first commit
120
.env
@ -1,41 +1,83 @@
|
||||
# In all environments, the following files are loaded if they exist,
|
||||
# the latter taking precedence over the former:
|
||||
#
|
||||
# * .env contains default values for the environment variables needed by the app
|
||||
# * .env.local uncommitted file with local overrides
|
||||
# * .env.$APP_ENV committed environment-specific defaults
|
||||
# * .env.$APP_ENV.local uncommitted environment-specific overrides
|
||||
#
|
||||
# Real environment variables win over .env files.
|
||||
#
|
||||
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
|
||||
# https://symfony.com/doc/current/configuration/secrets.html
|
||||
#
|
||||
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
|
||||
# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
|
||||
|
||||
###> symfony/framework-bundle ###
|
||||
APP_ENV=dev
|
||||
APP_SECRET=8340a690dd03a4c60eeee779e007fc5b
|
||||
###< symfony/framework-bundle ###
|
||||
|
||||
###> doctrine/doctrine-bundle ###
|
||||
# Format described at https://www.doctrine-project.org/projects/doctrine-dbal/en/latest/reference/configuration.html#connecting-using-a-url
|
||||
# IMPORTANT: You MUST configure your server version, either here or in config/packages/doctrine.yaml
|
||||
#
|
||||
# DATABASE_URL="sqlite:///%kernel.project_dir%/var/data.db"
|
||||
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=8.0.32&charset=utf8mb4"
|
||||
# DATABASE_URL="mysql://app:!ChangeMe!@127.0.0.1:3306/app?serverVersion=10.11.2-MariaDB&charset=utf8mb4"
|
||||
DATABASE_URL="postgresql://app:!ChangeMe!@127.0.0.1:5432/app?serverVersion=15&charset=utf8"
|
||||
###< doctrine/doctrine-bundle ###
|
||||
|
||||
###> symfony/messenger ###
|
||||
# Choose one of the transports below
|
||||
# MESSENGER_TRANSPORT_DSN=amqp://guest:guest@localhost:5672/%2f/messages
|
||||
# MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
|
||||
APP_ENV=PROD
|
||||
APP_SECRET=changeme
|
||||
DATABASE_URL="postgresql://symfony:changeme@postgres:5432/app?serverVersion=13&charset=utf8"
|
||||
MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
|
||||
###< symfony/messenger ###
|
||||
|
||||
###> symfony/mailer ###
|
||||
# MAILER_DSN=null://null
|
||||
###< symfony/mailer ###
|
||||
APP_AUTH=OPENID # SQL | CAS | LDAP | OPENID
|
||||
APP_MASTERIDENTITY=SSO # SQL | SSO | LDAP
|
||||
APP_SYNCHRO= # Synchronisation null | LDAP2NINE | NINE2LDAP | NINE2NINE
|
||||
|
||||
# Redis Sentiel Session
|
||||
REDIS_HOST='redis-sentinel'
|
||||
REDIS_PORT=26379 # 6379 | 26379
|
||||
REDIS_SERVICE=redismaster # master sentinel name
|
||||
|
||||
# LDAP
|
||||
LDAP_HOST=openldap # host du serveur ldap
|
||||
LDAP_PORT=389 # port du serveur ldap
|
||||
LDAP_USETLS=0 # connection TLS 0/1
|
||||
LDAP_USERWRITER=0 # LDAP_USER compte writer ? 0/1
|
||||
LDAP_USER="cn=admin,dc=nuo,dc=fr" # DN compte access ldap
|
||||
LDAP_PASSWORD=changeme # Password compte access ldap
|
||||
LDAP_BASEDN="dc=nuo,dc=fr" # Base DN ex:dc=nine,dc=fr
|
||||
LDAP_BASEORGANISATION= # Base Organisation ex:ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_BASENIVEAU01= # Base Niveau01 ex:ou=niveau01,ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_BASENIVEAU02= # Base Niveau02 ex:ou=niveau02,ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_BASENIVEAU03= # Base Niveau03 ex:ou=niveau03,ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_BASENIVEAU04= # Base Niveau04 ex:ou=niveau04,ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_BASEGROUP= # Base Group ex:ou=groups,ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_BASEUSER= # Base User ex:ou=users,ou=nineskeletor,dc=nine,dc=fr
|
||||
LDAP_USERNAME=uid # Attribut id d'un user
|
||||
LDAP_FIRSTNAME=givenname # Attribut firstname d'un user
|
||||
LDAP_LASTNAME=sn # Attribut lastname d'un user
|
||||
LDAP_EMAIL=mail # Attribut email d'un user
|
||||
LDAP_AVATAR=jpegPhoto # Attribut avatar d'un user
|
||||
LDAP_MEMBEROF=memberof # Attribut memberof d'un user
|
||||
LDAP_GROUPGID=gidnumber # Attribut gid d'un groupe
|
||||
LDAP_GROUPNAME=cn # Attribut name d'un groupe
|
||||
LDAP_GROUPMEMBER=memberuid # Attribut stockant les membres d'un groupe
|
||||
LDAP_GROUPMEMBERISDN=0 # LDAP_GROUPMEMBER stocke un uid ou un dn ? 0/1
|
||||
LDAP_FILTERGROUP=(cn=*) # requete ldap pour rechercher les groupes
|
||||
LDAP_FILTERUSER=(uid=*) # requete ldap pour rechercher les users
|
||||
LDAP_AUTOSUBMIT=1 # if APP_AUTH = LDAP autocréer les users non existant
|
||||
LDAP_AUTOUPDATE=1 # if APP_AUTH = LDAP automodifier les users existant
|
||||
|
||||
# If APP_AUTH = CAS
|
||||
CAS_HOST=
|
||||
CAS_PORT=
|
||||
CAS_PATH=
|
||||
CAS_USERNAME=username
|
||||
CAS_EMAIL=email
|
||||
CAS_LASTNAME=lastname
|
||||
CAS_FIRSTNAME=firstname
|
||||
CAS_AVATAR=
|
||||
CAS_NIVEAU01=
|
||||
CAS_GROUP=
|
||||
CAS_AUTOSUBMIT=1 # if APP_AUTH = CAS autocréer les users non existant
|
||||
CAS_AUTOUPDATE=1 # if APP_AUTH = CAS automodifier les users existant
|
||||
|
||||
# If APP_AUTH = OPENID
|
||||
OAUTH_CLIENTID=nuosso
|
||||
OAUTH_CLIENTSECRET="changeme"
|
||||
OAUTH_LOGINURL=http://127.0.0.1:7080/oauth2/auth
|
||||
OAUTH_LOGOUTURL=http://127.0.0.1:7080/oauth2/sessions/logout
|
||||
OAUTH_TOKENURL=http://hydra:4444/oauth2/token
|
||||
OAUTH_USERINFO=http://hydra:4444/userinfo
|
||||
OAUTH_USERNAME=username
|
||||
OAUTH_EMAIL=email
|
||||
OAUTH_LASTNAME=lastname
|
||||
OAUTH_FIRSTNAME=firstname
|
||||
OAUTH_AVATAR=
|
||||
OAUTH_AUTOSUBMIT=1 # if APP_AUTH = OPENID autocréer les users non existant
|
||||
OAUTH_AUTOUPDATE=1 # if APP_AUTH = OPENID automodifier les users existant
|
||||
|
||||
# Proxy
|
||||
PROXY_USE=0
|
||||
PROXY_HOST=
|
||||
PROXY_PORT=
|
||||
|
||||
# Hydra apps
|
||||
HYDRA_LOGINCHALLENGE="http://hydra:4445/oauth2/auth/requests/login?login_challenge="
|
||||
HYDRA_LOGINCHALLENGEACCEPT="http://hydra:4445/oauth2/auth/requests/login/accept?login_challenge="
|
||||
HYDRA_CONSENTCHALLENGE="http://hydra:4445/oauth2/auth/requests/consent?consent_challenge="
|
||||
HYDRA_CONSENTCHALLENGEACCEPT="http://hydra:4445/oauth2/auth/requests/consent/accept?consent_challenge="
|
2
.gitignore
vendored
@ -7,6 +7,8 @@
|
||||
/public/bundles/
|
||||
/var/
|
||||
/vendor/
|
||||
/.data
|
||||
|
||||
###< symfony/framework-bundle ###
|
||||
|
||||
###> phpunit/phpunit ###
|
||||
|
59
Makefile
Executable file
@ -0,0 +1,59 @@
|
||||
SHELL := /bin/bash
|
||||
|
||||
ENGINE=kind
|
||||
HARBOR_USER_NAME=afornerot
|
||||
CLUSTER_NAME=nuosso
|
||||
NAMESPACE=app-dev
|
||||
POD=$(shell kubectl get pods --namespace=${NAMESPACE} --no-headers -o custom-columns=":metadata.name" | grep ^${CLUSTER_NAME}-${PODNAME})
|
||||
|
||||
dockercomposebuild:
|
||||
docker-compose build --no-cache
|
||||
|
||||
dockercomposeup:
|
||||
docker-compose up -d
|
||||
docker-compose exec app bin/console d:s:u --force --complete
|
||||
docker-compose exec app bin/console app:Init
|
||||
|
||||
dockercomposedown:
|
||||
docker-compose stop
|
||||
|
||||
dockercomposesh:
|
||||
docker-compose exec app /bin/sh
|
||||
|
||||
deletecluster:
|
||||
${ENGINE} delete cluster --name=${CLUSTER_NAME}
|
||||
|
||||
createcluster:
|
||||
${ENGINE} delete cluster --name=${CLUSTER_NAME}
|
||||
${ENGINE} create cluster --config misc/k8s/${ENGINE}/${ENGINE}-cluster.yaml
|
||||
|
||||
atachcluster:
|
||||
docker login reg.cadoles.com
|
||||
mkdir -p misc/k8s/kustomization/base/secrets/dockerconfig
|
||||
