shahab/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7ff41acc3dcddae3bbfa385315fe20f5eee531ad
homelab/elasticsearch/cluster.yaml

65 lines
2.0 KiB
YAML
Raw Blame History

---
apiVersion: onepassword.com/v1
kind: OnePasswordItem
metadata:
name: kibana-authentik
namespace: elastic-system
annotations:
operator.1password.io/auto-restart: "true"
spec:
itemPath: "vaults/Lab/items/kibana-authentik"
---
apiVersion: elasticsearch.k8s.elastic.co/v1
kind: Elasticsearch
metadata:
name: elasticsearch
namespace: elastic-system
spec:
version: 8.15.2
http:
tls:
certificate:
secretName: elasticsearch-es-http-tls-internal
# secureSettings:
# - secretName: kibana-authentik
# entries:
# - key: client-secret
# path: "xpack.security.authc.realms.oidc.authentik.rp.client_secret"
nodeSets:
- name: node
count: 3
podTemplate:
spec:
containers:
- name: elasticsearch
resources:
limits:
memory: 8Gi
volumeClaimTemplates:
- metadata:
name: elasticsearch-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: longhorn
config:
node.roles: ["master", "data"]
# xpack.security.authc.token.enabled: true
# xpack.security.authc.realms.oidc.authentik:
# order: 2
# rp.client_id: "atlY82FGIBYvUg87cnENzks5ft1AUUtIfQsXSDog"
# rp.response_type: code
# rp.redirect_uri: "https://kibana.dogar.dev/api/security/oidc/callback"
# op.issuer: "https://auth.dogar.dev/application/o/kibana/"
# op.authorization_endpoint: "https://auth.dogar.dev/application/o/authorize/"
# op.token_endpoint: "https://auth.dogar.dev/application/o/token/"
# op.jwkset_path: "https://auth.dogar.dev/application/o/kibana/jwks/"
# op.userinfo_endpoint: "https://auth.dogar.dev/application/o/userinfo/"
# op.endsession_endpoint: "https://auth.dogar.dev/application/o/kibana/end-session/"
# rp.post_logout_redirect_uri: "https://kibana.dogar.dev/security/logged_out"
# claims.principal: sub
# claims.groups: groups
Reference in New Issue View Git Blame Copy Permalink