charts/pihole/templates/oauth2-proxy.yaml - pcloud - Gitiles

 ---
 apiVersion: v1
 kind: Service
 metadata:
   name: pihole-oauth2-proxy
   namespace: {{ .Release.Namespace }}
 spec:
   type: ClusterIP
   selector:
     app: pihole-oauth2-proxy
   ports:
   - name: http
     port: 80
     targetPort: http
     protocol: TCP
 ---
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: ingress
   namespace: {{ .Release.Namespace }}
   # annotations:
   #   cert-manager.io/cluster-issuer: "{{ .Values.certificateIssuer }}"
   #   acme.cert-manager.io/http01-edit-in-place: "true"
 spec:
   ingressClassName: {{ .Values.ingressClassName }}
   tls:
   - hosts:
     - pihole.p.{{ .Values.domain }}
     # secretName: cert-pihole.{{ .Values.domain }}
   rules:
   - host: pihole.p.{{ .Values.domain }}
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: pihole-oauth2-proxy
             port:
               name: http
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: pihole-oauth2-proxy
   namespace: {{ .Release.Namespace }}
 spec:
   selector:
     matchLabels:
       app: pihole-oauth2-proxy
   replicas: 1
   template:
     metadata:
       labels:
         app: pihole-oauth2-proxy
     spec:
       volumes:
       - name: config
         configMap:
           name: {{ .Values.oauth2.configName }}
       containers:
       - name: pihole-oauth2-proxy
         image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.0-arm64
         imagePullPolicy: Always
         ports:
         - name: http
           containerPort: 8080
           protocol: TCP
         command:
         - oauth2-proxy
         - --config=/etc/oauth2-proxy/oauth2-proxy.cfg
         volumeMounts:
         - name: config
           mountPath: /etc/oauth2-proxy
           readOnly: true
         resources:
           requests:
             memory: "10Mi"
             cpu: "10m"
           limits:
             memory: "20Mi"
             cpu: "100m"
       tolerations:
       - key: "pcloud"
         operator: "Equal"
         value: "role"
         effect: "NoSchedule"
	---
	apiVersion: v1
	kind: Service
	metadata:
	name: pihole-oauth2-proxy
	namespace: {{ .Release.Namespace }}
	spec:
	type: ClusterIP
	selector:
	app: pihole-oauth2-proxy
	ports:
	- name: http
	port: 80
	targetPort: http
	protocol: TCP
	---
	apiVersion: networking.k8s.io/v1
	kind: Ingress
	metadata:
	name: ingress
	namespace: {{ .Release.Namespace }}
	# annotations:
	# cert-manager.io/cluster-issuer: "{{ .Values.certificateIssuer }}"
	# acme.cert-manager.io/http01-edit-in-place: "true"
	spec:
	ingressClassName: {{ .Values.ingressClassName }}
	tls:
	- hosts:
	- pihole.p.{{ .Values.domain }}
	# secretName: cert-pihole.{{ .Values.domain }}
	rules:
	- host: pihole.p.{{ .Values.domain }}
	http:
	paths:
	- path: /
	pathType: Prefix
	backend:
	service:
	name: pihole-oauth2-proxy
	port:
	name: http
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: pihole-oauth2-proxy
	namespace: {{ .Release.Namespace }}
	spec:
	selector:
	matchLabels:
	app: pihole-oauth2-proxy
	replicas: 1
	template:
	metadata:
	labels:
	app: pihole-oauth2-proxy
	spec:
	volumes:
	- name: config
	configMap:
	name: {{ .Values.oauth2.configName }}
	containers:
	- name: pihole-oauth2-proxy
	image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.0-arm64
	imagePullPolicy: Always
	ports:
	- name: http
	containerPort: 8080
	protocol: TCP
	command:
	- oauth2-proxy
	- --config=/etc/oauth2-proxy/oauth2-proxy.cfg
	volumeMounts:
	- name: config
	mountPath: /etc/oauth2-proxy
	readOnly: true
	resources:
	requests:
	memory: "10Mi"
	cpu: "10m"
	limits:
	memory: "20Mi"
	cpu: "100m"
	tolerations:
	- key: "pcloud"
	operator: "Equal"
	value: "role"
	effect: "NoSchedule"