Blame - core/auth/hydra/install.yaml - pcloud

blob: b9a8d4d4bbff2ac5d8dbadecdf997d22ca43edda [file] [log] [blame]

giolekva	eb59028	2021-10-22 17:31:40 +0400	[diff] [blame^]	1	---
				2	apiVersion: v1
				3	kind: Namespace
				4	metadata:
				5	name: core-auth
				6	---
				7	apiVersion: v1
				8	kind: Service
				9	metadata:
				10	name: hydra
				11	namespace: core-auth
				12	spec:
				13	type: ClusterIP
				14	selector:
				15	app: hydra
				16	ports:
				17	- name: public
				18	port: 80
				19	targetPort: public
				20	protocol: TCP
				21	- name: admin
				22	port: 81
				23	targetPort: admin
				24	protocol: TCP
				25	---
				26	apiVersion: networking.k8s.io/v1
				27	kind: Ingress
				28	metadata:
				29	name: ingress-hydra-public
				30	namespace: core-auth
				31	annotations:
				32	cert-manager.io/cluster-issuer: "letsencrypt-prod"
				33	acme.cert-manager.io/http01-edit-in-place: "true"
				34	spec:
				35	ingressClassName: nginx
				36	tls:
				37	- hosts:
				38	- hydra.lekva.me
				39	secretName: cert-hydra.lekva.me
				40	rules:
				41	- host: hydra.lekva.me
				42	http:
				43	paths:
				44	- path: /
				45	pathType: Prefix
				46	backend:
				47	service:
				48	name: hydra
				49	port:
				50	name: public
				51	---
				52	apiVersion: networking.k8s.io/v1
				53	kind: Ingress
				54	metadata:
				55	name: ingress-hydra-private
				56	namespace: core-auth
				57	annotations:
				58	cert-manager.io/cluster-issuer: "selfsigned-ca"
				59	acme.cert-manager.io/http01-edit-in-place: "true"
				60	spec:
				61	ingressClassName: nginx-private
				62	tls:
				63	- hosts:
				64	- hydra.pcloud
				65	secretName: cert-hydra.pcloud
				66	rules:
				67	- host: hydra.pcloud
				68	http:
				69	paths:
				70	- path: /
				71	pathType: Prefix
				72	backend:
				73	service:
				74	name: hydra
				75	port:
				76	name: admin
				77	---
				78	apiVersion: apps/v1
				79	kind: Deployment
				80	metadata:
				81	name: hydra
				82	namespace: core-auth
				83	spec:
				84	selector:
				85	matchLabels:
				86	app: hydra
				87	replicas: 1
				88	template:
				89	metadata:
				90	labels:
				91	app: hydra
				92	spec:
				93	volumes:
				94	- name: config
				95	configMap:
				96	name: hydra
				97	containers:
				98	- name: hydra
				99	image: giolekva/ory-hydra:latest
				100	imagePullPolicy: IfNotPresent
				101	ports:
				102	- name: public
				103	containerPort: 4444
				104	protocol: TCP
				105	- name: admin
				106	containerPort: 4445
				107	protocol: TCP
				108	command:
				109	- "hydra"
				110	- "--config=/etc/hydra/config/hydra.yaml"
				111	- "serve"
				112	- "all"
				113	#command: ["hydra", "serve"]
				114	# resources:
				115	# requests:
				116	# memory: "10Mi"
				117	# cpu: "10m"
				118	# limits:
				119	# memory: "20Mi"
				120	# cpu: "100m"
				121	volumeMounts:
				122	- name: config
				123	mountPath: /etc/hydra/config
				124	---
				125	apiVersion: batch/v1
				126	kind: Job
				127	metadata:
				128	name: hydra-migrate
				129	namespace: core-auth
				130	spec:
				131	template:
				132	metadata:
				133	labels:
				134	app: hydra-migrate
				135	spec:
				136	restartPolicy: OnFailure
				137	volumes:
				138	- name: config
				139	configMap:
				140	name: hydra
				141	containers:
				142	- name: hydra
				143	image: giolekva/ory-hydra:latest
				144	imagePullPolicy: IfNotPresent
				145	command:
				146	- "hydra"
				147	- "migrate"
				148	- "sql"
				149	- "-y"
				150	- "postgres://postgres:psswd@postgres:5432/hydra?sslmode=disable&max_conns=20&max_idle_conns=4"
				151	#command: ["hydra", "serve"]
				152	# resources:
				153	# requests:
				154	# memory: "10Mi"
				155	# cpu: "10m"
				156	# limits:
				157	# memory: "20Mi"
				158	# cpu: "100m"
				159	volumeMounts:
				160	- name: config
				161	mountPath: /etc/hydra/config