dvirlabs/my-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: dvirlabs:master
Branches Tags
dvirlabs:master
dvirlabs:omega-basms
dvirlabs:develop
dvirlabs:revert-nextcloud-oidc
..
compare: dvirlabs:revert-nextcloud-oidc
Branches Tags
dvirlabs:master
dvirlabs:omega-basms
dvirlabs:develop
dvirlabs:revert-nextcloud-oidc

No commits in common. "master" and "revert-nextcloud-oidc" have entirely different histories.
master ... revert-nex

408 changed files with 125 additions and 32668 deletions
Show Stats Expand all files Collapse all files

21
argocd-apps/brand-master.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: brand-master
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/brand-master-chart
helm:
valueFiles:
- ../../manifests/brand-master/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/calink.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: calink
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/calink-chart
helm:
valueFiles:
- ../../manifests/calink/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/dateme.yaml
View File

@ -1,21 +0,0 @@
# apiVersion: argoproj.io/v1alpha1
# kind: Application
# metadata:
# name: dateme
# namespace: argocd
# spec:
# project: my-apps
# source:
# repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
# targetRevision: HEAD
# path: charts/dateme-chart
# helm:
# valueFiles:
# - ../../manifests/dateme/values.yaml
# destination:
# server: https://kubernetes.default.svc
# namespace: my-apps
# syncPolicy:
# automated:
# prune: true
# selfHeal: true

21
argocd-apps/dvirlabs-landing.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dvirlabs-landing
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/dvirlabs-landing-chart
helm:
valueFiles:
- ../../manifests/dvirlabs-landing/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/errorlab.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: errorlab
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/errorlab-chart
helm:
valueFiles:
- ../../manifests/errorlab/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

20
argocd-apps/external-secrets-my-apps.yaml
View File

@ -1,20 +0,0 @@
# apiVersion: argoproj.io/v1alpha1
# kind: Application
# metadata:
# name: external-secrets-my-apps
# namespace: argocd
# spec:
# project: my-apps
# source:
# repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
# targetRevision: HEAD
# path: manifests/external-secrets
# directory:
# recurse: true
# destination:
# server: https://kubernetes.default.svc
# namespace: my-apps
# syncPolicy:
# automated:
# prune: true
# selfHeal: true

20
argocd-apps/extra-resources-my-apps.yaml
View File

@ -1,20 +0,0 @@
# apiVersion: argoproj.io/v1alpha1
# kind: Application
# metadata:
# name: my-apps-extra-resources
# namespace: argocd
# spec:
# project: my-apps
# source:
# repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
# targetRevision: HEAD
# path: manifests/extra-resources
# directory:
# recurse: true
# destination:
# server: https://kubernetes.default.svc
# namespace: my-apps
# syncPolicy:
# automated:
# prune: true
# selfHeal: true

2
argocd-apps/home-assistant.yaml
View File

@ -6,7 +6,7 @@ metadata:
spec: spec:
project: my-apps project: my-apps
source: source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD targetRevision: HEAD
path: charts/home-assistant path: charts/home-assistant
helm: helm:

21
argocd-apps/invy.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: invy
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/invy-chart
helm:
valueFiles:
- ../../manifests/invy/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/ipify.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ipify
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/ipify-chart
helm:
valueFiles:
- ../../manifests/ipify/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

2
argocd-apps/labmap.yaml
View File

@ -6,7 +6,7 @@ metadata:
spec: spec:
project: my-apps project: my-apps
source: source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD targetRevision: HEAD
path: charts/labmap-chart path: charts/labmap-chart
helm: helm:

21
argocd-apps/my-recipes.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-recipes
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/my-recipes-chart
helm:
valueFiles:
- ../../manifests/my-recipes/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

42
argocd-apps/navidrome.yaml
View File

@ -1,21 +1,21 @@
# apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
# kind: Application kind: Application
# metadata: metadata:
# name: navidrome name: navidrome
# namespace: argocd namespace: argocd
# spec: spec:
# project: my-apps project: my-apps
# source: source:
# repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
# targetRevision: HEAD targetRevision: HEAD
# path: charts/navidrome path: charts/navidrome
# helm: helm:
# valueFiles: valueFiles:
# - ../../manifests/navidrome/values.yaml - ../../manifests/navidrome/values.yaml
# destination: destination:
# server: https://kubernetes.default.svc server: https://kubernetes.default.svc
# namespace: my-apps namespace: my-apps
# syncPolicy: syncPolicy:
# automated: automated:
# prune: true prune: true
# selfHeal: true selfHeal: true

2
argocd-apps/navix.yaml
View File

@ -6,7 +6,7 @@ metadata:
spec: spec:
project: my-apps project: my-apps
source: source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD targetRevision: HEAD
path: charts/navix-chart path: charts/navix-chart
helm: helm:

42
argocd-apps/nextcloud.yaml
View File

@ -1,21 +1,21 @@
# apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
# kind: Application kind: Application
# metadata: metadata:
# name: nextcloud name: nextcloud
# namespace: argocd namespace: argocd
# spec: spec:
# project: my-apps project: my-apps
# source: source:
# repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
# targetRevision: HEAD targetRevision: HEAD
# path: charts/nextcloud-chart path: charts/nextcloud-chart
# helm: helm:
# valueFiles: valueFiles:
# - ../../manifests/nextcloud/values.yaml - ../../manifests/nextcloud/values.yaml
# destination: destination:
# server: https://kubernetes.default.svc server: https://kubernetes.default.svc
# namespace: my-apps namespace: my-apps
# syncPolicy: syncPolicy:
# automated: automated:
# prune: true prune: true
# selfHeal: true selfHeal: true

21
argocd-apps/omegabasms.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: omegabasms
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/omegabasms-chart
helm:
valueFiles:
- ../../manifests/omegabasms/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

2
argocd-apps/oramap.yaml
View File

@ -6,7 +6,7 @@ metadata:
spec: spec:
project: my-apps project: my-apps
source: source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD targetRevision: HEAD
path: charts/oramap-chart path: charts/oramap-chart
helm: helm:

22
argocd-apps/pgadmin.yaml
View File

@ -1,22 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: pgadmin
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/pgadmin-chart
helm:
valueFiles:
- ../../manifests/pgadmin/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

22
argocd-apps/raw-resources-my-apps.yaml
View File

@ -1,22 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: raw-resources-my-apps
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: manifests/raw-resources-my-apps
directory:
recurse: true
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true

23
argocd-apps/secrets-my-apps.yaml
View File

@ -1,23 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: secrets-my-apps
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/secrets
helm:
valueFiles:
- ../../manifests/secrets-my-apps/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true

21
argocd-apps/semaphore.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: semaphore
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/semaphore
helm:
valueFiles:
- ../../manifests/semaphore/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/tasko.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: tasko
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/tasko-chart
helm:
valueFiles:
- ../../manifests/tasko/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/tennotrade.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: tennotrade
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/tennotrade-chart
helm:
valueFiles:
- ../../manifests/tennotrade/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

42
argocd-apps/tunedrop.yaml
View File

@ -1,21 +1,21 @@
# apiVersion: argoproj.io/v1alpha1 apiVersion: argoproj.io/v1alpha1
# kind: Application kind: Application
# metadata: metadata:
# name: tunedrop name: tunedrop
# namespace: argocd namespace: argocd
# spec: spec:
# project: my-apps project: my-apps
# source: source:
# repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
# targetRevision: HEAD targetRevision: HEAD
# path: charts/tunedrop-chart path: charts/tunedrop-chart
# helm: helm:
# valueFiles: valueFiles:
# - ../../manifests/tunedrop/values.yaml - ../../manifests/tunedrop/values.yaml
# destination: destination:
# server: https://kubernetes.default.svc server: https://kubernetes.default.svc
# namespace: my-apps namespace: my-apps
# syncPolicy: syncPolicy:
# automated: automated:
# prune: true prune: true
# selfHeal: true selfHeal: true

