apiVersion: apps/v1 kind: Deployment metadata: name: siranga labels: app: siranga app.kubernetes.io/name: siranga spec: replicas: 1 selector: matchLabels: app: siranga template: metadata: labels: app: siranga annotations: kubectl.kubernetes.io/default-container: siranga spec: # Service links cause issues with the HTTP_PORT and SSH_PORT env variables enableServiceLinks: false containers: - name: siranga image: git.huizinga.dev/dreaded_x/siranga@${DIGEST} imagePullPolicy: IfNotPresent resources: limits: cpu: 200m memory: 256Mi requests: cpu: 50m memory: 100Mi ports: - name: ssh containerPort: 2222 - name: http containerPort: 3000 - name: metrics containerPort: 4000 volumeMounts: - name: credentials readOnly: true mountPath: "/secrets/credentials" - name: key readOnly: true mountPath: "/secrets/key" env: - name: RUST_LOG value: info,siranga=debug - name: TUNNEL_DOMAIN value: tunnel.${domain} - name: AUTHZ_ENDPOINT value: http://authelia.authelia.svc.cluster.local:80/api/authz/forward-auth - name: LDAP_ADDRESS value: ldap://lldap.lldap.svc.cluster.local:3890 - name: LDAP_BASE value: ou=people,dc=huizinga,dc=dev - name: LDAP_BIND_DN value: uid=siranga.siranga,ou=people,dc=huizinga,dc=dev - name: LDAP_PASSWORD_FILE value: /secrets/credentials/password - name: PRIVATE_KEY_FILE value: /secrets/key/private.pem livenessProbe: httpGet: path: /healthz port: metrics initialDelaySeconds: 3 periodSeconds: 3 volumes: - name: credentials secret: secretName: siranga-lldap-credentials - name: key secret: secretName: siranga-key