Compare commits
7 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 1242a9e606 | |||
| 69947c9eee | |||
| 4d98223004 | |||
| fdd79fcff3 | |||
| 04044b32e0 | |||
| aa4c9dce08 | |||
| c31ca20fb0 |
@@ -8,7 +8,7 @@ metadata:
|
||||
annotations:
|
||||
reloader.stakater.com/auto: "false"
|
||||
secret.reloader.stakater.com/reload: "amneziawg-server"
|
||||
configmap.reloader.stakater.com/reload: "amneziawg-scripts"
|
||||
configmap.reloader.stakater.com/reload: "amneziawg-scripts,amneziawg-exporter-redis"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
@@ -37,7 +37,9 @@ spec:
|
||||
- |
|
||||
set -euo pipefail
|
||||
cp /usr/bin/awg /shared-bin/awg
|
||||
chmod 0755 /shared-bin/awg
|
||||
cp /lib/ld-musl-x86_64.so.1 /shared-bin/ld-musl-x86_64.so.1
|
||||
cp /lib/ld-musl-x86_64.so.1 /shared-bin/libc.musl-x86_64.so.1
|
||||
chmod 0755 /shared-bin/awg /shared-bin/ld-musl-x86_64.so.1 /shared-bin/libc.musl-x86_64.so.1
|
||||
volumeMounts:
|
||||
- name: awg-bin
|
||||
mountPath: /shared-bin
|
||||
@@ -248,6 +250,14 @@ spec:
|
||||
mountPath: /usr/bin/awg
|
||||
subPath: awg
|
||||
readOnly: true
|
||||
- name: awg-bin
|
||||
mountPath: /lib/ld-musl-x86_64.so.1
|
||||
subPath: ld-musl-x86_64.so.1
|
||||
readOnly: true
|
||||
- name: awg-bin
|
||||
mountPath: /lib/libc.musl-x86_64.so.1
|
||||
subPath: libc.musl-x86_64.so.1
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: server-config
|
||||
secret:
|
||||
|
||||
@@ -8,8 +8,8 @@ metadata:
|
||||
component: exporter
|
||||
data:
|
||||
redis.conf: |
|
||||
bind 0.0.0.0
|
||||
protected-mode no
|
||||
bind 127.0.0.1
|
||||
protected-mode yes
|
||||
port 6379
|
||||
tcp-backlog 511
|
||||
timeout 0
|
||||
@@ -21,8 +21,12 @@ data:
|
||||
databases 16
|
||||
always-show-logo no
|
||||
set-proc-title no
|
||||
save 3600 1
|
||||
save ""
|
||||
appendonly no
|
||||
stop-writes-on-bgsave-error no
|
||||
rdbcompression yes
|
||||
rdbchecksum yes
|
||||
dir /data
|
||||
rename-command CONFIG ""
|
||||
rename-command SAVE ""
|
||||
rename-command BGSAVE ""
|
||||
|
||||
@@ -48,3 +48,31 @@ spec:
|
||||
remoteRef:
|
||||
key: 3092dc7c-41dd-461a-9f7a-377727f47e93
|
||||
property: fields[1].value
|
||||
---
|
||||
apiVersion: external-secrets.io/v1
|
||||
kind: ExternalSecret
|
||||
metadata:
|
||||
name: amnezia-fellow
|
||||
spec:
|
||||
target:
|
||||
name: amnezia-fellow
|
||||
deletionPolicy: Delete
|
||||
template:
|
||||
type: Opaque
|
||||
data:
|
||||
database-url: |-
|
||||
postgresql://amnezia_fellow:{{ .amnezia_fellow }}@psql.psql.svc:5432/amnezia_fellow
|
||||
postgres-password: |-
|
||||
{{ .amnezia_fellow }}
|
||||
data:
|
||||
- secretKey: amnezia_fellow
|
||||
sourceRef:
|
||||
storeRef:
|
||||
name: vaultwarden-login
|
||||
kind: ClusterSecretStore
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
metadataPolicy: None
|
||||
key: 2a9deb39-ef22-433e-a1be-df1555625e22
|
||||
property: fields[19].value
|
||||
|
||||
@@ -5,6 +5,8 @@ metadata:
|
||||
name: amnezia-fellow
|
||||
labels:
|
||||
app: amnezia-fellow
|
||||
annotations:
|
||||
secret.reloader.stakater.com/reload: "amnezia-fellow"
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
@@ -31,7 +33,12 @@ spec:
|
||||
protocol: TCP
|
||||
env:
|
||||
- name: AMNEZIA_FELLOW_DATABASE_URL
|
||||
value: "sqlite:///data/amnezia-fellow.sqlite3?mode=rwc"
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: amnezia-fellow
|
||||
key: database-url
|
||||
- name: AMNEZIA_FELLOW_MIGRATE_SQLITE
|
||||
value: "sqlite:///data/amnezia-fellow.sqlite3?mode=ro"
|
||||
- name: AMNEZIA_FELLOW_K8S_NAMESPACE
|
||||
value: "amnezia"
|
||||
- name: AMNEZIA_FELLOW_K8S_CLIENTS_SECRET
|
||||
|
||||
@@ -140,6 +140,8 @@ spec:
|
||||
{{ .furumi_dev }}
|
||||
USER_keycloak: |-
|
||||
{{ .keycloak }}
|
||||
USER_amnezia_fellow: |-
|
||||
{{ .amnezia_fellow }}
|
||||
data:
|
||||
- secretKey: authentik
|
||||
sourceRef:
|
||||
@@ -339,3 +341,14 @@ spec:
|
||||
metadataPolicy: None
|
||||
key: 2a9deb39-ef22-433e-a1be-df1555625e22
|
||||
property: fields[18].value
|
||||
- secretKey: amnezia_fellow
|
||||
sourceRef:
|
||||
storeRef:
|
||||
name: vaultwarden-login
|
||||
kind: ClusterSecretStore
|
||||
remoteRef:
|
||||
conversionStrategy: Default
|
||||
decodingStrategy: None
|
||||
metadataPolicy: None
|
||||
key: 2a9deb39-ef22-433e-a1be-df1555625e22
|
||||
property: fields[19].value
|
||||
|
||||
Reference in New Issue
Block a user