summaryrefslogtreecommitdiff
path: root/data.d/k3s-master/manifests.d/auth-system/lldap
diff options
context:
space:
mode:
Diffstat (limited to 'data.d/k3s-master/manifests.d/auth-system/lldap')
-rw-r--r--data.d/k3s-master/manifests.d/auth-system/lldap/deployment.yaml65
-rw-r--r--data.d/k3s-master/manifests.d/auth-system/lldap/ingress.yaml31
-rw-r--r--data.d/k3s-master/manifests.d/auth-system/lldap/pvc.yaml15
-rw-r--r--data.d/k3s-master/manifests.d/auth-system/lldap/service.yaml52
4 files changed, 163 insertions, 0 deletions
diff --git a/data.d/k3s-master/manifests.d/auth-system/lldap/deployment.yaml b/data.d/k3s-master/manifests.d/auth-system/lldap/deployment.yaml
new file mode 100644
index 0000000..6eeccc0
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/auth-system/lldap/deployment.yaml
@@ -0,0 +1,65 @@
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: lldap
+ namespace: auth-system
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+ strategy:
+ type: Recreate
+ template:
+ metadata:
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+ spec:
+ containers:
+ - env:
+ - name: GID
+ value: "1001"
+ - name: TZ
+ value: Europe/Amsterdam
+ - name: UID
+ value: "1001"
+ image: nitnelave/lldap:latest
+ name: lldap
+ ports:
+ - name: ldap
+ containerPort: 3890
+ - name: ldaps
+ containerPort: 6360
+ - name: http
+ containerPort: 8080
+ volumeMounts:
+ - mountPath: /data
+ name: data
+ - mountPath: /etc/tls
+ name: tls
+ resources:
+ requests:
+ memory: 32Mi
+ limits:
+ memory: 128Mi
+ restartPolicy: Always
+ volumes:
+ - name: data
+ persistentVolumeClaim:
+ claimName: lldap
+ - name: tls
+ secret:
+ secretName: tls-nl.tyil.lldap
+...
diff --git a/data.d/k3s-master/manifests.d/auth-system/lldap/ingress.yaml b/data.d/k3s-master/manifests.d/auth-system/lldap/ingress.yaml
new file mode 100644
index 0000000..95b63bb
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/auth-system/lldap/ingress.yaml
@@ -0,0 +1,31 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: lldap
+ namespace: auth-system
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+ annotations:
+ cert-manager.io/cluster-issuer: "letsencrypt"
+spec:
+ ingressClassName: nginx
+ tls:
+ - hosts:
+ - lldap.tyil.nl
+ secretName: tls-nl.tyil.lldap
+ rules:
+ - host: lldap.tyil.nl
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: lldap
+ port:
+ number: 80
+...
diff --git a/data.d/k3s-master/manifests.d/auth-system/lldap/pvc.yaml b/data.d/k3s-master/manifests.d/auth-system/lldap/pvc.yaml
new file mode 100644
index 0000000..666a465
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/auth-system/lldap/pvc.yaml
@@ -0,0 +1,15 @@
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+ name: lldap
+ namespace: auth-system
+spec:
+ storageClassName: seaweedfs
+ volumeName: etc-lldap
+ accessModes:
+ - ReadWriteMany
+ resources:
+ requests:
+ storage: 1Gi
+...
diff --git a/data.d/k3s-master/manifests.d/auth-system/lldap/service.yaml b/data.d/k3s-master/manifests.d/auth-system/lldap/service.yaml
new file mode 100644
index 0000000..6539352
--- /dev/null
+++ b/data.d/k3s-master/manifests.d/auth-system/lldap/service.yaml
@@ -0,0 +1,52 @@
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: lldap
+ namespace: auth-system
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+spec:
+ ipFamilyPolicy: PreferDualStack
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+ ports:
+ - name: http
+ port: 80
+ targetPort: 8080
+...
+---
+apiVersion: v1
+kind: Service
+metadata:
+ # This port may _not_ be named "lldap_ldap", as the application itself wants
+ # to use LLDAP_LDAP_PORT, which Kubernetes will override with a value the
+ # application can't handle.
+ name: ldap
+ namespace: auth-system
+ labels:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+spec:
+ ipFamilyPolicy: PreferDualStack
+ selector:
+ app.kubernetes.io/created-by: tyil
+ app.kubernetes.io/managed-by: manual
+ app.kubernetes.io/name: lldap
+ app.kubernetes.io/part-of: auth-system
+ ports:
+ - name: ldap
+ port: 389
+ targetPort: 3890
+ - name: ldaps
+ port: 636
+ targetPort: 6360
+...
generated by cgit v1.1 at 2024-07-04 23:30:30 +0000