Kubernetes.K3s.installLog/services/Authelia/deploy-Authelia.yml

143 lines
2.9 KiB
YAML

apiVersion: apps/v1
kind: Deployment
metadata:
name: authelia
labels:
app: authelia
spec:
replicas: 1
selector:
matchLabels:
app: authelia
template:
metadata:
labels:
app: authelia
spec:
containers:
- name: authelia
image: authelia/authelia
env:
- name: TZ
value: Europe/Amsterdam
ports:
- name: web
containerPort: 9091
volumeMounts:
- name: flexvolsmb-authelia-conf
mountPath: /config
- name: redis
image: redis:alpine
args:
- redis-server
- --requirepass authelia
- --appendonly yes
ports:
- name: redis
containerPort: 6379
volumeMounts:
- name: flexvolsmb-authelia-redis
mountPath: /data
volumes:
- name: flexvolsmb-authelia-conf
persistentVolumeClaim:
claimName: flexvolsmb-authelia-conf
- name: flexvolsmb-authelia-redis
persistentVolumeClaim:
claimName: flexvolsmb-authelia-redis
---
apiVersion: v1
kind: Service
metadata:
name: authelia
spec:
ports:
- protocol: TCP
name: web
port: 9091
- protocol: TCP
name: redis
port: 6379
selector:
app: authelia
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: authelia
spec:
entryPoints:
- websecure
routes:
- match: Host(`auth.spamasaurus.com`)
kind: Rule
services:
- name: authelia
port: 9091
middlewares:
- name: security-headers@file
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-authelia-conf
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-authelia-conf
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0600,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/authelia/conf
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-authelia-conf
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-authelia-conf
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-authelia-redis
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-authelia-redis
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=1000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/authelia/redis
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-authelia-redis
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-authelia-redis
resources:
requests:
storage: 1Gi