docker --config misc/k8s/kustomization/base/secrets/dockerconfig login reg.cadoles.com
|
||||
mv misc/k8s/kustomization/base/secrets/dockerconfig/config.json misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson
|
||||
mkdir -p misc/k8s/kustomization/overlays/dev/secrets/dockerconfig
|
||||
cp misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson misc/k8s/kustomization/overlays/dev/secrets/dockerconfig/.dockerconfigjson
|
||||
|
||||
applycluster:
|
||||
kubectl apply -k misc/k8s/${ENGINE}/cluster --server-side
|
||||
docker network inspect kind | jq '.[0].IPAM.Config[0].Subnet' -r
|
||||
echo modifier ipaddresspoool.yaml si nécessaire
|
||||
|
||||
applylbcluster:
|
||||
kubectl apply -k misc/k8s/${ENGINE}/cluster/lb --server-side
|
||||
|
||||
watchcluster:
|
||||
skaffold dev -p dev --cleanup=false --default-repo reg.cadoles.com/${HARBOR_USER_NAME}
|
||||
|
||||
sh:
|
||||
kubectl exec --namespace=${NAMESPACE} ${POD} -it -- sh
|
||||
|
||||
deletenamespace:
|
||||
kubectl delete all --all --namespace ${NAMESPACE}
|
||||
|
||||
getpods:
|
||||
kubectl get pods --namespace ${NAMESPACE}
|
||||
|
||||
getservices:
|
||||
kubectl get services --namespace ${NAMESPACE}
|
71
README.md
Normal file
@ -0,0 +1,71 @@
|
||||
# DOCKER-COMPOSE
|
||||
|
||||
Build
|
||||
```
|
||||
make dockercomposebuild
|
||||
```
|
||||
|
||||
Up
|
||||
```
|
||||
make dockercomposeup
|
||||
```
|
||||
|
||||
Stop
|
||||
```
|
||||
make dockercomposestop
|
||||
```
|
||||
|
||||
# KUBERNETES
|
||||
|
||||
Suppression Cluster
|
||||
```
|
||||
make deletecluster
|
||||
```
|
||||
|
||||
Création Cluster
|
||||
```
|
||||
make createcluster
|
||||
```
|
||||
|
||||
Rattachement du cluster aux secrets
|
||||
```
|
||||
make atachcluster
|
||||
```
|
||||
|
||||
Deployer le cluster
|
||||
**Attention** en fin de job l'ip du cluster est indiqué
|
||||
Il est nécessaire d'ajuster le reseau dans ipaddresspoool.yaml si besoin
|
||||
```
|
||||
make applycluster
|
||||
```
|
||||
|
||||
Déployer le stockage
|
||||
**Attention** attendre une dizaine de seconde après le déploiement du cluster
|
||||
```
|
||||
make applylbcluster
|
||||
```
|
||||
|
||||
Lancer le déployement en mode watch
|
||||
```
|
||||
make watchcluster:
|
||||
```
|
||||
|
||||
Ouvrir un terminal sur la premiere instance de l'apps
|
||||
```
|
||||
make sh:
|
||||
```
|
||||
|
||||
Suppression de l'ensemble du namespace
|
||||
```
|
||||
make deletenamespace
|
||||
```
|
||||
|
||||
Lister les pods
|
||||
```
|
||||
make getpods
|
||||
```
|
||||
|
||||
Lister les services
|
||||
```
|
||||
make getservices
|
||||
```
|
@ -7,11 +7,15 @@
|
||||
"php": ">=8.1",
|
||||
"ext-ctype": "*",
|
||||
"ext-iconv": "*",
|
||||
"doctrine/annotations": "^2.0",
|
||||
"doctrine/doctrine-bundle": "^2.10",
|
||||
"doctrine/doctrine-migrations-bundle": "^3.2",
|
||||
"doctrine/orm": "^2.15",
|
||||
"mashape/unirest-php": "^3.0",
|
||||
"phpdocumentor/reflection-docblock": "^5.3",
|
||||
"phpstan/phpdoc-parser": "^1.22",
|
||||
"predis/predis": "^2.2",
|
||||
"ramsey/uuid": "^4.7",
|
||||
"symfony/asset": "6.3.*",
|
||||
"symfony/console": "6.3.*",
|
||||
"symfony/doctrine-messenger": "6.3.*",
|
||||
@ -41,6 +45,12 @@
|
||||
"twig/extra-bundle": "^2.12|^3.0",
|
||||
"twig/twig": "^2.12|^3.0"
|
||||
},
|
||||
"repositories": [
|
||||
{
|
||||
"type": "vcs",
|
||||
"url": "https://github.com/loverg-c/unirest-php"
|
||||
}
|
||||
],
|
||||
"config": {
|
||||
"allow-plugins": {
|
||||
"php-http/discovery": true,
|
||||
|
424
composer.lock
generated
@ -4,8 +4,139 @@
|
||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||
"This file is @generated automatically"
|
||||
],
|
||||
"content-hash": "5625360c4bf0ca4c404a3a47e7b43354",
|
||||
"content-hash": "6d4e45e1137c02bf343b5855dbbc822c",
|
||||
"packages": [
|
||||
{
|
||||
"name": "brick/math",
|
||||
"version": "0.11.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/brick/math.git",
|
||||
"reference": "0ad82ce168c82ba30d1c01ec86116ab52f589478"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/brick/math/zipball/0ad82ce168c82ba30d1c01ec86116ab52f589478",
|
||||
"reference": "0ad82ce168c82ba30d1c01ec86116ab52f589478",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"php": "^8.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"php-coveralls/php-coveralls": "^2.2",
|
||||
"phpunit/phpunit": "^9.0",
|
||||
"vimeo/psalm": "5.0.0"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"Brick\\Math\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"description": "Arbitrary-precision arithmetic library",
|
||||
"keywords": [
|
||||
"Arbitrary-precision",
|
||||
"BigInteger",
|
||||
"BigRational",
|
||||
"arithmetic",
|
||||
"bigdecimal",
|
||||
"bignum",
|
||||
"brick",
|
||||
"math"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/brick/math/issues",
|
||||
"source": "https://github.com/brick/math/tree/0.11.0"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
"url": "https://github.com/BenMorel",
|
||||
"type": "github"
|
||||
}
|
||||
],
|
||||
"time": "2023-01-15T23:15:59+00:00"
|
||||
},
|
||||
{
|
||||
"name": "doctrine/annotations",
|
||||
"version": "2.0.1",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/doctrine/annotations.git",
|
||||
"reference": "e157ef3f3124bbf6fe7ce0ffd109e8a8ef284e7f"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/doctrine/annotations/zipball/e157ef3f3124bbf6fe7ce0ffd109e8a8ef284e7f",
|
||||
"reference": "e157ef3f3124bbf6fe7ce0ffd109e8a8ef284e7f",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"doctrine/lexer": "^2 || ^3",
|
||||
"ext-tokenizer": "*",
|
||||
"php": "^7.2 || ^8.0",
|
||||
"psr/cache": "^1 || ^2 || ^3"
|
||||
},
|
||||
"require-dev": {
|
||||
"doctrine/cache": "^2.0",
|
||||
"doctrine/coding-standard": "^10",
|
||||
"phpstan/phpstan": "^1.8.0",
|
||||
"phpunit/phpunit": "^7.5 || ^8.5 || ^9.5",
|
||||
"symfony/cache": "^5.4 || ^6",
|
||||
"vimeo/psalm": "^4.10"
|
||||
},
|
||||
"suggest": {
|
||||
"php": "PHP 8.0 or higher comes with attributes, a native replacement for annotations"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"Doctrine\\Common\\Annotations\\": "lib/Doctrine/Common/Annotations"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Guilherme Blanco",
|
||||
"email": "guilhermeblanco@gmail.com"
|
||||
},
|
||||
{
|
||||
"name": "Roman Borschel",
|
||||
"email": "roman@code-factory.org"
|
||||
},
|
||||
{
|
||||
"name": "Benjamin Eberlei",
|
||||
"email": "kontakt@beberlei.de"
|
||||
},
|
||||
{
|
||||
"name": "Jonathan Wage",
|
||||
"email": "jonwage@gmail.com"
|
||||
},
|
||||
{
|
||||
"name": "Johannes Schmitt",
|
||||
"email": "schmittjoh@gmail.com"
|
||||
}
|
||||
],
|
||||
"description": "Docblock Annotations Parser",
|
||||
"homepage": "https://www.doctrine-project.org/projects/annotations.html",
|
||||
"keywords": [
|
||||
"annotations",
|
||||
"docblock",
|
||||
"parser"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/doctrine/annotations/issues",
|
||||
"source": "https://github.com/doctrine/annotations/tree/2.0.1"
|
||||
},
|
||||
"time": "2023-02-02T22:02:53+00:00"
|
||||
},
|
||||
{
|
||||
"name": "doctrine/cache",
|
||||
"version": "2.2.0",
|
||||
@ -1386,6 +1517,55 @@
|
||||
],
|
||||
"time": "2023-01-14T14:17:03+00:00"
|
||||
},
|
||||
{
|
||||
"name": "mashape/unirest-php",
|
||||
"version": "v3.0.5",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/loverg-c/unirest-php.git",
|
||||
