cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
565b548ac127e0d9b112b8b6f35efb7baf371f54
cameleer-server/deploy/server.yaml
hsiegeln 554d6822c0
Some checks failed
CI / build (push) Successful in 1m11s
Details
CI / docker (push) Successful in 40s
Details
CI / deploy (push) Failing after 8s
Details
Add Authentik OIDC provider K8s manifests and wire deployment 
- deploy/authentik.yaml: PostgreSQL StatefulSet, Redis, Authentik
  server (NodePort 30900) and worker, all in cameleer namespace
- deploy/server.yaml: Add CAMELEER_JWT_SECRET and CAMELEER_OIDC_*
  env vars from secrets (all optional for backward compat)
- ci.yml: Create authentik-credentials and cameleer-oidc secrets,
  deploy Authentik before the server
- HOWTO.md: Authentik setup instructions, updated architecture
  diagram and Gitea secrets list

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-14 12:45:02 +01:00

122 lines
3.5 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: cameleer3-server
namespace: cameleer
spec:
replicas: 1
selector:
matchLabels:
app: cameleer3-server
template:
metadata:
labels:
app: cameleer3-server
spec:
imagePullSecrets:
- name: gitea-registry
containers:
- name: server
image: gitea.siegeln.net/cameleer/cameleer3-server:latest
ports:
- containerPort: 8081
env:
- name: SPRING_DATASOURCE_URL
value: "jdbc:ch://clickhouse:8123/cameleer3"
- name: SPRING_DATASOURCE_USERNAME
valueFrom:
secretKeyRef:
name: clickhouse-credentials
key: CLICKHOUSE_USER
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
name: clickhouse-credentials
key: CLICKHOUSE_PASSWORD
- name: CAMELEER_AUTH_TOKEN
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_AUTH_TOKEN
- name: CAMELEER_UI_USER
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_UI_USER
optional: true
- name: CAMELEER_UI_PASSWORD
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_UI_PASSWORD
optional: true
- name: CAMELEER_UI_ORIGIN
value: "http://192.168.50.86:30090"
- name: CAMELEER_JWT_SECRET
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_JWT_SECRET
optional: true
- name: CAMELEER_OIDC_ENABLED
valueFrom:
secretKeyRef:
name: cameleer-oidc
key: CAMELEER_OIDC_ENABLED
optional: true
- name: CAMELEER_OIDC_ISSUER
valueFrom:
secretKeyRef:
name: cameleer-oidc
key: CAMELEER_OIDC_ISSUER
optional: true
- name: CAMELEER_OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: cameleer-oidc
key: CAMELEER_OIDC_CLIENT_ID
optional: true
- name: CAMELEER_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: cameleer-oidc
key: CAMELEER_OIDC_CLIENT_SECRET
optional: true
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /api/v1/health
port: 8081
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/v1/health
port: 8081
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
---
apiVersion: v1
kind: Service
metadata:
name: cameleer3-server
namespace: cameleer
spec:
type: NodePort
selector:
app: cameleer3-server
ports:
- port: 8081
targetPort: 8081
nodePort: 30081
Reference in New Issue View Git Blame Copy Permalink