installer: configs
diff --git a/charts/appmanager/templates/install.yaml b/charts/appmanager/templates/install.yaml
index d63827d..7274aa9 100644
--- a/charts/appmanager/templates/install.yaml
+++ b/charts/appmanager/templates/install.yaml
@@ -1,3 +1,27 @@
+kind: ClusterRole
+metadata:
+ name: {{ .Values.clusterRoleName }}
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - namespaces
+ verbs:
+ - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: {{ .Values.clusterRoleName }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: {{ .Values.clusterRoleName }}
+subjects:
+- kind: ServiceAccount
+ name: default
+ namespace: {{ .Release.Namespace }}
+---
apiVersion: v1
kind: Secret
metadata:
@@ -26,15 +50,19 @@
metadata:
name: ingress
namespace: {{ .Release.Namespace }}
+ {{- if .Values.certificateIssuer }}
annotations:
acme.cert-manager.io/http01-edit-in-place: "true"
cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer}}
+ {{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
+ {{- if .Values.certificateIssuer }}
tls:
- hosts:
- {{ .Values.ingress.domain }}
secretName: cert-appmanager
+ {{- end }}
rules:
- host: {{ .Values.ingress.domain }}
http:
diff --git a/charts/appmanager/values.yaml b/charts/appmanager/values.yaml
index 572f74b..ac29afd 100644
--- a/charts/appmanager/values.yaml
+++ b/charts/appmanager/values.yaml
@@ -8,3 +8,4 @@
className: example-ingress-private
domain: apps.p.example.com
certificateIssuer: example-private
+clusterRoleName: example-welcome
diff --git a/charts/env-manager/templates/install.yaml b/charts/env-manager/templates/install.yaml
index 6139479..400726d 100644
--- a/charts/env-manager/templates/install.yaml
+++ b/charts/env-manager/templates/install.yaml
@@ -1,7 +1,7 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
- name: {{ .Global.PCloudEnvName }}-env-manager
+ name: {{ .Values.clusterRoleName }}
rules:
- apiGroups:
- ""
@@ -13,11 +13,11 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: {{ .Global.PCloudEnvName }}-env-manager
+ name: {{ .Values.clusterRoleName }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: {{ .Global.PCloudEnvName }}-env-manager
+ name: {{ .Values.clusterRoleName }}
subjects:
- kind: ServiceAccount
name: default
diff --git a/charts/env-manager/values.yaml b/charts/env-manager/values.yaml
index f8cf699..aa5a42c 100644
--- a/charts/env-manager/values.yaml
+++ b/charts/env-manager/values.yaml
@@ -4,3 +4,4 @@
pullPolicy: Always
repoIP: 192.168.0.11
sshPrivateKey: key
+clusterRoleName: pcloud-env-manager
diff --git a/charts/welcome/templates/install.yaml b/charts/welcome/templates/install.yaml
index ddeeab6..d151411 100644
--- a/charts/welcome/templates/install.yaml
+++ b/charts/welcome/templates/install.yaml
@@ -1,6 +1,6 @@
kind: ClusterRole
metadata:
- name: {{ .Global.PCloudEnvName }}-welcome
+ name: {{ .Values.clusterRoleName }}
rules:
- apiGroups:
- ""
@@ -12,11 +12,11 @@
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
- name: {{ .Global.PCloudEnvName }}-welcome
+ name: {{ .Values.clusterRoleName }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
- name: {{ .Global.PCloudEnvName }}-welcome
+ name: {{ .Values.clusterRoleName }}
subjects:
- kind: ServiceAccount
name: default
@@ -50,15 +50,19 @@
metadata:
name: ingress
namespace: {{ .Release.Namespace }}
+ {{- if .Values.certificateIssuer }}
annotations:
acme.cert-manager.io/http01-edit-in-place: "true"
cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer}}
+ {{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
+ {{- if .Values.certificateIssuer }}
tls:
- hosts:
- {{ .Values.ingress.domain }}
secretName: cert-welcome
+ {{- end }}
rules:
- host: {{ .Values.ingress.domain }}
http:
diff --git a/charts/welcome/values.yaml b/charts/welcome/values.yaml
index d83ffd1..5b71b61 100644
--- a/charts/welcome/values.yaml
+++ b/charts/welcome/values.yaml
@@ -8,3 +8,4 @@
className: pcloud-ingress-public
domain: welcome.example.com
certificateIssuer: example-public
+clusterRoleName: example-welcome