"reference": "45e63d680c4d7258b2cf45bfa28d42ee024b7fee"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/loverg-c/unirest-php/zipball/45e63d680c4d7258b2cf45bfa28d42ee024b7fee",
|
||||
"reference": "45e63d680c4d7258b2cf45bfa28d42ee024b7fee",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"ext-curl": "*",
|
||||
"php": ">=5.4.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"codeclimate/php-test-reporter": "0.1.*",
|
||||
"phpunit/phpunit": "~4.4"
|
||||
},
|
||||
"suggest": {
|
||||
"ext-json": "Allows using JSON Bodies for sending and parsing requests"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-0": {
|
||||
"Unirest\\": "src/"
|
||||
}
|
||||
},
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"description": "Unirest PHP",
|
||||
"homepage": "https://github.com/Mashape/unirest-php",
|
||||
"keywords": [
|
||||
"client",
|
||||
"curl",
|
||||
"http",
|
||||
"https",
|
||||
"rest"
|
||||
],
|
||||
"support": {
|
||||
"email": "opensource@mashape.com",
|
||||
"source": "https://github.com/loverg-c/unirest-php/tree/v3.0.5"
|
||||
},
|
||||
"time": "2020-02-25T11:14:07+00:00"
|
||||
},
|
||||
{
|
||||
"name": "monolog/monolog",
|
||||
"version": "3.4.0",
|
||||
@ -1702,6 +1882,67 @@
|
||||
},
|
||||
"time": "2023-06-29T20:46:06+00:00"
|
||||
},
|
||||
{
|
||||
"name": "predis/predis",
|
||||
"version": "v2.2.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/predis/predis.git",
|
||||
"reference": "33b70b971a32b0d28b4f748b0547593dce316e0d"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/predis/predis/zipball/33b70b971a32b0d28b4f748b0547593dce316e0d",
|
||||
"reference": "33b70b971a32b0d28b4f748b0547593dce316e0d",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"php": "^7.2 || ^8.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"friendsofphp/php-cs-fixer": "^3.3",
|
||||
"phpstan/phpstan": "^1.9",
|
||||
"phpunit/phpunit": "^8.0 || ~9.4.4"
|
||||
},
|
||||
"suggest": {
|
||||
"ext-relay": "Faster connection with in-memory caching (>=0.6.2)"
|
||||
},
|
||||
"type": "library",
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"Predis\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Till Krüss",
|
||||
"homepage": "https://till.im",
|
||||
"role": "Maintainer"
|
||||
}
|
||||
],
|
||||
"description": "A flexible and feature-complete Redis client for PHP.",
|
||||
"homepage": "http://github.com/predis/predis",
|
||||
"keywords": [
|
||||
"nosql",
|
||||
"predis",
|
||||
"redis"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/predis/predis/issues",
|
||||
"source": "https://github.com/predis/predis/tree/v2.2.0"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
"url": "https://github.com/sponsors/tillkruss",
|
||||
"type": "github"
|
||||
}
|
||||
],
|
||||
"time": "2023-06-14T10:37:31+00:00"
|
||||
},
|
||||
{
|
||||
"name": "psr/cache",
|
||||
"version": "3.0.0",
|
||||
@ -2008,6 +2249,187 @@
|
||||
},
|
||||
"time": "2021-07-14T16:46:02+00:00"
|
||||
},
|
||||
{
|
||||
"name": "ramsey/collection",
|
||||
"version": "2.0.0",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/ramsey/collection.git",
|
||||
"reference": "a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/ramsey/collection/zipball/a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5",
|
||||
"reference": "a4b48764bfbb8f3a6a4d1aeb1a35bb5e9ecac4a5",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"php": "^8.1"
|
||||
},
|
||||
"require-dev": {
|
||||
"captainhook/plugin-composer": "^5.3",
|
||||
"ergebnis/composer-normalize": "^2.28.3",
|
||||
"fakerphp/faker": "^1.21",
|
||||
"hamcrest/hamcrest-php": "^2.0",
|
||||
"jangregor/phpstan-prophecy": "^1.0",
|
||||
"mockery/mockery": "^1.5",
|
||||
"php-parallel-lint/php-console-highlighter": "^1.0",
|
||||
"php-parallel-lint/php-parallel-lint": "^1.3",
|
||||
"phpcsstandards/phpcsutils": "^1.0.0-rc1",
|
||||
"phpspec/prophecy-phpunit": "^2.0",
|
||||
"phpstan/extension-installer": "^1.2",
|
||||
"phpstan/phpstan": "^1.9",
|
||||
"phpstan/phpstan-mockery": "^1.1",
|
||||
"phpstan/phpstan-phpunit": "^1.3",
|
||||
"phpunit/phpunit": "^9.5",
|
||||
"psalm/plugin-mockery": "^1.1",
|
||||
"psalm/plugin-phpunit": "^0.18.4",
|
||||
"ramsey/coding-standard": "^2.0.3",
|
||||
"ramsey/conventional-commits": "^1.3",
|
||||
"vimeo/psalm": "^5.4"
|
||||
},
|
||||
"type": "library",
|
||||
"extra": {
|
||||
"captainhook": {
|
||||
"force-install": true
|
||||
},
|
||||
"ramsey/conventional-commits": {
|
||||
"configFile": "conventional-commits.json"
|
||||
}
|
||||
},
|
||||
"autoload": {
|
||||
"psr-4": {
|
||||
"Ramsey\\Collection\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"authors": [
|
||||
{
|
||||
"name": "Ben Ramsey",
|
||||
"email": "ben@benramsey.com",
|
||||
"homepage": "https://benramsey.com"
|
||||
}
|
||||
],
|
||||
"description": "A PHP library for representing and manipulating collections.",
|
||||
"keywords": [
|
||||
"array",
|
||||
"collection",
|
||||
"hash",
|
||||
"map",
|
||||
"queue",
|
||||
"set"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/ramsey/collection/issues",
|
||||
"source": "https://github.com/ramsey/collection/tree/2.0.0"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
"url": "https://github.com/ramsey",
|
||||
"type": "github"
|
||||
},
|
||||
{
|
||||
"url": "https://tidelift.com/funding/github/packagist/ramsey/collection",
|
||||
"type": "tidelift"
|
||||
}
|
||||
],
|
||||
"time": "2022-12-31T21:50:55+00:00"
|
||||
},
|
||||
{
|
||||
"name": "ramsey/uuid",
|
||||
"version": "4.7.4",
|
||||
"source": {
|
||||
"type": "git",
|
||||
"url": "https://github.com/ramsey/uuid.git",
|
||||
"reference": "60a4c63ab724854332900504274f6150ff26d286"
|
||||
},
|
||||
"dist": {
|
||||
"type": "zip",
|
||||
"url": "https://api.github.com/repos/ramsey/uuid/zipball/60a4c63ab724854332900504274f6150ff26d286",
|
||||
"reference": "60a4c63ab724854332900504274f6150ff26d286",
|
||||
"shasum": ""
|
||||
},
|
||||
"require": {
|
||||
"brick/math": "^0.8.8 || ^0.9 || ^0.10 || ^0.11",
|
||||
"ext-json": "*",
|
||||
"php": "^8.0",
|
||||
"ramsey/collection": "^1.2 || ^2.0"
|
||||
},
|
||||
"replace": {
|
||||
"rhumsaa/uuid": "self.version"
|
||||
},
|
||||
"require-dev": {
|
||||
"captainhook/captainhook": "^5.10",
|
||||
"captainhook/plugin-composer": "^5.3",
|
||||
"dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
|
||||
"doctrine/annotations": "^1.8",
|
||||
"ergebnis/composer-normalize": "^2.15",
|
||||
"mockery/mockery": "^1.3",
|
||||
"paragonie/random-lib": "^2",
|
||||
"php-mock/php-mock": "^2.2",
|
||||
"php-mock/php-mock-mockery": "^1.3",
|
||||
"php-parallel-lint/php-parallel-lint": "^1.1",
|
||||
"phpbench/phpbench": "^1.0",
|
||||
"phpstan/extension-installer": "^1.1",
|
||||
"phpstan/phpstan": "^1.8",
|
||||
"phpstan/phpstan-mockery": "^1.1",
|
||||
"phpstan/phpstan-phpunit": "^1.1",
|
||||
"phpunit/phpunit": "^8.5 || ^9",
|
||||
"ramsey/composer-repl": "^1.4",
|
||||
"slevomat/coding-standard": "^8.4",
|
||||
"squizlabs/php_codesniffer": "^3.5",
|
||||
"vimeo/psalm": "^4.9"
|
||||
},
|
||||
"suggest": {
|
||||
"ext-bcmath": "Enables faster math with arbitrary-precision integers using BCMath.",
|
||||
"ext-gmp": "Enables faster math with arbitrary-precision integers using GMP.",
|
||||
"ext-uuid": "Enables the use of PeclUuidTimeGenerator and PeclUuidRandomGenerator.",
|
||||
"paragonie/random-lib": "Provides RandomLib for use with the RandomLibAdapter",
|
||||
"ramsey/uuid-doctrine": "Allows the use of Ramsey\\Uuid\\Uuid as Doctrine field type."
