feat: Added lldap

2025-12-17 01:56:24 +01:00
parent 0b7ba9c2a4
commit bfaec9d4d5
14 changed files with 228 additions and 0 deletions
--- a/apps/lldap/base/cluster.yaml
+++ b/apps/lldap/base/cluster.yaml
@@ -0,0 +1,10 @@
+apiVersion: postgresql.cnpg.io/v1
+kind: Cluster
+metadata:
+  name: db
+  namespace: lldap
+  # TODO: Add labels?
+spec:
+  storage:
+    size: 8Gi
+    storageClass: local-path
--- a/apps/lldap/base/deployment.yaml
+++ b/apps/lldap/base/deployment.yaml
@@ -0,0 +1,70 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: lldap
+  namespace: lldap
+  labels:
+    app.kubernetes.io/name: lldap
+    app.kubernetes.io/instance: lldap
+spec:
+  selector:
+    matchLabels:
+      app: lldap
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: lldap
+        app.kubernetes.io/instance: lldap
+    spec:
+      topologySpreadConstraints:
+        - maxSkew: 1
+          topologyKey: kubernetes.io/hostname
+          whenUnsatisfiable: DoNotSchedule
+          labelSelector:
+            matchLabels:
+              app.kubernetes.io/name: lldap
+              app.kubernetes.io/instance: lldap
+      containers:
+        - name: lldap
+          image: lldap/lldap:2025-12-12-alpine-rootless
+          env:
+            - name: UID
+              value: "1001"
+            - name: GID
+              value: "1001"
+            - name: LLDAP_LDAP_BASE_DN
+              value: dc=huizinga,dc=dev
+            - name: LLDAP_LDAP_USER_PASS
+              valueFrom:
+                secretKeyRef:
+                  name: credentials
+                  key: admin-pass
+            - name: LLDAP_KEY_SEED
+              valueFrom:
+                secretKeyRef:
+                  name: credentials
+                  key: key-seed
+            - name: LLDAP_JWT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: credentials
+                  key: jwt-secret
+            - name: LLDAP_DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: postgres-app
+                  key: uri
+            - name: TZ
+              value: CET
+          livenessProbe:
+            exec:
+              command:
+                - /app/lldap
+                - healthcheck
+            initialDelaySeconds: 5
+            periodSeconds: 30
+          ports:
+            - name: ldap
+              containerPort: 3890
+            - name: web
+              containerPort: 17170
--- a/apps/lldap/base/kustomization.yaml
+++ b/apps/lldap/base/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - namespace.yaml
+  - deployment.yaml
+  - service.yaml
--- a/apps/lldap/base/namespace.yaml
+++ b/apps/lldap/base/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: lldap
--- a/apps/lldap/base/service.yaml
+++ b/apps/lldap/base/service.yaml
@@ -0,0 +1,19 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: lldap
+  namespace: lldap
+  labels:
+    app.kubernetes.io/name: lldap
+    app.kubernetes.io/instance: lldap
+spec:
+  selector:
+    app.kubernetes.io/name: lldap
+    app.kubernetes.io/instance: lldap
+  ports:
+    - name: ldap
+      port: 3890
+      targetPort: ldap
+    - name: web
+      port: 17170
+      targetPort: web