Misc. changes
This commit is contained in:
parent
055c92f3f7
commit
92a024d744
@ -1,5 +1,14 @@
|
|||||||
---
|
---
|
||||||
# tasks file for grafana-matrix-forwarder
|
# tasks file for grafana-matrix-forwarder
|
||||||
|
- name: Create Grafana Matrix Forwarder namespace
|
||||||
|
k8s:
|
||||||
|
state: present
|
||||||
|
definition:
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Namespace
|
||||||
|
metadata:
|
||||||
|
name: grafana-matrix-forwarder
|
||||||
|
|
||||||
- name: Create a Deployment for Grafana Matrix Forwarder
|
- name: Create a Deployment for Grafana Matrix Forwarder
|
||||||
k8s:
|
k8s:
|
||||||
definition:
|
definition:
|
||||||
@ -7,7 +16,7 @@
|
|||||||
kind: Deployment
|
kind: Deployment
|
||||||
metadata:
|
metadata:
|
||||||
name: matrix-forwarder
|
name: matrix-forwarder
|
||||||
namespace: grafana
|
namespace: grafana-matrix-forwarder
|
||||||
spec:
|
spec:
|
||||||
replicas: 1
|
replicas: 1
|
||||||
selector:
|
selector:
|
||||||
@ -29,7 +38,7 @@
|
|||||||
- name: GMF_MATRIX_PASSWORD
|
- name: GMF_MATRIX_PASSWORD
|
||||||
value: "{{ grafana_admin_password }}"
|
value: "{{ grafana_admin_password }}"
|
||||||
- name: GMF_MATRIX_HOMESERVER
|
- name: GMF_MATRIX_HOMESERVER
|
||||||
value: eom.dev
|
value: synapse.eom.dev
|
||||||
- name: GMF_RESOLVE_MODE
|
- name: GMF_RESOLVE_MODE
|
||||||
value: reply
|
value: reply
|
||||||
|
|
||||||
@ -40,7 +49,7 @@
|
|||||||
kind: Service
|
kind: Service
|
||||||
metadata:
|
metadata:
|
||||||
name: matrix-forwarder
|
name: matrix-forwarder
|
||||||
namespace: grafana
|
namespace: grafana-matrix-forwarder
|
||||||
spec:
|
spec:
|
||||||
selector:
|
selector:
|
||||||
app: matrix-forwarder
|
app: matrix-forwarder
|
||||||
|
|||||||
@ -41,6 +41,36 @@
|
|||||||
requests:
|
requests:
|
||||||
storage: 32Gi
|
storage: 32Gi
|
||||||
|
|
||||||
|
- name: Request a certificate for OpenLDAP
|
||||||
|
k8s:
|
||||||
|
state: present
|
||||||
|
definition:
|
||||||
|
apiVersion: cert-manager.io/v1
|
||||||
|
kind: Certificate
|
||||||
|
metadata:
|
||||||
|
name: openldap
|
||||||
|
namespace: openldap
|
||||||
|
spec:
|
||||||
|
secretName: openldap
|
||||||
|
privateKey:
|
||||||
|
algorithm: RSA
|
||||||
|
encoding: PKCS1
|
||||||
|
size: 2048
|
||||||
|
duration: 2160h # 90d
|
||||||
|
renewBefore: 360h # 15d
|
||||||
|
isCA: false
|
||||||
|
usages:
|
||||||
|
- server auth
|
||||||
|
- client auth
|
||||||
|
subject:
|
||||||
|
organizations:
|
||||||
|
- EOM
|
||||||
|
dnsNames:
|
||||||
|
- openldap.eom.dev
|
||||||
|
issuerRef:
|
||||||
|
name: ca-issuer
|
||||||
|
kind: ClusterIssuer
|
||||||
|
|
||||||
- name: Create Deployment for OpenLDAP
|
- name: Create Deployment for OpenLDAP
|
||||||
k8s:
|
k8s:
|
||||||
definition:
|
definition:
|
||||||
@ -75,6 +105,10 @@
|
|||||||
value: "{{ openldap_readonly_password }}"
|
value: "{{ openldap_readonly_password }}"
|
||||||
- name: LDAP_TLS_VERIFY_CLIENT
|
- name: LDAP_TLS_VERIFY_CLIENT
|
||||||
value: never
|
value: never
|
||||||
|
- name: LDAP_TLS_CRT_FILENAME
|
||||||
|
value: tls.crt
|
||||||
|
- name: LDAP_TLS_KEY_FILENAME
|
||||||
|
value: tls.key
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: config
|
- name: config
|
||||||
mountPath: /etc/ldap/slapd.d
|
mountPath: /etc/ldap/slapd.d
|
||||||
|
|||||||
@ -81,6 +81,7 @@
|
|||||||
name: rtmp
|
name: rtmp
|
||||||
- port: 8080
|
- port: 8080
|
||||||
name: http
|
name: http
|
||||||
|
externalTrafficPolicy: Local
|
||||||
type: LoadBalancer
|
type: LoadBalancer
|
||||||
|
|
||||||
- name: Create Ingress
|
- name: Create Ingress
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user