21
argocd-apps/wallos.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: wallos
namespace: argocd
spec:
project: my-apps
source:
repoURL: ssh://git@gitea-ssh.dev-tools.svc.cluster.local:2222/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/wallos
helm:
valueFiles:
- ../../manifests/wallos/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

13
charts/brand-master-chart/Chart.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v2
name: brand-master
description: A Helm chart for Brand Master - E-commerce Fashion & Shoe Store
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- brand-master
- ecommerce
- fashion
- shoes
maintainers:
- name: dvir

158
charts/brand-master-chart/README.md
View File

@ -1,158 +0,0 @@
# Brand Master Helm Chart
This Helm chart deploys the Brand Master e-commerce application on Kubernetes.
## Components
- **Frontend**: React-based UI served by Nginx
- **Backend**: FastAPI application
- **Database**: PostgreSQL 16
- **Storage**: 15GB PVC for product images
## Prerequisites
- Kubernetes 1.19+
- Helm 3.0+
- cert-manager (for TLS certificates)
- Storage class configured (nfs-client by default)
## Installation
### 1. Update values.yaml
Edit `values.yaml` and configure:
- Image repositories (if using private registry)
- Domain names for ingress
- JWT secret key (IMPORTANT!)
- Database credentials
- Storage class name
### 2. Install the chart
```bash
# Install in the my-apps namespace
helm install brand-master ./brand-master-chart -n my-apps --create-namespace
# Or with custom values
helm install brand-master ./brand-master-chart -n my-apps \
--set backend.jwtSecretKey=your-super-secret-key \
--set postgres.password=secure-password
```
### 3. Upgrade the chart
```bash
helm upgrade brand-master ./brand-master-chart -n my-apps
```
### 4. Uninstall
```bash
helm uninstall brand-master -n my-apps
```
## Configuration
### Key Configuration Options
| Parameter | Description | Default |
|-----------|-------------|---------|
| `backend.image.repository` | Backend Docker image | `harbor.dvirlabs.com/my-apps/brand-master-backend` |
| `backend.image.tag` | Backend image tag | `latest` |
| `backend.jwtSecretKey` | JWT secret for authentication | `your-secret-key-change-this-in-production` |
| `backend.persistence.enabled` | Enable persistent storage for images | `true` |
| `backend.persistence.size` | Size of uploads PVC | `15Gi` |
| `frontend.image.repository` | Frontend Docker image | `harbor.dvirlabs.com/my-apps/brand-master-frontend` |
| `frontend.image.tag` | Frontend image tag | `latest` |
| `postgres.user` | PostgreSQL username | `brand_master_user` |
| `postgres.password` | PostgreSQL password | `brand_master_password` |
| `postgres.database` | PostgreSQL database name | `brand_master_db` |
| `postgres.persistence.size` | Size of database PVC | `10Gi` |
## Building Docker Images
### Backend
```bash
cd backend
docker build -t harbor.dvirlabs.com/my-apps/brand-master-backend:latest .
docker push harbor.dvirlabs.com/my-apps/brand-master-backend:latest
```
### Frontend
```bash
cd frontend
docker build -t harbor.dvirlabs.com/my-apps/brand-master-frontend:latest \
--build-arg VITE_API_URL=https://api-brand-master.dvirlabs.com .
docker push harbor.dvirlabs.com/my-apps/brand-master-frontend:latest
```
## Storage
The chart creates two PVCs:
1. **Database PVC**: 10GB for PostgreSQL data
2. **Uploads PVC**: 15GB for product images at `/app/uploads`
Both use the `nfs-client` storage class by default. Update this in `values.yaml` if needed.
## Ingress
The chart creates two ingress resources:
- **Frontend**: `brand-master.dvirlabs.com`
- **Backend API**: `api-brand-master.dvirlabs.com`
TLS is enabled by default using Let's Encrypt via cert-manager.
## Troubleshooting
### Check pod status
```bash
kubectl get pods -n my-apps
```
### View logs
```bash
# Backend logs
kubectl logs -n my-apps -l app.kubernetes.io/component=backend
# Frontend logs
kubectl logs -n my-apps -l app.kubernetes.io/component=frontend
# Database logs
kubectl logs -n my-apps -l app.kubernetes.io/component=database
```
### Access services locally
```bash
# Frontend
kubectl port-forward -n my-apps svc/brand-master-frontend 8080:80
# Backend
kubectl port-forward -n my-apps svc/brand-master-backend 8000:8000
# Database
kubectl port-forward -n my-apps svc/brand-master-db 5432:5432
```
### Check PVC status
```bash
kubectl get pvc -n my-apps
```
## Security Notes
1. **Change the JWT secret** in production
2. **Update database credentials**
3. **Use strong passwords**
4. **Configure proper CORS settings**
5. **Review and adjust resource limits**
6. **Enable network policies** if needed
7. **Use image pull secrets** for private registries
## Support
For issues or questions, refer to the main repository documentation.

48
charts/brand-master-chart/templates/NOTES.txt
View File

@ -1,48 +0,0 @@
1. Get the application URL by running these commands:
{{- if .Values.frontend.ingress.enabled }}
{{- range $host := .Values.frontend.ingress.hosts }}
{{- range .paths }}
Frontend: http{{ if $.Values.frontend.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.enabled }}
{{- range $host := .Values.backend.ingress.hosts }}
{{- range .paths }}
Backend API: http{{ if $.Values.backend.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
{{- end }}
{{- end }}
2. Database Connection:
Host: {{ include "brand-master.fullname" . }}-db
Port: {{ .Values.postgres.port }}
Database: {{ .Values.postgres.database }}
User: {{ .Values.postgres.user }}
3. Product Images Storage:
{{- if .Values.backend.persistence.enabled }}
PVC: {{ include "brand-master.fullname" . }}-uploads-pvc
Size: {{ .Values.backend.persistence.size }}
Mount Path: {{ .Values.backend.persistence.mountPath }}
{{- else }}
Warning: Persistence is disabled. Product images will be lost on pod restart!
{{- end }}
4. IMPORTANT Security Notes:
- Change the JWT secret key in values.yaml before deploying to production
- Update the database password in values.yaml
- Configure your domain names in the ingress sections
- Ensure cert-manager is installed for TLS certificates
5. To access the application locally without ingress:
kubectl port-forward svc/{{ include "brand-master.fullname" . }}-frontend 8080:80
kubectl port-forward svc/{{ include "brand-master.fullname" . }}-backend 8000:8000
6. To check pod status:
kubectl get pods -l app.kubernetes.io/instance={{ .Release.Name }}
7. To view logs:
kubectl logs -l app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=backend
kubectl logs -l app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=frontend

60
charts/brand-master-chart/templates/_helpers.tpl
View File

@ -1,60 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "brand-master.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "brand-master.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "brand-master.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "brand-master.labels" -}}
helm.sh/chart: {{ include "brand-master.chart" . }}
{{ include "brand-master.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "brand-master.selectorLabels" -}}
app.kubernetes.io/name: {{ include "brand-master.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "brand-master.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "brand-master.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

106
charts/brand-master-chart/templates/backend-deployment.yaml
View File

@ -1,106 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "brand-master.fullname" . }}-backend
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
{{- include "brand-master.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: backend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "brand-master.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: backend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "brand-master.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: wait-for-postgres
image: harbor.dvirlabs.com/base-images/busybox:1.35
command: ['sh', '-c', 'until nc -z {{ include "brand-master.fullname" . }}-db-headless {{ .Values.postgres.port | default 5432 }}; do echo waiting for postgres; sleep 2; done;']
containers:
- name: backend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: database-url
- name: JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: jwt-secret-key
- name: JWT_ALGORITHM
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: jwt-algorithm
- name: ACCESS_TOKEN_EXPIRE_MINUTES
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: jwt-expire-minutes
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
volumeMounts:
{{- if .Values.backend.persistence.enabled }}
- name: uploads
mountPath: {{ .Values.backend.persistence.mountPath }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
volumes:
{{- if .Values.backend.persistence.enabled }}
- name: uploads
persistentVolumeClaim:
claimName: {{ include "brand-master.fullname" . }}-uploads-pvc
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

