| Giorgi Lekveishvili | 4ec4c02 | 2024-08-17 15:09:24 +0400 | [diff] [blame] | 1 | apiVersion: rbac.authorization.k8s.io/v1 |
| 2 | kind: ClusterRole |
| 3 | metadata: |
| 4 | name: {{ .Values.clusterRoleName }} |
| 5 | rules: |
| 6 | - apiGroups: |
| 7 | - "" |
| 8 | resources: |
| 9 | - namespaces |
| 10 | verbs: |
| 11 | - create |
| 12 | - apiGroups: |
| 13 | - "batch" |
| 14 | resources: |
| 15 | - jobs |
| 16 | verbs: |
| 17 | - create |
| 18 | - apiGroups: |
| 19 | - "helm.toolkit.fluxcd.io" |
| 20 | resources: |
| 21 | - helmreleases |
| 22 | verbs: |
| 23 | - get |
| 24 | --- |
| 25 | apiVersion: rbac.authorization.k8s.io/v1 |
| 26 | kind: ClusterRoleBinding |
| 27 | metadata: |
| 28 | name: {{ .Values.clusterRoleName }} |
| 29 | roleRef: |
| 30 | apiGroup: rbac.authorization.k8s.io |
| 31 | kind: ClusterRole |
| 32 | name: {{ .Values.clusterRoleName }} |
| 33 | subjects: |
| 34 | - kind: ServiceAccount |
| 35 | name: default |
| 36 | namespace: {{ .Release.Namespace }} |
| 37 | --- |
| 38 | apiVersion: v1 |
| 39 | kind: Secret |
| 40 | metadata: |
| 41 | name: ssh-key |
| 42 | type: Opaque |
| 43 | data: |
| 44 | private: {{ .Values.sshPrivateKey }} |
| 45 | --- |
| 46 | apiVersion: v1 |
| 47 | kind: Service |
| 48 | metadata: |
| 49 | name: appmanager |
| 50 | namespace: {{ .Release.Namespace }} |
| 51 | spec: |
| 52 | type: ClusterIP |
| 53 | selector: |
| 54 | app: appmanager |
| 55 | ports: |
| 56 | - name: {{ .Values.portName }} |
| 57 | port: 80 |
| 58 | targetPort: http |
| 59 | protocol: TCP |
| 60 | --- |
| 61 | apiVersion: apps/v1 |
| 62 | kind: Deployment |
| 63 | metadata: |
| 64 | name: appmanager |
| 65 | namespace: {{ .Release.Namespace }} |
| 66 | spec: |
| 67 | selector: |
| 68 | matchLabels: |
| 69 | app: appmanager |
| 70 | replicas: 1 |
| 71 | template: |
| 72 | metadata: |
| 73 | labels: |
| 74 | app: appmanager |
| 75 | spec: |
| 76 | volumes: |
| 77 | - name: ssh-key |
| 78 | secret: |
| 79 | secretName: ssh-key |
| 80 | containers: |
| 81 | - name: appmanager |
| 82 | image: {{ .Values.image.repository }}:{{ .Values.image.tag }} |
| 83 | imagePullPolicy: {{ .Values.image.pullPolicy }} |
| 84 | ports: |
| 85 | - name: http |
| 86 | containerPort: 8080 |
| 87 | protocol: TCP |
| 88 | command: |
| 89 | - pcloud-installer |
| 90 | - appmanager |
| 91 | - --repo-addr={{ .Values.repoAddr }} |
| 92 | - --ssh-key=/pcloud/ssh-key/private |
| Giorgi Lekveishvili | 64cb6e3 | 2024-08-27 08:26:04 +0400 | [diff] [blame] | 93 | - --headscale-api-addr={{ .Values.headscaleAPIAddr }} |
| Giorgi Lekveishvili | 54f781e | 2024-09-15 16:04:16 +0400 | [diff] [blame] | 94 | - --dns-api-addr={{ .Values.dnsAPIAddr }} |
| 95 | - --cluster-proxy-config-path={{ .Values.clusterProxyConfigPath }} |
| Giorgi Lekveishvili | 4ec4c02 | 2024-08-17 15:09:24 +0400 | [diff] [blame] | 96 | - --port=8080 |
| 97 | {{- if .Values.appRepoAddr }} |
| 98 | - --app-repo-addr={{ .Values.appRepoAddr }} |
| 99 | {{- end}} |
| 100 | volumeMounts: |
| 101 | - name: ssh-key |
| 102 | readOnly: true |
| 103 | mountPath: /pcloud/ssh-key |