mirror of
https://github.com/auricom/home-cluster.git
synced 2025-10-02 16:51:52 +02:00
⬆️ onepassword-connect app-template v2
This commit is contained in:
auricom
@@ -9,7 +9,7 @@ spec:
|
|||||||
chart:
|
chart:
|
||||||
spec:
|
spec:
|
||||||
chart: app-template
|
chart: app-template
|
||||||
version: 1.5.1
|
version: 2.0.3
|
||||||
sourceRef:
|
sourceRef:
|
||||||
kind: HelmRepository
|
kind: HelmRepository
|
||||||
name: bjw-s
|
name: bjw-s
|
||||||
@@ -26,99 +26,113 @@ spec:
|
|||||||
uninstall:
|
uninstall:
|
||||||
keepHistory: false
|
keepHistory: false
|
||||||
values:
|
values:
|
||||||
controller:
|
defaultPodOptions:
|
||||||
annotations:
|
enableServiceLinks: false
|
||||||
reloader.stakater.com/auto: "true"
|
securityContext:
|
||||||
image:
|
runAsUser: 999
|
||||||
repository: docker.io/1password/connect-api
|
runAsGroup: 999
|
||||||
tag: 1.7.2
|
controllers:
|
||||||
env:
|
main:
|
||||||
OP_BUS_PORT: "11220"
|
replicas: 2
|
||||||
OP_BUS_PEERS: "localhost:11221"
|
strategy: RollingUpdate
|
||||||
OP_HTTP_PORT: &port 8080
|
annotations:
|
||||||
OP_SESSION:
|
reloader.stakater.com/auto: "true"
|
||||||
valueFrom:
|
containers:
|
||||||
secretKeyRef:
|
main:
|
||||||
name: onepassword-connect-secret
|
image:
|
||||||
key: 1password-credentials.json
|
repository: docker.io/1password/connect-api
|
||||||
|
tag: 1.7.2
|
||||||
|
env:
|
||||||
|
OP_BUS_PORT: "11220"
|
||||||
|
OP_BUS_PEERS: "localhost:11221"
|
||||||
|
OP_HTTP_PORT: &port 8080
|
||||||
|
OP_SESSION:
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: onepassword-connect-secret
|
||||||
|
key: 1password-credentials.json
|
||||||
|
probes:
|
||||||
|
liveness:
|
||||||
|
enabled: true
|
||||||
|
custom: true
|
||||||
|
spec:
|
||||||
|
httpGet:
|
||||||
|
path: /heartbeat
|
||||||
|
port: *port
|
||||||
|
initialDelaySeconds: 15
|
||||||
|
periodSeconds: 30
|
||||||
|
failureThreshold: 3
|
||||||
|
readiness:
|
||||||
|
enabled: true
|
||||||
|
custom: true
|
||||||
|
spec:
|
||||||
|
httpGet:
|
||||||
|
path: /health
|
||||||
|
port: *port
|
||||||
|
initialDelaySeconds: 15
|
||||||
|
startup:
|
||||||
|
enabled: false
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 5m
|
||||||
|
memory: 10Mi
|
||||||
|
limits:
|
||||||
|
memory: 100Mi
|
||||||
|
sync:
|
||||||
|
image:
|
||||||
|
repository: docker.io/1password/connect-sync
|
||||||
|
image: 1.7.2
|
||||||
|
env:
|
||||||
|
OP_HTTP_PORT: &port 8081 }
|
||||||
|
OP_BUS_PORT: 11221
|
||||||
|
OP_BUS_PEERS: localhost:11220
|
||||||
|
OP_SESSION:
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: onepassword-connect-secret
|
||||||
|
key: 1password-credentials.json
|
||||||
|
probes:
|
||||||
|
readinessProbe:
|
||||||
|
httpGet:
|
||||||
|
path: /health
|
||||||
|
port: *port
|
||||||
|
initialDelaySeconds: 15
|
||||||
|
livenessProbe:
|
||||||
|
httpGet:
|
||||||
|
path: /heartbeat
|
||||||
