Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f216f2ce0d1a1308d1875a1e7928339120c5ffab / . / scripts / homelab / installer / pihole-oauth2-proxy.yaml
blob: a438b1c25b49b2e8c60a295587595e3600f498de [file] [log] [blame]
giolekva6e3463a2021-10-25 20:42:55 +0400[diff] [blame]1apiVersion: v1
2kind: Service
3metadata:
4 name: pihole-oauth2-proxy
5 namespace: app-pihole
6spec:
7 type: ClusterIP
8 selector:
9 app: pihole-oauth2-proxy
10 ports:
11 - name: http
12 port: 80
13 targetPort: http
14 protocol: TCP
15---
16apiVersion: networking.k8s.io/v1
17kind: Ingress
18metadata:
19 name: ingress
20 namespace: app-pihole
21 annotations:
22 cert-manager.io/cluster-issuer: "selfsigned-ca"
23 acme.cert-manager.io/http01-edit-in-place: "true"
24spec:
25 ingressClassName: nginx-private
26 tls:
27 - hosts:
28 - pihole.pcloud
29 secretName: cert-pihole.pcloud
30 rules:
31 - host: pihole.pcloud
32 http:
33 paths:
34 - path: /
35 pathType: Prefix
36 backend:
37 service:
38 name: pihole-oauth2-proxy
39 port:
40 name: http
41---
42apiVersion: apps/v1
43kind: Deployment
44metadata:
45 name: pihole-oauth2-proxy
46 namespace: app-pihole
47spec:
48 selector:
49 matchLabels:
50 app: pihole-oauth2-proxy
51 replicas: 1
52 template:
53 metadata:
54 labels:
55 app: pihole-oauth2-proxy
56 spec:
57 volumes:
58 - name: config
59 configMap:
60 name: oauth2-proxy-config
61 containers:
62 - name: pihole-oauth2-proxy
63 image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.0-arm64
64 imagePullPolicy: Always
65 ports:
66 - name: http
67 containerPort: 8080
68 protocol: TCP
69 command:
70 - "oauth2-proxy"
71 - "--config=/etc/oauth2-proxy/pihole-oauth2.cfg"
72 volumeMounts:
73 - name: config
74 mountPath: /etc/oauth2-proxy
75 readOnly: true
76 resources:
77 requests:
78 memory: "10Mi"
79 cpu: "10m"
80 limits:
81 memory: "20Mi"
82 cpu: "100m"
83 tolerations:
84 - key: "pcloud"
85 operator: "Equal"
86 value: "role"
87 effect: "NoSchedule"