5e497b2ccb
This is a first step to write some useful documentation.
134 lines
4.4 KiB
YAML
134 lines
4.4 KiB
YAML
image:
|
|
repository: lasuite/conversations-backend
|
|
pullPolicy: Always
|
|
tag: "latest"
|
|
|
|
backend:
|
|
replicas: 1
|
|
envVars:
|
|
DJANGO_CSRF_TRUSTED_ORIGINS: https://conversations.127.0.0.1.nip.io
|
|
DJANGO_CONFIGURATION: Feature
|
|
DJANGO_ALLOWED_HOSTS: conversations.127.0.0.1.nip.io
|
|
DJANGO_SECRET_KEY: AgoodOrAbadKey
|
|
DJANGO_SETTINGS_MODULE: conversations.settings
|
|
DJANGO_SUPERUSER_PASSWORD: admin
|
|
DJANGO_EMAIL_BRAND_NAME: "La Suite Numérique"
|
|
DJANGO_EMAIL_HOST: "maildev"
|
|
DJANGO_EMAIL_LOGO_IMG: https://conversations.127.0.0.1.nip.io/assets/logo-suite-numerique.png
|
|
DJANGO_EMAIL_PORT: 1025
|
|
DJANGO_EMAIL_USE_SSL: False
|
|
LOGGING_LEVEL_HANDLERS_CONSOLE: ERROR
|
|
LOGGING_LEVEL_LOGGERS_ROOT: INFO
|
|
LOGGING_LEVEL_LOGGERS_APP: INFO
|
|
OIDC_OP_JWKS_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/conversations/protocol/openid-connect/certs
|
|
OIDC_OP_AUTHORIZATION_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/conversations/protocol/openid-connect/auth
|
|
OIDC_OP_TOKEN_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/conversations/protocol/openid-connect/token
|
|
OIDC_OP_USER_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/conversations/protocol/openid-connect/userinfo
|
|
OIDC_OP_LOGOUT_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/conversations/protocol/openid-connect/session/end
|
|
OIDC_RP_CLIENT_ID: conversations
|
|
OIDC_RP_CLIENT_SECRET: ThisIsAnExampleKeyForDevPurposeOnly
|
|
OIDC_RP_SIGN_ALGO: RS256
|
|
OIDC_RP_SCOPES: "openid email"
|
|
OIDC_VERIFY_SSL: False
|
|
OIDC_USERINFO_SHORTNAME_FIELD: "given_name"
|
|
OIDC_USERINFO_FULLNAME_FIELDS: "given_name,usual_name"
|
|
OIDC_REDIRECT_ALLOWED_HOSTS: https://conversations.127.0.0.1.nip.io
|
|
OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
|
|
LOGIN_REDIRECT_URL: https://conversations.127.0.0.1.nip.io
|
|
LOGIN_REDIRECT_URL_FAILURE: https://conversations.127.0.0.1.nip.io
|
|
LOGOUT_REDIRECT_URL: https://conversations.127.0.0.1.nip.io
|
|
POSTHOG_KEY: "{'id': 'posthog_key', 'host': 'https://product.conversations.127.0.0.1.nip.io'}"
|
|
DB_HOST: postgresql
|
|
DB_NAME: conversations
|
|
DB_USER: dinum
|
|
DB_PASSWORD: pass
|
|
DB_PORT: 5432
|
|
POSTGRES_DB: conversations
|
|
POSTGRES_USER: dinum
|
|
POSTGRES_PASSWORD: pass
|
|
REDIS_URL: redis://default:pass@redis-master:6379/1
|
|
AWS_S3_ENDPOINT_URL: http://minio.conversations.svc.cluster.local:9000
|
|
AWS_S3_ACCESS_KEY_ID: root
|
|
AWS_S3_SECRET_ACCESS_KEY: password
|
|
AWS_STORAGE_BUCKET_NAME: conversations-media-storage
|
|
STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
|
|
|
|
migrate:
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- |
|
|
python manage.py migrate --no-input &&
|
|
python manage.py create_demo --force
|
|
restartPolicy: Never
|
|
|
|
command:
|
|
- "gunicorn"
|
|
- "-c"
|
|
- "/usr/local/etc/gunicorn/conversations.py"
|
|
- "conversations.wsgi:application"
|
|
- "--reload"
|
|
|
|
createsuperuser:
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- |
|
|
python manage.py createsuperuser --email admin@example.com --password admin
|
|
restartPolicy: Never
|
|
|
|
# Extra volume to manage our local custom CA and avoid to set ssl_verify: false
|
|
extraVolumeMounts:
|
|
- name: certs
|
|
mountPath: /usr/local/lib/python3.12/site-packages/certifi/cacert.pem
|
|
subPath: cacert.pem
|
|
|
|
# Extra volume to manage our local custom CA and avoid to set ssl_verify: false
|
|
extraVolumes:
|
|
- name: certs
|
|
configMap:
|
|
name: certifi
|
|
items:
|
|
- key: cacert.pem
|
|
path: cacert.pem
|
|
frontend:
|
|
envVars:
|
|
PORT: 8080
|
|
NEXT_PUBLIC_API_ORIGIN: https://conversations.127.0.0.1.nip.io
|
|
|
|
replicas: 1
|
|
|
|
image:
|
|
repository: lasuite/conversations-frontend
|
|
pullPolicy: Always
|
|
tag: "latest"
|
|
|
|
posthog:
|
|
ingress:
|
|
enabled: false
|
|
ingressAssets:
|
|
enabled: false
|
|
|
|
ingress:
|
|
enabled: true
|
|
host: conversations.127.0.0.1.nip.io
|
|
|
|
ingressAdmin:
|
|
enabled: true
|
|
host: conversations.127.0.0.1.nip.io
|
|
|
|
ingressMedia:
|
|
enabled: true
|
|
host: conversations.127.0.0.1.nip.io
|
|
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/auth-url: https://conversations.127.0.0.1.nip.io/api/v1.0/chats/media-auth/
|
|
nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256"
|
|
nginx.ingress.kubernetes.io/upstream-vhost: minio.conversations.svc.cluster.local:9000
|
|
nginx.ingress.kubernetes.io/rewrite-target: /conversations-media-storage/$1
|
|
|
|
serviceMedia:
|
|
host: minio.conversations.svc.cluster.local
|
|
port: 9000
|
|
|