42
charts/brand-master-chart/templates/backend-ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.backend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "brand-master.fullname" . }}-backend
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "brand-master.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- end }}

18
charts/brand-master-chart/templates/backend-pvc.yaml
View File

@ -1,18 +0,0 @@
{{- if .Values.backend.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "brand-master.fullname" . }}-uploads-pvc
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
accessModes:
- {{ .Values.backend.persistence.accessMode }}
{{- if .Values.backend.persistence.storageClass }}
storageClassName: {{ .Values.backend.persistence.storageClass }}
{{- end }}
resources:
requests:
storage: {{ .Values.backend.persistence.size }}
{{- end }}

17
charts/brand-master-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "brand-master.fullname" . }}-backend
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
name: http
selector:
{{- include "brand-master.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: backend

36
charts/brand-master-chart/templates/db-service.yaml
View File

@ -1,36 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "brand-master.fullname" . }}-db
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
type: {{ .Values.postgres.service.type }}
ports:
- port: {{ .Values.postgres.service.port }}
targetPort: {{ .Values.postgres.service.targetPort }}
protocol: TCP
name: postgres
selector:
{{- include "brand-master.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: database
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "brand-master.fullname" . }}-db-headless
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
type: ClusterIP
clusterIP: None
ports:
- port: {{ .Values.postgres.service.port }}
targetPort: {{ .Values.postgres.service.targetPort }}
protocol: TCP
name: postgres
selector:
{{- include "brand-master.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: database

124
charts/brand-master-chart/templates/db-statefulset.yaml
View File

@ -1,124 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "brand-master.fullname" . }}-db
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
serviceName: {{ include "brand-master.fullname" . }}-db-headless
replicas: 1
selector:
matchLabels:
{{- include "brand-master.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: database
template:
metadata:
labels:
{{- include "brand-master.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: database
spec:
securityContext:
fsGroup: 999
initContainers:
- name: fix-permissions
image: harbor.dvirlabs.com/base-images/busybox:1.35
command:
- sh
- -c
- |
chown -R 999:999 /var/lib/postgresql/data || true
chmod 700 /var/lib/postgresql/data || true
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
securityContext:
runAsUser: 0
containers:
- name: postgres
securityContext:
runAsUser: 999
runAsNonRoot: true
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
ports:
- name: postgres
containerPort: {{ .Values.postgres.port }}
protocol: TCP
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: postgres-user
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: postgres-password
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: {{ include "brand-master.fullname" . }}-secrets
key: postgres-database
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
- name: postgres-run
mountPath: /var/run/postgresql
resources:
{{- toYaml .Values.postgres.resources | nindent 12 }}
startupProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 30
livenessProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 3
volumes:
- name: postgres-run
emptyDir: {}
{{- if .Values.postgres.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: postgres-data
labels:
{{- include "brand-master.labels" . | nindent 8 }}
spec:
accessModes:
- {{ .Values.postgres.persistence.accessMode }}
{{- if .Values.postgres.persistence.storageClass }}
storageClassName: {{ .Values.postgres.persistence.storageClass }}
{{- end }}
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}
{{- else }}
- name: postgres-data
emptyDir: {}
{{- end }}

73
charts/brand-master-chart/templates/frontend-deployment.yaml
View File

@ -1,73 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "brand-master.fullname" . }}-frontend
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
{{- include "brand-master.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: frontend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "brand-master.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: frontend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "brand-master.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: frontend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
{{- if .Values.frontend.env }}
env:
{{- range $key, $value := .Values.frontend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.frontend.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

51
charts/brand-master-chart/templates/frontend-ingress.yaml
View File

@ -1,51 +0,0 @@
{{- if .Values.frontend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "brand-master.fullname" . }}-frontend
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
# Route /uploads to backend for serving static images
- path: /uploads
pathType: Prefix
backend:
service:
name: {{ include "brand-master.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
# Route everything else to frontend
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "brand-master.fullname" $ }}-frontend
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- end }}

17
charts/brand-master-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "brand-master.fullname" . }}-frontend
labels:
{{- include "brand-master.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
name: http
selector:
{{- include "brand-master.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: frontend

15
charts/brand-master-chart/templates/secret.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "brand-master.fullname" . }}-secrets
labels:
{{- include "brand-master.labels" . | nindent 4 }}
type: Opaque
stringData:
postgres-user: {{ .Values.postgres.user | quote }}
postgres-password: {{ .Values.postgres.password | quote }}
postgres-database: {{ .Values.postgres.database | quote }}
database-url: "postgresql://{{ .Values.postgres.user }}:{{ .Values.postgres.password }}@{{ include "brand-master.fullname" . }}-db:{{ .Values.postgres.port }}/{{ .Values.postgres.database }}"
jwt-secret-key: {{ .Values.backend.jwtSecretKey | quote }}
jwt-algorithm: {{ .Values.backend.jwtAlgorithm | quote }}
jwt-expire-minutes: {{ .Values.backend.jwtExpireMinutes | quote }}

12
charts/brand-master-chart/templates/serviceaccount.yaml
View File

@ -1,12 +0,0 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "brand-master.serviceAccountName" . }}
labels:
{{- include "brand-master.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

175
charts/brand-master-chart/values.yaml
View File

@ -1,175 +0,0 @@
global:
namespace: my-apps
imagePullSecrets: []
# Backend configuration
backend:
name: backend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/brand-master-backend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
requests:
cpu: 200m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
env:
PYTHONUNBUFFERED: "1"
BACKEND_URL: "https://api-brand-master.dvirlabs.com"
FRONTEND_URL: "https://brand-master.dvirlabs.com"
# Admin user credentials (change in production!)
ADMIN_EMAIL: "admin@brand-master.com"
ADMIN_PASSWORD: "admin123" # CHANGE THIS!
ADMIN_FULL_NAME: "System Administrator"
# Set to "true" to reset admin password on every deployment (useful if you forgot password)
FORCE_ADMIN_PASSWORD_RESET: "false"
# Email configuration for password reset (optional)
SMTP_HOST: "smtp.gmail.com"
SMTP_PORT: "587"
SMTP_USERNAME: "dvirlabs@gmail.com"
SMTP_PASSWORD: "tlet bebr jwbe amzw"
SMTP_FROM: "dvirlabs@gmail.com"
# JWT Secret Key (IMPORTANT: Change this in production!)
jwtSecretKey: "your-secret-key-change-this-in-production"
jwtAlgorithm: "HS256"
jwtExpireMinutes: "30"
# Persistent storage for product images
persistence:
enabled: true
storageClass: "nfs-client"
accessMode: ReadWriteOnce
size: 15Gi
mountPath: /app/uploads
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-brand-master.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-brand-master-tls
hosts:
- api-brand-master.dvirlabs.com
# Frontend configuration
frontend:
name: frontend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/brand-master-frontend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 80
targetPort: 80
env:
VITE_API_URL: "https://api-brand-master.dvirlabs.com"
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: brand-master.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: brand-master-tls
hosts:
- brand-master.dvirlabs.com
# PostgreSQL configuration
postgres:
name: db
image:
repository: harbor.dvirlabs.com/base-images/postgres
tag: "16-alpine"
pullPolicy: IfNotPresent
user: brand_master_user
password: brand_master_password
database: brand_master_db
port: 5432
service:
type: ClusterIP
port: 5432
targetPort: 5432
persistence:
enabled: true
accessMode: ReadWriteOnce
storageClass: "nfs-client"
size: 10Gi
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
# Service Account
serviceAccount:
create: true
annotations: {}
name: ""
# Pod annotations
podAnnotations: {}
# Pod security context
podSecurityContext: {}
# fsGroup: 2000
# Container security context
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# Node selector
nodeSelector: {}
# Tolerations
tolerations: []
# Affinity
affinity: {}

