This commit is contained in:
parent
ee08fd47b5
commit
572b7df74c
@ -3,12 +3,6 @@ platform:
|
||||
k3s:
|
||||
version: v1.26.3+k3s1
|
||||
|
||||
# gitops:
|
||||
# repository:
|
||||
# uri: https://code.spamasaurus.com/djpbessems/GitOps.MetaCluster.git
|
||||
# # revision: v0.1.0
|
||||
# revision: HEAD
|
||||
|
||||
packaged_components:
|
||||
- name: traefik
|
||||
namespace: kube-system
|
||||
@ -39,8 +33,10 @@ platform:
|
||||
helm_repositories:
|
||||
- name: argo
|
||||
url: https://argoproj.github.io/argo-helm
|
||||
- name: codecentric
|
||||
url: https://codecentric.github.io/helm-charts
|
||||
- name: authentik
|
||||
url: https://charts.goauthentik.io
|
||||
# - name: codecentric
|
||||
# url: https://codecentric.github.io/helm-charts
|
||||
# - name: dex
|
||||
# url: https://charts.dexidp.io
|
||||
- name: gitea-charts
|
||||
@ -75,6 +71,29 @@ components:
|
||||
hosts:
|
||||
- gitops.{{ vapp['metacluster.fqdn'] }}
|
||||
|
||||
authentik:
|
||||
helm:
|
||||
version: 2023.3.1
|
||||
chart: authentik/authentik
|
||||
parse_logic: helm template . --set postgresql.enabled=true,redis.enabled=true | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
chart_values: !unsafe |
|
||||
authentik:
|
||||
secret_key: {{ lookup('ansible.builtin.password', '/dev/null length=64 chars=ascii_lowercase,digits seed=' ~ vapp['guestinfo.hostname']) }}
|
||||
postgresql:
|
||||
password: {{ lookup('ansible.builtin.password', '/dev/null length=32 chars=ascii_lowercase,digits seed=' ~ vapp['guestinfo.hostname']) }}
|
||||
ingress:
|
||||
enabled: true
|
||||
hosts:
|
||||
- host: auth.{{ vapp['metacluster.fqdn'] }}
|
||||
paths:
|
||||
- path: "/"
|
||||
pathType: Prefix
|
||||
postgresql:
|
||||
enabled: true
|
||||
postgresqlPassword: {{ lookup('ansible.builtin.password', '/dev/null length=32 chars=ascii_lowercase,digits seed=' ~ vapp['guestinfo.hostname']) }}
|
||||
redis:
|
||||
enabled: true
|
||||
|
||||
cert-manager:
|
||||
helm:
|
||||
version: 1.11.0
|
||||
@ -203,37 +222,37 @@ components:
|
||||
registry:
|
||||
size: 25Gi
|
||||
|
||||
keycloakx:
|
||||
helm:
|
||||
version: 2.1.1 # (= Keycloak 20.0.3)
|
||||
chart: codecentric/keycloakx
|
||||
parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
chart_values: !unsafe |
|
||||
command:
|
||||
- "/opt/keycloak/bin/kc.sh"
|
||||
- "start"
|
||||
- "--http-enabled=true"
|
||||
- "--http-port=8080"
|
||||
- "--hostname-strict=false"
|
||||
- "--hostname-strict-https=false"
|
||||
extraEnv: |
|
||||
- name: KEYCLOAK_ADMIN
|
||||
value: admin
|
||||
- name: KEYCLOAK_ADMIN_PASSWORD
|
||||
value: {{ vapp['metacluster.password'] }}
|
||||
- name: KC_PROXY
|
||||
value: "passthrough"
|
||||
- name: JAVA_OPTS_APPEND
|
||||
value: >-
|
||||
-Djgroups.dns.query={% raw %}{{ include "keycloak.fullname" . }}{% endraw %}-headless
|
||||
ingress:
|
||||
enabled: true
|
||||
rules:
|
||||
- host: keycloak.{{ vapp['metacluster.fqdn'] }}
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls: []
|
||||
# keycloakx:
|
||||
# helm:
|
||||
# version: 2.1.1 # (= Keycloak 20.0.3)
|
||||
# chart: codecentric/keycloakx
|
||||
# parse_logic: helm template . | yq --no-doc eval '.. | .image? | select(.)' | sort -u | awk '!/ /'
|
||||
# chart_values: !unsafe |
|
||||
# command:
|
||||
# - "/opt/keycloak/bin/kc.sh"
|
||||
# - "start"
|
||||
# - "--http-enabled=true"
|
||||
# - "--http-port=8080"
|
||||
# - "--hostname-strict=false"
|
||||
# - "--hostname-strict-https=false"
|
||||
# extraEnv: |
|
||||
# - name: KEYCLOAK_ADMIN
|
||||
# value: admin
|
||||
# - name: KEYCLOAK_ADMIN_PASSWORD
|
||||
# value: {{ vapp['metacluster.password'] }}
|
||||
# - name: KC_PROXY
|
||||
# value: "passthrough"
|
||||
# - name: JAVA_OPTS_APPEND
|
||||
# value: >-
|
||||
# -Djgroups.dns.query={% raw %}{{ include "keycloak.fullname" . }}{% endraw %}-headless
|
||||
# ingress:
|
||||
# enabled: true
|
||||
# rules:
|
||||
# - host: keycloak.{{ vapp['metacluster.fqdn'] }}
|
||||
# paths:
|
||||
# - path: /
|
||||
# pathType: Prefix
|
||||
# tls: []
|
||||
|
||||
kube-prometheus-stack:
|
||||
helm:
|
||||
|
Loading…
Reference in New Issue
Block a user