|
port: *port
|
||||||
|
failureThreshold: 3
|
||||||
|
periodSeconds: 30
|
||||||
|
initialDelaySeconds: 15
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
cpu: 5m
|
||||||
|
memory: 10Mi
|
||||||
|
limits:
|
||||||
|
memory: 100Mi
|
||||||
service:
|
service:
|
||||||
main:
|
main:
|
||||||
ports:
|
ports:
|
||||||
http:
|
http:
|
||||||
port: *port
|
port: *port
|
||||||
probes:
|
|
||||||
liveness:
|
|
||||||
enabled: true
|
|
||||||
custom: true
|
|
||||||
spec:
|
|
||||||
httpGet:
|
|
||||||
path: /heartbeat
|
|
||||||
port: *port
|
|
||||||
initialDelaySeconds: 15
|
|
||||||
periodSeconds: 30
|
|
||||||
failureThreshold: 3
|
|
||||||
readiness:
|
|
||||||
enabled: true
|
|
||||||
custom: true
|
|
||||||
spec:
|
|
||||||
httpGet:
|
|
||||||
path: /health
|
|
||||||
port: *port
|
|
||||||
initialDelaySeconds: 15
|
|
||||||
startup:
|
|
||||||
enabled: false
|
|
||||||
ingress:
|
ingress:
|
||||||
main:
|
main:
|
||||||
enabled: true
|
enabled: true
|
||||||
ingressClassName: nginx
|
className: nginx
|
||||||
annotations:
|
annotations:
|
||||||
hajimari.io/enable: "false"
|
hajimari.io/enable: "false"
|
||||||
hosts:
|
hosts:
|
||||||
- host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
|
- host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}"
|
||||||
paths:
|
paths:
|
||||||
- path: /
|
- path: /
|
||||||
pathType: Prefix
|
service:
|
||||||
|
name: main
|
||||||
|
port: http
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
- *host
|
- *host
|
||||||
podSecurityContext:
|
|
||||||
runAsUser: 999
|
|
||||||
runAsGroup: 999
|
|
||||||
persistence:
|
persistence:
|
||||||
shared:
|
shared:
|
||||||
enabled: true
|
|
||||||
type: emptyDir
|
type: emptyDir
|
||||||
mountPath: /home/opuser/.op/data
|
globalMounts:
|
||||||
resources:
|
- path: /home/opuser/.op/data
|
||||||
requests:
|
|
||||||
cpu: 5m
|
|
||||||
memory: 10Mi
|
|
||||||
limits:
|
|
||||||
memory: 100Mi
|
|
||||||
sidecars:
|
|
||||||
sync:
|
|
||||||
image: docker.io/1password/connect-sync:1.7.2
|
|
||||||
imagePullPolicy: IfNotPresent
|
|
||||||
env:
|
|
||||||
- { name: OP_HTTP_PORT, value: &port 8081 }
|
|
||||||
- { name: OP_BUS_PORT, value: "11221" }
|
|
||||||
- { name: OP_BUS_PEERS, value: "localhost:11220" }
|
|
||||||
- name: OP_SESSION
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: onepassword-connect-secret
|
|
||||||
key: 1password-credentials.json
|
|
||||||
readinessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /health
|
|
||||||
port: *port
|
|
||||||
initialDelaySeconds: 15
|
|
||||||
livenessProbe:
|
|
||||||
httpGet:
|
|
||||||
path: /heartbeat
|
|
||||||
port: *port
|
|
||||||
failureThreshold: 3
|
|
||||||
periodSeconds: 30
|
|
||||||
initialDelaySeconds: 15
|
|
||||||
volumeMounts:
|
|
||||||
- { name: shared, mountPath: /home/opuser/.op/data }
|
|
||||||
|
|||||||
Reference in New Issue
Block a user