6
charts/calink-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: calink
description: Calink calendar event generator
type: application
version: 1.0.0
appVersion: "1.0.0"

43
charts/calink-chart/templates/NOTES.txt
View File

@ -1,43 +0,0 @@
Thank you for installing {{ .Chart.Name }}!
Your release is named {{ .Release.Name }}.
To learn more about the release, try:
$ helm status {{ .Release.Name }}
$ helm get all {{ .Release.Name }}
{{- if or .Values.frontend.ingress.enabled .Values.backend.ingress.enabled }}
Calink is accessible at:
{{- if .Values.frontend.ingress.enabled }}
Frontend:
{{- range .Values.frontend.ingress.hosts }}
http{{ if $.Values.frontend.ingress.tls }}s{{ end }}://{{ .host }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.enabled }}
Backend API:
{{- range .Values.backend.ingress.hosts }}
http{{ if $.Values.backend.ingress.tls }}s{{ end }}://{{ .host }}
{{- end }}
{{- end }}
{{- else }}
To access Calink, forward the ports:
kubectl port-forward svc/{{ include "calink.fullname" . }}-frontend 8080:80
kubectl port-forward svc/{{ include "calink.fullname" . }}-backend 8000:8000
Then visit:
Frontend: http://localhost:8080
Backend: http://localhost:8000
{{- end }}
Backend API documentation is available at:
/docs
Health check endpoint:
/health

84
charts/calink-chart/templates/_helpers.tpl
View File

@ -1,84 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "calink.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "calink.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "calink.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "calink.labels" -}}
helm.sh/chart: {{ include "calink.chart" . }}
{{ include "calink.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.commonLabels }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "calink.selectorLabels" -}}
app.kubernetes.io/name: {{ include "calink.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Backend labels
*/}}
{{- define "calink.backend.labels" -}}
{{ include "calink.labels" . }}
app.kubernetes.io/component: backend
{{- end }}
{{/*
Backend selector labels
*/}}
{{- define "calink.backend.selectorLabels" -}}
{{ include "calink.selectorLabels" . }}
app.kubernetes.io/component: backend
{{- end }}
{{/*
Frontend labels
*/}}
{{- define "calink.frontend.labels" -}}
{{ include "calink.labels" . }}
app.kubernetes.io/component: frontend
{{- end }}
{{/*
Frontend selector labels
*/}}
{{- define "calink.frontend.selectorLabels" -}}
{{ include "calink.selectorLabels" . }}
app.kubernetes.io/component: frontend
{{- end }}

63
charts/calink-chart/templates/deployment-backend.yaml
View File

@ -1,63 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "calink.fullname" . }}-backend
labels:
{{- include "calink.backend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.backend.replicas }}
selector:
matchLabels:
{{- include "calink.backend.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "calink.backend.selectorLabels" . | nindent 8 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: backend
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- name: http
containerPort: 8000
protocol: TCP
env:
{{- toYaml .Values.backend.env | nindent 12 }}
{{- if .Values.backend.persistence.enabled }}
volumeMounts:
- name: data
mountPath: {{ .Values.backend.persistence.mountPath }}
{{- end }}
livenessProbe:
httpGet:
path: {{ .Values.backend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.backend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.backend.healthCheck.periodSeconds }}
readinessProbe:
httpGet:
path: {{ .Values.backend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.backend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.backend.healthCheck.periodSeconds }}
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
{{- if .Values.backend.persistence.enabled }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "calink.fullname" . }}-backend-data
{{- end }}

50
charts/calink-chart/templates/deployment-frontend.yaml
View File

@ -1,50 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "calink.fullname" . }}-frontend
labels:
{{- include "calink.frontend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.frontend.replicas }}
selector:
matchLabels:
{{- include "calink.frontend.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "calink.frontend.selectorLabels" . | nindent 8 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: frontend
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: {{ .Values.frontend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.frontend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.frontend.healthCheck.periodSeconds }}
readinessProbe:
httpGet:
path: {{ .Values.frontend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.frontend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.frontend.healthCheck.periodSeconds }}
resources:
{{- toYaml .Values.frontend.resources | nindent 12 }}

93
charts/calink-chart/templates/ingress.yaml
View File

@ -1,93 +0,0 @@
{{- if .Values.frontend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "calink.fullname" . }}-frontend
labels:
{{- include "calink.labels" . | nindent 4 }}
component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.commonAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "calink.fullname" $ }}-frontend
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.backend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "calink.fullname" . }}-backend
labels:
{{- include "calink.labels" . | nindent 4 }}
component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.commonAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "calink.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}

21
charts/calink-chart/templates/pvc.yaml
View File

@ -1,21 +0,0 @@
{{- if .Values.backend.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "calink.fullname" . }}-backend-data
labels:
{{- include "calink.backend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.backend.persistence.storageClass }}
storageClassName: {{ .Values.backend.persistence.storageClass }}
{{- end }}
resources:
requests:
storage: {{ .Values.backend.persistence.size }}
{{- end }}

19
charts/calink-chart/templates/service-backend.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "calink.fullname" . }}-backend
labels:
{{- include "calink.backend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "calink.backend.selectorLabels" . | nindent 4 }}

19
charts/calink-chart/templates/service-frontend.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "calink.fullname" . }}-frontend
labels:
{{- include "calink.frontend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "calink.frontend.selectorLabels" . | nindent 4 }}

101
charts/calink-chart/values.yaml
View File

@ -1,101 +0,0 @@
nameOverride: ""
fullnameOverride: ""
imagePullSecrets: []
commonLabels: {}
commonAnnotations: {}
backend:
image:
repository: calink-backend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
env:
- name: DATABASE_PATH
value: "/data/app.db"
persistence:
enabled: true
storageClass: ""
size: 1Gi
mountPath: /data
service:
type: ClusterIP
port: 8000
healthCheck:
path: /health
initialDelaySeconds: 10
periodSeconds: 30
ingress:
enabled: true
className: ""
annotations: {}
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/router.tls: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: api-calink.example.com
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: api-calink-tls
# hosts:
# - api-calink.example.com
frontend:
image:
repository: calink-frontend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi
service:
type: ClusterIP
port: 80
healthCheck:
path: /
initialDelaySeconds: 5
periodSeconds: 30
ingress:
enabled: true
className: ""
annotations: {}
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/router.tls: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: calink.example.com
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: calink-tls
# hosts:
# - calink.example.com

12
charts/dateme-chart/Chart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v2
name: dating-app
description: MVP dating app Helm chart for Kubernetes deployment
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- dating
- social
- chat
maintainers:
- name: DevOps Team

