262 lines
6.3 KiB
YAML
262 lines
6.3 KiB
YAML
apiVersion: v1
|
|
kind: Namespace
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/instance: phpipam
|
|
app.kubernetes.io/name: phpipam
|
|
name: phpipam
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: phpipam-httpd-conf
|
|
namespace: phpipam
|
|
labels:
|
|
app.kubernetes.io/instance: phpipam
|
|
data:
|
|
phpipam.conf: |
|
|
<VirtualHost *:80>
|
|
DocumentRoot /phpipam
|
|
SetEnvIf Remote-User "(.*)$" PHP_AUTH_USER=$1
|
|
</VirtualHost>
|
|
|
|
<Directory "/phpipam">
|
|
AllowOverride All
|
|
Options FollowSymLinks
|
|
Require all granted
|
|
</Directory>
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: phpipam-pvc
|
|
namespace: phpipam
|
|
labels:
|
|
app.kubernetes.io/instance: phpipam
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
storageClassName: longhorn-static
|
|
resources:
|
|
requests:
|
|
storage: 1Gi
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-db
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
app.kubernetes.io/part-of: phpipam
|
|
name: phpipam-db
|
|
namespace: phpipam
|
|
spec:
|
|
serviceName: phpipam-db
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/component: phpipam-db
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-db
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
spec:
|
|
containers:
|
|
- image: docker.io/library/mariadb:10.9.3
|
|
imagePullPolicy: IfNotPresent
|
|
name: phpipam-mariadb
|
|
env:
|
|
- name: MYSQL_ROOT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: phpipam-mysql-root
|
|
key: password
|
|
- name: MYSQL_DATABASE
|
|
value: phpipam
|
|
- name: MYSQL_USER
|
|
value: phpipam
|
|
- name: MYSQL_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: phpipam-mysql
|
|
key: password
|
|
volumeMounts:
|
|
- mountPath: /var/lib/mysql
|
|
name: phpipam-db
|
|
volumes:
|
|
- name: phpipam-db
|
|
persistentVolumeClaim:
|
|
claimName: phpipam-pvc
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-www
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
app.kubernetes.io/part-of: phpipam
|
|
name: phpipam
|
|
namespace: phpipam
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/component: phpipam-www
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-www
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
spec:
|
|
containers:
|
|
- image: docker.io/phpipam/phpipam-www:v1.5.2
|
|
imagePullPolicy: IfNotPresent
|
|
name: phpipam-web
|
|
ports:
|
|
- containerPort: 80
|
|
name: http
|
|
env:
|
|
- name: IPAM_DATABASE_HOST
|
|
value: phpipam-db
|
|
- name: IPAM_DATABASE_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: phpipam-mysql
|
|
key: password
|
|
- name: IPAM_DATABASE_WEBHOST
|
|
value: '%'
|
|
securityContext:
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
volumeMounts:
|
|
- name: httpd-conf
|
|
mountPath: /etc/apache2/conf.d/phpipam.conf
|
|
subPath: phpipam.conf
|
|
readOnly: true
|
|
- image: docker.io/phpipam/phpipam-cron:v1.5.2
|
|
imagePullPolicy: IfNotPresent
|
|
name: phpipam-cron
|
|
env:
|
|
- name: IPAM_DATABASE_HOST
|
|
value: phpipam-db
|
|
- name: IPAM_DATABASE_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: phpipam-mysql
|
|
key: password
|
|
- name: SCAN_INTERVAL
|
|
value: 1h
|
|
securityContext:
|
|
capabilities:
|
|
add:
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
volumes:
|
|
- name: httpd-conf
|
|
configMap:
|
|
name: phpipam-httpd-conf
|
|
affinity:
|
|
podAffinity:
|
|
preferredDuringSchedulingIgnoredDuringExecution:
|
|
- weight: 1
|
|
podAffinityTerm:
|
|
labelSelector:
|
|
matchExpressions:
|
|
- key: app.kubernetes.io/component
|
|
operator: In
|
|
values:
|
|
- phpipam-db
|
|
topologyKey: kubernetes.io/hostname
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-db
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
app.kubernetes.io/part-of: phpipam
|
|
name: phpipam-db
|
|
namespace: phpipam
|
|
spec:
|
|
ports:
|
|
- port: 3306
|
|
targetPort: 3306
|
|
selector:
|
|
app.kubernetes.io/component: phpipam-db
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
type: ClusterIP
|
|
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-www
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
app.kubernetes.io/part-of: phpipam
|
|
name: phpipam
|
|
namespace: phpipam
|
|
spec:
|
|
ports:
|
|
- port: 80
|
|
targetPort: 80
|
|
selector:
|
|
app.kubernetes.io/component: phpipam-www
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
type: ClusterIP
|
|
status:
|
|
loadBalancer: {}
|
|
|
|
---
|
|
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/rewrite-target: /
|
|
nginx.ingress.kubernetes.io/auth-method: GET
|
|
nginx.ingress.kubernetes.io/auth-url: http://authelia.authelia.svc.cluster.local:9091/api/verify
|
|
nginx.ingress.kubernetes.io/auth-signin: https://auth.pyrocufflink.blue/?rm=$request_method
|
|
nginx.ingress.kubernetes.io/auth-response-headers: Remote-User,Remote-Name,Remote-Groups,Remote-Email
|
|
labels:
|
|
app.kubernetes.io/component: phpipam-www
|
|
app.kubernetes.io/name: phpipam
|
|
app.kubernetes.io/instance: phpipam
|
|
app.kubernetes.io/part-of: phpipam
|
|
name: phpipam
|
|
namespace: phpipam
|
|
spec:
|
|
ingressClassName: nginx
|
|
tls:
|
|
- hosts:
|
|
- phpipam.pyrocufflink.blue
|
|
secretName: pyrocufflink-cert
|
|
rules:
|
|
- host: phpipam.pyrocufflink.blue
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: phpipam
|
|
port:
|
|
number: 80
|