|
||||
},
|
||||
"type": "library",
|
||||
"extra": {
|
||||
"captainhook": {
|
||||
"force-install": true
|
||||
}
|
||||
},
|
||||
"autoload": {
|
||||
"files": [
|
||||
"src/functions.php"
|
||||
],
|
||||
"psr-4": {
|
||||
"Ramsey\\Uuid\\": "src/"
|
||||
}
|
||||
},
|
||||
"notification-url": "https://packagist.org/downloads/",
|
||||
"license": [
|
||||
"MIT"
|
||||
],
|
||||
"description": "A PHP library for generating and working with universally unique identifiers (UUIDs).",
|
||||
"keywords": [
|
||||
"guid",
|
||||
"identifier",
|
||||
"uuid"
|
||||
],
|
||||
"support": {
|
||||
"issues": "https://github.com/ramsey/uuid/issues",
|
||||
"source": "https://github.com/ramsey/uuid/tree/4.7.4"
|
||||
},
|
||||
"funding": [
|
||||
{
|
||||
"url": "https://github.com/ramsey",
|
||||
"type": "github"
|
||||
},
|
||||
{
|
||||
"url": "https://tidelift.com/funding/github/packagist/ramsey/uuid",
|
||||
"type": "tidelift"
|
||||
}
|
||||
],
|
||||
"time": "2023-04-15T23:01:58+00:00"
|
||||
},
|
||||
{
|
||||
"name": "symfony/asset",
|
||||
"version": "v6.3.0",
|
||||
|
@ -8,7 +8,9 @@ framework:
|
||||
# Enables session support. Note that the session will ONLY be started if you read or write from it.
|
||||
# Remove or comment this section to explicitly disable session support.
|
||||
session:
|
||||
handler_id: null
|
||||
handler_id: Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler
|
||||
save_path: '@Redis'
|
||||
gc_probability: null
|
||||
cookie_secure: auto
|
||||
cookie_samesite: lax
|
||||
storage_factory_id: session.storage.factory.native
|
||||
|
@ -1,29 +1,44 @@
|
||||
security:
|
||||
# https://symfony.com/doc/current/security.html#registering-the-user-hashing-passwords
|
||||
password_hashers:
|
||||
Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface: 'auto'
|
||||
# https://symfony.com/doc/current/security.html#loading-the-user-the-user-provider
|
||||
Symfony\Component\Security\Core\User\LegacyPasswordAuthenticatedUserInterface:
|
||||
id: 'App\Service\PasswordEncoder'
|
||||
|
||||
providers:
|
||||
users_in_memory: { memory: null }
|
||||
main:
|
||||
entity:
|
||||
class: App\Entity\User
|
||||
property: username
|
||||
|
||||
firewalls:
|
||||
dev:
|
||||
pattern: ^/(_(profiler|wdt)|css|images|js)/
|
||||
security: false
|
||||
|
||||
main:
|
||||
lazy: true
|
||||
provider: users_in_memory
|
||||
pattern: ^/
|
||||
provider: main
|
||||
context: maincontext
|
||||
user_checker: App\Service\UserChecker
|
||||
form_login:
|
||||
login_path: app_login
|
||||
check_path: app_login
|
||||
default_target_path: app_home
|
||||
use_referer: true
|
||||
csrf_parameter: _csrf_security_token
|
||||
csrf_token_id: a_private_string
|
||||
|
||||
# activate different ways to authenticate
|
||||
# https://symfony.com/doc/current/security.html#the-firewall
|
||||
logout:
|
||||
invalidate_session: true
|
||||
path: app_kill
|
||||
target: app_home
|
||||
|
||||
# https://symfony.com/doc/current/security/impersonating_user.html
|
||||
# switch_user: true
|
||||
|
||||
# Easy way to control access for large sections of your site
|
||||
# Note: Only the *first* access control that matches will be used
|
||||
access_control:
|
||||
# - { path: ^/admin, roles: ROLE_ADMIN }
|
||||
# - { path: ^/profile, roles: ROLE_USER }
|
||||
- { path: ^/all, roles: [ROLE_ADMIN, ROLE_MODO, ROLE_MASTER, ROLE_MANAGER, ROLE_USER] }
|
||||
- { path: ^/user, roles: [ROLE_USER] }
|
||||
- { path: ^/manager, roles: [ROLE_MANAGER] }
|
||||
- { path: ^/master, roles: [ROLE_MASTER] }
|
||||
- { path: ^/modo, roles: [ROLE_MODO] }
|
||||
- { path: ^/admin, roles: [ROLE_ADMIN] }
|
||||
|
||||
when@test:
|
||||
security:
|
||||
|
@ -1,5 +1,9 @@
|
||||
twig:
|
||||
default_path: '%kernel.project_dir%/templates'
|
||||
form_themes:
|
||||
- 'Form/fields.html.twig'
|
||||
globals:
|
||||
appMasteridentity: '%appMasteridentity%'
|
||||
|
||||
when@test:
|
||||
twig:
|
||||
|
@ -1,5 +1,44 @@
|
||||
controllers:
|
||||
resource:
|
||||
path: ../src/Controller/
|
||||
namespace: App\Controller
|
||||
type: attribute
|
||||
#== Home ========================================================================================================
|
||||
app_home:
|
||||
path: /
|
||||
controller: App\Controller\HomeController::home
|
||||
|
||||
#== Security ====================================================================================================
|
||||
#-- Access public
|
||||
app_login:
|
||||
path: /login
|
||||
controller: App\Controller\SecurityController::login
|
||||
|
||||
app_loginldapcheck:
|
||||
path: /loginldapcheck
|
||||
controller: App\Controller\SecurityController::loginldapcheck
|
||||
|
||||
app_loginopenidcallback:
|
||||
path: /oauth2/callback
|
||||
controller: App\Controller\SecurityController::loginopenidcallback
|
||||
|
||||
app_logout:
|
||||
path: /logout
|
||||
controller: App\Controller\SecurityController::logout
|
||||
|
||||
#== Hydra =======================================================================================================
|
||||
#-- Access public
|
||||
app_hydra_loginsql:
|
||||
path: /hydra/loginsql
|
||||
controller: App\Controller\HydraController::loginsql
|
||||
|
||||
app_hydra_checkloginsql:
|
||||
path: /hydra/checkloginsql
|
||||
controller: App\Controller\HydraController::checkloginsql
|
||||
|
||||
app_hydra_loginldap:
|
||||
path: /hydra/loginldap
|
||||
controller: App\Controller\HydraController::loginldap
|
||||
|
||||
app_hydra_checkloginldap:
|
||||
path: /hydra/checkloginldap
|
||||
controller: App\Controller\HydraController::checkloginldap
|
||||
|
||||
app_hydra_consent:
