187 lines
4.4 KiB
YAML
187 lines
4.4 KiB
YAML
image:
|
|
repository: tccr.io/truecharts/librephotos-backend
|
|
tag: v2022w6@sha256:4c24ce4ea5b340f83da0be0935eaea4ca525a15ed6da014f8ad8c709b377a837
|
|
pullPolicy: IfNotPresent
|
|
|
|
frontendImage:
|
|
repository: tccr.io/truecharts/librephotos-frontend
|
|
tag: v2022w6@sha256:9cb2cb4865197d460405fecd79bdd7808333443cb2089753825f7f97365a53a3
|
|
|
|
proxyImage:
|
|
repository: tccr.io/truecharts/librephotos-proxy
|
|
tag: v2022w6@sha256:c147eaa3e96348e44132958ca871114a2ce240f0fa3604f738801317af09a160
|
|
|
|
securityContext:
|
|
readOnlyRootFilesystem: false
|
|
runAsNonRoot: false
|
|
|
|
podSecurityContext:
|
|
runAsUser: 0
|
|
runAsGroup: 0
|
|
|
|
secretEnv:
|
|
ADMIN_EMAIL: "admin@mydomain.com"
|
|
ADMIN_USERNAME: "admin"
|
|
ADMIN_PASSWORD: "password"
|
|
MAPBOX_API_KEY: ""
|
|
|
|
configmap:
|
|
config:
|
|
enabled: true
|
|
data:
|
|
nginx-config: |-
|
|
user nginx;
|
|
worker_processes 1;
|
|
|
|
error_log /var/log/nginx/error.log debug;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
server {
|
|
listen 80;
|
|
location / {
|
|
# React routes are entirely on the App side in the web broswer
|
|
# Always proxy to root with the same page request when nginx 404s
|
|
error_page 404 /;
|
|
proxy_intercept_errors on;
|
|
proxy_set_header Host $host;
|
|
proxy_pass http://localhost:3000/;
|
|
}
|
|
location ~ ^/(api|media)/ {
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header Host localhost;
|
|
include uwsgi_params;
|
|
proxy_pass http://localhost:8001;
|
|
}
|
|
# Django media
|
|
location /protected_media {
|
|
internal;
|
|
alias /protected_media/;
|
|
}
|
|
|
|
location /static/drf-yasg {
|
|
proxy_pass http://localhost:8001;
|
|
}
|
|
|
|
location /data {
|
|
internal;
|
|
alias /data/;
|
|
}
|
|
|
|
# Original Photos
|
|
location /original {
|
|
internal;
|
|
alias /data/;
|
|
}
|
|
# Nextcloud Original Photos
|
|
location /nextcloud_original {
|
|
internal;
|
|
alias /data/nextcloud_media/;
|
|
}
|
|
}
|
|
}
|
|
|
|
env:
|
|
BACKEND_HOST: "localhost"
|
|
DB_BACKEND: "postgresql"
|
|
DB_NAME: "{{ .Values.postgresql.postgresqlDatabase }}"
|
|
DB_USER: "{{ .Values.postgresql.postgresqlUsername }}"
|
|
DB_PORT: "5432"
|
|
REDIS_PORT: "6379"
|
|
WEB_CONCURRENCY: 2
|
|
SKIP_PATTERNS: ""
|
|
HEAVYWEIGHT_PROCESS: 1
|
|
DEBUG: false
|
|
DB_PASS:
|
|
secretKeyRef:
|
|
name: dbcreds
|
|
key: postgresql-password
|
|
DB_HOST:
|
|
secretKeyRef:
|
|
name: dbcreds
|
|
key: plainhost
|
|
REDIS_HOST:
|
|
secretKeyRef:
|
|
name: rediscreds
|
|
key: plainhost
|
|
REDIS_PASS:
|
|
secretKeyRef:
|
|
name: rediscreds
|
|
key: redis-password
|
|
SECRET_KEY:
|
|
secretKeyRef:
|
|
name: librephotos-secrets
|
|
key: SECRET_KEY
|
|
|
|
probes:
|
|
liveness:
|
|
path: "/login"
|
|
readiness:
|
|
path: "/login"
|
|
startup:
|
|
path: "/login"
|
|
|
|
redis:
|
|
enabled: true
|
|
existingSecret: "rediscreds"
|
|
redisUsername: default
|
|
|
|
postgresql:
|
|
enabled: true
|
|
existingSecret: "dbcreds"
|
|
postgresqlUsername: librephotos
|
|
postgresqlDatabase: librephotos
|
|
|
|
service:
|
|
main:
|
|
ports:
|
|
main:
|
|
port: 10161
|
|
targetPort: 80
|
|
|
|
additionalContainers:
|
|
proxy:
|
|
name: proxy
|
|
image: "{{ .Values.proxyImage.repository }}:{{ .Values.proxyImage.tag }}"
|
|
ports:
|
|
- containerPort: 80
|
|
name: main
|
|
volumeMounts:
|
|
- name: librephotos-config
|
|
mountPath: "/etc/nginx/nginx.conf"
|
|
subPath: nginx-config
|
|
readOnly: true
|
|
- name: media
|
|
mountPath: "/data"
|
|
- name: protected-media
|
|
mountPath: "/protected_media"
|
|
frontend:
|
|
name: frontend
|
|
image: "{{ .Values.frontendImage.repository }}:{{ .Values.frontendImage.tag }}"
|
|
|
|
persistence:
|
|
media:
|
|
enabled: true
|
|
mountPath: "/data"
|
|
protected-media:
|
|
enabled: true
|
|
mountPath: "/protected_media"
|
|
logs:
|
|
enabled: true
|
|
mountPath: "/logs"
|
|
cache:
|
|
enabled: true
|
|
mountPath: "/root/.cache"
|
|
librephotos-config:
|
|
enabled: "true"
|
|
mountPath: "/etc/nginx/nginx.conf"
|
|
subPath: "nginx-config"
|
|
type: "custom"
|
|
volumeSpec:
|
|
configMap:
|
|
name: '{{ printf "%v-config" (include "tc.common.names.fullname" .) }}'
|