move stashapp to proper namespace

ansible-5/roles/prod.k3s/defaults/main.yml

@@ -36,3 +36,8 @@ helm:
       repo_url: https://charts.bitnami.com/bitnami
     - name: cetic
       repo_url: https://cetic.github.io/helm-charts
+
+apps:
+  stash:
+    state: present
+    namespace: stashapp

ansible-5/roles/prod.k3s/files/stash/proxy-values.yaml

@@ -0,0 +1,40 @@
+---
+#oauth2-proxy values file for stash app
+config:
+  # Add config annotations
+  annotations: {}
+  # OAuth client ID
+  clientID: "7b70fc0364e3f2da5d4b"
+  # OAuth client secret
+  clientSecret: "0359972eef425a4a0b7690b6c323214c26a04686"
+  configFile: |-
+    provider = "email"
+    email_domains = ["sympatico.ca"]
+
+#    provider = "github"
+#    github_user = "rmorgan105"
+#    email_domains = [ "*" ]
+#    upstreams = [ "file:///dev/null" ]
+ingress:
+  enabled: true
+#  className: traefic
+  path: /
+  # Only used if API capabilities (networking.k8s.io/v1) allow it
+  pathType: ImplementationSpecific
+    # Used to create an Ingress record.
+  hosts:
+    - stash.xai-corp.net
+  # - chart-example.local
+  # Extra paths to prepend to every host configuration. This is useful when working with annotation based services.
+  # Warning! The configuration is dependant on your current k8s API version capabilities (networking.k8s.io/v1)
+  extraPaths:
+  - path: /
+    pathType: ImplementationSpecific
+    backend:
+      service:
+        name: stash
+        port:
+          number: 9999
+  # annotations:
+  #   kubernetes.io/ingress.class: nginx
+  #   kubernetes.io/tls-acme: "true"

ansible-5/roles/prod.k3s/files/stash/pv-claim.yaml

@@ -3,7 +3,7 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: stash-pv-claim
-  namespace: testing
+  namespace: stashapp
 spec:
   storageClassName: manual
   accessModes:

ansible-5/roles/prod.k3s/tasks/deployments/stash.yaml

@@ -36,12 +36,36 @@
 - name: Install stash Chart
   local_action:
     module: kubernetes.core.helm
-    release_state: present
+    release_state:  "{{ apps.stash.state }}"
     name: stash
-    namespace: testing
+    namespace: "{{ apps.stash.namespace }}"
     create_namespace: yes
     update_repo_cache: True
     chart_ref: k8s-at-home/stash
     values: "{{stash_values}}"
     wait: true
 
+- name: Install oauth2-proxy in front of stash app
+  block:
+    - name: Add oauth2-proxy chart helm repo
+      local_action:
+        module: kubernetes.core.helm_repository
+        name: oauth2-proxy
+        repo_url: https://oauth2-proxy.github.io/manifests
+
+    - name: load variables files/stash/proxy-values.yaml
+      ansible.builtin.include_vars:
+        file: files/stash/proxy-values.yaml
+        name: stash_values
+
+    - name: Install oauth2-proxy Release
+      local_action:
+        module: kubernetes.core.helm
+        release_state: absent
+        name: stash-oauth2-proxy
+        namespace: "{{ apps.stash.namespace }}"
+        create_namespace: yes
+        update_repo_cache: True
+        chart_ref: oauth2-proxy/oauth2-proxy
+        values: "{{stash_values}}"
+        wait: true