From ee741467dd050a01200e11a74dc2cc48a6e5360a Mon Sep 17 00:00:00 2001 From: Vegard Hagen Date: Sat, 25 Jan 2025 16:43:05 +0100 Subject: [PATCH] fix(lldap): add tmp-volume for bootstrapping --- k8s/infra/auth/lldap/bootstrap.yaml | 31 ++++++++++++------------- k8s/infra/auth/lldap/cnpg-db.yaml | 4 ++-- k8s/infra/auth/lldap/kustomization.yaml | 6 +++++ k8s/infra/auth/lldap/users/test.json | 7 ------ tofu/kubernetes/main.tf | 4 ++-- 5 files changed, 25 insertions(+), 27 deletions(-) delete mode 100644 k8s/infra/auth/lldap/users/test.json diff --git a/k8s/infra/auth/lldap/bootstrap.yaml b/k8s/infra/auth/lldap/bootstrap.yaml index 7be3ecf..8cdc843 100644 --- a/k8s/infra/auth/lldap/bootstrap.yaml +++ b/k8s/infra/auth/lldap/bootstrap.yaml @@ -39,26 +39,17 @@ spec: name: lldap-credentials key: LLDAP_LDAP_USER_PASS volumeMounts: - - name: users - mountPath: /bootstrap/user-configs - readOnly: true + - name: tmp + mountPath: /tmp - name: groups mountPath: /bootstrap/group-configs readOnly: true + - name: users + mountPath: /bootstrap/user-configs + readOnly: true volumes: - - name: users - projected: - sources: - - secret: - name: lldap-config - items: - - key: users.json - path: users.json - - configMap: - name: users - items: - - key: test.json - path: test.json + - name: tmp + emptyDir: { } - name: groups projected: sources: @@ -67,3 +58,11 @@ spec: items: - key: groups.json path: groups.json + - name: users + projected: + sources: + - secret: + name: lldap-config + items: + - key: users.json + path: users.json diff --git a/k8s/infra/auth/lldap/cnpg-db.yaml b/k8s/infra/auth/lldap/cnpg-db.yaml index 295be56..330d3fc 100644 --- a/k8s/infra/auth/lldap/cnpg-db.yaml +++ b/k8s/infra/auth/lldap/cnpg-db.yaml @@ -31,9 +31,9 @@ spec: # spec: # type: LoadBalancer storage: - size: 1G + size: 2G pvcTemplate: storageClassName: proxmox-csi - volumeName: pv-lldap-postgres + volumeName: pv-lldap-database accessModes: - ReadWriteOnce diff --git a/k8s/infra/auth/lldap/kustomization.yaml b/k8s/infra/auth/lldap/kustomization.yaml index e6b5d23..bbd4e1d 100644 --- a/k8s/infra/auth/lldap/kustomization.yaml +++ b/k8s/infra/auth/lldap/kustomization.yaml @@ -25,6 +25,12 @@ configMapGenerator: namespace: lldap files: - users/test.json + - users/more-users.json + - name: custom-schemas + namespace: lldap + files: + - group-schemas/group-application.json + - user-schemas/user-details.json resources: - ns.yaml diff --git a/k8s/infra/auth/lldap/users/test.json b/k8s/infra/auth/lldap/users/test.json deleted file mode 100644 index 36ad855..0000000 --- a/k8s/infra/auth/lldap/users/test.json +++ /dev/null @@ -1,7 +0,0 @@ -{ - "id": "test", - "email": "test-user@stonegarden.dev", - "firstName": "Test", - "lastName": "User", - "displayName": "Test User" -} diff --git a/tofu/kubernetes/main.tf b/tofu/kubernetes/main.tf index c7c78f9..2c9a782 100644 --- a/tofu/kubernetes/main.tf +++ b/tofu/kubernetes/main.tf @@ -132,9 +132,9 @@ module "volumes" { node = "euclid" size = "1G" } - pv-lldap-postgres = { + pv-lldap-database = { node = "euclid" - size = "1G" + size = "2G" } pv-keycloak-postgres = { node = "euclid"