lldap: add new service for LDAP
This commit is contained in:
62
kubernetes/lldap-helm-chart/templates/_helpers.tpl
Normal file
62
kubernetes/lldap-helm-chart/templates/_helpers.tpl
Normal file
@ -0,0 +1,62 @@
|
||||
{{/*
|
||||
Expand the name of the chart.
|
||||
*/}}
|
||||
{{- define "lldap-chart.name" -}}
|
||||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create a default fully qualified app name.
|
||||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
|
||||
If release name contains chart name it will be used as a full name.
|
||||
*/}}
|
||||
{{- define "lldap-chart.fullname" -}}
|
||||
{{- if .Values.fullnameOverride }}
|
||||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- $name := default .Chart.Name .Values.nameOverride }}
|
||||
{{- if contains $name .Release.Name }}
|
||||
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
|
||||
{{- else }}
|
||||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create chart name and version as used by the chart label.
|
||||
*/}}
|
||||
{{- define "lldap-chart.chart" -}}
|
||||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Common labels
|
||||
*/}}
|
||||
{{- define "lldap-chart.labels" -}}
|
||||
helm.sh/chart: {{ include "lldap-chart.chart" . }}
|
||||
{{ include "lldap-chart.selectorLabels" . }}
|
||||
{{- if .Chart.AppVersion }}
|
||||
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
|
||||
{{- end }}
|
||||
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Selector labels
|
||||
*/}}
|
||||
{{- define "lldap-chart.selectorLabels" -}}
|
||||
app.kubernetes.io/name: {{ include "lldap-chart.name" . }}
|
||||
app.kubernetes.io/instance: {{ .Release.Name }}
|
||||
{{- end }}
|
||||
|
||||
{{/*
|
||||
Create the name of the service account to use
|
||||
*/}}
|
||||
{{- define "lldap-chart.serviceAccountName" -}}
|
||||
{{- if .Values.serviceAccount.create }}
|
||||
{{- default (include "lldap-chart.fullname" .) .Values.serviceAccount.name }}
|
||||
{{- else }}
|
||||
{{- default "default" .Values.serviceAccount.name }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
99
kubernetes/lldap-helm-chart/templates/deployment.yaml
Normal file
99
kubernetes/lldap-helm-chart/templates/deployment.yaml
Normal file
@ -0,0 +1,99 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: lldap
|
||||
namespace: {{ .Values.namespace }}
|
||||
labels:
|
||||
app: lldap
|
||||
annotations:
|
||||
spec:
|
||||
replicas: {{ .Values.replicaCount }}
|
||||
selector:
|
||||
matchLabels:
|
||||
app: lldap
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: lldap
|
||||
annotations:
|
||||
spec:
|
||||
containers:
|
||||
- name: lldap
|
||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||
|
||||
{{- with .Values.resources }}
|
||||
resources:
|
||||
{{- toYaml . | nindent 12 }}
|
||||
{{- end }}
|
||||
|
||||
env:
|
||||
- name: GID
|
||||
value: "{{ .Values.env.GID }}"
|
||||
- name: LLDAP_JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.secret.name }}
|
||||
key: lldap-jwt-secret
|
||||
- name: LLDAP_LDAP_BASE_DN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.secret.name }}
|
||||
key: base-dn
|
||||
- name: LLDAP_LDAP_USER_DN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.secret.name }}
|
||||
key: lldap-ldap-user-name
|
||||
- name: LLDAP_LDAP_USER_PASS
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ .Values.secret.name }}
|
||||
key: lldap-ldap-user-pass
|
||||
- name: TZ
|
||||
value: "{{ .Values.env.TZ }}"
|
||||
- name: UID
|
||||
value: "{{ .Values.env.UID }}"
|
||||
{{- if .Values.extraEnv}}
|
||||
{{- toYaml .Values.extraEnv | nindent 12}}
|
||||
{{- end }}
|
||||
ports:
|
||||
- containerPort: 3890
|
||||
- containerPort: 6360
|
||||
- containerPort: 17170
|
||||
volumeMounts:
|
||||
{{- if .Values.persistence.enabled }}
|
||||
- mountPath: /data
|
||||
name: lldap-data
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.extraVolumeMounts}}
|
||||
{{- toYaml .Values.extraVolumeMounts | nindent 12}}
|
||||
{{- end }}
|
||||
volumes:
|
||||
{{- if .Values.persistence.enabled}}
|
||||
- name: lldap-data
|
||||
persistentVolumeClaim:
|
||||
claimName: lldap-data
|
||||
{{- end }}
|
||||
|
||||
{{- if .Values.extraVolumes}}
|
||||
{{- toYaml .Values.extraVolumes | nindent 8}}
|
||||
{{- end }}
|
||||
|
||||
{{- with .Values.nodeSelector }}
|
||||
nodeSelector:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
||||
{{- with .Values.tolerations }}
|
||||
tolerations:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
|
||||
{{- with .Values.affinity }}
