#_STORAGE______________ apiVersion: v1 kind: PersistentVolume metadata: name: homey-pv-nfs-a labels: isbackup: "true" spec: capacity: storage: {{ .Values.homey.homeyStorage.backupStorageCapacity }} storageClassName: standard accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /homey-backup server: {{ .Values.homey.homeyStorage.ip }} readOnly: false --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: homey-pvc-nfs-a spec: accessModes: - ReadWriteMany resources: requests: storage: {{ .Values.homey.homeyStorage.backupStorageCapacity }} storageClassName: standard selector: matchLabels: isbackup: "true" --- apiVersion: v1 kind: PersistentVolume metadata: name: homey-pv-nfs-b labels: isbackup: "false" spec: capacity: storage: {{ .Values.homey.homeyStorage.nobackupStorageCapacity }} storageClassName: standard accessModes: - ReadWriteMany persistentVolumeReclaimPolicy: Recycle nfs: path: /homey-nobackup server: {{ .Values.homey.homeyStorage.ip }} readOnly: false --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: homey-pvc-nfs-b spec: accessModes: - ReadWriteMany resources: requests: storage: {{ .Values.homey.homeyStorage.nobackupStorageCapacity }} storageClassName: standard selector: matchLabels: isbackup: "false" --- #_LDAP______ apiVersion: v1 kind: Secret metadata: name: openldap-admin annotations: secret-generator.v1.mittwald.de/autogenerate: password --- apiVersion: v1 kind: Secret metadata: name: openldap-config annotations: secret-generator.v1.mittwald.de/autogenerate: password --- apiVersion: v1 kind: Secret metadata: name: openldap-ro annotations: secret-generator.v1.mittwald.de/autogenerate: password --- apiVersion: apps/v1 kind: Deployment metadata: name: openldap labels: app.kubernetes.io/name: openldap spec: selector: matchLabels: app.kubernetes.io/name: openldap replicas: 1 template: metadata: labels: app.kubernetes.io/name: openldap spec: # securityContext: # fsGroup: 0 containers: - name: openldap image: osixia/openldap imagePullPolicy: "Always" env: - name: LDAP_ORGANISATION value: {{ .Values.homey.organization }} - name: LDAP_DOMAIN value: {{ .Values.homey.url }} - name: LDAP_ADMIN_USERNAME value: "admin" - name: LDAP_READONLY_USER value: "true" - name: LDAP_ADMIN_PASSWORD valueFrom: secretKeyRef: key: password name: openldap-admin - name: LDAP_CONFIG_PASSWORD valueFrom: secretKeyRef: key: password name: openldap-config - name: LDAP_READONLY_USER_PASSWORD valueFrom: secretKeyRef: key: password name: openldap-ro ports: - name: tcp-ldap containerPort: 389 - name: ssl-ldap containerPort: 636 volumeMounts: - mountPath: /etc/ldap/slapd.d subPath: openldap/etc/ldap/slapd.d name: openldap-volume - mountPath: /var/lib/ldap subPath: openldap/var/lib/ldap name: openldap-volume volumes: - name: openldap-volume persistentVolumeClaim: claimName: homey-pvc-nfs-a --- apiVersion: v1 kind: Service metadata: name: openldap labels: app.kubernetes.io/name: openldap spec: type: ClusterIP ports: - name: tcp-ldap port: 389 targetPort: tcp-ldap - name: ssl-ldap port: 636 targetPort: ssl-ldap selector: app.kubernetes.io/name: openldap --- #_PHPADMIN________ apiVersion: apps/v1 kind: Deployment metadata: name: phpldapadmin labels: app: phpldapadmin spec: replicas: 1 selector: matchLabels: app: phpldapadmin template: metadata: labels: app: phpldapadmin spec: containers: - env: - name: PHPLDAPADMIN_HTTPS value: "false" - name: PHPLDAPADMIN_LDAP_HOSTS value: ldap://openldap:389 image: osixia/phpldapadmin:0.7.1 name: phpldapadmin ports: - containerPort: 80 restartPolicy: Always --- apiVersion: v1 kind: Service metadata: name: phpldapadmin spec: ports: - port: 80 targetPort: 80 selector: app: phpldapadmin --- apiVersion: extensions/v1beta1 kind: Ingress metadata: name: phpldapadmin spec: tls: - hosts: - phpldapadmin.{{ .Values.homey.url }} rules: - host: phpldapadmin.{{ .Values.homey.url }} http: paths: - backend: serviceName: phpldapadmin servicePort: 80