|
||||
path: /hydra/consent
|
||||
controller: App\Controller\HydraController::consent
|
@ -1,18 +1,82 @@
|
||||
# This file is the entry point to configure your own services.
|
||||
# Files in the packages/ subdirectory configure your dependencies.
|
||||
|
||||
# Put parameters here that don't need to change on each machine where the app is deployed
|
||||
# https://symfony.com/doc/current/best_practices.html#use-parameters-for-application-configuration
|
||||
parameters:
|
||||
app_env: '%env(resolve:APP_ENV)%'
|
||||
appSecret: '%env(resolve:APP_SECRET)%'
|
||||
appAuth: '%env(resolve:APP_AUTH)%'
|
||||
appMasteridentity: '%env(resolve:APP_MASTERIDENTITY)%'
|
||||
appSynchro: '%env(resolve:APP_SYNCHRO)%'
|
||||
|
||||
ldapHost: '%env(resolve:LDAP_HOST)%'
|
||||
ldapPort: '%env(resolve:LDAP_PORT)%'
|
||||
ldapUsetls: '%env(resolve:LDAP_USETLS)%'
|
||||
ldapUserwriter: '%env(resolve:LDAP_USERWRITER)%'
|
||||
ldapUser: '%env(resolve:LDAP_USER)%'
|
||||
ldapPassword: '%env(resolve:LDAP_PASSWORD)%'
|
||||
ldapBasedn: '%env(resolve:LDAP_BASEDN)%'
|
||||
ldapBaseorganisation: '%env(resolve:LDAP_BASEORGANISATION)%'
|
||||
ldapBaseniveau01: '%env(resolve:LDAP_BASENIVEAU01)%'
|
||||
ldapBaseniveau02: '%env(resolve:LDAP_BASENIVEAU02)%'
|
||||
ldapBaseniveau03: '%env(resolve:LDAP_BASENIVEAU03)%'
|
||||
ldapBaseniveau04: '%env(resolve:LDAP_BASENIVEAU04)%'
|
||||
ldapBasegroup: '%env(resolve:LDAP_BASEGROUP)%'
|
||||
ldapBaseuser: '%env(resolve:LDAP_BASEUSER)%'
|
||||
ldapUsername: '%env(resolve:LDAP_USERNAME)%'
|
||||
ldapFirstname: '%env(resolve:LDAP_FIRSTNAME)%'
|
||||
ldapLastname: '%env(resolve:LDAP_LASTNAME)%'
|
||||
ldapEmail: '%env(resolve:LDAP_EMAIL)%'
|
||||
ldapAvatar: '%env(resolve:LDAP_AVATAR)%'
|
||||
ldapMemberof: '%env(resolve:LDAP_MEMBEROF)%'
|
||||
ldapGroupgid: '%env(resolve:LDAP_GROUPGID)%'
|
||||
ldapGroupname: '%env(resolve:LDAP_GROUPNAME)%'
|
||||
ldapGroupmember: '%env(resolve:LDAP_GROUPMEMBER)%'
|
||||
ldapGroupmemberisdn: '%env(resolve:LDAP_GROUPMEMBERISDN)%'
|
||||
ldapFiltergroup: '%env(resolve:LDAP_FILTERGROUP)%'
|
||||
ldapFilteruser: '%env(resolve:LDAP_FILTERUSER)%'
|
||||
ldapAutosubmit: '%env(resolve:LDAP_AUTOSUBMIT)%'
|
||||
ldapAutoupdate: '%env(resolve:LDAP_AUTOUPDATE)%'
|
||||
|
||||
casHost: '%env(resolve:CAS_HOST)%'
|
||||
casPort: '%env(resolve:CAS_PORT)%'
|
||||
casPath: '%env(resolve:CAS_PATH)%'
|
||||
casUsername: '%env(resolve:CAS_USERNAME)%'
|
||||
casEmail: '%env(resolve:CAS_EMAIL)%'
|
||||
casLastname: '%env(resolve:CAS_LASTNAME)%'
|
||||
casFirstname: '%env(resolve:CAS_FIRSTNAME)%'
|
||||
casAvatar: '%env(resolve:CAS_AVATAR)%'
|
||||
casNiveau01: '%env(resolve:CAS_NIVEAU01)%'
|
||||
casGroup: '%env(resolve:CAS_GROUP)%'
|
||||
casAutosubmit: '%env(resolve:CAS_AUTOSUBMIT)%'
|
||||
casAutoupdate: '%env(resolve:CAS_AUTOUPDATE)%'
|
||||
|
||||
oauthClientid: '%env(resolve:OAUTH_CLIENTID)%'
|
||||
oauthClientsecret: '%env(resolve:OAUTH_CLIENTSECRET)%'
|
||||
oauthLoginurl: '%env(resolve:OAUTH_LOGINURL)%'
|
||||
oauthLogouturl: '%env(resolve:OAUTH_LOGOUTURL)%'
|
||||
oauthTokenurl: '%env(resolve:OAUTH_TOKENURL)%'
|
||||
oauthUserinfo: '%env(resolve:OAUTH_USERINFO)%'
|
||||
oauthUsername: '%env(resolve:OAUTH_USERNAME)%'
|
||||
oauthEmail: '%env(resolve:OAUTH_EMAIL)%'
|
||||
oauthLastname: '%env(resolve:OAUTH_LASTNAME)%'
|
||||
oauthFirstname: '%env(resolve:OAUTH_FIRSTNAME)%'
|
||||
oauthAvatar: '%env(resolve:OAUTH_AVATAR)%'
|
||||
oauthNiveau01: '%env(resolve:OAUTH_NIVEAU01)%'
|
||||
oauthGroup: '%env(resolve:OAUTH_GROUP)%'
|
||||
oauthAutosubmit: '%env(resolve:OAUTH_AUTOSUBMIT)%'
|
||||
oauthAutoupdate: '%env(resolve:OAUTH_AUTOUPDATE)%'
|
||||
|
||||
proxyUse: '%env(resolve:PROXY_USE)%'
|
||||
proxyHost: '%env(resolve:PROXY_HOST)%'
|
||||
proxyPort: '%env(resolve:PROXY_PORT)%'
|
||||
|
||||
hydraLoginchallenge: '%env(resolve:HYDRA_LOGINCHALLENGE)%'
|
||||
hydraLoginchallengeaccept: '%env(resolve:HYDRA_LOGINCHALLENGEACCEPT)%'
|
||||
hydraConsentchallenge: '%env(resolve:HYDRA_CONSENTCHALLENGE)%'
|
||||
hydraConsentchallengeaccept: '%env(resolve:HYDRA_CONSENTCHALLENGEACCEPT)%'
|
||||
|
||||
services:
|
||||
# default configuration for services in *this* file
|
||||
_defaults:
|
||||
autowire: true # Automatically injects dependencies in your services.
|
||||
autoconfigure: true # Automatically registers your services as commands, event subscribers, etc.
|
||||
|
||||
# makes classes in src/ available to be used as services
|
||||
# this creates a service per class whose id is the fully-qualified class name
|
||||
App\:
|
||||
resource: '../src/'
|
||||
exclude:
|
||||
@ -20,5 +84,36 @@ services:
|
||||
- '../src/Entity/'
|
||||
- '../src/Kernel.php'
|
||||
|
||||
# add more service definitions when explicit configuration is needed
|
||||
# please note that last definitions always *replace* previous ones
|
||||
Redis:
|
||||
class: Predis\Client
|
||||
arguments:
|
||||
-
|
||||
-
|
||||
scheme: 'tcp'
|
||||
host: '%env(resolve:REDIS_HOST)%'
|
||||
port: '%env(resolve:REDIS_PORT)%'
|
||||
-
|
||||
replication: 'sentinel'
|
||||
service: '%env(resolve:REDIS_SERVICE)%'
|
||||
connection_timeout: 100
|
||||
read_write_timeout: 300
|
||||
|
||||
Symfony\Component\HttpFoundation\Session\Storage\Handler\RedisSessionHandler:
|
||||
arguments:
|
||||
- '@Redis'
|
||||
|
||||
App\Entity\User:
|
||||
public: true
|
||||
arguments: ['@security.password_hasher']
|
||||
|
||||
App\Command\InitCommand:
|
||||
public: true
|
||||
arguments: ['@service_container','@doctrine.orm.entity_manager']
|
||||
|
||||
App\Service\ApiService:
|
||||
public: true
|
||||
|
||||
App\Service\LdapService:
|
||||
public: true
|
||||
arguments: ["@service_container"]
|
||||
|
||||
|
@ -1,14 +0,0 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
###> doctrine/doctrine-bundle ###
|
||||
database:
|
||||
ports:
|
||||
- "5432"
|
||||
###< doctrine/doctrine-bundle ###
|
||||
|
||||
###> symfony/mailer ###
|
||||
mailer:
|
||||
image: schickling/mailcatcher
|
||||
ports: ["1025", "1080"]
|
||||
###< symfony/mailer ###
|
@ -1,21 +1,132 @@
|
||||
version: '3'
|
||||
|
||||
services:
|
||||
###> doctrine/doctrine-bundle ###
|
||||
database:
|
||||
image: postgres:${POSTGRES_VERSION:-15}-alpine
|
||||
environment:
|
||||
POSTGRES_DB: ${POSTGRES_DB:-app}
|
||||
# You should definitely change the password in production
|
||||
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-!ChangeMe!}
|
||||
POSTGRES_USER: ${POSTGRES_USER:-app}
|
||||
volumes:
|
||||
- database_data:/var/lib/postgresql/data:rw
|
||||
# You may use a bind-mounted host directory instead, so that it is harder to accidentally remove the volume and lose all your data!
|
||||
# - ./docker/db/data:/var/lib/postgresql/data:rw
|
||||
###< doctrine/doctrine-bundle ###
|
||||
# Service redis
|
||||
redis-master:
|
||||
image: redis:6-alpine
|
||||
volumes:
|
||||
- "./.data:/data"
|
||||
ports:
|
||||
- "6379:6379"
|
||||
|
||||
redis-slave:
|
||||
image: redis:6-alpine
|
||||
command: redis-server --slaveof redis-master 6379
|
||||
links:
|
||||
- redis-master
|
||||
volumes:
|
||||
- "./.data:/data"
|
||||
|
||||
redis-sentinel:
|
||||
build:
|
||||
context: ./misc/images/redis-sentinel
|
||||
links:
|
||||
- redis-master
|
||||
|
||||
|
||||
# Service postgres
|
||||
postgres:
|
||||
image: postgres:13-alpine
|
||||
hostname: postgres
|
||||
environment:
|
||||
POSTGRES_MULTIPLE_DATABASES: app,hydra
|
||||
POSTGRES_PASSWORD: changeme
|
||||
POSTGRES_USER: symfony
|
||||
ports:
|
||||
- 5432:5432
|
||||
volumes:
|
||||
- db-data:/var/lib/postgresql/data:rw
|
||||
- ./misc/images/postgres:/docker-entrypoint-initdb.d
|
||||
|
||||
# Service app
|
||||
app:
|
||||
build:
|
||||
context: .