201
charts/dateme-chart/README.md
View File

@ -1,201 +0,0 @@
# Helm Chart README
## Dating App Helm Chart
This Helm chart deploys the MVP dating application to Kubernetes with all necessary components.
### Prerequisites
- Kubernetes 1.19+
- Helm 3.0+
- Nginx Ingress Controller (for ingress)
- Storage provisioner (for PVC)
### Installation
#### Basic Installation (Development)
```bash
# Install with default values
helm install dating-app ./helm/dating-app -n dating-app --create-namespace
```
#### Production Installation with Custom Values
```bash
# Create custom values file
cp helm/dating-app/values.yaml my-values.yaml
# Edit my-values.yaml with your configuration
# Then install
helm install dating-app ./helm/dating-app -n dating-app --create-namespace -f my-values.yaml
```
### Configuration
Edit `values.yaml` to customize:
#### Ingress Hosts
```yaml
backend:
ingress:
host: api.yourdomain.com
frontend:
ingress:
host: app.yourdomain.com
```
#### Database
```yaml
postgres:
credentials:
username: your_user
password: your_password
database: your_db
```
#### Backend Environment
```yaml
backend:
environment:
JWT_SECRET: your-secret-key
CORS_ORIGINS: "https://app.yourdomain.com"
```
#### Frontend API URL
```yaml
frontend:
environment:
VITE_API_URL: "https://api.yourdomain.com"
```
#### Storage Classes
For cloud deployments (AWS, GCP, etc.), specify storage class:
```yaml
backend:
persistence:
storageClass: ebs-sc # AWS EBS
size: 10Gi
postgres:
persistence:
storageClass: ebs-sc
size: 20Gi
```
#### Replicas and Resources
```yaml
backend:
replicas: 3
resources:
requests:
memory: "512Mi"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "500m"
frontend:
replicas: 2
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "200m"
```
### Upgrading
```bash
helm upgrade dating-app ./helm/dating-app -f my-values.yaml
```
### Uninstalling
```bash
helm uninstall dating-app -n dating-app
```
### AWS Migration
To deploy to AWS:
1. **RDS for PostgreSQL**: Disable postgres in chart
```yaml
postgres:
enabled: false
```
2. **Update database URL** to RDS endpoint
```yaml
backend:
environment:
DATABASE_URL: "postgresql://user:password@your-rds-endpoint:5432/dating_app"
```
3. **S3 for Media Storage**: Update backend environment
```yaml
backend:
environment:
MEDIA_STORAGE: s3
S3_BUCKET: your-bucket
AWS_REGION: us-east-1
```
4. **Use AWS Load Balancer Controller** for ingress
```yaml
ingress:
className: aws-alb
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
```
5. **Use EBS for persistent storage**
```yaml
backend:
persistence:
storageClass: ebs-sc
```
### Troubleshooting
Check pod status:
```bash
kubectl get pods -n dating-app
kubectl logs -n dating-app <pod-name>
```
Check services:
```bash
kubectl get svc -n dating-app
```
Check ingress:
```bash
kubectl get ingress -n dating-app
```
Port forward for debugging:
```bash
kubectl port-forward -n dating-app svc/backend 8000:8000
kubectl port-forward -n dating-app svc/frontend 3000:80
```
### Database Initialization
The backend automatically initializes tables on startup. To verify:
```bash
kubectl exec -it -n dating-app <postgres-pod> -- psql -U dating_user -d dating_app -c "\dt"
```
### Notes
- This chart is designed to be portable between on-premises and cloud deployments
- Modify `values.yaml` for your specific infrastructure
- For production, use external secrets management (HashiCorp Vault, AWS Secrets Manager, etc.)
- Enable TLS/SSL with cert-manager for production ingress
- Configure proper backup strategies for PostgreSQL PVC

84
charts/dateme-chart/templates/backend-deployment.yaml
View File

@ -1,84 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.backend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
initContainers:
- name: wait-for-postgres
image: postgres:16-alpine
command:
- /bin/sh
- -c
- |
until pg_isready -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -p {{ .Values.postgres.port }}; do
echo "Waiting for PostgreSQL..."
sleep 2
done
echo "PostgreSQL is ready!"
containers:
- name: {{ .Values.backend.name }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.backend.service.targetPort }}
name: http
protocol: TCP
env:
{{- if .Values.backend.env }}
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
envFrom:
- secretRef:
name: {{ .Release.Name }}-db-credentials
startupProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 30
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.backend.resources.requests.cpu }}
memory: {{ .Values.backend.resources.requests.memory }}
limits:
cpu: {{ .Values.backend.resources.limits.cpu }}
memory: {{ .Values.backend.resources.limits.memory }}

17
charts/dateme-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.backend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
type: {{ .Values.backend.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
ports:
- name: http
port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP

37
charts/dateme-chart/templates/db-migration-job.yaml
View File

@ -1,37 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-db-migration
namespace: {{ .Values.global.namespace }}
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: migrate
image: postgres:16-alpine
command:
- /bin/sh
- -c
- |
echo "Running DB migration: add display_name to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS display_name TEXT;"
echo "Running DB migration: add age to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS age INTEGER;"
echo "Running DB migration: add gender to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS gender TEXT;"
echo "Running DB migration: add location to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS location TEXT;"
echo "Running DB migration: add bio to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS bio TEXT;"
echo "Running DB migration: add interests to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS interests TEXT;"
echo "Running DB migration: add photos to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS photos TEXT[];"
echo "Running DB migration: add acknowledged_at to likes..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE likes ADD COLUMN IF NOT EXISTS acknowledged_at TIMESTAMP;"
echo "Running DB migration: add read_at to messages..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE messages ADD COLUMN IF NOT EXISTS read_at TIMESTAMP;"
env:
- name: PGPASSWORD
value: {{ .Values.postgres.password | quote }}

56
charts/dateme-chart/templates/db-schema-configmap.yaml
View File

@ -1,56 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-db-schema
namespace: {{ .Values.global.namespace }}
data:
schema.sql: |
-- Create users table
CREATE TABLE IF NOT EXISTS users (
id SERIAL PRIMARY KEY,
username TEXT UNIQUE NOT NULL,
email TEXT UNIQUE NOT NULL,
hashed_password TEXT NOT NULL,
first_name TEXT,
last_name TEXT,
age INTEGER,
gender TEXT,
bio TEXT,
profile_picture TEXT,
location TEXT,
interests TEXT[] DEFAULT '{}',
is_active BOOLEAN DEFAULT TRUE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_users_username ON users (username);
CREATE INDEX IF NOT EXISTS idx_users_email ON users (email);
CREATE INDEX IF NOT EXISTS idx_users_is_active ON users (is_active);
-- Profiles table for additional user info
CREATE TABLE IF NOT EXISTS profiles (
id SERIAL PRIMARY KEY,
user_id INTEGER UNIQUE NOT NULL REFERENCES users(id) ON DELETE CASCADE,
verified BOOLEAN DEFAULT FALSE,
verification_token TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_profiles_user_id ON profiles (user_id);
-- Matches/Likes table
CREATE TABLE IF NOT EXISTS matches (
id SERIAL PRIMARY KEY,
user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
matched_user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
status TEXT DEFAULT 'pending',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_matches_user_id ON matches (user_id);
CREATE INDEX IF NOT EXISTS idx_matches_matched_user_id ON matches (matched_user_id);
-- Prevent duplicate matches in both directions
CREATE UNIQUE INDEX IF NOT EXISTS idx_matches_unique ON matches
(LEAST(user_id, matched_user_id), GREATEST(user_id, matched_user_id));

13
charts/dateme-chart/templates/db-secret.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-db-credentials
namespace: {{ .Values.global.namespace }}
type: Opaque
stringData:
DATABASE_URL: postgresql://{{ .Values.postgres.user }}:{{ .Values.postgres.password }}@{{ .Release.Name }}-{{ .Values.postgres.name }}-headless.{{ .Values.global.namespace }}.svc.cluster.local:{{ .Values.postgres.port }}/{{ .Values.postgres.database }}
DB_HOST: {{ printf "%s-%s-headless.%s.svc.cluster.local" .Release.Name .Values.postgres.name .Values.global.namespace }}
DB_PORT: "{{ .Values.postgres.port }}"
DB_NAME: {{ .Values.postgres.database | quote }}
DB_USER: {{ .Values.postgres.user | quote }}
DB_PASSWORD: {{ .Values.postgres.password | quote }}

35
charts/dateme-chart/templates/db-service.yaml
View File

@ -1,35 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}-headless
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
clusterIP: None
selector:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
ports:
- name: postgres
port: {{ .Values.postgres.port }}
targetPort: {{ .Values.postgres.port }}
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
type: {{ .Values.postgres.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
ports:
- name: postgres
port: {{ .Values.postgres.service.port }}
targetPort: {{ .Values.postgres.port }}
protocol: TCP

