141 142 143 144 145 146 147 
{{ end }}
  CMD_IMAGE_UPLOAD_TYPE: minio
  CMD_S3_REGION: default
  CMD_S3_BUCKET: ${FQDN}
  CMD_MINIO_ENDPOINT: "s3.standard.indie.host"
  CMD_PROTOCOL_USESSL: "true"
  CMD_URL_ADDPORT: "false"
  CMD_ALLOW_FREEURL: "true"
  CMD_MINIO_PORT: "443"
  CMD_MINIO_SECURE: "true"
  CMD_USECDN: "false"
  CMD_DOMAIN: ${FQDN_DOTS}
  DB_TYPE: postgres