|
||||
dockerfile: ./misc/images/app/app-docker/Dockerfile
|
||||
ports:
|
||||
- ${APP_HTTP_PORT:-8080}:8080
|
||||
links:
|
||||
- postgres
|
||||
- hydra
|
||||
- redis-sentinel
|
||||
depends_on:
|
||||
- postgres
|
||||
- hydra
|
||||
volumes:
|
||||
- ./src:/app/src:delegated
|
||||
- ./public:/app/public:delegated
|
||||
- ./templates:/app/templates:delegated
|
||||
- ./translations:/app/translations:delegated
|
||||
- ./tests:/app/tests:delegated
|
||||
- ./config:/app/config:delegated
|
||||
- ./.env:/app/.env:delegated
|
||||
environment:
|
||||
PHP_FPM_MEMORY_LIMIT: 128m
|
||||
APP_ENV: PROD
|
||||
|
||||
# Service hydra
|
||||
hydra:
|
||||
image: cadoles/hydra-v1
|
||||
hostname: hydra
|
||||
volumes:
|
||||
- ./misc/images/hydra/clients.d:/etc/hydra/clients.d
|
||||
ports:
|
||||
- 7080:4444
|
||||
- 4445:4445
|
||||
links:
|
||||
- postgres
|
||||
depends_on:
|
||||
- postgres
|
||||
restart: on-failure
|
||||
environment:
|
||||
LOG_LEAK_SENSITIVE_VALUES: "true"
|
||||
HYDRA_URLS_SELF_ISSUER: http://127.0.0.1:7080
|
||||
HYDRA_URLS_CONSENT: http://127.0.0.1:8080/hydra/consent
|
||||
HYDRA_URLS_LOGIN: http://127.0.0.1:8080/hydra/loginsql
|
||||
HYDRA_URLS_LOGOUT: http://127.0.0.1:8080/hydra/logoutsql
|
||||
HYDRA_URLS_ERROR: https://127.0.0.1:8080
|
||||
HYDRA_DSN: postgres://symfony:changeme@postgres:5432/hydra
|
||||
HYDRA_ALLOW_INSECURE: "yes"
|
||||
HYDRA_LEVEL: debug
|
||||
|
||||
# Service Openldap
|
||||
openldap:
|
||||
image: osixia/openldap:1.5.0
|
||||
environment:
|
||||
LDAP_LOG_LEVEL: "256"
|
||||
LDAP_ORGANISATION: "nuo"
|
||||
LDAP_DOMAIN: "nuo.fr"
|
||||
LDAP_ADMIN_PASSWORD: "changeme"
|
||||
LDAP_CONFIG_PASSWORD: "changeme"
|
||||
LDAP_READONLY_USER: "true"
|
||||
LDAP_READONLY_USER_USERNAME: "readonly"
|
||||
LDAP_READONLY_USER_PASSWORD: "readonly"
|
||||
LDAP_TLS: "false"
|
||||
volumes:
|
||||
- /var/lib/ldap
|
||||
- /etc/ldap/slapd.d
|
||||
- /container/service/slapd/assets/certs/
|
||||
ports:
|
||||
- "389:389"
|
||||
- "636:636"
|
||||
|
||||
# Service phpldapadmin
|
||||
phpldapadmin:
|
||||
image: osixia/phpldapadmin:latest
|
||||
environment:
|
||||
PHPLDAPADMIN_LDAP_HOSTS: "openldap"
|
||||
PHPLDAPADMIN_HTTPS: "false"
|
||||
ports:
|
||||
- "6080:80"
|
||||
depends_on:
|
||||
- openldap
|
||||
|
||||
# Service adminer
|
||||
adminer:
|
||||
image: adminer
|
||||
restart: always
|
||||
ports:
|
||||
- 6081:8080
|
||||
|
||||
volumes:
|
||||
###> doctrine/doctrine-bundle ###
|
||||
database_data:
|
||||
###< doctrine/doctrine-bundle ###
|
||||
db-data:
|
6
misc/images/app/app-docker/Dockerfile
Normal file
@ -0,0 +1,6 @@
|
||||
ARG PHP_PKG_VERSION="8.1.20-r0"
|
||||
ARG ADDITIONAL_PACKAGES="php81-pdo=${PHP_PKG_VERSION} \
|
||||
php81-pdo_pgsql=${PHP_PKG_VERSION} \
|
||||
php81-ldap=${PHP_PKG_VERSION}"
|
||||
|
||||
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone
|
5
misc/images/app/app-kube/Dockerfile
Normal file
@ -0,0 +1,5 @@
|
||||
ARG PHP_PKG_VERSION="8.1.20-r0"
|
||||
ARG ADDITIONAL_PACKAGES="php81-pdo=${PHP_PKG_VERSION} \
|
||||
php81-pdo_pgsql=${PHP_PKG_VERSION}"
|
||||
|
||||
FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base
|
19
misc/images/hydra/clients.d/authtest.json
Normal file
@ -0,0 +1,19 @@
|
||||
{
|
||||
"client_id": "nuosso",
|
||||
"client_name": "NuoSSO",
|
||||
"client_secret": "changeme",
|
||||
"grant_types": [
|
||||
"authorization_code",
|
||||
"refresh_token"
|
||||
],
|
||||
"jwks": {},
|
||||
"metadata": {},
|
||||
"token_endpoint_auth_method": "client_secret_post",
|
||||
"post_logout_redirect_uris": ["http://127.0.0.1:8080"],
|
||||
"redirect_uris": ["http://127.0.0.1:8080/oauth2/callback"],
|
||||
"response_types": [
|
||||
"code"
|
||||
],
|
||||
"logo_uri": "http://127.0.0.1:8080/images/logo.png",
|
||||
"scope": "openid"
|
||||
}
|
22
misc/images/postgres/init-user-db.sh
Executable file
@ -0,0 +1,22 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
set -u
|
||||
|
||||
function create_user_and_database() {
|
||||
local database=$1
|
||||
echo " Creating user and database '$database'"
|
||||
psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL
|
||||
CREATE USER $database;
|
||||
CREATE DATABASE $database;
|
||||
GRANT ALL PRIVILEGES ON DATABASE $database TO $database;
|
||||
EOSQL
|
||||
}
|
||||
|
||||
if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then
|
||||
echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES"
|
||||
for db in $(echo $POSTGRES_MULTIPLE_DATABASES | tr ',' ' '); do
|
||||
create_user_and_database $db
|
||||
done
|
||||
echo "Multiple databases created"
|
||||
fi
|
19
misc/images/redis-sentinel/Dockerfile
Normal file
@ -0,0 +1,19 @@
|
||||
FROM redis:6-alpine
|
||||
|
||||
ENV SENTINEL_QUORUM 2
|
||||
ENV SENTINEL_DOWN_AFTER 1000
|
||||
ENV SENTINEL_FAILOVER 1000
|
||||
|
||||
RUN mkdir -p /redis
|
||||
|
||||
WORKDIR /redis
|
||||
|
||||
COPY sentinel.conf .
