itumi/memelord-jake
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
Files
main
memelord-jake/CLAUDE.md
itumi 6f9d46e833 helm
2026-02-16 15:37:06 +02:00

3.1 KiB
Raw Permalink Blame History

CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

Project Overview

Kubernetes deployment manifests for "Memelord Jake" — a Django meme-sharing application deployed on a cloud-native Kubernetes cluster. This repo contains no application source code, only infrastructure-as-code YAML manifests.

The Django app image is ghcr.io/l4rm4nd/memelord:latest. The cluster domain is ee-lte-1.codemowers.io.

Deploying

kubectl apply -f deployment.yaml  # Backing services: PostgreSQL, Redis, S3, networking
kubectl apply -f config.yaml      # Django settings.py ConfigMap
kubectl apply -f app.yaml         # Memelord Deployment
kubectl apply -f oidc.yaml        # OIDC client configuration
kubectl apply -f grafana.yaml     # Grafana monitoring (includes namespace)
kubectl apply -f monitoring.yaml  # Prometheus Probe

The cluster requires these operators pre-installed: CloudNativePG, DragonflyDB, Onyxia S3, cert-manager, Traefik, Codemowers Cloud OIDC, Prometheus operator.

File Map

  • deployment.yaml — Backing services: StringSecret + Dragonfly (Redis), StringSecret + Cluster + Database (PostgreSQL), Policy + S3User + Bucket (S3), Service + Certificate + Ingress
  • config.yaml — ConfigMap containing the full Django settings.py; the largest and most complex file. Configures DB, cache, security headers (CSP/HSTS), storage backends, OIDC, logging
  • app.yaml — Deployment for the Django app (1 replica, port 8000). Mounts settings.py from ConfigMap via subPath. All config injected via environment variables from Secrets
  • grafana.yaml — Complete Grafana stack: Namespace, ConfigMaps (Prometheus + Loki datasources, dashboard JSON), StatefulSet (5Gi SQLite), OIDC auth, Ingress with TLS
  • oidc.yaml — OIDCClient CR for Memelord app authentication via Passmower
  • monitoring.yaml — Prometheus Probe CR

Architecture

Namespace: memelord-jake

Memelord (Deployment) ──► PostgreSQL (CloudNativePG Cluster)
                       ──► DragonflyDB (Redis-compatible cache/sessions)
                       ──► MinIO S3 (media storage via Onyxia operator)
                       ──► Passmower OIDC (authentication)

Grafana (StatefulSet)  ──► Prometheus (monitoring ns)
                       ──► Loki (monitoring ns)
                       ──► Passmower OIDC (authentication)

External access: Traefik Ingress + cert-manager TLS
  - memelord-jake.ee-lte-1.codemowers.io
  - grafana-jake.ee-lte-1.codemowers.io

Key Conventions

  • Resource naming: prefix memelord-jake- for all backing services
  • Secrets auto-generated via StringSecret CRs (mittwald secret generator)
  • Django settings are fully environment-driven (12-factor); config.yaml reads everything from env vars
  • Storage class postgres for DB, sqlite for Grafana
  • Node selector: codemowers.io/lvm-ubuntu-vg: enterprise-ssd
  • ArgoCD destination cluster: https://10.254.10.31:6443
  • S3 uses path-style addressing (AWS_S3_ADDRESSING_STYLE = 'path')
Reference in New Issue View Git Blame Copy Permalink