87 lines
3.1 KiB
YAML
87 lines
3.1 KiB
YAML
# services/mailu/secretproviderclass.yaml
|
|
apiVersion: secrets-store.csi.x-k8s.io/v1
|
|
kind: SecretProviderClass
|
|
metadata:
|
|
name: mailu-vault
|
|
namespace: mailu-mailserver
|
|
spec:
|
|
provider: vault
|
|
parameters:
|
|
vaultAddress: "http://vault.vault.svc.cluster.local:8200"
|
|
roleName: "mailu-mailserver"
|
|
objects: |
|
|
- objectName: "mailu-secret__secret-key"
|
|
secretPath: "kv/data/atlas/mailu/mailu-secret"
|
|
secretKey: "secret-key"
|
|
- objectName: "postmark-relay__relay-username"
|
|
secretPath: "kv/data/atlas/shared/postmark-relay"
|
|
secretKey: "relay-username"
|
|
- objectName: "postmark-relay__relay-password"
|
|
secretPath: "kv/data/atlas/shared/postmark-relay"
|
|
secretKey: "relay-password"
|
|
- objectName: "mailu-db-secret__database"
|
|
secretPath: "kv/data/atlas/mailu/mailu-db-secret"
|
|
secretKey: "database"
|
|
- objectName: "mailu-db-secret__username"
|
|
secretPath: "kv/data/atlas/mailu/mailu-db-secret"
|
|
secretKey: "username"
|
|
- objectName: "mailu-db-secret__password"
|
|
secretPath: "kv/data/atlas/mailu/mailu-db-secret"
|
|
secretKey: "password"
|
|
- objectName: "mailu-db-secret__url"
|
|
secretPath: "kv/data/atlas/mailu/mailu-db-secret"
|
|
secretKey: "url"
|
|
- objectName: "mailu-initial-account-secret__password"
|
|
secretPath: "kv/data/atlas/mailu/mailu-initial-account-secret"
|
|
secretKey: "password"
|
|
- objectName: "mailu-sync-credentials__client-id"
|
|
secretPath: "kv/data/atlas/mailu/mailu-sync-credentials"
|
|
secretKey: "client-id"
|
|
- objectName: "mailu-sync-credentials__client-secret"
|
|
secretPath: "kv/data/atlas/mailu/mailu-sync-credentials"
|
|
secretKey: "client-secret"
|
|
- objectName: "harbor-pull__dockerconfigjson"
|
|
secretPath: "kv/data/atlas/harbor-pull/mailu-mailserver"
|
|
secretKey: "dockerconfigjson"
|
|
secretObjects:
|
|
- secretName: mailu-secret
|
|
type: Opaque
|
|
data:
|
|
- objectName: mailu-secret__secret-key
|
|
key: secret-key
|
|
- secretName: mailu-postmark-relay
|
|
type: Opaque
|
|
data:
|
|
- objectName: postmark-relay__relay-username
|
|
key: relay-username
|
|
- objectName: postmark-relay__relay-password
|
|
key: relay-password
|
|
- secretName: mailu-db-secret
|
|
type: Opaque
|
|
data:
|
|
- objectName: mailu-db-secret__database
|
|
key: database
|
|
- objectName: mailu-db-secret__username
|
|
key: username
|
|
- objectName: mailu-db-secret__password
|
|
key: password
|
|
- objectName: mailu-db-secret__url
|
|
key: url
|
|
- secretName: mailu-initial-account-secret
|
|
type: Opaque
|
|
data:
|
|
- objectName: mailu-initial-account-secret__password
|
|
key: password
|
|
- secretName: mailu-sync-credentials
|
|
type: Opaque
|
|
data:
|
|
- objectName: mailu-sync-credentials__client-id
|
|
key: client-id
|
|
- objectName: mailu-sync-credentials__client-secret
|
|
key: client-secret
|
|
- secretName: harbor-regcred
|
|
type: kubernetes.io/dockerconfigjson
|
|
data:
|
|
- objectName: harbor-pull__dockerconfigjson
|
|
key: .dockerconfigjson
|