--- # tasks file for openldap - name: Create auth namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: auth - name: Create PVC for OpenLDAP data k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: data namespace: auth spec: accessModes: - ReadWriteOnce resources: requests: storage: 2Gi - name: Create PVC for OpenLDAP configuration k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: config namespace: auth spec: accessModes: - ReadWriteOnce resources: requests: storage: 2Gi - name: Create Deployment for OpenLDAP k8s: definition: apiVersion: v1 kind: Deployment metadata: name: openldap namespace: auth spec: replicas: 1 selector: matchLabels: app: openldap template: metadata: labels: app: openldap spec: containers: - name: openldap image: osixia/openldap env: - name: LDAP_ORGANISATION value: "EOM" - name: LDAP_DOMAIN value: "eom.dev" - name: LDAP_ADMIN_PASSWORD value: "{{ ldap_admin_password }}" - name: LDAP_READONLY_USER value: "true" - name: LDAP_READONLY_USER_PASSWORD value: "{{ ldap_readonly_password }}" volumeMounts: - name: config mountPath: /etc/ldap/slapd.d - name: data mountPath: /var/lib/ldap ports: - containerPort: 389 - containerPort: 636 volumes: - name: data persistentVolumeClaim: claimName: data - name: config persistentVolumeClaim: claimName: config - name: Create Service for OpenLDAP k8s: definition: apiVersion: v1 kind: Service metadata: name: openldap namespace: auth spec: selector: app: openldap ports: - port: 389 name: ldap - port: 636 name: ldaps type: ClusterIP - name: Create Deployment for phpLDAPadmin k8s: definition: apiVersion: v1 kind: Deployment metadata: name: phpldapadmin namespace: auth spec: replicas: 1 selector: matchLabels: app: phpldapadmin template: metadata: labels: app: phpldapadmin spec: containers: - name: phpldapadmin image: osixia/phpldapadmin env: - name: PHPLDAPADMIN_LDAP_HOSTS value: "openldap" - name: PHPLDAPADMIN_SERVER_ADMIN value: "eric@mail.eom.dev" - name: PHPLDAPADMIN_SERVER_PATH value: "/" - name: PHPLDAPADMIN_HTTPS value: "false" ports: - containerPort: 80 - name: Create Service for phpLDAPadmin k8s: definition: apiVersion: v1 kind: Service metadata: name: phpldapadmin namespace: auth spec: selector: app: phpldapadmin ports: - port: 80 name: http type: ClusterIP - name: Create Ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: phpldapadmin namespace: auth spec: ingressClassName: nginx rules: - host: auth.eom.dev http: paths: - pathType: Prefix path: / backend: service: name: phpldapadmin port: number: 80 tls: - hosts: - auth.eom.dev secretName: phpldapadmin