outposts: support different port on container vs exposed port
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
d1296e9cc7
commit
4e9176ed2e
|
@ -1,5 +1,6 @@
|
|||
"""Base Controller"""
|
||||
from dataclasses import dataclass
|
||||
from typing import Optional
|
||||
|
||||
from structlog.stdlib import get_logger
|
||||
from structlog.testing import capture_logs
|
||||
|
@ -23,6 +24,7 @@ class DeploymentPort:
|
|||
port: int
|
||||
name: str
|
||||
protocol: str
|
||||
inner_port: Optional[int] = None
|
||||
|
||||
|
||||
class BaseController:
|
||||
|
|
|
@ -66,7 +66,7 @@ class DockerController(BaseController):
|
|||
"name": f"authentik-proxy-{self.outpost.uuid.hex}",
|
||||
"detach": True,
|
||||
"ports": {
|
||||
f"{port.port}/{port.protocol.lower()}": port.port
|
||||
f"{port.port}/{port.protocol.lower()}": port.inner_port or port.port
|
||||
for port in self.deployment_ports
|
||||
},
|
||||
"environment": self._get_env(),
|
||||
|
@ -141,7 +141,7 @@ class DockerController(BaseController):
|
|||
def get_static_deployment(self) -> str:
|
||||
"""Generate docker-compose yaml for proxy, version 3.5"""
|
||||
ports = [
|
||||
f"{port.port}:{port.port}/{port.protocol.lower()}"
|
||||
f"{port.port}:{port.inner_port or port.port}/{port.protocol.lower()}"
|
||||
for port in self.deployment_ports
|
||||
]
|
||||
image_name = self.get_container_image()
|
||||
|
|
|
@ -62,7 +62,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
|
|||
for port in self.controller.deployment_ports:
|
||||
container_ports.append(
|
||||
V1ContainerPort(
|
||||
container_port=port.port,
|
||||
container_port=port.inner_port or port.port,
|
||||
name=port.name,
|
||||
protocol=port.protocol.upper(),
|
||||
)
|
||||
|
@ -105,7 +105,7 @@ class DeploymentReconciler(KubernetesObjectReconciler[V1Deployment]):
|
|||
name="AUTHENTIK_INSECURE",
|
||||
value_from=V1EnvVarSource(
|
||||
secret_key_ref=V1SecretKeySelector(
|
||||
name=secret_name,
|
||||
name=self.name,
|
||||
key="authentik_host_insecure",
|
||||
)
|
||||
),
|
||||
|
|
|
@ -39,7 +39,7 @@ class ServiceReconciler(KubernetesObjectReconciler[V1Service]):
|
|||
name=port.name,
|
||||
port=port.port,
|
||||
protocol=port.protocol.upper(),
|
||||
target_port=port.port,
|
||||
target_port=port.inner_port or port.port,
|
||||
)
|
||||
)
|
||||
selector_labels = DeploymentReconciler(self.controller).get_pod_meta()
|
||||
|
|
|
@ -10,5 +10,5 @@ class LDAPDockerController(DockerController):
|
|||
def __init__(self, outpost: Outpost, connection: DockerServiceConnection):
|
||||
super().__init__(outpost, connection)
|
||||
self.deployment_ports = [
|
||||
DeploymentPort(3389, "ldap", "tcp"),
|
||||
DeploymentPort(389, "ldap", "tcp", 3389),
|
||||
]
|
||||
|
|
|
@ -10,5 +10,5 @@ class LDAPKubernetesController(KubernetesController):
|
|||
def __init__(self, outpost: Outpost, connection: KubernetesServiceConnection):
|
||||
super().__init__(outpost, connection)
|
||||
self.deployment_ports = [
|
||||
DeploymentPort(3389, "ldap", "tcp"),
|
||||
DeploymentPort(389, "ldap", "tcp", 3389),
|
||||
]
|
||||
|
|
Reference in New Issue