187 lines
4.4 KiB
YAML
187 lines
4.4 KiB
YAML
|
image:
|
||
|
repository: tccr.io/truecharts/librephotos-backend
|
||
|
tag: v2022w6@sha256:4c24ce4ea5b340f83da0be0935eaea4ca525a15ed6da014f8ad8c709b377a837
|
||
|
pullPolicy: IfNotPresent
|
||
|
|
||
|
frontendImage:
|
||
|
repository: tccr.io/truecharts/librephotos-frontend
|
||
|
tag: v2022w6@sha256:9cb2cb4865197d460405fecd79bdd7808333443cb2089753825f7f97365a53a3
|
||
|
|
||
|
proxyImage:
|
||
|
repository: tccr.io/truecharts/librephotos-proxy
|
||
|
tag: v2022w6@sha256:c147eaa3e96348e44132958ca871114a2ce240f0fa3604f738801317af09a160
|
||
|
|
||
|
securityContext:
|
||
|
readOnlyRootFilesystem: false
|
||
|
runAsNonRoot: false
|
||
|
|
||
|
podSecurityContext:
|
||
|
runAsUser: 0
|
||
|
runAsGroup: 0
|
||
|
|
||
|
secretEnv:
|
||
|
ADMIN_EMAIL: "admin@mydomain.com"
|
||
|
ADMIN_USERNAME: "admin"
|
||
|
ADMIN_PASSWORD: "password"
|
||
|
MAPBOX_API_KEY: ""
|
||
|
|
||
|
configmap:
|
||
|
config:
|
||
|
enabled: true
|
||
|
data:
|
||
|
nginx-config: |-
|
||
|
user nginx;
|
||
|
worker_processes 1;
|
||
|
|
||
|
error_log /var/log/nginx/error.log debug;
|
||
|
|
||
|
events {
|
||
|
worker_connections 1024;
|
||
|
}
|
||
|
|
||
|
http {
|
||
|
server {
|
||
|
listen 80;
|
||
|
location / {
|
||
|
# React routes are entirely on the App side in the web broswer
|
||
|
# Always proxy to root with the same page request when nginx 404s
|
||
|
error_page 404 /;
|
||
|
proxy_intercept_errors on;
|
||
|
proxy_set_header Host $host;
|
||
|
proxy_pass http://localhost:3000/;
|
||
|
}
|
||
|
location ~ ^/(api|media)/ {
|
||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||
|
proxy_set_header X-Real-IP $remote_addr;
|
||
|
proxy_set_header Host localhost;
|
||
|
include uwsgi_params;
|
||
|
proxy_pass http://localhost:8001;
|
||
|
}
|
||
|
# Django media
|
||
|
location /protected_media {
|
||
|
internal;
|
||
|
alias /protected_media/;
|
||
|
}
|
||
|
|
||
|
location /static/drf-yasg {
|
||
|
proxy_pass http://localhost:8001;
|
||
|
}
|
||
|
|
||
|
location /data {
|
||
|
internal;
|
||
|
alias /data/;
|
||
|
}
|
||
|
|
||
|
# Original Photos
|
||
|
location /original {
|
||
|
internal;
|
||
|
alias /data/;
|
||
|
}
|
||
|
# Nextcloud Original Photos
|
||
|
location /nextcloud_original {
|
||
|
internal;
|
||
|
alias /data/nextcloud_media/;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
env:
|
||
|
BACKEND_HOST: "localhost"
|
||
|
DB_BACKEND: "postgresql"
|
||
|
DB_NAME: "{{ .Values.postgresql.postgresqlDatabase }}"
|
||
|
DB_USER: "{{ .Values.postgresql.postgresqlUsername }}"
|
||
|
DB_PORT: "5432"
|
||
|
REDIS_PORT: "6379"
|
||
|
WEB_CONCURRENCY: 2
|
||
|
SKIP_PATTERNS: ""
|
||
|
HEAVYWEIGHT_PROCESS: 1
|
||
|
DEBUG: 0
|
||
|
DB_PASS:
|
||
|
secretKeyRef:
|
||
|
name: dbcreds
|
||
|
key: postgresql-password
|
||
|
DB_HOST:
|
||
|
secretKeyRef:
|
||
|
name: dbcreds
|
||
|
key: plainhost
|
||
|
REDIS_HOST:
|
||
|
secretKeyRef:
|
||
|
name: rediscreds
|
||
|
key: plainhost
|
||
|
REDIS_PASS:
|
||
|
secretKeyRef:
|
||
|
name: rediscreds
|
||
|
key: redis-password
|
||
|
SECRET_KEY:
|
||
|
secretKeyRef:
|
||
|
name: librephotos-secrets
|
||
|
key: SECRET_KEY
|
||
|
|
||
|
probes:
|
||
|
liveness:
|
||
|
path: "/login"
|
||
|
readiness:
|
||
|
path: "/login"
|
||
|
startup:
|
||
|
path: "/login"
|
||
|
|
||
|
redis:
|
||
|
enabled: true
|
||
|
existingSecret: "rediscreds"
|
||
|
redisUsername: default
|
||
|
|
||
|
postgresql:
|
||
|
enabled: true
|
||
|
existingSecret: "dbcreds"
|
||
|
postgresqlUsername: librephotos
|
||
|
postgresqlDatabase: librephotos
|
||
|
|
||
|
service:
|
||
|
main:
|
||
|
ports:
|
||
|
main:
|
||
|
port: 10161
|
||
|
targetPort: 80
|
||
|
|
||
|
additionalContainers:
|
||
|
proxy:
|
||
|
name: proxy
|
||
|
image: "{{ .Values.proxyImage.repository }}:{{ .Values.proxyImage.tag }}"
|
||
|
ports:
|
||
|
- containerPort: 80
|
||
|
name: main
|
||
|
volumeMounts:
|
||
|
- name: librephotos-config
|
||
|
mountPath: "/etc/nginx/nginx.conf"
|
||
|
subPath: nginx-config
|
||
|
readOnly: true
|
||
|
- name: media
|
||
|
mountPath: "/data"
|
||
|
- name: protected-media
|
||
|
mountPath: "/protected_media"
|
||
|
frontend:
|
||
|
name: frontend
|
||
|
image: "{{ .Values.frontendImage.repository }}:{{ .Values.frontendImage.tag }}"
|
||
|
|
||
|
persistence:
|
||
|
media:
|
||
|
enabled: true
|
||
|
mountPath: "/data"
|
||
|
protected-media:
|
||
|
enabled: true
|
||
|
mountPath: "/protected_media"
|
||
|
logs:
|
||
|
enabled: true
|
||
|
mountPath: "/logs"
|
||
|
cache:
|
||
|
enabled: true
|
||
|
mountPath: "/root/.cache"
|
||
|
librephotos-config:
|
||
|
enabled: "true"
|
||
|
mountPath: "/etc/nginx/nginx.conf"
|
||
|
subPath: "nginx-config"
|
||
|
type: "custom"
|
||
|
volumeSpec:
|
||
|
configMap:
|
||
|
name: '{{ printf "%v-config" (include "tc.common.names.fullname" .) }}'
|