61 lines
2.3 KiB
YAML
61 lines
2.3 KiB
YAML
# services/planka/secretproviderclass.yaml
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: planka-vault
|
|
namespace: planka
|
|
spec:
|
|
provider: vault
|
|
parameters:
|
|
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
|
|
roleName: "planka"
|
|
objects: |
|
|
- objectName: "DATABASE_URL"
|
|
secretPath: "kv/data/atlas/planka/planka-db"
|
|
secretKey: "DATABASE_URL"
|
|
- objectName: "SECRET_KEY"
|
|
secretPath: "kv/data/atlas/planka/planka-secrets"
|
|
secretKey: "SECRET_KEY"
|
|
- objectName: "OIDC_CLIENT_ID"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_CLIENT_ID"
|
|
- objectName: "OIDC_CLIENT_SECRET"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_CLIENT_SECRET"
|
|
- objectName: "OIDC_ENFORCED"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_ENFORCED"
|
|
- objectName: "OIDC_IGNORE_ROLES"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_IGNORE_ROLES"
|
|
- objectName: "OIDC_ISSUER"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_ISSUER"
|
|
- objectName: "OIDC_SCOPES"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_SCOPES"
|
|
- objectName: "OIDC_USE_OAUTH_CALLBACK"
|
|
secretPath: "kv/data/atlas/planka/planka-oidc"
|
|
secretKey: "OIDC_USE_OAUTH_CALLBACK"
|
|
- objectName: "SMTP_FROM"
|
|
secretPath: "kv/data/atlas/planka/planka-smtp"
|
|
secretKey: "SMTP_FROM"
|
|
- objectName: "SMTP_HOST"
|
|
secretPath: "kv/data/atlas/planka/planka-smtp"
|
|
secretKey: "SMTP_HOST"
|
|
- objectName: "SMTP_PASSWORD"
|
|
secretPath: "kv/data/atlas/shared/postmark-relay"
|
|
secretKey: "relay-password"
|
|
- objectName: "SMTP_PORT"
|
|
secretPath: "kv/data/atlas/planka/planka-smtp"
|
|
secretKey: "SMTP_PORT"
|
|
- objectName: "SMTP_SECURE"
|
|
secretPath: "kv/data/atlas/planka/planka-smtp"
|
|
secretKey: "SMTP_SECURE"
|
|
- objectName: "SMTP_TLS_REJECT_UNAUTHORIZED"
|
|
secretPath: "kv/data/atlas/planka/planka-smtp"
|
|
secretKey: "SMTP_TLS_REJECT_UNAUTHORIZED"
|
|
- objectName: "SMTP_USER"
|
|
secretPath: "kv/data/atlas/shared/postmark-relay"
|
|
secretKey: "relay-username"
|