WIP: Install teleport for the k8s authorization #100
@ -22,6 +22,8 @@ environments:
|
|||||||
enabled: true
|
enabled: true
|
||||||
- istio:
|
- istio:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
- teleport:
|
||||||
|
enabled: true
|
||||||
etersoft:
|
etersoft:
|
||||||
kubeContext: etersoft
|
kubeContext: etersoft
|
||||||
values:
|
values:
|
||||||
@ -45,6 +47,8 @@ environments:
|
|||||||
enabled: true
|
enabled: true
|
||||||
- istio:
|
- istio:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
- teleport:
|
||||||
|
enabled: false
|
||||||
xray-1:
|
xray-1:
|
||||||
kubeContext: xray-1
|
kubeContext: xray-1
|
||||||
values:
|
values:
|
||||||
@ -68,6 +72,8 @@ environments:
|
|||||||
enabled: false
|
enabled: false
|
||||||
- istio:
|
- istio:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
- teleport:
|
||||||
|
enabled: false
|
||||||
xray-2:
|
xray-2:
|
||||||
kubeContext: xray-2
|
kubeContext: xray-2
|
||||||
values:
|
values:
|
||||||
@ -91,3 +97,5 @@ environments:
|
|||||||
enabled: false
|
enabled: false
|
||||||
- istio:
|
- istio:
|
||||||
enabled: false
|
enabled: false
|
||||||
|
- teleport:
|
||||||
|
enabled: false
|
||||||
|
|||||||
@ -23,6 +23,8 @@ repositories:
|
|||||||
url: https://kubernetes-sigs.github.io/external-dns/
|
url: https://kubernetes-sigs.github.io/external-dns/
|
||||||
- name: keel
|
- name: keel
|
||||||
url: https://keel-hq.github.io/keel/
|
url: https://keel-hq.github.io/keel/
|
||||||
|
- name: teleport
|
||||||
|
url: https://charts.releases.teleport.dev
|
||||||
|
|
||||||
releases:
|
releases:
|
||||||
- name: db-operator
|
- name: db-operator
|
||||||
@ -112,3 +114,12 @@ releases:
|
|||||||
version: 1.0.4
|
version: 1.0.4
|
||||||
namespace: platform
|
namespace: platform
|
||||||
condition: workload.enabled
|
condition: workload.enabled
|
||||||
|
|
||||||
|
- name: teleport-cluster
|
||||||
|
installed: true
|
||||||
|
version: 16.4.2
|
||||||
|
chart: teleport/teleport-cluster
|
||||||
|
namespace: teleport-cluster
|
||||||
|
condition: teleport.enabled
|
||||||
|
inherit:
|
||||||
|
- template: default-env-values
|
||||||
|
|||||||
@ -8,3 +8,6 @@ namespaces:
|
|||||||
- name: games
|
- name: games
|
||||||
- name: pipelines
|
- name: pipelines
|
||||||
- name: public-xray
|
- name: public-xray
|
||||||
|
- name: teleport-cluster
|
||||||
|
labels:
|
||||||
|
pod-security.kubernetes.io/enforce: baseline
|
||||||
|
|||||||
24
values/badhouseplants/values.teleport-cluster.yaml
Normal file
24
values/badhouseplants/values.teleport-cluster.yaml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
validateConfigOnDeploy: false
|
||||||
|
clusterName: teleport.badhouseplants.net
|
||||||
|
proxyListenerMode: multiplex
|
||||||
|
acme: false
|
||||||
|
acmeEmail: allanger@badhouseplants.net
|
||||||
|
service:
|
||||||
|
type: ClusterIP
|
||||||
|
ingress:
|
||||||
|
enabled: true
|
||||||
|
suppressAutomaticWildcards: true
|
||||||
|
proxy:
|
||||||
|
annotations:
|
||||||
|
ingress:
|
||||||
|
kubernetes.io/tls-acme: "true"
|
||||||
|
kubernetes.io/ingress.allow-http: "false"
|
||||||
|
kubernetes.io/ingress.global-static-ip-name: ""
|
||||||
|
cert-manager.io/cluster-issuer: badhouseplants-issuer-http01
|
||||||
|
traefik.ingress.kubernetes.io/router.entrypoints: web,websecure
|
||||||
|
#tls:
|
||||||
|
#existingSecretName: teleport.badhouseplants.net
|
||||||
|
#publicAddr:
|
||||||
|
# - teleport.badhouseplants.net:443
|
||||||
|
tls:
|
||||||
|
existingSecretName: teleport.badhouseplants.net
|
||||||
Loading…
Reference in New Issue
Block a user