84
charts/dateme-chart/templates/db-statefulset.yaml
View File

@ -1,84 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
serviceName: {{ .Release.Name }}-{{ .Values.postgres.name }}-headless
replicas: 1
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
containers:
- name: postgres
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
ports:
- containerPort: {{ .Values.postgres.port }}
name: postgres
protocol: TCP
env:
- name: POSTGRES_USER
value: {{ .Values.postgres.user | quote }}
- name: POSTGRES_PASSWORD
value: {{ .Values.postgres.password | quote }}
- name: POSTGRES_DB
value: {{ .Values.postgres.database | quote }}
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
- name: init-sql
mountPath: /docker-entrypoint-initdb.d
livenessProbe:
exec:
command:
- /bin/sh
- -c
- pg_isready -U {{ .Values.postgres.user }}
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- /bin/sh
- -c
- pg_isready -U {{ .Values.postgres.user }}
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 2
failureThreshold: 3
resources:
requests:
cpu: {{ .Values.postgres.resources.requests.cpu }}
memory: {{ .Values.postgres.resources.requests.memory }}
limits:
cpu: {{ .Values.postgres.resources.limits.cpu }}
memory: {{ .Values.postgres.resources.limits.memory }}
volumes:
- name: init-sql
configMap:
name: {{ .Release.Name }}-db-schema
defaultMode: 0755
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- {{ .Values.postgres.persistence.accessMode }}
storageClassName: {{ .Values.postgres.persistence.storageClass }}
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}

75
charts/dateme-chart/templates/frontend-deployment.yaml
View File

@ -1,75 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.frontend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
initContainers:
- name: wait-for-backend
image: busybox:1.35
command:
- /bin/sh
- -c
- |
echo "Waiting for backend to be ready..."
until wget -q -O- http://{{ .Release.Name }}-{{ .Values.backend.name }}:{{ .Values.backend.service.port }}/health > /dev/null 2>&1; do
echo "Backend not ready, waiting..."
sleep 2
done
echo "Backend is ready!"
containers:
- name: {{ .Values.frontend.name }}
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.frontend.service.targetPort }}
name: http
protocol: TCP
volumeMounts:
- name: env-config
mountPath: /usr/share/nginx/html/env.js
subPath: env.js
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.frontend.resources.requests.cpu }}
memory: {{ .Values.frontend.resources.requests.memory }}
limits:
cpu: {{ .Values.frontend.resources.limits.cpu }}
memory: {{ .Values.frontend.resources.limits.memory }}
volumes:
- name: env-config
configMap:
name: {{ .Release.Name }}-frontend-env-config

13
charts/dateme-chart/templates/frontend-env-configmap.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-frontend-env-config
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
data:
env.js: |
window.__ENV__ = {
API_BASE: "{{ .Values.frontend.env.API_BASE }}"
};

17
charts/dateme-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.frontend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
type: {{ .Values.frontend.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
ports:
- name: http
port: {{ .Values.frontend.service.port }}
targetPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP

89
charts/dateme-chart/templates/ingress.yaml
View File

@ -1,89 +0,0 @@
{{- if .Values.frontend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-frontend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-frontend
component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.frontend.name }}
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.backend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-backend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-backend
component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.backend.name }}
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}

79
charts/dateme-chart/values-aws.yaml
View File

@ -1,79 +0,0 @@
---
# Example values for AWS deployment
# Copy to values-aws.yaml and customize with your AWS details
global:
domain: yourdomain.com
# Disable built-in PostgreSQL and use RDS instead
postgres:
enabled: false
backend:
image:
repository: 123456789.dkr.ecr.us-east-1.amazonaws.com/dating-app-backend
tag: latest
pullPolicy: IfNotPresent
replicas: 3
resources:
requests:
memory: "512Mi"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "500m"
service:
port: 8000
type: ClusterIP
ingress:
enabled: true
className: aws-alb
host: api.yourdomain.com
path: /
pathType: Prefix
environment:
# Use RDS endpoint here with updated credentials
DATABASE_URL: "postgresql://dating_app_user:Aa123456@your-rds-endpoint.us-east-1.rds.amazonaws.com:5432/dating_app"
JWT_SECRET: "your-secure-secret-key"
JWT_EXPIRES_MINUTES: "1440"
MEDIA_DIR: /app/media
CORS_ORIGINS: "https://yourdomain.com,https://api.yourdomain.com"
persistence:
enabled: true
size: 20Gi
storageClass: ebs-sc # AWS EBS storage class
mountPath: /app/media
frontend:
image:
repository: 123456789.dkr.ecr.us-east-1.amazonaws.com/dating-app-frontend
tag: latest
pullPolicy: IfNotPresent
replicas: 3
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "200m"
service:
port: 80
type: ClusterIP
ingress:
enabled: true
className: aws-alb
host: yourdomain.com
path: /
pathType: Prefix
env:
API_BASE: "https://api.yourdomain.com"
ingress:
enabled: true
className: aws-alb
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
cert-manager.io/cluster-issuer: "letsencrypt-prod"
alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:us-east-1:123456789:certificate/xxxx"

80
charts/dateme-chart/values-lab.yaml
View File

@ -1,80 +0,0 @@
---
# Example values for development/lab deployment
# Copy to values-dev.yaml and customize
global:
domain: lab.local
postgres:
enabled: true
replicas: 1
persistence:
enabled: true
size: 5Gi
storageClass: "" # Use default storage class
credentials:
username: dating_app_user
password: Aa123456
database: dating_app
backend:
image:
repository: dating-app-backend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
service:
port: 8000
type: ClusterIP
ingress:
enabled: true
className: nginx
host: api.lab.local
path: /
pathType: Prefix
environment:
JWT_SECRET: dev-secret-key-change-in-production
JWT_EXPIRES_MINUTES: "1440"
MEDIA_DIR: /app/media
CORS_ORIGINS: "http://localhost:5173,http://localhost:3000,http://api.lab.local,http://app.lab.local"
persistence:
enabled: true
size: 5Gi
storageClass: ""
frontend:
image:
repository: dating-app-frontend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
requests:
memory: "128Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "200m"
service:
port: 80
type: ClusterIP
ingress:
enabled: true
className: nginx
host: app.lab.local
path: /
pathType: Prefix
env:
API_BASE: "http://api.lab.local"
ingress:
enabled: true
className: nginx
annotations: {}

125
charts/dateme-chart/values.yaml
View File

@ -1,125 +0,0 @@
# Default values for dateme-chart
global:
namespace: my-apps
imagePullSecrets: []
# Backend configuration
backend:
name: backend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/dateme-backend
pullPolicy: Always
tag: develop-latest
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
env:
PYTHONUNBUFFERED: "1"
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-dateme.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-dateme-tls
hosts:
- api-dateme.dvirlabs.com
# Frontend configuration
frontend:
name: frontend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/dateme-frontend
pullPolicy: Always
tag: develop-latest
service:
type: ClusterIP
port: 80
targetPort: 80
env:
API_BASE: "https://api-dateme.dvirlabs.com"
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: dateme.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: dateme-tls
hosts:
- dateme.dvirlabs.com
externalUrl: "https://dateme.dvirlabs.com"
# PostgreSQL configuration
postgres:
name: db
image:
repository: postgres
tag: "16"
pullPolicy: IfNotPresent
user: dateme_user
password: dateme_password
database: dateme_db
port: 5432
service:
type: ClusterIP
port: 5432
targetPort: 5432
persistence:
enabled: true
accessMode: ReadWriteOnce
storageClass: "nfs-client"
size: 10Gi
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
# Ingress (top-level, disabled - use component-specific ingress instead)
ingress:
enabled: false
className: "traefik"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: dateme.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: dateme-tls
hosts:
- dateme.dvirlabs.com

6
charts/dvirlabs-landing-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: dvirlabs-landing
description: Simple static landing page for dvirlabs.com
type: application
version: 0.1.0
appVersion: "1.0.0"

15
charts/dvirlabs-landing-chart/templates/_helpers.tpl
View File

@ -1,15 +0,0 @@
{{- define "dvirlabs-landing.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end }}
{{- define "dvirlabs-landing.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name (include "dvirlabs-landing.name" .) | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- define "dvirlabs-landing.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" -}}
{{- end }}

