salasource/memelord-helm
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

help

Browse Source
This commit is contained in:
salasource
2026-02-16 15:49:54 +02:00
parent c0eebc8b4d
commit e459028035
12 changed files with 1030 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

150
templates/memelord.yaml Normal file
View File

@@ -0,0 +1,150 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: memelord
spec:
replicas: 1
selector:
matchLabels:
app: memelord
template:
metadata:
labels:
app: memelord
spec:
volumes:
- name: logs
emptyDir: {}
- name: admin
emptyDir: {}
containers:
- name: memelord
image: ghcr.io/l4rm4nd/memelord:latest
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
runAsUser: 33
runAsGroup: 33
volumeMounts:
- name: logs
mountPath: /opt/app/logs
- name: admin
mountPath: /opt/app/myapp/static/admin
ports:
- containerPort: 8000
env:
# PostgreSQL credentials from secret
- name: DB_ENGINE
value: postgres
- name: DOMAIN
value: {{ .Values.hostname }}
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: memelord-sala-database
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: memelord-sala-database
key: password
- name: POSTGRES_DB
value: memelord-sala
- name: POSTGRES_HOST
value: memelord-sala-database-rw.memelord-sala.svc.cluster.local
- name: POSTGRES_PORT
value: "5432"
# Redis password
- name: REDIS_PASSWORD
valueFrom:
secretKeyRef:
name: memelord-sala-redis
key: redis-password
- name: STORAGE_BACKEND
value: s3
- name: AWS_S3_ENDPOINT_URL
value: https://minio.ee-lte-1.codemowers.io/
- name: AWS_S3_REGION_NAME
value: ee-lte-1
- name: AWS_S3_ADDRESSING_STYLE
value: path
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: memelord-sala-bucket
key: accessKey
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: memelord-sala-bucket
key: secretKey
- name: AWS_STORAGE_BUCKET_NAME
value: memelord-sala
- name: ENABLE_PUBLIC_FEED
value: "True"
- name: OIDC_ENABLED
value: "True"
- name: OIDC_RP_SIGN_ALGO
valueFrom:
secretKeyRef:
name: oidc-client-memelord-sala-owner-secrets
key: OIDC_ID_TOKEN_SIGNED_RESPONSE_ALG
- name: OIDC_OP_JWKS_ENDPOINT
value: https://auth.ee-lte-1.codemowers.io/jwks
- name: OIDC_RP_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc-client-memelord-sala-owner-secrets
key: OIDC_CLIENT_ID
- name: OIDC_RP_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-client-memelord-sala-owner-secrets
key: OIDC_CLIENT_SECRET
- name: OIDC_OP_AUTHORIZATION_ENDPOINT
valueFrom:
secretKeyRef:
name: oidc-client-memelord-sala-owner-secrets
key: OIDC_IDP_AUTH_URI
- name: OIDC_OP_TOKEN_ENDPOINT
valueFrom:
secretKeyRef:
name: oidc-client-memelord-sala-owner-secrets
key: OIDC_IDP_TOKEN_URI
- name: OIDC_OP_USER_ENDPOINT
valueFrom:
secretKeyRef:
name: oidc-client-memelord-sala-owner-secrets
key: OIDC_IDP_USERINFO_URI
- name: SESSION_COOKIE_AGE
value: "30"
- name: SESSION_EXPIRE_AT_BROWSER_CLOSE
value: "False"
- name: TZ
value: "Europe/Berlin"
---
apiVersion: codemowers.cloud/v1beta1
kind: OIDCClient
metadata:
name: memelord-sala
spec:
displayName: Memelord sala
uri: https://{{ .Values.hostname }}/
redirectUris:
- https://{{ .Values.hostname }}/oidc/callback/
grantTypes:
- authorization_code
- refresh_token
responseTypes:
- code
availableScopes:
- openid
- profile
pkce: false