--- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: kanboard-pvc spec: accessModes: - ReadWriteOnce storageClassName: local-path resources: requests: storage: 2Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: kanboard-deployment labels: app: kanboard spec: replicas: 1 selector: matchLabels: app: kanboard template: metadata: labels: app: kanboard spec: containers: - name: oauth-proxy image: quay.io/oauth2-proxy/oauth2-proxy:v7.4.0 args: - --cookie-secret=`$COOKIE_SECRET` - --cookie-secure=false - --email-domain=* - --provider=keycloak-oidc - --client-id=kanboard - --client-secret=oT6dMBS87jc385utLumMoffJ9MqLEGRY - --redirect-url=https://kanboard.jpace121.net - --oidc-issuer-url=https://auth.jpace121.net/realms/jpace121-main - --reverse-proxy=true - --upstream=http://localhost:80/ - --http-address=0.0.0.0:8080 ports: - containerPort: 8080 env: - name: COOKIE_SECRET valueFrom: secretKeyRef: name: kanboard-cookie key: cookie-secret - name: kanboard-app image: 192.168.1.149:8443/kanboard:latest ports: - containerPort: 80 - containerPort: 443 env: - name: DATABASE_URL value: "postgres://postgres:jdsjkksksklw@localhost/kanboard" - name: kanboard-db image: docker.io/library/postgres:bullseye env: - name: POSTGRES_DB value: "kanboard" - name: POSTGRES_PASSWORD value: "jdsjkksksklw" volumeMounts: - name: db-storage mountPath: "/var/lib/postgresql/data" volumes: - name: db-storage persistentVolumeClaim: claimName: kanboard-pvc --- apiVersion: v1 kind: Service metadata: name: kanboard-service spec: selector: app: kanboard ports: - protocol: TCP targetPort: 8080 port: 80 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: kanboard-ingress spec: rules: - host: kanboard.jpace121.net http: paths: - path: / pathType: Prefix backend: service: name: kanboard-service port: number: 80