105 lines
2.5 KiB
YAML
105 lines
2.5 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: wekan-config
|
|
labels:
|
|
app: wekan
|
|
tier: server
|
|
namespace: wekan
|
|
data:
|
|
MONGO_URL: REDACTED
|
|
ROOT_URL: "https://wekan.kmlabz.com"
|
|
MAIL_URL: "smtp://192.168.42.7:25/?tls={rejectUnauthorized:false}"
|
|
MAIL_FROM: "Wekan Notifications <wekan@kmlabz.com>"
|
|
ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURES_BEFORE: "3"
|
|
ACCOUNTS_LOCKOUT_KNOWN_USERS_PERIOD: "60"
|
|
ACCOUNTS_LOCKOUT_KNOWN_USERS_FAILURE_WINDOW: "15"
|
|
ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURES_BERORE: "3"
|
|
ACCOUNTS_LOCKOUT_UNKNOWN_USERS_LOCKOUT_PERIOD: "60"
|
|
ACCOUNTS_LOCKOUT_UNKNOWN_USERS_FAILURE_WINDOW: "15"
|
|
WITH_API: "true"
|
|
RICHER_CARD_COMMENT_EDITOR: "false"
|
|
SCROLLINERTIA: "0"
|
|
SCROLLAMOUNT: "auto"
|
|
CARD_OPENED_WEBHOOK_ENABLED: "false"
|
|
BIGEVENTS_PATTERN: "NONE"
|
|
BROWSER_POLICY_ENABLED: "true"
|
|
OAUTH2_ID_MAP: preferred_username
|
|
OAUTH2_USERNAME_MAP: preferred_username
|
|
OAUTH2_FULLNAME_MAP: given_name
|
|
OAUTH2_EMAIL_MAP: email
|
|
OAUTH2_ENABLED: "true"
|
|
OAUTH2_LOGIN_STYLE: redirect
|
|
OAUTH2_CLIENT_ID: REDACTED
|
|
OAUTH2_SERVER_URL: "https://keycloak.kmlabz.com/auth"
|
|
OAUTH2_AUTH_ENDPOINT: /realms/master/protocol/openid-connect/auth
|
|
OAUTH2_USERINFO_ENDPOINT: /realms/master/protocol/openid-connect/userinfo
|
|
OAUTH2_TOKEN_ENDPOINT: /realms/master/protocol/openid-connect/token
|
|
OAUTH2_SECRET: REDACTED
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: wekan
|
|
namespace: wekan
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: wekan
|
|
tier: server
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: wekan
|
|
tier: server
|
|
spec:
|
|
containers:
|
|
- name: wekan
|
|
image: wekanteam/wekan
|
|
imagePullPolicy: "Always"
|
|
ports:
|
|
- containerPort: 8080
|
|
envFrom:
|
|
- configMapRef:
|
|
name: wekan-config
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: wekan
|
|
namespace: wekan
|
|
spec:
|
|
type: ClusterIP
|
|
ports:
|
|
- port: 80
|
|
targetPort: 8080
|
|
name: http
|
|
protocol: TCP
|
|
selector:
|
|
app: wekan
|
|
tier: server
|
|
---
|
|
apiVersion: networking.k8s.io/v1beta1
|
|
kind: Ingress
|
|
metadata:
|
|
name: wekan
|
|
namespace: wekan
|
|
annotations:
|
|
kubernetes.io/ingress.class: "nginx"
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- wekan.kmlabz.com
|
|
secretName: wekan-cert-secret
|
|
rules:
|
|
- host: wekan.kmlabz.com
|
|
http:
|
|
paths:
|
|
- path: /
|
|
backend:
|
|
serviceName: wekan
|
|
servicePort: http
|