Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-11-21 14:03:21 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat(chart): add auth private key

Browse Source
This commit is contained in:
Antoine Labarussias 2025-11-03 23:50:25 +01:00 committed by Zoe Roux
parent 66dedaee29
commit 9c57e01426
No known key found for this signature in database
2 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
chart/templates/auth/deployment.yaml
View File

@ -96,6 +96,10 @@ spec:
value: {{ .Values.global.postgres.kyoo_auth.port | quote }} value: {{ .Values.global.postgres.kyoo_auth.port | quote }}
- name: PGSSLMODE - name: PGSSLMODE
value: {{ .Values.global.postgres.kyoo_auth.sslmode | quote }} value: {{ .Values.global.postgres.kyoo_auth.sslmode | quote }}
{{- if .Values.kyoo.auth.privatekey.existingSecret }}
- name: RSA_PRIVATE_KEY_PATH
value: /mnt/private_key/private_key.pem
{{- end }}
{{- with (concat .Values.global.extraEnv .Values.auth.kyoo_auth.extraEnv) }} {{- with (concat .Values.global.extraEnv .Values.auth.kyoo_auth.extraEnv) }}
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}
@ -119,10 +123,17 @@ spec:
securityContext: securityContext:
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}
{{- with .Values.auth.kyoo_auth.extraVolumeMounts }} {{- if or .Values.auth.kyoo_auth.extraVolumeMounts .Values.kyoo.auth.privatekey.existingSecret }}
volumeMounts: volumeMounts:
{{- with .Values.auth.kyoo_auth.extraVolumeMounts }}
{{- toYaml . | nindent 12 }} {{- toYaml . | nindent 12 }}
{{- end }} {{- end }}
{{- if .Values.kyoo.auth.privatekey.existingSecret }}
- name: private-key
mountPath: /mnt/private_key
readOnly: true
{{- end }}
{{- end }}
{{- with .Values.auth.extraContainers }} {{- with .Values.auth.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }} {{- tpl (toYaml .) $ | nindent 8 }}
{{- end }} {{- end }}
@ -130,7 +141,17 @@ spec:
initContainers: initContainers:
{{- tpl (toYaml .) $ | nindent 6 }} {{- tpl (toYaml .) $ | nindent 6 }}
{{- end }} {{- end }}
{{- with .Values.auth.extraVolumes }} {{- if or .Values.auth.extraVolumes .Values.kyoo.auth.privatekey.existingSecret }}
volumes: volumes:
{{- with .Values.auth.extraVolumes }}
{{- toYaml . | nindent 8 }} {{- toYaml . | nindent 8 }}
{{- end }} {{- end }}
{{- if .Values.kyoo.auth.privatekey.existingSecret }}
- name: private-key
secret:
secretName: {{ .Values.kyoo.auth.privatekey.existingSecret }}
items:
- key: {{ .Values.kyoo.auth.privatekey.privatekeyKey }}
path: private_key.pem
{{- end }}
{{- end }}

5
chart/values.yaml
View File

@ -90,6 +90,11 @@ kyoo:
extraClaims: '{"permissions": ["core.read"], "verified": false}' extraClaims: '{"permissions": ["core.read"], "verified": false}'
protectedClaims: "permissions,verified" protectedClaims: "permissions,verified"
# Providing a private key is optional, one will be generated at startup
privatekey:
existingSecret:
privatekeyKey: private_key_rsa
apikeys: apikeys:
scanner: scanner:
existingSecret: bigsecret existingSecret: bigsecret