--- # tasks file for mediawiki - name: Create MediaWiki namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: mediawiki - name: Deploy MariaDB kubernetes.core.helm: name: mariadb chart_ref: bitnami/mariadb release_namespace: mediawiki values: auth: rootPassword: "{{ mediawiki_admin_password }}" username: mediawiki password: "{{ mediawiki_admin_password }}" database: mediawiki primary: persistence: size: 4Ti - name: Create Deployment for MediaWiki k8s: definition: apiVersion: v1 kind: Deployment metadata: name: mediawiki namespace: mediawiki spec: replicas: 1 selector: matchLabels: app: mediawiki template: metadata: labels: app: mediawiki spec: containers: - name: mediawiki image: ericomeehan/mediawiki-extended imagePullPolicy: IfNotPresent resources: requests: memory: 2Gi env: - name: WIKI_NAME value: MediaWiki - name: WIKI_ADMIN value: mediawiki_admin - name: WIKI_ADMIN_PASS value: "{{ mediawiki_admin_password }}" - name: WIKI_LANG value: en - name: WIKI_URL value: https://mediawiki.eom.dev/ - name: DB_HOST value: mariadb - name: DB_PORT value: "3306" - name: DB_NAME value: mediawiki - name: DB_USER value: mediawiki - name: DB_PASS value: "{{ mediawiki_admin_password }}" - name: LDAP_BASE value: dc=eom,dc=dev - name: LDAP_SERVER_NAME value: openldap.openldap.svc.cluster.local - name: LDAP_SERVER_PORT value: "389" - name: LDAP_DOMAINNAME value: openldap.openldap.svc.cluster.local - name: LDAP_ENCTYPE value: clear - name: LDAP_USER_ATTR value: uid - name: LDAP_REAL_NAME_ATTR value: cn - name: LDAP_MAIL_ATTR value: mail - name: LDAP_BIND_USER value: cn=readonly,dc=eom,dc=dev - name: LDAP_BIND_PASS value: "{{ openldap_readonly_password }}" - name: LDAP_BUREAUCRAT_GROUP value: cn=Mediawiki Bureaucrats,ou=MediaWiki,ou=Services,dc=eom,dc=dev - name: LDAP_INTERFACE_ADMIN_GROUP value: cn=Mediawiki Interface Administrators,ou=MediaWiki,ou=Services,dc=eom,dc=dev - name: LDAP_SYSOP_GROUP value: cn=Mediawiki Sysops,ou=MediaWiki,ou=Services,dc=eom,dc=dev - name: LDAP_SEARCH_FILTER value: (&(objectClass=posixAccount)(uid=%1$s)(memberOf=cn=Mediawiki Users,ou=MediaWiki,ou=Services,dc=eom,dc=dev)) ports: - containerPort: 80 - name: Create Service for MediaWiki k8s: definition: apiVersion: v1 kind: Service metadata: name: mediawiki namespace: mediawiki spec: selector: app: mediawiki ports: - port: 80 name: http type: ClusterIP - name: Create Ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: mediawiki namespace: mediawiki spec: ingressClassName: nginx rules: - host: mediawiki.eom.dev http: paths: - pathType: Prefix path: / backend: service: name: mediawiki port: number: 80 tls: - hosts: - mediawiki.eom.dev secretName: mediawiki