authelia: Mount dch-root-ca
The LDAP servers now use certificates signed by _DCH CA R2_, so the _DCH Root CA R2_ CA needs to be trusted in order to communicate with them.etcd
parent
b8015c0bed
commit
e71156bcec
|
|
@ -1,11 +1,14 @@
|
|||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
namespace: authelia
|
||||
|
||||
labels:
|
||||
- pairs:
|
||||
app.kubernetes.io/instance: authelia
|
||||
|
||||
resources:
|
||||
- ../dch-root-ca
|
||||
- secrets.yaml
|
||||
- redis.yaml
|
||||
- authelia.yaml
|
||||
|
|
@ -37,8 +40,12 @@ patches:
|
|||
- name: AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE
|
||||
value: /run/authelia/secrets/postgresql/password
|
||||
volumeMounts:
|
||||
- mountPath: /run/authelia/certs
|
||||
- mountPath: /run/authelia/certs/postgresql-ca.crt
|
||||
name: postgresql-ca
|
||||
subPath: postgresql-ca.crt
|
||||
- mountPath: /run/authelia/certs/dch-root-ca.crt
|
||||
name: dch-root-ca
|
||||
subPath: dch-root-ca.crt
|
||||
- mountPath: /run/authelia/secrets/postgresql
|
||||
name: postgresql-auth
|
||||
volumes:
|
||||
|
|
@ -48,3 +55,6 @@ patches:
|
|||
- name: postgresql-ca
|
||||
configMap:
|
||||
name: postgresql-ca
|
||||
- name: dch-root-ca
|
||||
configMap:
|
||||
name: dch-root-ca
|
||||
|
|
|
|||
Loading…
Reference in New Issue