Expose nodeport for linkding
This commit is contained in:
Daniel Cosme
@@ -7,9 +7,11 @@ metadata:
|
|||||||
namespace: linkding
|
namespace: linkding
|
||||||
spec:
|
spec:
|
||||||
ports:
|
ports:
|
||||||
- port: 9090
|
- nodePort: 9090
|
||||||
|
port: 9090
|
||||||
targetPort: 0
|
targetPort: 0
|
||||||
selector:
|
selector:
|
||||||
app: linking
|
app: linking
|
||||||
|
type: NodePort
|
||||||
status:
|
status:
|
||||||
loadBalancer: {}
|
loadBalancer: {}
|
||||||
|
|||||||
@@ -16,6 +16,8 @@ var pvc core.PersistentVolumeClaim
|
|||||||
func init() {
|
func init() {
|
||||||
meta = kube.NewMetadata("linking", Namespace)
|
meta = kube.NewMetadata("linking", Namespace)
|
||||||
srv = meta.Service(root.Linkding.Port)
|
srv = meta.Service(root.Linkding.Port)
|
||||||
|
srv.Spec.Type = core.ServiceTypeNodePort
|
||||||
|
srv.Spec.Ports[0].NodePort = root.Linkding.Port
|
||||||
pvc = meta.PVC()
|
pvc = meta.PVC()
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -33,17 +35,15 @@ func deployment() apps.Deployment {
|
|||||||
storage := kube.NewVolumeFrom(kube.VolumeSourcePVC, "data", pvc.Name)
|
storage := kube.NewVolumeFrom(kube.VolumeSourcePVC, "data", pvc.Name)
|
||||||
pod_spec := core.PodSpec{
|
pod_spec := core.PodSpec{
|
||||||
SecurityContext: &core.PodSecurityContext{
|
SecurityContext: &core.PodSecurityContext{
|
||||||
RunAsUser: new(int64(33)), // www-data user ID
|
RunAsUser: &root.Linkding.SecurityContextID,
|
||||||
RunAsGroup: new(int64(33)),
|
RunAsGroup: &root.Linkding.SecurityContextID,
|
||||||
FSGroup: new(int64(33)),
|
FSGroup: &root.Linkding.SecurityContextID,
|
||||||
},
|
},
|
||||||
Containers: []core.Container{
|
Containers: []core.Container{
|
||||||
{
|
{
|
||||||
Name: root.Linkding.Name,
|
Name: root.Linkding.Name,
|
||||||
Image: root.Linkding.Image,
|
Image: root.Linkding.Image,
|
||||||
SecurityContext: &core.SecurityContext{
|
SecurityContext: root.ContainerSecurityContext,
|
||||||
AllowPrivilegeEscalation: new(false),
|
|
||||||
},
|
|
||||||
Ports: []core.ContainerPort{{
|
Ports: []core.ContainerPort{{
|
||||||
ContainerPort: root.Linkding.Port,
|
ContainerPort: root.Linkding.Port,
|
||||||
}},
|
}},
|
||||||
|
|||||||
@@ -1,5 +1,9 @@
|
|||||||
package root
|
package root
|
||||||
|
|
||||||
|
import (
|
||||||
|
core "k8s.io/api/core/v1"
|
||||||
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
HYDRA_CLUSTER = "hydra"
|
HYDRA_CLUSTER = "hydra"
|
||||||
HYDRA_HOSTNAME = "hydra-0" // VPN Host
|
HYDRA_HOSTNAME = "hydra-0" // VPN Host
|
||||||
@@ -11,3 +15,9 @@ const (
|
|||||||
FLUX_APPS_HYDRA_PATH = "./apps/" + HYDRA_CLUSTER
|
FLUX_APPS_HYDRA_PATH = "./apps/" + HYDRA_CLUSTER
|
||||||
FLUX_CLUSTER_HYDRA_PATH = "./clusters/" + HYDRA_CLUSTER
|
FLUX_CLUSTER_HYDRA_PATH = "./clusters/" + HYDRA_CLUSTER
|
||||||
)
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
ContainerSecurityContext = &core.SecurityContext{
|
||||||
|
AllowPrivilegeEscalation: new(false),
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|||||||
@@ -4,10 +4,12 @@ type Service struct {
|
|||||||
Name string
|
Name string
|
||||||
Image string
|
Image string
|
||||||
Port int32
|
Port int32
|
||||||
|
SecurityContextID int64
|
||||||
}
|
}
|
||||||
|
|
||||||
var Linkding = Service{
|
var Linkding = Service{
|
||||||
Name: "linkding",
|
Name: "linkding",
|
||||||
Image: "sissbruecker/linkding:1.31.0",
|
Image: "sissbruecker/linkding:1.31.0",
|
||||||
Port: 9090,
|
Port: 9090,
|
||||||
|
SecurityContextID: 33, // www-data user, group and FS ID
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user