|
||||
affinity:
|
||||
{{- toYaml . | nindent 8 }}
|
||||
{{- end }}
|
||||
38
kubernetes/lldap-helm-chart/templates/ingress.yaml
Normal file
38
kubernetes/lldap-helm-chart/templates/ingress.yaml
Normal file
@ -0,0 +1,38 @@
|
||||
{{- if .Values.ingress.enabled -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: {{ .Values.ingress.name | quote }}
|
||||
namespace: {{ .Values.namespace | quote }}
|
||||
{{- with .Values.ingress.annotations }}
|
||||
annotations:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- with .Values.ingress.labels }}
|
||||
labels:
|
||||
{{- toYaml . | nindent 4 }}
|
||||
{{- end }}
|
||||
spec:
|
||||
ingressClassName: {{ .Values.ingress.ingressClassName | quote }}
|
||||
rules:
|
||||
- host: {{ .Values.ingress.hosts.host | quote }}
|
||||
http:
|
||||
paths:
|
||||
- path: {{ .Values.ingress.hosts.paths.path | quote }}
|
||||
pathType: {{ .Values.ingress.hosts.paths.pathType | default "Prefix" | quote }}
|
||||
backend:
|
||||
service:
|
||||
name: {{ $.Values.service.webui.name | quote }}
|
||||
port:
|
||||
number: {{ $.Values.service.webui.ports.port | default 17170 }}
|
||||
{{- if .Values.ingress.tls }}
|
||||
tls:
|
||||
{{- range .Values.ingress.tls }}
|
||||
- hosts:
|
||||
{{- range .hosts }}
|
||||
- {{ . | quote }}
|
||||
{{- end }}
|
||||
secretName: {{ .secretName | quote }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
40
kubernetes/lldap-helm-chart/templates/pvc.yaml
Normal file
40
kubernetes/lldap-helm-chart/templates/pvc.yaml
Normal file
@ -0,0 +1,40 @@
|
||||
{{- if .Values.persistence.enabled }}
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: lldap-data
|
||||
namespace: {{ .Values.namespace }}
|
||||
labels:
|
||||
app: lldap
|
||||
spec:
|
||||
{{- if .Values.persistence.storageClassName }}
|
||||
storageClassName: {{ .Values.persistence.storageClassName }}
|
||||
{{- end }}
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode }}
|
||||
resources:
|
||||
requests:
|
||||
storage: {{ .Values.persistence.storageSize }}
|
||||
{{- end }}
|
||||
{{- if and .Values.persistence.enabled .Values.persistence.manualProvision }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: lldap-data-pv
|
||||
namespace: {{ .Values.namespace }}
|
||||
labels:
|
||||
app: lldap
|
||||
spec:
|
||||
capacity:
|
||||
storage: {{ .Values.persistence.storageSize }}
|
||||
accessModes:
|
||||
- {{ .Values.persistence.accessMode }}
|
||||
{{- if .Values.persistence.storageClassName }}
|
||||
storageClassName: {{ .Values.persistence.storageClassName }}
|
||||
{{- end }}
|
||||
{{- if .Values.persistence.localPath }}
|
||||
hostPath:
|
||||
path: {{ .Values.persistence.localPath }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
13
kubernetes/lldap-helm-chart/templates/secret.yaml
Normal file
13
kubernetes/lldap-helm-chart/templates/secret.yaml
Normal file
@ -0,0 +1,13 @@
|
||||
{{- if .Values.secret.create }}
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: {{ .Values.secret.name }}
|
||||
namespace: {{ .Values.namespace }}
|
||||
type: Opaque
|
||||
data:
|
||||
lldap-jwt-secret: {{ .Values.secret.lldapJwtSecret | b64enc }}
|
||||
lldap-ldap-user-name: {{ .Values.secret.lldapUserName | b64enc }}
|
||||
lldap-ldap-user-pass: {{ .Values.secret.lldapUserPass | b64enc }}
|
||||
base-dn: {{ .Values.secret.lldapBaseDn | b64enc }}
|
||||
{{- end }}
|
||||
33
kubernetes/lldap-helm-chart/templates/service.yaml
Normal file
33
kubernetes/lldap-helm-chart/templates/service.yaml
Normal file
@ -0,0 +1,33 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Values.service.webui.name }}
|
||||
namespace: {{ .Values.namespace }}
|
||||
labels:
|
||||
app: lldap
|
||||
spec:
|
||||
type: {{ .Values.service.webui.type }}
|
||||
ports:
|
||||
- name: {{ .Values.service.webui.ports.name | quote }}
|
||||
port: {{ .Values.service.webui.ports.port }}
|
||||
targetPort: {{ .Values.service.webui.ports.targetPort }}
|
||||
selector:
|
||||
app: lldap
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: {{ .Values.service.ldap.name }}
|
||||
annotations:
|
||||
external-dns.alpha.kubernetes.io/hostname: lldap.tahmidcloud.com
|
||||
namespace: {{ .Values.namespace }}
|
||||
labels:
|
||||
app: lldap
|
||||
spec:
|
||||
type: {{ .Values.service.ldap.type }}
|
||||
ports:
|
||||
- name: {{ .Values.service.ldap.ports.name | quote }}
|
||||
port: {{ .Values.service.ldap.ports.port }}
|
||||
targetPort: {{ .Values.service.ldap.ports.targetPort }}
|
||||
selector:
|
||||
app: lldap
|
||||
Reference in New Issue
Block a user