mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
d33d6c2f00
This change implements yamllint and adjusts all yaml files to abide by our linting setup. This excludes config.template.yml as this will be done in an alternate commit.
142 lines
2.6 KiB
YAML
142 lines
2.6 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: nginx-ingress-controller-serviceaccount
|
|
namespace: authelia
|
|
labels:
|
|
app: nginx-ingress-controller
|
|
...
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: nginx-ingress-controller-clusterrole
|
|
labels:
|
|
app: nginx-ingress-controller
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
- endpoints
|
|
- nodes
|
|
- pods
|
|
- secrets
|
|
verbs:
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- nodes
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- services
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- "extensions"
|
|
resources:
|
|
- ingresses
|
|
verbs:
|
|
- get
|
|
- list
|
|
- watch
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- events
|
|
verbs:
|
|
- create
|
|
- patch
|
|
- apiGroups:
|
|
- "extensions"
|
|
resources:
|
|
- ingresses/status
|
|
verbs:
|
|
- update
|
|
...
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: Role
|
|
metadata:
|
|
name: nginx-ingress-controller-role
|
|
namespace: authelia
|
|
labels:
|
|
app: nginx-ingress-controller
|
|
rules:
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
- pods
|
|
- secrets
|
|
- namespaces
|
|
verbs:
|
|
- get
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
resourceNames:
|
|
# Defaults to "<election-id>-<ingress-class>"
|
|
# Here: "<ingress-controller-leader>-<nginx>"
|
|
# This has to be adapted if you change either parameter
|
|
# when launching the nginx-ingress-controller.
|
|
- "ingress-controller-leader-nginx"
|
|
verbs:
|
|
- get
|
|
- update
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- configmaps
|
|
verbs:
|
|
- create
|
|
- apiGroups:
|
|
- ""
|
|
resources:
|
|
- endpoints
|
|
verbs:
|
|
- get
|
|
...
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: RoleBinding
|
|
metadata:
|
|
name: nginx-ingress-controller-role-nisa-binding
|
|
namespace: authelia
|
|
labels:
|
|
app: nginx-ingress-controller
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: Role
|
|
name: nginx-ingress-controller-role
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: nginx-ingress-controller-serviceaccount
|
|
namespace: authelia
|
|
...
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1beta1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: nginx-ingress-controller-clusterrole-nisa-binding
|
|
labels:
|
|
app: nginx-ingress-controller
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: nginx-ingress-controller-clusterrole
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: nginx-ingress-controller-serviceaccount
|
|
namespace: authelia
|
|
...
|