yonote
/
onprem-deploy
21
0
Fork 0
Code Pull Requests Releases Activity

clear-onprem #5

Closed
artem.drozdov wants to merge 14 commits from clear-onprem into main
pull from: clear-onprem
merge into: yonote:main
Conversation 0 Commits 14 Files Changed 20 +77 -10
4 changed files with 77 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 711d43f2ae - Show all commits

2
yonote-chart/values.yaml
View File

@ -659,7 +659,7 @@ minio:
hostname: 's3.onprem-test.stands.wilix.dev' hostname: 's3.onprem-test.stands.wilix.dev'
ingressClassName: traefik ingressClassName: traefik
path: '/' path: '/'
pathType: ImplementationSpecific pathType: Prefix
annotations: annotations:
kubernetes.io/ingress.class: traefik kubernetes.io/ingress.class: traefik
cert-manager.io/cluster-issuer: letsencrypt.rancher.wilix.dev cert-manager.io/cluster-issuer: letsencrypt.rancher.wilix.dev

7
yonote-keycloak-chart/secret-values.yaml
View File

@ -1,6 +1,11 @@
global:
postgresql:
auth:
password: "tT9BqYdNyd1"
keycloak: keycloak:
secrets: secrets:
secrets: secrets:
stringData: stringData:
KEYCLOAK_ADMIN_PASSWORD: "12345" KEYCLOAK_ADMIN_PASSWORD: "12345"
KC_DB_PASSWORD: "3fWAxP6ZYp" KC_DB_PASSWORD: "tT9BqYdNyd1"

55
yonote-keycloak-chart/traefik-forward-auth.yaml Normal file
View File

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: traefik-forward-auth
namespace: yonote-develop
labels:
app: traefik-forward-auth
spec:
replicas: 1
selector:
matchLabels:
app: traefik-forward-auth
strategy:
type: Recreate
revisionHistoryLimit: 10
progressDeadlineSeconds: 600
template:
metadata:
labels:
app: traefik-forward-auth
spec:
containers:
- name: traefik-forward-auth
image: thomseddon/traefik-forward-auth:2
ports:
- containerPort: 4181
protocol: TCP
env:
- name: DOMAIN
value: "wilix.org,wilix.dev"
- name: AUTH_HOST
value: "auth.yonote.develop.wilix.dev"
- name: INSECURE_COOKIE
value: "false"
- name: DEFAULT_PROVIDER
value: "oidc"
- name: PROVIDERS_OIDC_ISSUER_URL
value: "https://auth.yonote.develop.wilix.dev/realms/dev-forward-auth"
- name: PROVIDERS_OIDC_CLIENT_ID
value: "dev-forward-auth-client"
- name: PROVIDERS_OIDC_CLIENT_SECRET
value: "552xO2iJ70KiXU5laViGlEHavDjpSZ6X"
- name: SECRET
value: "0987654321"
- name: LOG_LEVEL
value: "debug"
imagePullPolicy: IfNotPresent
resources: {}
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
restartPolicy: Always
terminationGracePeriodSeconds: 60
dnsPolicy: ClusterFirst
securityContext: {}
schedulerName: default-scheduler

23
yonote-keycloak-chart/values.yaml
View File

@ -24,16 +24,17 @@ keycloak:
- /bin/sh - /bin/sh
- -c - -c
- | - |
"/opt/keycloak/bin/kc.sh" "start" "/opt/keycloak/bin/kc.sh" "start-dev"
configMaps: configMaps:
configs: configs:
data: data:
KEYCLOAK_PROFILE: dev
KEYCLOAK_ADMIN: root KEYCLOAK_ADMIN: root
KC_PROXY: edge KC_PROXY: edge
KC_HOSTNAME_STRICT: "false" KC_HOSTNAME_STRICT: "false"
KC_HOSTNAME_ADMIN: auth.example.com/admin KC_HOSTNAME_ADMIN: auth.onprem-test.stands.wilix.dev/admin
KC_HOSTNAME: auth.example.com KC_HOSTNAME: auth.onprem-test.stands.wilix.dev
KC_DB: postgres KC_DB: postgres
KC_DB_URL: jdbc:postgresql://yonote-keycloak-db:5432/keycloak KC_DB_URL: jdbc:postgresql://yonote-keycloak-db:5432/keycloak
KC_DB_URL_DATABASE: keycloak KC_DB_URL_DATABASE: keycloak
@ -72,11 +73,17 @@ keycloak:
ingress: ingress:
enabled: true enabled: true
ingressClassName: nginx hostname: 'auth.onprem-test.stands.wilix.dev'
pathType: ImplementationSpecific ingressClassName: traefik
hostname: auth.example.com path: '/'
path: / pathType: Prefix
tls: false annotations:
kubernetes.io/ingress.class: traefik
cert-manager.io/cluster-issuer: letsencrypt.rancher.wilix.dev
extraTls:
- hosts:
- "auth.onprem-test.stands.wilix.dev"
secretName: "auth.onprem-test.stands.wilix.dev"
livenessProbe: livenessProbe:
enabled: true enabled: true