38
charts/dvirlabs-landing-chart/templates/deployment.yaml
View File

@ -1,38 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "dvirlabs-landing.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
helm.sh/chart: {{ include "dvirlabs-landing.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: dvirlabs-landing
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
env:
- name: LAB_LINKS
value: '{{ toJson .Values.links }}'
resources:
{{- toYaml .Values.resources | nindent 12 }}

42
charts/dvirlabs-landing-chart/templates/ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "dvirlabs-landing.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "dvirlabs-landing.fullname" $ }}
port:
number: {{ $.Values.service.port }}
{{- end }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- secretName: {{ .secretName }}
hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

17
charts/dvirlabs-landing-chart/templates/service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "dvirlabs-landing.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

54
charts/dvirlabs-landing-chart/values.yaml
View File

@ -1,54 +0,0 @@
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/dvirlabs-landing
tag: "master-2ee2f13"
pullPolicy: IfNotPresent
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
service:
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations: {}
hosts:
- host: dvirlabs.com
paths:
- path: /
pathType: Prefix
tls: []
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
links:
- id: gitea
label: "Git Service"
desc: "Self-hosted Git repositories & CI integration."
chip: "Gitea"
url: "https://git.dvirlabs.com"
- id: grafana
label: "Observability"
desc: "Dashboards, metrics, and alerts for lab services."
chip: "Grafana"
url: "https://grafana.dvirlabs.com"
- id: argocd
label: "GitOps Control"
desc: "Applications managed declaratively via Argo CD."
chip: "Argo CD"
url: "https://argocd.dvirlabs.com"
- id: wiki
label: "Lab Documentation"
desc: "Architecture diagrams, notes, and how-tos."
chip: "Wiki"
url: "https://wiki.dvirlabs.com"

15
charts/errorlab-chart/Chart.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v2
name: errorlab
description: Custom public error and landing pages for the home lab
type: application
version: 0.1.0
appVersion: "1.0.0"
keywords:
- errorlab
- '404'
- homelab
- devops
home: ""
sources: []
maintainers:
- name: dvirl

49
charts/errorlab-chart/templates/_helpers.tpl
View File

@ -1,49 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "errorlab.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "errorlab.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart label (name + version).
*/}}
{{- define "errorlab.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels applied to every resource.
*/}}
{{- define "errorlab.labels" -}}
helm.sh/chart: {{ include "errorlab.chart" . }}
{{ include "errorlab.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels (used in spec.selector.matchLabels and pod template labels).
*/}}
{{- define "errorlab.selectorLabels" -}}
app.kubernetes.io/name: {{ include "errorlab.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

59
charts/errorlab-chart/templates/deployment.yaml
View File

@ -1,59 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "errorlab.fullname" . }}
labels:
{{- include "errorlab.labels" . | nindent 4 }}
spec:
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
selector:
matchLabels:
{{- include "errorlab.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "errorlab.selectorLabels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
{{- toYaml .Values.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

22
charts/errorlab-chart/templates/hpa.yaml
View File

@ -1,22 +0,0 @@
{{- if .Values.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "errorlab.fullname" . }}
labels:
{{- include "errorlab.labels" . | nindent 4 }}
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: {{ include "errorlab.fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
maxReplicas: {{ .Values.autoscaling.maxReplicas }}
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}

35
charts/errorlab-chart/templates/ingress.yaml
View File

@ -1,35 +0,0 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "errorlab.fullname" . }}
labels:
{{- include "errorlab.labels" . | nindent 4 }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- toYaml .Values.ingress.tls | nindent 4 }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "errorlab.fullname" $ }}
port:
name: http
{{- end }}
{{- end }}
{{- end }}

15
charts/errorlab-chart/templates/service.yaml
View File

@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "errorlab.fullname" . }}
labels:
{{- include "errorlab.labels" . | nindent 4 }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "errorlab.selectorLabels" . | nindent 4 }}

87
charts/errorlab-chart/values.yaml
View File

@ -1,87 +0,0 @@
# ── Replica count ─────────────────────────────────────────────────────────────
replicaCount: 1
# ── Image ─────────────────────────────────────────────────────────────────────
image:
repository: errorlab # override with your registry, e.g. ghcr.io/dvirl/errorlab
tag: latest
pullPolicy: IfNotPresent
imagePullSecrets: []
# ── Service ───────────────────────────────────────────────────────────────────
service:
type: ClusterIP
port: 80
# ── Ingress ───────────────────────────────────────────────────────────────────
ingress:
enabled: true
className: nginx # set to your ingress class (e.g. "nginx", "traefik")
annotations: {}
# cert-manager.io/cluster-issuer: letsencrypt-prod
# nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
hosts:
- host: errorlab.lab # replace with your actual hostname
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: errorlab-tls
# hosts:
# - errorlab.lab
# ── Resources ─────────────────────────────────────────────────────────────────
resources:
requests:
cpu: 10m
memory: 32Mi
limits:
cpu: 100m
memory: 64Mi
# ── Pod settings ──────────────────────────────────────────────────────────────
podAnnotations: {}
podLabels: {}
podSecurityContext:
runAsNonRoot: true
runAsUser: 101 # nginx user in nginx:alpine
fsGroup: 101
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false # nginx needs to write to /var/cache/nginx
capabilities:
drop:
- ALL
# ── Probes ────────────────────────────────────────────────────────────────────
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 5
periodSeconds: 20
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 3
periodSeconds: 10
# ── Autoscaling (disabled by default for a static site) ───────────────────────
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 80
# ── Misc ──────────────────────────────────────────────────────────────────────
nameOverride: ""
fullnameOverride: ""
nodeSelector: {}
tolerations: []
affinity: {}

12
charts/invy-chart/Chart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v2
name: invy
description: A Helm chart for Invy - Wedding Guest List Management Application
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- invy
- wedding
- guest-management
maintainers:
- name: dvir

