server-manager/kubernetes-operator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added config path to file
Some checks failed
Build and Push Docker Image / Build image (push) Has been cancelled
Details

Browse Source
This commit is contained in:
ACoolName
2025-04-05 17:15:00 +03:00
parent f83de32368
commit 39f1c0d92c
8 changed files with 170 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
config/manager/config.yaml Normal file
View File

@@ -0,0 +1,31 @@
# https://kubernetes.io/docs/concepts/configuration/configmap/
apiVersion: v1
kind: ConfigMap
metadata:
name: server-manager-config
namespace: server-manager
data:
config.yaml: |
domain_label: "ddns.acooldomain.co/hostname"
default_domain: "acooldomain.co"
browser:
domain: games.acooldomain.co
sub_path: /browsers
auth_header: x-authentik-username
cert_resolver: letsencrypt
entrypoints:
- websecure
additional_routes:
- kind: Rule
match: "Host(`games.acooldomain.co`) && PathPrefix(`/outpost.goauthentik.io/`)"
priority: 15
services:
- kind: Service
name: ak-outpost-traefik
namespace: authentik
port: 9000
middleware:
name: authentik
namespace: authentik

3
config/manager/kustomization.yaml
View File

@@ -1,2 +1,3 @@
resources:
- manager.yaml
- config.yaml
- manager.yaml

84
config/manager/manager.yaml
View File

@@ -5,13 +5,13 @@ metadata:
control-plane: controller-manager
app.kubernetes.io/name: kubernetes-operator
app.kubernetes.io/managed-by: kustomize
name: system
name: server-manager
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: controller-manager
namespace: system
namespace: server-manager
labels:
control-plane: controller-manager
app.kubernetes.io/name: kubernetes-operator
@@ -48,6 +48,11 @@ spec:
# operator: In
# values:
# - linux
volumes:
- name: config
configMap:
name: server-manager-config
securityContext:
runAsNonRoot: true
# TODO(user): For common cases that do not require escalating privileges
@@ -55,41 +60,44 @@ spec:
# More info: https://kubernetes.io/docs/concepts/security/pod-security-standards/#restricted
# Please uncomment the following code if your project does NOT have to work on old Kubernetes
# versions < 1.19 or on vendors versions which do NOT support this field by default (i.e. Openshift < 4.11 ).
# seccompProfile:
# type: RuntimeDefault
seccompProfile:
type: RuntimeDefault
containers:
- command:
- /manager
args:
- --leader-elect
- --health-probe-bind-address=:8081
image: controller:latest
name: manager
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
# TODO(user): Configure the resources accordingly based on the project requirements.
# More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
serviceAccountName: controller-manager
- command:
- /manager
image: git.acooldomain.co/server-manager/kubernetes-operator:v0.0.3
env:
- name: CONFIG_PATH
value: /etc/server-manager/config.yaml
volumeMounts:
- name: config
mountPath: /etc/server-manager
name: manager
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- "ALL"
livenessProbe:
httpGet:
path: /healthz
port: 8081
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /readyz
port: 8081
initialDelaySeconds: 5
periodSeconds: 10
# TODO(user): Configure the resources accordingly based on the project requirements.
# More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
resources:
limits:
cpu: 500m
memory: 128Mi
requests:
cpu: 10m
memory: 64Mi
serviceAccountName: server-manager
terminationGracePeriodSeconds: 10