apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
transformers:
- |-
apiVersion: builtin
kind: NamespaceTransformer
metadata:
name: notImportantHere
namespace: apps
unsetOnly: true
namePrefix: linkwarden-
resources:
- ../../../kustomize/public-oidc/
replacements:
- source:
kind: Service
name: svc
targets:
- select:
kind: HTTPRoute
options:
create: true
fieldPaths:
- spec.rules.0.backendRefs.0.name
- source:
kind: Deployment
fieldPath: metadata.labels.[app.kubernetes.io/appName]
targets:
- select:
kind: HTTPRoute
options:
create: true
delimiter: "."
index: 0
fieldPaths:
- spec.hostnames.0
- select:
kind: InfisicalSecret
options:
delimiter: "-"
index: 0
fieldPaths:
- spec.managedSecretReference.secretName
- select:
kind: InfisicalSecret
options:
delimiter: "/"
index: 2
fieldPaths:
- spec.authentication.universalAuth.secretsScope.secretsPath
- select:
kind: Service
fieldPaths:
- spec.ports.0.name
- spec.ports.0.targetPort
- source:
kind: Deployment
fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
targets:
- select:
kind: InfisicalSecret
fieldPaths:
- spec.managedSecretReference.secretNamespace
patches:
- path: patches/deployment.yaml
target:
kind: Deployment
- path: patches/pvc.yaml
target:
kind: PersistentVolumeClaim
labels:
- includeSelectors: true
pairs:
app.kubernetes.io/appName: linkwarden
- pairs:
app.kubernetes.io/appNamespace: apps
configMapGenerator:
- name: config
literals:
- NEXTAUTH_URL="https://linkwarden.leechpepin.com/api/v1/auth"
- NEXT_PUBLIC_OLLAMA_ENDPOINT_URL="https://ollama.leechpepin.com:11434"
- OLLAMA_MODEL="granite3.1-moe:3b"
- NEXT_PUBLIC_AUTHENTIK_ENABLED="true"
- AUTHENTIK_CUSTOM_NAME="Authentik"
- AUTHENTIK_ISSUER="https://auth.leechpepin.com/application/o/linkwarden"
- AUTHENTIK_CLIENT_ID="VQtaPxELuwFFUS412pZsk0TFIFpXqPpZYHul9Ddj"
- NEXT_PUBLIC_DISABLE_REGISTRATION="true"
- NEXT_PUBLIC_CREDENTIALS_ENABLED="false"
- NEXT_PUBLIC_EMAIL_PROVIDER="true"
- EMAIL_FROM="homelab@leechpepin.com"