DevOps/ansible-role-eom
1
0
Fork 0
Code Issues 17 Pull Requests Actions Packages Projects Releases Wiki Activity
67778bbe57
ansible-role-eom/tasks/auth.yaml
eric o meehan a30ac9c55f v1.0.1
2024-11-14 10:26:22 -05:00

187 lines
4.5 KiB
YAML
Raw Blame History

---
# tasks file for openldap
- name: Create auth namespace
k8s:
state: present
definition:
apiVersion: v1
kind: Namespace
metadata:
name: auth
- name: Create PVC for OpenLDAP data
k8s:
state: present
definition:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
namespace: auth
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
- name: Create PVC for OpenLDAP configuration
k8s:
state: present
definition:
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: config
namespace: auth
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
- name: Create Deployment for OpenLDAP
k8s:
definition:
apiVersion: v1
kind: Deployment
metadata:
name: openldap
namespace: auth
spec:
replicas: 1
selector:
matchLabels:
app: openldap
template:
metadata:
labels:
app: openldap
spec:
containers:
- name: openldap
image: osixia/openldap
env:
- name: LDAP_ORGANISATION
value: "EOM"
- name: LDAP_DOMAIN
value: "eom.dev"
- name: LDAP_ADMIN_PASSWORD
value: "{{ ldap_admin_password }}"
- name: LDAP_READONLY_USER
value: "true"
- name: LDAP_READONLY_USER_PASSWORD
value: "{{ ldap_readonly_password }}"
volumeMounts:
- name: config
mountPath: /etc/ldap/slapd.d
- name: data
mountPath: /var/lib/ldap
ports:
- containerPort: 389
- containerPort: 636
volumes:
- name: data
persistentVolumeClaim:
claimName: data
- name: config
persistentVolumeClaim:
claimName: config
- name: Create Service for OpenLDAP
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: openldap
namespace: auth
spec:
selector:
app: openldap
ports:
- port: 389
name: ldap
- port: 636
name: ldaps
type: ClusterIP
- name: Create Deployment for phpLDAPadmin
k8s:
definition:
apiVersion: v1
kind: Deployment
metadata:
name: phpldapadmin
namespace: auth
spec:
replicas: 1
selector:
matchLabels:
app: phpldapadmin
template:
metadata:
labels:
app: phpldapadmin
spec:
containers:
- name: phpldapadmin
image: osixia/phpldapadmin
env:
- name: PHPLDAPADMIN_LDAP_HOSTS
value: "openldap"
- name: PHPLDAPADMIN_SERVER_ADMIN
value: "eric@mail.eom.dev"
- name: PHPLDAPADMIN_SERVER_PATH
value: "/"
- name: PHPLDAPADMIN_HTTPS
value: "false"
ports:
- containerPort: 80
- name: Create Service for phpLDAPadmin
k8s:
definition:
apiVersion: v1
kind: Service
metadata:
name: phpldapadmin
namespace: auth
spec:
selector:
app: phpldapadmin
ports:
- port: 80
name: http
type: ClusterIP
- name: Create Ingress
k8s:
state: present
definition:
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: ca-issuer
name: phpldapadmin
namespace: auth
spec:
ingressClassName: nginx
rules:
- host: auth.eom.dev
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: phpldapadmin
port:
number: 80
tls:
- hosts:
- auth.eom.dev
secretName: phpldapadmin
Reference in New Issue View Git Blame Copy Permalink