|
||||
COPY sentinel-entrypoint.sh /usr/local/bin/
|
||||
|
||||
RUN chown redis:redis /redis/* && \
|
||||
chmod +x /usr/local/bin/sentinel-entrypoint.sh
|
||||
|
||||
EXPOSE 26379
|
||||
|
||||
ENTRYPOINT ["sentinel-entrypoint.sh"]
|
7
misc/images/redis-sentinel/sentinel-entrypoint.sh
Normal file
@ -0,0 +1,7 @@
|
||||
#!/bin/sh
|
||||
|
||||
sed -i "s/\$SENTINEL_QUORUM/$SENTINEL_QUORUM/g" /redis/sentinel.conf
|
||||
sed -i "s/\$SENTINEL_DOWN_AFTER/$SENTINEL_DOWN_AFTER/g" /redis/sentinel.conf
|
||||
sed -i "s/\$SENTINEL_FAILOVER/$SENTINEL_FAILOVER/g" /redis/sentinel.conf
|
||||
|
||||
redis-server /redis/sentinel.conf --sentinel
|
9
misc/images/redis-sentinel/sentinel.conf
Normal file
@ -0,0 +1,9 @@
|
||||
port 26379
|
||||
|
||||
dir /tmp
|
||||
|
||||
sentinel resolve-hostnames yes
|
||||
sentinel monitor redismaster redis-master 6379 $SENTINEL_QUORUM
|
||||
sentinel down-after-milliseconds redismaster $SENTINEL_DOWN_AFTER
|
||||
sentinel parallel-syncs redismaster 1
|
||||
sentinel failover-timeout redismaster $SENTINEL_FAILOVER
|
2
misc/images/redis/redis-master.conf
Normal file
@ -0,0 +1,2 @@
|
||||
port 6379
|
||||
requirepass changeme
|
3
misc/images/redis/redis-slave.conf
Normal file
@ -0,0 +1,3 @@
|
||||
port 6380
|
||||
slaveof redis-master 6379
|
||||
masterauth changeme
|
4
misc/images/redis/sentinel.conf
Normal file
@ -0,0 +1,4 @@
|
||||
port 26379
|
||||
sentinel monitor mymaster redis-master 6379 2
|
||||
sentinel down-after-milliseconds mymaster 5000
|
||||
sentinel failover-timeout mymaster 10000
|
11
misc/k8s/kind/cluster/kustomization.yaml
Normal file
@ -0,0 +1,11 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/metrics?ref=develop
|
||||
- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop
|
7
misc/k8s/kind/cluster/lb/kustomization.yaml
Normal file
@ -0,0 +1,7 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: metallb-system
|
||||
|
||||
resources:
|
||||
- ./resources/ipaddresspoool.yaml
|
||||
- ./resources/advertise.yaml
|
9
misc/k8s/kind/cluster/lb/resources/advertise.yaml
Normal file
@ -0,0 +1,9 @@
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: L2Advertisement
|
||||
metadata:
|
||||
name: l2-ip-pool-ad
|
||||
namespace: metallb-system
|
||||
spec:
|
||||
ipAddressPools:
|
||||
- main-pool
|
||||
|
8
misc/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml
Normal file
@ -0,0 +1,8 @@
|
||||
apiVersion: metallb.io/v1beta1
|
||||
kind: IPAddressPool
|
||||
metadata:
|
||||
name: main-pool
|
||||
namespace: metallb-system
|
||||
spec:
|
||||
addresses:
|
||||
- 172.19.10.100-172.19.10.200
|
48
misc/k8s/kind/kind-cluster.yaml
Normal file
@ -0,0 +1,48 @@
|
||||
kind: Cluster
|
||||
apiVersion: kind.x-k8s.io/v1alpha4
|
||||
name: nuosso
|
||||
networking:
|
||||
podSubnet: "10.110.0.0/16"
|
||||
serviceSubnet: "10.115.0.0/16"
|
||||
nodes:
|
||||
- role: control-plane
|
||||
image: kindest/node:v1.27.2
|
||||
kubeadmConfigPatches:
|
||||
- |
|
||||
kind: InitConfiguration
|
||||
nodeRegistration:
|
||||
kubeletExtraArgs:
|
||||
node-labels: "ingress-ready=true"
|
||||
extraPortMappings:
|
||||
- containerPort: 31000
|
||||
hostPort: 31000
|
||||
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
|
||||
- containerPort: 80
|
||||
hostPort: 8080
|
||||
listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0"
|
||||
labels:
|
||||
ingress-ready: true
|
||||
- role: worker
|
||||
image: kindest/node:v1.27.2
|
||||
kubeadmConfigPatches:
|
||||
- |
|
||||
kind: JoinConfiguration
|
||||
nodeRegistration:
|
||||
kubeletExtraArgs:
|
||||
system-reserved: memory=2Gi
|
||||
- role: worker
|
||||
image: kindest/node:v1.27.2
|
||||
kubeadmConfigPatches:
|
||||
- |
|
||||
kind: JoinConfiguration
|
||||
nodeRegistration:
|
||||
kubeletExtraArgs:
|
||||
system-reserved: memory=2Gi
|
||||
- role: worker
|
||||
image: kindest/node:v1.27.2
|
||||
kubeadmConfigPatches:
|
||||
- |
|
||||
kind: JoinConfiguration
|
||||
nodeRegistration:
|
||||
kubeletExtraArgs:
|
||||
system-reserved: memory=2Gi
|
@ -0,0 +1,8 @@
|
||||
---
|
||||
nameReference:
|
||||
- kind: Secret
|
||||
fieldSpecs:
|
||||
- path: spec/superuserSecret/name
|
||||
kind: Cluster
|
||||
- path: spec/bootstrap/initdb/secret/name
|
||||
kind: Cluster
|
@ -0,0 +1,32 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1alpha1
|
||||
kind: Component
|
||||
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
|
||||
configurations:
|
||||
- ./configurations/cnpg-cluster.yaml
|
||||
|
||||
resources:
|
||||
- ./resources/app-cnpg-cluster.yaml
|
||||
|
||||
secretgenerator:
|
||||
- name: postgres-admin
|
||||
type: secret
|
||||
literals:
|
||||
- username=postgres
|
||||
- password=notsosecret
|
||||
- name: postgres-user
|
||||
type: Secret
|
||||
literals:
|
||||
- username=app
|
||||
- password=NotSoSecretButThisIsBad
|
||||
|
||||
vars:
|
||||
- name: POSTGRES_DATABASE_SERVICE_NAME
|
||||
objref:
|
||||
name: postgres
|
||||
kind: Cluster
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
fieldref:
|
||||
fieldpath: metadata.name
|
@ -0,0 +1,17 @@
|
||||
apiVersion: postgresql.cnpg.io/v1
|
||||
kind: Cluster
|
||||
metadata:
|
||||
name: postgres
|
||||
spec:
|
||||
instances: 3
|
||||
primaryUpdateStrategy: unsupervised
|
||||
superuserSecret:
|
||||
name: postgres-admin
|
||||
bootstrap:
|
||||
initdb:
|
||||
database: app
|
||||
owner: app
|
||||
secret:
|
||||
name: postgres-user
|
||||
storage:
|
||||
size: 20Gi
|
9
misc/k8s/kustomization/base/kustomization.yaml
Normal file
@ -0,0 +1,9 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
components:
|
||||
- components/app-cnpg
|
||||
|
||||
resources:
|
||||
- resources/app
|
||||
- resources/redis
|
@ -0,0 +1,26 @@
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: adminer
|
||||
name: adminer
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
io.kompose.service: adminer
|
||||
replicas: 1
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: adminer
|
||||
spec:
|
||||
containers:
|
||||
- name: adminer
|
||||
image: reg.cadoles.com/afornerot/adminer
|
||||
imagePullPolicy: "Always"
|
||||
env:
|
||||
- name: ADMINER_DESIGN
|
||||
value: "pappu687"
|
||||
ports:
|
||||
- containerPort: 80
|
||||
resources: {}
|
@ -0,0 +1,14 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: adminer
|
||||
name: adminer
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: adminer
|
||||
port: 8080
|
||||
targetPort: 80
|
||||
selector:
|
||||
io.kompose.service: adminer
|
@ -0,0 +1,6 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- adminer-deployment.yaml
|
||||
- adminer-service.yaml
|
@ -0,0 +1,86 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: app
|
||||
name: app
|
||||
spec:
|
||||
replicas: 3
|
||||
|
||||
selector:
|
||||
matchLabels:
|
||||
io.kompose.service: app
|
||||
strategy:
|
||||
type: Recreate
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: app
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
containers:
|
||||
- image: reg.cadoles.com/afornerot/nuosso
|
||||
imagePullPolicy: Always
|
||||
name: app-php-fpm
|
||||
args: ["/usr/sbin/php-fpm81", "-F", "-e"]
|
||||
resources: {}
|
||||
env:
|
||||
- name: PHP_MEMORY_LIMIT
|
||||
value: 128m
|
||||
|
||||
- name: PHP_FPM_LISTEN
|
||||
value: 127.0.0.1:9000
|
||||
- name: PHP_FPM_MEMORY_LIMIT
|
||||
value: 128m
|
||||
- name: PHP_FPM_LOG_LEVEL
|
||||
value: warning
|
||||
|
||||
- name: POSTGRES_DATABASE_SERVICE_NAME
|
||||
value: $(POSTGRES_DATABASE_SERVICE_NAME)-rw
|
||||
- name: POSTGRES_DATABASE_USERNAME
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-user
|
||||
key: username
|
||||
- name: POSTGRES_DATABASE_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: postgres-user
|
||||
key: password
|
||||
|
||||
- name: APP_AUTH
|
||||
value: "SQL"
|
||||
- name: APP_MASTERIDENTITY
|
||||
value: "SQL"
|
||||
- name: DATABASE_URL
|
||||
value: "postgresql://$(POSTGRES_DATABASE_USERNAME):$(POSTGRES_DATABASE_PASSWORD)@$(POSTGRES_DATABASE_SERVICE_NAME)-rw:5432/app"
|
||||
- name: REDIS_HOST
|
||||
value: rfs-$(REDIS_SERVICE_NAME)
|
||||
- name: REDIS_PORT
|
||||
value: "26379"
|
||||
- name: REDIS_SERVICE
|
||||
value: "mymaster"
|
||||
|
||||
lifecycle:
|
||||
postStart:
|
||||
exec:
|
||||
command: ["/bin/sh", "-c", "/app/bin/console d:s:u --force --complete && /app/bin/console app:Init"]
|
||||
|
||||
- image: reg.cadoles.com/afornerot/nuosso
|
||||
imagePullPolicy: Always
|
||||
name: app-nginx
|
||||
args: ["/usr/sbin/nginx"]
|
||||
env:
|
||||
- name: NGINX_APP_UPSTREAM_BACKEND_SERVER
