148 lines
4.4 KiB
YAML
148 lines
4.4 KiB
YAML
---
|
|
# tasks file for mediawiki
|
|
- name: Create MediaWiki namespace
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
name: mediawiki
|
|
|
|
- name: Deploy MariaDB
|
|
kubernetes.core.helm:
|
|
name: mariadb
|
|
chart_ref: bitnami/mariadb
|
|
release_namespace: mediawiki
|
|
values:
|
|
auth:
|
|
rootPassword: "{{ mediawiki_admin_password }}"
|
|
username: mediawiki
|
|
password: "{{ mediawiki_admin_password }}"
|
|
database: mediawiki
|
|
primary:
|
|
persistence:
|
|
size: 4Ti
|
|
|
|
- name: Create Deployment for MediaWiki
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: mediawiki
|
|
namespace: mediawiki
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: mediawiki
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: mediawiki
|
|
spec:
|
|
containers:
|
|
- name: mediawiki
|
|
image: ericomeehan/mediawiki-extended
|
|
imagePullPolicy: IfNotPresent
|
|
resources:
|
|
requests:
|
|
memory: 2Gi
|
|
env:
|
|
- name: WIKI_NAME
|
|
value: MediaWiki
|
|
- name: WIKI_ADMIN
|
|
value: mediawiki_admin
|
|
- name: WIKI_ADMIN_PASS
|
|
value: "{{ mediawiki_admin_password }}"
|
|
- name: WIKI_LANG
|
|
value: en
|
|
- name: WIKI_URL
|
|
value: https://mediawiki.eom.dev/
|
|
- name: DB_HOST
|
|
value: mariadb
|
|
- name: DB_PORT
|
|
value: "3306"
|
|
- name: DB_NAME
|
|
value: mediawiki
|
|
- name: DB_USER
|
|
value: mediawiki
|
|
- name: DB_PASS
|
|
value: "{{ mediawiki_admin_password }}"
|
|
- name: LDAP_BASE
|
|
value: dc=eom,dc=dev
|
|
- name: LDAP_SERVER_NAME
|
|
value: openldap.openldap.svc.cluster.local
|
|
- name: LDAP_SERVER_PORT
|
|
value: "389"
|
|
- name: LDAP_DOMAINNAME
|
|
value: openldap.openldap.svc.cluster.local
|
|
- name: LDAP_ENCTYPE
|
|
value: clear
|
|
- name: LDAP_USER_ATTR
|
|
value: uid
|
|
- name: LDAP_REAL_NAME_ATTR
|
|
value: cn
|
|
- name: LDAP_MAIL_ATTR
|
|
value: mail
|
|
- name: LDAP_BIND_USER
|
|
value: cn=readonly,dc=eom,dc=dev
|
|
- name: LDAP_BIND_PASS
|
|
value: "{{ openldap_readonly_password }}"
|
|
- name: LDAP_BUREAUCRAT_GROUP
|
|
value: cn=Mediawiki Bureaucrats,ou=MediaWiki,ou=Services,dc=eom,dc=dev
|
|
- name: LDAP_INTERFACE_ADMIN_GROUP
|
|
value: cn=Mediawiki Interface Administrators,ou=MediaWiki,ou=Services,dc=eom,dc=dev
|
|
- name: LDAP_SYSOP_GROUP
|
|
value: cn=Mediawiki Sysops,ou=MediaWiki,ou=Services,dc=eom,dc=dev
|
|
- name: LDAP_SEARCH_FILTER
|
|
value: (&(objectClass=posixAccount)(uid=%1$s)(memberOf=cn=Mediawiki Users,ou=MediaWiki,ou=Services,dc=eom,dc=dev))
|
|
ports:
|
|
- containerPort: 80
|
|
|
|
- name: Create Service for MediaWiki
|
|
k8s:
|
|
definition:
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: mediawiki
|
|
namespace: mediawiki
|
|
spec:
|
|
selector:
|
|
app: mediawiki
|
|
ports:
|
|
- port: 80
|
|
name: http
|
|
type: ClusterIP
|
|
|
|
- name: Create Ingress
|
|
k8s:
|
|
state: present
|
|
definition:
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: ca-issuer
|
|
name: mediawiki
|
|
namespace: mediawiki
|
|
spec:
|
|
ingressClassName: nginx
|
|
rules:
|
|
- host: mediawiki.eom.dev
|
|
http:
|
|
paths:
|
|
- pathType: Prefix
|
|
path: /
|
|
backend:
|
|
service:
|
|
name: mediawiki
|
|
port:
|
|
number: 80
|
|
tls:
|
|
- hosts:
|
|
- mediawiki.eom.dev
|
|
secretName: mediawiki
|