diff options
Diffstat (limited to 'data.d/k3s-master/manifests.d/oolah/auth-system/lldap')
3 files changed, 139 insertions, 0 deletions
diff --git a/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/deployment.yaml b/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/deployment.yaml new file mode 100644 index 0000000..8952e69 --- /dev/null +++ b/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/deployment.yaml @@ -0,0 +1,54 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: lldap + namespace: auth-system + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system + strategy: + type: Recreate + template: + metadata: + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system + spec: + nodeName: "oolah.tyil.net" + containers: + - env: + - name: GID + value: "1001" + - name: TZ + value: Europe/Amsterdam + - name: UID + value: "1001" + image: nitnelave/lldap:stable + name: lldap + ports: + - containerPort: 3890 + - containerPort: 6360 + - containerPort: 17170 + volumeMounts: + - mountPath: /data + name: data + restartPolicy: Always + volumes: + - name: data + hostPath: + path: /etc/lldap + type: DirectoryOrCreate +... diff --git a/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/ingress.yaml b/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/ingress.yaml new file mode 100644 index 0000000..cc82eec --- /dev/null +++ b/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/ingress.yaml @@ -0,0 +1,32 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: lldap + namespace: auth-system + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system + annotations: + cert-manager.io/cluster-issuer: "letsencrypt-production" + traefik.ingress.kubernetes.io/router.middlewares: kube-system-redirect-https@kubernetescrd +spec: + ingressClassName: traefik + tls: + - hosts: + - ldap.tyil.nl + secretName: tls-nl.tyil.ldap + rules: + - host: ldap.tyil.nl + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: lldap-http-service + port: + number: 17170 +... diff --git a/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/service.yaml b/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/service.yaml new file mode 100644 index 0000000..1520b3c --- /dev/null +++ b/data.d/k3s-master/manifests.d/oolah/auth-system/lldap/service.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: lldap-http-service + namespace: auth-system + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system + ports: + - name: http + port: 17170 + targetPort: 17170 +... +--- +apiVersion: v1 +kind: Service +metadata: + # This port may _not_ be named "lldap_ldap", as the application itself wants + # to use LLDAP_LDAP_PORT, which Kubernetes will override with a value the + # application can't handle. + name: lldap-ldap-service + namespace: auth-system + labels: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system +spec: + selector: + app.kubernetes.io/created-by: tyil + app.kubernetes.io/managed-by: manual + app.kubernetes.io/name: lldap + app.kubernetes.io/part-of: auth-system + type: NodePort + ports: + - name: ldap + port: 3890 + targetPort: 3890 + nodePort: 3890 + - name: ldaps + port: 6360 + targetPort: 6360 + nodePort: 6360 +... |