raikoo2/memelord-raiko
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity
Files
bd1790c4b64e1413af711ac82116df1f7ba1dd8f
memelord-raiko/templates/deployment.yaml
Raiko Oll bd1790c4b6 push
2026-02-16 21:36:09 +02:00

142 lines
4.6 KiB
YAML
Raw Blame History

---
apiVersion: secretgenerator.mittwald.de/v1alpha1
kind: StringSecret
metadata:
name: {{ .Release.Name }}-cookie
spec:
fields:
- fieldName: secret-key
length: "32"
encoding: hex
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}
spec:
replicas: 3
selector:
matchLabels:
app: memelord
template:
metadata:
labels:
app: memelord
spec:
topologySpreadConstraints:
- maxSkew: 1
topologyKey: topology.kubernetes.io/zone
whenUnsatisfiable: ScheduleAnyway
labelSelector:
matchLabels:
app: memelord
containers:
- name: memelord
image: ghcr.io/l4rm4nd/memelord:latest
imagePullPolicy: Always
ports:
- name: http
containerPort: 8000
env:
- name: DOMAIN
value: {{ .Values.hostname }}
- name: DB_ENGINE
value: postgres
- name: POSTGRES_HOST
value: {{ .Release.Name }}-database-rw
- name: POSTGRES_PORT
value: '5432'
- name: POSTGRES_DB
value: {{ .Release.Name }}
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-database
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-database
key: password
- name: REDIS_HOST
value: {{ .Release.Name }}-redis
- name: REDIS_PORT
value: '6379'
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-redis
key: redis-password
- name: STORAGE_BACKEND
value: s3
- name: CSP_IMG_SRC_EXTRA
value: https://minio.ee-lte-1.codemowers.io
- name: AWS_QUERYSTRING_AUTH
value: "true"
# S3/MinIO Storage Configuration
- name: STORAGE_BACKEND
value: "s3"
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-bucket
key: accessKey
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-bucket
key: secretKey
- name: AWS_STORAGE_BUCKET_NAME
value: "{{ .Release.Name }}"
- name: AWS_S3_REGION_NAME
value: "ee-lte-1"
- name: AWS_S3_ENDPOINT_URL
value: "https://minio.ee-lte-1.codemowers.io"
- name: AWS_LOCATION
value: "" # why is this set to 'media' in original?
- name: AWS_S3_ADDRESSING_STYLE
value: path
- name: DEBUG
value: "True"
- name: SECURE_COOKIES
value: "True"
- name: OIDC_ENABLED
value: "True"
- name: OIDC_RP_SIGN_ALGO
valueFrom:
secretKeyRef:
name: oidc-client-{{ .Release.Name }}-owner-secrets
key: OIDC_ID_TOKEN_SIGNED_RESPONSE_ALG
- name: OIDC_OP_JWKS_ENDPOINT
value: https://auth.ee-lte-1.codemowers.io/jwks
- name: OIDC_RP_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc-client-{{ .Release.Name }}-owner-secrets
key: OIDC_CLIENT_ID
- name: OIDC_RP_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-client-{{ .Release.Name }}-owner-secrets
key: OIDC_CLIENT_SECRET
- name: OIDC_OP_AUTHORIZATION_ENDPOINT
valueFrom:
secretKeyRef:
name: oidc-client-{{ .Release.Name }}-owner-secrets
key: OIDC_IDP_AUTH_URI
- name: OIDC_OP_TOKEN_ENDPOINT
valueFrom:
secretKeyRef:
name: oidc-client-{{ .Release.Name }}-owner-secrets
key: OIDC_IDP_TOKEN_URI
- name: OIDC_OP_USER_ENDPOINT
valueFrom:
secretKeyRef:
name: oidc-client-{{ .Release.Name }}-owner-secrets
key: OIDC_IDP_USERINFO_URI
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-cookie
key: secret-key
Reference in New Issue View Git Blame Copy Permalink