--- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: kanboard-pvc spec: accessModes: - ReadWriteOnce storageClassName: local-path resources: requests: storage: 2Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: kanboard-deployment labels: app: kanboard spec: replicas: 1 selector: matchLabels: app: kanboard template: metadata: labels: app: kanboard spec: containers: - name: oauth-proxy image: quay.io/oauth2-proxy/oauth2-proxy:v7.4.0 args: - --cookie-secret=RWqAKjoAp1-kDc2QRtITP8xx6WsXQzDGl33ExDh8mcs= - --cookie-secure=false - --email-domain=* - --provider=keycloak-oidc - --client-id=kanboard - --client-secret=oT6dMBS87jc385utLumMoffJ9MqLEGRY - --redirect-url=http://kanboard.jpace121.net - --oidc-issuer-url=https://auth.jpace121.net/realms/jpace121-main - --pass-user-headers=true - --reverse-proxy=true - --upstream=http://localhost:80/ - --http-address=0.0.0.0:8080 ports: - containerPort: 8080 - name: kanboard-app image: 192.168.1.128:8443/kanboard:latest ports: - containerPort: 80 - containerPort: 443 env: - name: DATABASE_URL value: "postgres://postgres:jdsjkksksklw@localhost/kanboard" - name: kanboard-db image: docker.io/library/postgres:bullseye env: - name: POSTGRES_DB value: "kanboard" - name: POSTGRES_PASSWORD value: "jdsjkksksklw" volumeMounts: - name: db-storage mountPath: "/var/lib/postgresql/data" volumes: - name: db-storage persistentVolumeClaim: claimName: kanboard-pvc --- apiVersion: v1 kind: Service metadata: name: kanboard-service spec: selector: app: kanboard ports: - protocol: TCP targetPort: 8080 port: 80 --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: kanboard-ingress spec: rules: - host: kanboard.jpace121.net http: paths: - path: / pathType: Prefix backend: service: name: kanboard-service port: number: 80