image: repository: tccr.io/truecharts/inventree tag: 0.8.1@sha256:6b89f61c3d3eb824fe81689c67f13052d6e733b910e74eece3fb353a54232136 pullPolicy: IfNotPresent nginxImage: repository: tccr.io/truecharts/nginx tag: v1.23.1@sha256:3f445468e3c79d301cb71dec3966ed0eb79a6a4c9c0bc37d4ce36e9e14b6e798 securityContext: readOnlyRootFilesystem: false podSecurityContext: runAsUser: 100 runAsGroup: 0 secretEnv: INVENTREE_ADMIN_EMAIL: "test@example.com" INVENTREE_ADMIN_USER: "testuser" INVENTREE_ADMIN_PASSWORD: "secret" configmap: config: enabled: true data: nginx-config: |- server { listen 10231; real_ip_header proxy_protocol; location / { proxy_set_header Host $http_host; proxy_set_header X-Forwarded-By $server_addr:$server_port; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Real-IP $remote_addr; proxy_set_header CLIENT_IP $remote_addr; proxy_pass_request_headers on; proxy_redirect off; client_max_body_size 100M; proxy_buffering off; proxy_request_buffering off; proxy_pass http://localhost:8000; } # Redirect any requests for static files location /static/ { alias /var/www/static/; autoindex on; # Caching settings expires 30d; add_header Pragma public; add_header Cache-Control "public"; } # Redirect any requests for media files location /media/ { alias /var/www/media/; # Media files require user authentication auth_request /auth; } # Use the 'user' API endpoint for auth location /auth { internal; proxy_pass http://localhost:8000/auth/; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_set_header X-Original-URI $request_uri; } } env: INVENTREE_TIMEZONE: "{{ .Values.TZ }}" INVENTREE_DB_ENGINE: "postgresql" INVENTREE_DB_NAME: "{{ .Values.postgresql.postgresqlDatabase }}" INVENTREE_DB_USER: "{{ .Values.postgresql.postgresqlUsername }}" INVENTREE_DB_PORT: "5432" INVENTREE_CACHE_PORT: "6379" INVENTREE_CACHE_HOST: secretKeyRef: name: rediscreds key: plainhostpass INVENTREE_DB_HOST: secretKeyRef: name: dbcreds key: plainhost INVENTREE_DB_PASSWORD: secretKeyRef: name: dbcreds key: postgresql-password INVENTREE_SECRET_KEY: secretKeyRef: name: inventree-secrets key: INVENTREE_SECRET_KEY # User Defined INVENTREE_DEBUG: false INVENTREE_LOG_LEVEL: "INFO" INVENTREE_PLUGINS_ENABLED: false INVENTREE_LOGIN_CONFIRM_DAYS: 3 INVENTREE_LOGIN_ATTEMPTS: 5 # INVENTREE_EMAIL_BACKEND: "django.core.mail.backends.smtp.EmailBackend" # INVENTREE_EMAIL_HOST: "" # INVENTREE_EMAIL_PORT: 587 # INVENTREE_EMAIL_USERNAME: "" # INVENTREE_EMAIL_PASSWORD: "" # INVENTREE_EMAIL_TLS: False # INVENTREE_EMAIL_SSL: False # INVENTREE_EMAIL_SENDER: "" service: main: ports: main: port: 10231 targetPort: 10231 persistence: data: enabled: true mountPath: "/home/inventree/data" inventree-config: enabled: "true" mountPath: "/etc/nginx/nginx.conf" subPath: "nginx-confing" type: "custom" volumeSpec: configMap: name: '{{ printf "%v-config" (include "tc.common.names.fullname" .) }}' initContainers: init-migrate: name: init-migrate image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" securityContext: runAsUser: "{{ .Values.podSecurityContext.runAsUser }}" runAsGroup: "{{ .Values.podSecurityContext.runAsGroup }}" runAsNonRoot: true volumeMounts: - name: data mountPath: "/home/inventree/data" env: - name: INVENTREE_DB_ENGINE value: "postgresql" - name: INVENTREE_DB_NAME value: "{{ .Values.postgresql.postgresqlDatabase }}" - name: INVENTREE_DB_USER value: "{{ .Values.postgresql.postgresqlUsername }}" - name: INVENTREE_DB_PORT value: "5432" - name: INVENTREE_CACHE_PORT value: "6379" - name: INVENTREE_CACHE_HOST valueFrom: secretKeyRef: name: rediscreds key: plainhostpass - name: INVENTREE_DB_HOST valueFrom: secretKeyRef: name: dbcreds key: plainhost - name: INVENTREE_DB_PASSWORD valueFrom: secretKeyRef: name: dbcreds key: postgresql-password - name: INVENTREE_SECRET_KEY valueFrom: secretKeyRef: name: inventree-secrets key: INVENTREE_SECRET_KEY command: ["sh", "-c"] args: - |- cd /home/inventree; invoke update; additionalContainers: nginx: name: nginx image: "{{ .Values.nginxImage.repository }}:{{ .Values.nginxImage.tag }}" ports: - containerPort: 10231 name: main securityContext: runAsUser: 0 runAsGroup: 100 readOnlyRootFilesystem: false runAsNonRoot: false volumeMounts: - name: inventree-config mountPath: "/etc/nginx/conf.d/default.conf" subPath: nginx-config readOnly: true - name: data mountPath: "/var/www" worker: name: worker image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" command: ["invoke", "worker"] volumeMounts: - name: data mountPath: "/home/inventree/data" env: - name: INVENTREE_DB_ENGINE value: "postgresql" - name: INVENTREE_DB_NAME value: "{{ .Values.postgresql.postgresqlDatabase }}" - name: INVENTREE_DB_USER value: "{{ .Values.postgresql.postgresqlUsername }}" - name: INVENTREE_DB_PORT value: "5432" - name: INVENTREE_CACHE_PORT value: "6379" - name: INVENTREE_CACHE_HOST valueFrom: secretKeyRef: name: rediscreds key: plainhostpass - name: INVENTREE_DB_HOST valueFrom: secretKeyRef: name: dbcreds key: plainhost - name: INVENTREE_DB_PASSWORD valueFrom: secretKeyRef: name: dbcreds key: postgresql-password - name: INVENTREE_SECRET_KEY valueFrom: secretKeyRef: name: inventree-secrets key: INVENTREE_SECRET_KEY postgresql: enabled: true existingSecret: "dbcreds" postgresqlUsername: inventree postgresqlDatabase: inventree redis: enabled: true existingSecret: "rediscreds" portal: enabled: true