fixed secret encoding & labels
This commit is contained in:
parent
456f17562b
commit
b4932f3a85
7 changed files with 48 additions and 50 deletions
|
@ -3,7 +3,7 @@ kind: Secret
|
|||
metadata:
|
||||
name: backup-secret
|
||||
type: Opaque
|
||||
stringData:
|
||||
aws-access-key-id: aws-access-key-id
|
||||
aws-secret-access-key: aws-secret-access-key
|
||||
restic-password: restic-password
|
||||
data:
|
||||
aws-access-key-id: "aws-access-key-id"
|
||||
aws-secret-access-key: "aws-secret-access-key"
|
||||
restic-password: "restic-password"
|
|
@ -1,67 +1,61 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: cloud
|
||||
name: cloud-deployment
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cloud
|
||||
app.kubernetes.io/name: cloud-pod
|
||||
app.kubernetes.io/application: cloud
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: cloud
|
||||
app.kubernetes.io/name: cloud-pod
|
||||
app.kubernetes.io/application: cloud
|
||||
redeploy: v3
|
||||
spec:
|
||||
containers:
|
||||
- image: domaindrivenarchitecture/c4k-cloud-app
|
||||
- image: domaindrivenarchitecture/c4k-cloud
|
||||
name: cloud-app
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
env:
|
||||
- name: NEXTCLOUD_ADMIN_USER_FILE
|
||||
value: /var/run/secrets/cloud-secrets/nextcloud-admin-user
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD_FILE
|
||||
value: /var/run/secrets/cloud-secrets/nextcloud-admin-password
|
||||
- name: NEXTCLOUD_ADMIN_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: cloud-secret
|
||||
key: nextcloud-admin-user
|
||||
- name: NEXTCLOUD_ADMIN_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: cloud-secret
|
||||
key: nextcloud-admin-password
|
||||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: fqdn
|
||||
- name: POSTGRES_USER_FILE
|
||||
value: /var/run/secrets/postgres-secret/postgres-user
|
||||
- name: POSTGRES_PASSWORD_FILE
|
||||
value: /var/run/secrets/postgres-secret/postgres-password
|
||||
- name: POSTGRES_DB_FILE
|
||||
value: /var/run/configs/postgres-config/postgres-db
|
||||
- name: POSTGRES_USER
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-user
|
||||
- name: POSTGRES_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-secret
|
||||
key: postgres-password
|
||||
- name: POSTGRES_DB
|
||||
valueFrom:
|
||||
configMapKeyRef:
|
||||
name: postgres-config
|
||||
key: postgres-db
|
||||
- name: POSTGRES_HOST
|
||||
value: "postgresql-service:5432"
|
||||
volumeMounts:
|
||||
- name: cloud-data-volume
|
||||
mountPath: /var/www/html
|
||||
- name: cloud-secret-volume
|
||||
mountPath: /var/run/secrets/cloud-secrets
|
||||
readOnly: true
|
||||
- name: postgres-secret-volume
|
||||
mountPath: /var/run/secrets/postgres-secret
|
||||
readOnly: true
|
||||
- name: postgres-config-volume
|
||||
mountPath: /var/run/configs/postgres-config
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: cloud-data-volume
|
||||
persistentVolumeClaim:
|
||||
claimName: cloud-pvc
|
||||
- name: cloud-secret-volume
|
||||
secret:
|
||||
secretName: cloud-secret
|
||||
- name: postgres-secret-volume
|
||||
secret:
|
||||
secretName: postgres-secret
|
||||
- name: postgres-config-volume
|
||||
configMap:
|
||||
name: postgres-config
|
||||
items:
|
||||
- key: postgres-db
|
||||
path: postgres-db
|
||||
- name: backup-secret-volume
|
||||
secret:
|
||||
secretName: backup-secret
|
||||
|
|
|
@ -4,7 +4,7 @@ metadata:
|
|||
name: cloud-pv-volume
|
||||
labels:
|
||||
type: local
|
||||
app: cloud
|
||||
app.kubernetes.io/application: cloud
|
||||
spec:
|
||||
storageClassName: manual
|
||||
accessModes:
|
||||
|
|
|
@ -3,7 +3,7 @@ kind: PersistentVolumeClaim
|
|||
metadata:
|
||||
name: cloud-pvc
|
||||
labels:
|
||||
app: cloud
|
||||
app.kubernetes.io/application: cloud
|
||||
spec:
|
||||
storageClassName: manual
|
||||
accessModes:
|
||||
|
@ -13,4 +13,4 @@ spec:
|
|||
storage: 200Gi
|
||||
selector:
|
||||
matchLabels:
|
||||
app: cloud
|
||||
app.kubernetes.io/application: cloud
|
||||
|
|
|
@ -3,6 +3,6 @@ kind: Secret
|
|||
metadata:
|
||||
name: cloud-secret
|
||||
type: Opaque
|
||||
stringData:
|
||||
nextcloud-admin-user: admin-user
|
||||
nextcloud-admin-password: admin-password
|
||||
data:
|
||||
nextcloud-admin-user: "admin-user"
|
||||
nextcloud-admin-password: "admin-password"
|
||||
|
|
|
@ -2,8 +2,12 @@ apiVersion: v1
|
|||
kind: Service
|
||||
metadata:
|
||||
name: cloud-service
|
||||
labels:
|
||||
app.kubernetes.io/name: cloud-service
|
||||
app.kubernetes.io/application: cloud
|
||||
spec:
|
||||
selector:
|
||||
app.kubernetes.io/name: cloud
|
||||
app.kubernetes.io/name: cloud-pod
|
||||
app.kubernetes.io/application: cloud
|
||||
ports:
|
||||
- port: 80
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{:fqdn "cloud-neu.prod.meissa-gmbh.de"
|
||||
{:fqdn "cloud.test.meissa-gmbh.de"
|
||||
:issuer :staging
|
||||
:nextcloud-data-volume-path "/var/cloud"
|
||||
:postgres-data-volume-path "/var/postgres"
|
||||
|
|
Loading…
Reference in a new issue