Semi working!

2022-04-09 15:22:55 +03:00
parent a727f0e4d3
commit d2525b6ce2
10 changed files with 21 additions and 52 deletions
@@ -22,7 +22,7 @@ spec:
          imagePullPolicy: "Always"
          env:
            - name: DNS_A
-              value: "*.{{ .Values.homey.url }}={{ .Values.homey.ip }}, {{ .Values.homey.url }}={{ .Values.homey.ip }}"
+              value: "*.{{ .Values.homey.url }}={{ .Values.homey.ip }}, {{ .Values.homey.url }}={{ .Values.homey.ip }}, *.{{ .Values.homey.internal_url }}={{ .Values.homey.ip }}, {{ .Values.homey.internal_url }}={{ .Values.homey.ip}}"
            - name: DNS_FORWARDER
              value: "8.8.8.8,8.8.4.4"
            - name: ALLOW_RECURSION
@@ -51,7 +51,7 @@ spec:
  selector:
    app: gitea
  ports:
-  - name: ssh
+  - name: http-port
    protocol: TCP
    port: 3000
    targetPort: http
@@ -81,8 +81,6 @@ metadata:
  name: gitea-ingress
  annotations:
      kubernetes.io/ingress.allow-http: "false"
-      ingress.kubernetes.io/auth-type: forward
-      ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
 spec:
  rules:
  - host: git.{{ .Values.homey.url }}
@@ -52,9 +52,9 @@ metadata:
 spec:
  tls:
    - hosts:
-      - jackett.{{ .Values.homey.url }}
+      - jackett.{{ .Values.homey.internal_url }}
  rules:
-   - host: jackett.{{ .Values.homey.url }}
+   - host: jackett.{{ .Values.homey.internal_url }}
     http:
       paths:
       - path: /
@@ -88,7 +88,7 @@ metadata:
  annotations:
 spec:
  rules:
-   - host: jellyfin.{{ .Values.homey.url }}
+   - host: jellyfin.{{ .Values.homey.internal_url }}
     http:
       paths:
       - path: /
@@ -18,24 +18,22 @@ spec:
    spec:
      containers:
      - name: ldap-auth
-        image: dignajar/another-ldap-auth:latest
+        image: linuxserver/ldap-auth
        imagePullPolicy: Always
        env:
-        - name: LDAP_ENDPOINT
-          value: "ldap://openldap:389"
-        - name: LDAP_MANAGER_DN_USERNAME
+        - name: WERTHER_LDAP_ENDPOINTS
+          value: "openldap:389"
+        - name: WERTHER_LDAP_BINDDN
          value: "cn=readonly,{{ .Values.homey.url | replace "." ",dc=" | printf "dc=%s " | trim }}"
-        - name: LDAP_MANAGER_PASSWORD
+        - name: WERTHER_LDAP_BINDPW
          valueFrom:
            secretKeyRef:
              name: openldap-ro
              key: password
-        - name: LDAP_SEARCH_BASE
+        - name: WERTHER_LDAP_BASEDN
          value: "ou=users,{{ .Values.homey.url | replace "." ",dc=" | printf "dc=%s " | trim }}"
-        - name: LDAP_SEARCH_FILTER
-          value: "(objectClass=inetOrgPerson)"
-        - name: LDAP_BIND_DN
-          value: "uid={username},ou=users,{{ .Values.homey.url | replace "." ",dc=" | printf "dc=%s " | trim }}"
+#        - name: LDAP_USER_FILTER
+#          value: "(objectClass=inetOrgPerson)"
 ---
 apiVersion: v1
 kind: Service
@@ -4,13 +4,7 @@ kind: Secret
 metadata:
  name: nefarious-admin
  annotations:
-    "helm.sh/resource-policy": "keep"
-type: Opaque
-data:
-  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "nefarious-admin") | default dict }}
-  {{- $secretData := (get $secretObj "data") | default dict }}
-  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
-  password: {{ $pass | quote }}
+    secret-generator.v1.mittwald.de/autogenerate: password
 ---
 apiVersion: apps/v1
 kind: Deployment
@@ -133,7 +127,7 @@ metadata:
  annotations:
 spec:
  rules:
-   - host: nefarious.{{ .Values.homey.url }}
+   - host: nefarious.{{ .Values.homey.internal_url }}
     http:
       paths:
       - path: /
@@ -62,7 +62,7 @@ spec:
        - name: PHOTOPRISM_DATABASE_DRIVER
          value: "sqlite"
        - name: PHOTOPRISM_SITE_URL
-          value: "http://gallery.{{ .Values.homey.url }}"
+          value: "http://gallery.{{ .Values.homey.internal_url }}"
        - name: PHOTOPRISM_SITE_TITLE
          value: "PhotoPrism"
        - name: PHOTOPRISM_SITE_CAPTION
@@ -114,7 +114,7 @@ metadata:
        memrequestbodybytes: 62914560
 spec:
  rules:
-  - host: album.{{ .Values.homey.url }}
+  - host: album.{{ .Values.homey.internal_url }}
    http:
      paths:
      - path: /
@@ -22,7 +22,7 @@ spec:
          value: "false"
        - name: PHPLDAPADMIN_LDAP_HOSTS
          value: ldap://openldap:389
-        image: osixia/phpldapadmin:0.7.1
+        image: osixia/phpldapadmin
        name: phpldapadmin
        ports:
          - containerPort: 80
@@ -47,7 +47,7 @@ metadata:
      kubernetes.io/ingress.allow-http: "false"
 spec:
  rules:
-  - host: ldapadmin.{{ .Values.homey.url }}
+  - host: ldapadmin.{{ .Values.homey.internal_url }}
    http:
      paths:
      - path: /
@@ -57,7 +57,7 @@ metadata:
    ingress.kubernetes.io/auth-url: http://ldap-auth.{{ .Release.Namespace }}.svc.cluster.local:80
 spec:
  rules:
-   - host: torrent.{{ .Values.homey.url }}
+   - host: torrent.{{ .Values.homey.internal_url }}
     http:
       paths:
       - path: /
@@ -2,12 +2,6 @@ replicaCount: 1

 homeyNamespace: homey

-image:
-  repository: nginx
-  pullPolicy: Always
-  # Overrides the image tag whose default is the chart appVersion.
-  tag: ""
-
 imagePullSecrets: []
 nameOverride: "homey-app"
 fullnameOverride: "homey-chart"
@@ -38,22 +32,6 @@ service:
  type: ClusterIP
  port: 80

-ingress:
-  enabled: false
-  className: ""
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
-  hosts:
-    - host: chart-example.local
-      paths:
-        - path: /
-          pathType: ImplementationSpecific
-  tls: []
-  #  - secretName: chart-example-tls
-  #    hosts:
-  #      - chart-example.local
-
 resources: {} # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
@@ -84,5 +62,6 @@ homey:
        ip: "192.168.1.2"
        storageCapacity: 450Gi
    url: zakobar.com
+    internal_url: zakobar.home
    ip: 192.168.1.2