image: repository: tccr.io/truecharts/librephotos-backend tag: v2022w6@sha256:4c24ce4ea5b340f83da0be0935eaea4ca525a15ed6da014f8ad8c709b377a837 pullPolicy: IfNotPresent frontendImage: repository: tccr.io/truecharts/librephotos-frontend tag: v2022w6@sha256:9cb2cb4865197d460405fecd79bdd7808333443cb2089753825f7f97365a53a3 proxyImage: repository: tccr.io/truecharts/librephotos-proxy tag: v2022w6@sha256:c147eaa3e96348e44132958ca871114a2ce240f0fa3604f738801317af09a160 securityContext: readOnlyRootFilesystem: false runAsNonRoot: false podSecurityContext: runAsUser: 0 runAsGroup: 0 secretEnv: ADMIN_EMAIL: "admin@mydomain.com" ADMIN_USERNAME: "admin" ADMIN_PASSWORD: "password" MAPBOX_API_KEY: "" configmap: config: enabled: true data: nginx-config: |- user nginx; worker_processes 1; error_log /var/log/nginx/error.log debug; events { worker_connections 1024; } http { server { listen 80; location / { # React routes are entirely on the App side in the web broswer # Always proxy to root with the same page request when nginx 404s error_page 404 /; proxy_intercept_errors on; proxy_set_header Host $host; proxy_pass http://localhost:3000/; } location ~ ^/(api|media)/ { proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host localhost; include uwsgi_params; proxy_pass http://localhost:8001; } # Django media location /protected_media { internal; alias /protected_media/; } location /static/drf-yasg { proxy_pass http://localhost:8001; } location /data { internal; alias /data/; } # Original Photos location /original { internal; alias /data/; } # Nextcloud Original Photos location /nextcloud_original { internal; alias /data/nextcloud_media/; } } } env: BACKEND_HOST: "localhost" DB_BACKEND: "postgresql" DB_NAME: "{{ .Values.postgresql.postgresqlDatabase }}" DB_USER: "{{ .Values.postgresql.postgresqlUsername }}" DB_PORT: "5432" REDIS_PORT: "6379" WEB_CONCURRENCY: 2 SKIP_PATTERNS: "" HEAVYWEIGHT_PROCESS: 1 DEBUG: false DB_PASS: secretKeyRef: name: dbcreds key: postgresql-password DB_HOST: secretKeyRef: name: dbcreds key: plainhost REDIS_HOST: secretKeyRef: name: rediscreds key: plainhost REDIS_PASS: secretKeyRef: name: rediscreds key: redis-password SECRET_KEY: secretKeyRef: name: librephotos-secrets key: SECRET_KEY probes: liveness: path: "/login" readiness: path: "/login" startup: path: "/login" redis: enabled: true existingSecret: "rediscreds" redisUsername: default postgresql: enabled: true existingSecret: "dbcreds" postgresqlUsername: librephotos postgresqlDatabase: librephotos service: main: ports: main: port: 10161 targetPort: 80 additionalContainers: proxy: name: proxy image: "{{ .Values.proxyImage.repository }}:{{ .Values.proxyImage.tag }}" ports: - containerPort: 80 name: main volumeMounts: - name: librephotos-config mountPath: "/etc/nginx/nginx.conf" subPath: nginx-config readOnly: true - name: media mountPath: "/data" - name: protected-media mountPath: "/protected_media" frontend: name: frontend image: "{{ .Values.frontendImage.repository }}:{{ .Values.frontendImage.tag }}" persistence: media: enabled: true mountPath: "/data" protected-media: enabled: true mountPath: "/protected_media" logs: enabled: true mountPath: "/logs" cache: enabled: true mountPath: "/root/.cache" librephotos-config: enabled: "true" mountPath: "/etc/nginx/nginx.conf" subPath: "nginx-config" type: "custom" volumeSpec: configMap: name: '{{ printf "%v-config" (include "tc.common.names.fullname" .) }}' portal: enabled: true