shpaq/auricom-home-cluster
1
0
Fork 0
mirror of https://github.com/auricom/home-cluster.git synced 2025-10-02 00:34:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

⬆️ onepassword-connect app-template v2

Browse Source
This commit is contained in:
auricom
2023-11-04 17:27:25 +01:00
parent 13f6e75b79
commit 6a1b728109
1 changed files with 91 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

168
kubernetes/apps/kube-system/external-secrets/stores/helmrelease.yaml
View File

@@ -9,7 +9,7 @@ spec:
chart:
spec:
chart: app-template
version: 1.5.1
version: 2.0.3
sourceRef:
kind: HelmRepository
name: bjw-s
@@ -26,99 +26,113 @@ spec:
uninstall:
keepHistory: false
values:
controller:
annotations:
reloader.stakater.com/auto: "true"
image:
repository: docker.io/1password/connect-api
tag: 1.7.2
env:
OP_BUS_PORT: "11220"
OP_BUS_PEERS: "localhost:11221"
OP_HTTP_PORT: &port 8080
OP_SESSION:
valueFrom:
secretKeyRef:
name: onepassword-connect-secret
key: 1password-credentials.json
defaultPodOptions:
enableServiceLinks: false
securityContext:
runAsUser: 999
runAsGroup: 999
controllers:
main:
replicas: 2
strategy: RollingUpdate
annotations:
reloader.stakater.com/auto: "true"
containers:
main:
image:
repository: docker.io/1password/connect-api
tag: 1.7.2
env:
OP_BUS_PORT: "11220"
OP_BUS_PEERS: "localhost:11221"
OP_HTTP_PORT: &port 8080
OP_SESSION:
valueFrom:
secretKeyRef:
name: onepassword-connect-secret
key: 1password-credentials.json
probes:
liveness:
enabled: true
custom: true
spec:
httpGet:
path: /heartbeat
port: *port
initialDelaySeconds: 15
periodSeconds: 30
failureThreshold: 3
readiness:
enabled: true
custom: true
spec:
httpGet:
path: /health
port: *port
initialDelaySeconds: 15
startup:
enabled: false
resources:
requests:
cpu: 5m
memory: 10Mi
limits:
memory: 100Mi
sync:
image:
repository: docker.io/1password/connect-sync
image: 1.7.2
env:
OP_HTTP_PORT: &port 8081 }
OP_BUS_PORT: 11221
OP_BUS_PEERS: localhost:11220
OP_SESSION:
valueFrom:
secretKeyRef:
name: onepassword-connect-secret
key: 1password-credentials.json
probes:
readinessProbe:
httpGet:
path: /health
port: *port
initialDelaySeconds: 15
livenessProbe:
httpGet:
path: /heartbeat
port: *port
failureThreshold: 3
periodSeconds: 30
initialDelaySeconds: 15
resources:
requests:
cpu: 5m
memory: 10Mi
limits:
memory: 100Mi
service:
main:
ports:
http:
port: *port
probes:
liveness:
enabled: true
custom: true
spec:
httpGet:
path: /heartbeat
port: *port
initialDelaySeconds: 15
periodSeconds: 30
failureThreshold: 3
readiness:
enabled: true
custom: true
spec:
httpGet:
path: /health
port: *port
initialDelaySeconds: 15
startup:
enabled: false
ingress:
main:
enabled: true
ingressClassName: nginx
className: nginx
annotations:
hajimari.io/enable: "false"
hosts:
- host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
paths:
- path: /
pathType: Prefix
service:
name: main
port: http
tls:
- hosts:
- *host
podSecurityContext:
runAsUser: 999
runAsGroup: 999
persistence:
shared:
enabled: true
type: emptyDir
mountPath: /home/opuser/.op/data
resources:
requests:
cpu: 5m
memory: 10Mi
limits:
memory: 100Mi
sidecars:
sync:
image: docker.io/1password/connect-sync:1.7.2
imagePullPolicy: IfNotPresent
env:
- { name: OP_HTTP_PORT, value: &port 8081 }
- { name: OP_BUS_PORT, value: "11221" }
- { name: OP_BUS_PEERS, value: "localhost:11220" }
- name: OP_SESSION
valueFrom:
secretKeyRef:
name: onepassword-connect-secret
key: 1password-credentials.json
readinessProbe:
httpGet:
path: /health
port: *port
initialDelaySeconds: 15
livenessProbe:
httpGet:
path: /heartbeat
port: *port
failureThreshold: 3
periodSeconds: 30
initialDelaySeconds: 15
volumeMounts:
- { name: shared, mountPath: /home/opuser/.op/data }
globalMounts:
- path: /home/opuser/.op/data