|
||||
value: 127.0.0.1:9000
|
||||
- name: NGINX_APP_ROOT
|
||||
value: "/public"
|
||||
- name: NGINX_APP_PHP_INDEX
|
||||
value: "/index.php"
|
||||
- name: NGINX_ERROR_LOG_LEVEL
|
||||
value: "warn"
|
||||
- name: NGINX_APP_PHP_NON_FILE_PATTERN
|
||||
value: "^/index\\.php(/|$)"
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
resources: {}
|
14
misc/k8s/kustomization/base/resources/app/app-service.yaml
Normal file
@ -0,0 +1,14 @@
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: app
|
||||
name: app
|
||||
spec:
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- name: app
|
||||
port: 8080
|
||||
targetPort: 8080
|
||||
selector:
|
||||
io.kompose.service: app
|
@ -0,0 +1,6 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- app-service.yaml
|
||||
- app-deployment.yaml
|
@ -0,0 +1,14 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
|
||||
resources:
|
||||
- redis-redisfailover.yaml
|
||||
|
||||
vars:
|
||||
- name: REDIS_SERVICE_NAME
|
||||
objref:
|
||||
name: redis
|
||||
apiVersion: databases.spotahome.com/v1
|
||||
kind: RedisFailover
|
||||
fieldref:
|
||||
fieldpath: metadata.name
|
@ -0,0 +1,21 @@
|
||||
apiVersion: databases.spotahome.com/v1
|
||||
kind: RedisFailover
|
||||
metadata:
|
||||
name: redis
|
||||
spec:
|
||||
sentinel:
|
||||
replicas: 3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
limits:
|
||||
memory: 100Mi
|
||||
redis:
|
||||
replicas: 3
|
||||
resources:
|
||||
requests:
|
||||
cpu: 100m
|
||||
memory: 100Mi
|
||||
limits:
|
||||
cpu: 400m
|
||||
memory: 500Mi
|
3
misc/k8s/kustomization/base/secrets/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*
|
||||
!.gitignore
|
||||
!.gitkeep
|
0
misc/k8s/kustomization/base/secrets/.gitkeep
Normal file
24
misc/k8s/kustomization/overlays/dev/kustomization.yaml
Normal file
@ -0,0 +1,24 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: app-dev
|
||||
|
||||
namePrefix: nuosso-
|
||||
|
||||
resources:
|
||||
- ../../base
|
||||
- ../../base/resources/adminer
|
||||
- resources/namespace.yaml
|
||||
- resources/ingress.yaml
|
||||
|
||||
patches:
|
||||
- path: patches/app-deployment.yaml
|
||||
- path: patches/add-registry-pull-secret.yaml
|
||||
target:
|
||||
kind: Deployment
|
||||
version: v1
|
||||
|
||||
secretGenerator:
|
||||
- files:
|
||||
- secrets/dockerconfig/.dockerconfigjson
|
||||
name: regcred-dev
|
||||
type: kubernetes.io/dockerconfigjson
|
@ -0,0 +1,4 @@
|
||||
- op: add
|
||||
path: "/spec/template/spec/imagePullSecrets"
|
||||
value:
|
||||
- name: regcred-dev
|
@ -0,0 +1,15 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
io.kompose.service: app
|
||||
name: app
|
||||
spec:
|
||||
template:
|
||||
spec:
|
||||
restartPolicy: Always
|
||||
containers:
|
||||
- name: app-php-fpm
|
||||
env:
|
||||
- name: APP_ENV
|
||||
value: dev
|
28
misc/k8s/kustomization/overlays/dev/resources/ingress.yaml
Normal file
@ -0,0 +1,28 @@
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: app
|
||||
annotations:
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "138m"
|
||||
nginx.ingress.kubernetes.io/enable-cors: "true" #cf 01
|
||||
nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For" #cf 01
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
rules:
|
||||
- host: app.dev.local
|
||||
http:
|
||||
paths:
|
||||
- path: /adminer
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: adminer
|
||||
port:
|
||||
number: 8080
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: app
|
||||
port:
|
||||
number: 8080
|
@ -0,0 +1,4 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: app-dev
|
3
misc/k8s/kustomization/overlays/dev/secrets/.gitignore
vendored
Normal file
@ -0,0 +1,3 @@
|
||||
*
|
||||
!.gitignore
|
||||
!.gitkeep
|
BIN
public/images/admin.jpg
Normal file
After Width: | Height: | Size: 3.9 KiB |
0
public/images/icons/.gitkeep
Normal file
BIN
public/images/icons/icon_adminer.png
Normal file
After Width: | Height: | Size: 7.9 KiB |
BIN
public/images/icons/icon_anchor.png
Normal file
After Width: | Height: | Size: 6.7 KiB |
BIN
public/images/icons/icon_aperture.png
Normal file
After Width: | Height: | Size: 5.8 KiB |
BIN
public/images/icons/icon_arrow-down.png
Normal file
After Width: | Height: | Size: 4.5 KiB |
BIN
public/images/icons/icon_arrow-up.png
Normal file
After Width: | Height: | Size: 4.2 KiB |
BIN
public/images/icons/icon_art.png
Normal file
After Width: | Height: | Size: 7.5 KiB |
BIN
public/images/icons/icon_balado.png
Normal file
After Width: | Height: | Size: 7.5 KiB |
BIN
public/images/icons/icon_bar-chart.png
Normal file
After Width: | Height: | Size: 3.9 KiB |
BIN
public/images/icons/icon_batteryfull.png
Normal file
After Width: | Height: | Size: 3.4 KiB |
BIN
public/images/icons/icon_batterylow.png
Normal file
After Width: | Height: | Size: 3.4 KiB |
BIN
public/images/icons/icon_bdd.png
Normal file
After Width: | Height: | Size: 14 KiB |
BIN
public/images/icons/icon_bike.png
Normal file
After Width: | Height: | Size: 7.1 KiB |
BIN
public/images/icons/icon_biker.png
Normal file
After Width: | Height: | Size: 6.2 KiB |
BIN
public/images/icons/icon_bikewheel.png
Normal file
After Width: | Height: | Size: 7.4 KiB |
BIN
public/images/icons/icon_blimp.png
Normal file
After Width: | Height: | Size: 5.9 KiB |
BIN
public/images/icons/icon_bolt.png
Normal file
After Width: | Height: | Size: 4.3 KiB |
BIN
public/images/icons/icon_bomb.png
Normal file
After Width: | Height: | Size: 5.1 KiB |
BIN
public/images/icons/icon_booklet.png
Normal file
After Width: | Height: | Size: 3.6 KiB |
BIN
public/images/icons/icon_bookshelf.png
Normal file
After Width: | Height: | Size: 3.8 KiB |
BIN
public/images/icons/icon_briefcase.png
Normal file
After Width: | Height: | Size: 3.9 KiB |
BIN
public/images/icons/icon_brightness.png
Normal file
After Width: | Height: | Size: 6.6 KiB |
BIN
public/images/icons/icon_browser.png
Normal file
After Width: | Height: | Size: 3.9 KiB |
BIN
public/images/icons/icon_brush-pencil.png
Normal file
After Width: | Height: | Size: 6.8 KiB |
BIN
public/images/icons/icon_cadoles.png
Normal file
After Width: | Height: | Size: 13 KiB |
BIN
public/images/icons/icon_calculator.png
Normal file
After Width: | Height: | Size: 5.0 KiB |
BIN
public/images/icons/icon_calendar.png
Normal file
After Width: | Height: | Size: 4.3 KiB |
BIN
public/images/icons/icon_camera.png
Normal file
After Width: | Height: | Size: 5.7 KiB |
BIN
public/images/icons/icon_car.png
Normal file
After Width: | Height: | Size: 4.6 KiB |
BIN
public/images/icons/icon_cart.png
Normal file
After Width: | Height: | Size: 4.9 KiB |
BIN
public/images/icons/icon_carwheel.png
Normal file
After Width: | Height: | Size: 7.7 KiB |
BIN
public/images/icons/icon_caution.png
Normal file
After Width: | Height: | Size: 4.4 KiB |
BIN
public/images/icons/icon_chart.png
Normal file
After Width: | Height: | Size: 4.3 KiB |
BIN
public/images/icons/icon_chartpie.png
Normal file
After Width: | Height: | Size: 5.3 KiB |
BIN
public/images/icons/icon_chat.png
Normal file
After Width: | Height: | Size: 5.5 KiB |
BIN
public/images/icons/icon_check.png
Normal file
After Width: | Height: | Size: 5.0 KiB |
BIN
public/images/icons/icon_circlecompass.png
Normal file
After Width: | Height: | Size: 6.4 KiB |
BIN
public/images/icons/icon_clapboard.png
Normal file
After Width: | Height: | Size: 5.7 KiB |
BIN
public/images/icons/icon_clipboard.png
Normal file
After Width: | Height: | Size: 3.8 KiB |
BIN
public/images/icons/icon_clock.png
Normal file
After Width: | Height: | Size: 7.0 KiB |
BIN
public/images/icons/icon_cloud.png
Normal file
After Width: | Height: | Size: 4.6 KiB |
BIN
public/images/icons/icon_cmyk.png
Normal file
After Width: | Height: | Size: 5.8 KiB |
BIN
public/images/icons/icon_colorwheel.png
Normal file
After Width: | Height: | Size: 6.8 KiB |
BIN
public/images/icons/icon_compass.png
Normal file
After Width: | Height: | Size: 8.6 KiB |
BIN
public/images/icons/icon_compose.png
Normal file
After Width: | Height: | Size: 4.8 KiB |
BIN
public/images/icons/icon_computer.png
Normal file
After Width: | Height: | Size: 4.2 KiB |
BIN
public/images/icons/icon_cone.png
Normal file
After Width: | Height: | Size: 3.9 KiB |
BIN
public/images/icons/icon_contacts.png
Normal file
After Width: | Height: | Size: 4.9 KiB |
BIN
public/images/icons/icon_contrast.png
Normal file
After Width: | Height: | Size: 10 KiB |
BIN
public/images/icons/icon_countdown.png
Normal file
After Width: | Height: | Size: 9.5 KiB |