183
charts/invy-chart/README.md
View File

@ -1,183 +0,0 @@
# Invy Helm Chart
This Helm chart deploys the Invy wedding guest list management application on Kubernetes.
## Prerequisites
- Kubernetes 1.19+
- Helm 3.0+
- Persistent Volume provisioner support in the underlying infrastructure (for PostgreSQL)
- Ingress controller (Traefik recommended)
- Cert-manager (for TLS certificates)
## Components
This chart deploys the following components:
- **Frontend**: React + Vite application (Nginx)
- **Backend**: FastAPI application
- **Database**: PostgreSQL 16
## Installation
### Add the chart repository (if applicable)
```bash
helm repo add invy https://your-helm-repo.com
helm repo update
```
### Install the chart
```bash
# Install with default values
helm install invy ./invy-chart -n my-apps --create-namespace
# Install with custom values
helm install invy ./invy-chart -n my-apps --create-namespace -f custom-values.yaml
```
## Configuration
The following table lists the configurable parameters and their default values.
### Global Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `global.namespace` | Namespace for all resources | `my-apps` |
| `global.imagePullSecrets` | Image pull secrets | `[]` |
### Backend Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `backend.image.repository` | Backend image repository | `harbor.dvirlabs.com/my-apps/invy-backend` |
| `backend.image.tag` | Backend image tag | `latest` |
| `backend.replicaCount` | Number of backend replicas | `1` |
| `backend.service.port` | Backend service port | `8000` |
| `backend.ingress.enabled` | Enable backend ingress | `true` |
| `backend.ingress.hosts[0].host` | Backend ingress hostname | `api-invy.dvirlabs.com` |
### Frontend Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `frontend.image.repository` | Frontend image repository | `harbor.dvirlabs.com/my-apps/invy-frontend` |
| `frontend.image.tag` | Frontend image tag | `latest` |
| `frontend.replicaCount` | Number of frontend replicas | `1` |
| `frontend.service.port` | Frontend service port | `80` |
| `frontend.env.VITE_API_URL` | Backend API URL | `https://api-invy.dvirlabs.com` |
| `frontend.ingress.enabled` | Enable frontend ingress | `true` |
| `frontend.ingress.hosts[0].host` | Frontend ingress hostname | `invy.dvirlabs.com` |
### PostgreSQL Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `postgres.user` | PostgreSQL user | `invy_user` |
| `postgres.password` | PostgreSQL password | `invy_password` |
| `postgres.database` | PostgreSQL database name | `invy_db` |
| `postgres.persistence.enabled` | Enable persistence | `true` |
| `postgres.persistence.size` | Persistent volume size | `10Gi` |
| `postgres.persistence.storageClass` | Storage class | `nfs-client` |
## Building and Pushing Images
### Backend Image
```bash
cd backend
docker build -t harbor.dvirlabs.com/my-apps/invy-backend:latest .
docker push harbor.dvirlabs.com/my-apps/invy-backend:latest
```
### Frontend Image
```bash
cd frontend
docker build --build-arg VITE_API_URL=https://api-invy.dvirlabs.com -t harbor.dvirlabs.com/my-apps/invy-frontend:latest .
docker push harbor.dvirlabs.com/my-apps/invy-frontend:latest
```
## Upgrading
```bash
helm upgrade invy ./invy-chart -n my-apps
```
## Uninstalling
```bash
helm uninstall invy -n my-apps
```
## Customization
Create a `custom-values.yaml` file to override default values:
```yaml
backend:
image:
tag: "v1.0.0"
ingress:
hosts:
- host: api.mycompany.com
paths:
- path: /
pathType: Prefix
frontend:
image:
tag: "v1.0.0"
env:
VITE_API_URL: "https://api.mycompany.com"
ingress:
hosts:
- host: invy.mycompany.com
paths:
- path: /
pathType: Prefix
postgres:
password: "your-secure-password"
persistence:
storageClass: "your-storage-class"
```
Then install with:
```bash
helm install invy ./invy-chart -n my-apps -f custom-values.yaml
```
## Troubleshooting
### Check pod status
```bash
kubectl get pods -n my-apps
```
### View pod logs
```bash
# Backend logs
kubectl logs -n my-apps -l app.kubernetes.io/component=backend
# Frontend logs
kubectl logs -n my-apps -l app.kubernetes.io/component=frontend
# Database logs
kubectl logs -n my-apps -l app.kubernetes.io/component=database
```
### Access the database
```bash
kubectl exec -it -n my-apps invy-db-0 -- psql -U invy_user -d invy_db
```
## Support
For issues and feature requests, please open an issue in the repository.

38
charts/invy-chart/templates/NOTES.txt
View File

@ -1,38 +0,0 @@
Thank you for installing {{ .Chart.Name }}!
Your release is named {{ .Release.Name }}.
To learn more about the release, try:
$ helm status {{ .Release.Name }}
$ helm get all {{ .Release.Name }}
{{- if .Values.frontend.ingress.enabled }}
Application URLs:
{{- range .Values.frontend.ingress.hosts }}
Frontend: https://{{ .host }}
{{- end }}
{{- range .Values.backend.ingress.hosts }}
Backend API: https://{{ .host }}
{{- end }}
{{- else }}
To access your application:
1. Get the frontend URL:
export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.namespace }} -l "app.kubernetes.io/name={{ include "invy.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=frontend" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Values.global.namespace }} port-forward $POD_NAME 8080:80
echo "Visit http://127.0.0.1:8080 to use your application"
2. Get the backend URL:
export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.namespace }} -l "app.kubernetes.io/name={{ include "invy.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=backend" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Values.global.namespace }} port-forward $POD_NAME 8000:8000
echo "Visit http://127.0.0.1:8000 to access the API"
{{- end }}
Database connection:
Host: {{ include "invy.fullname" . }}-db
Port: {{ .Values.postgres.port }}
Database: {{ .Values.postgres.database }}
User: {{ .Values.postgres.user }}

60
charts/invy-chart/templates/_helpers.tpl
View File

@ -1,60 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "invy.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "invy.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "invy.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "invy.labels" -}}
helm.sh/chart: {{ include "invy.chart" . }}
{{ include "invy.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "invy.selectorLabels" -}}
app.kubernetes.io/name: {{ include "invy.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "invy.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "invy.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

100
charts/invy-chart/templates/backend-deployment.yaml
View File

@ -1,100 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "invy.fullname" . }}-backend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
{{- include "invy.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: backend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "invy.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: backend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "invy.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: wait-for-postgres
image: busybox:1.35
command: ['sh', '-c', 'until nc -z {{ include "invy.fullname" . }}-db-headless {{ .Values.postgres.port | default 5432 }}; do echo waiting for postgres; sleep 2; done;']
containers:
- name: backend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: database-url
- name: GOOGLE_CLIENT_ID
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: google-client-id
- name: GOOGLE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: google-client-secret
- name: WHATSAPP_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: whatsapp-access-token
- name: WHATSAPP_PHONE_NUMBER_ID
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: whatsapp-phone-number-id
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

42
charts/invy-chart/templates/backend-ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.backend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "invy.fullname" . }}-backend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "invy.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- end }}

17
charts/invy-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-backend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: backend

126
charts/invy-chart/templates/db-schema-configmap.yaml
View File

@ -1,126 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "invy.fullname" . }}-db-schema
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
data:
init.sql: |
-- Invy — Full Database Init Schema
-- Runs only on a FRESH (empty) data directory.
-- For existing production DBs run migrate_production.sql manually.
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
-- ── Users ──────────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS users (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
email TEXT NOT NULL UNIQUE,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
-- ── Events ─────────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS events (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
name TEXT NOT NULL,
date TIMESTAMP WITH TIME ZONE,
location TEXT,
partner1_name TEXT,
partner2_name TEXT,
venue TEXT,
event_time TEXT,
guest_link TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_events_created_at ON events(created_at);
CREATE INDEX IF NOT EXISTS idx_events_guest_link ON events(guest_link);
-- ── Event members (authorization) ──────────────────────────────────────
CREATE TABLE IF NOT EXISTS event_members (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
role TEXT NOT NULL DEFAULT 'admin'
CHECK (role IN ('admin', 'editor', 'viewer')),
display_name TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
UNIQUE(event_id, user_id)
);
CREATE INDEX IF NOT EXISTS idx_event_members_event_id ON event_members(event_id);
CREATE INDEX IF NOT EXISTS idx_event_members_user_id ON event_members(user_id);
CREATE INDEX IF NOT EXISTS idx_event_members_event_user ON event_members(event_id, user_id);
-- ── Guests v2 ──────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS guests_v2 (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
added_by_user_id UUID NOT NULL REFERENCES users(id),
first_name TEXT NOT NULL,
last_name TEXT NOT NULL DEFAULT '',
email TEXT,
phone TEXT,
phone_number TEXT,
rsvp_status TEXT NOT NULL DEFAULT 'invited'
CHECK (rsvp_status IN ('invited', 'confirmed', 'declined')),
meal_preference TEXT,
has_plus_one BOOLEAN DEFAULT FALSE,
plus_one_name TEXT,
table_number TEXT,
side TEXT,
owner_email TEXT,
source TEXT NOT NULL DEFAULT 'manual'
CHECK (source IN ('google', 'manual', 'self-service')),
notes TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_guests_v2_event_id ON guests_v2(event_id);
CREATE INDEX IF NOT EXISTS idx_guests_v2_added_by ON guests_v2(added_by_user_id);
CREATE INDEX IF NOT EXISTS idx_guests_v2_phone_number ON guests_v2(phone_number);
CREATE INDEX IF NOT EXISTS idx_guests_v2_event_phone ON guests_v2(event_id, phone_number);
CREATE INDEX IF NOT EXISTS idx_guests_v2_event_status ON guests_v2(event_id, rsvp_status);
CREATE INDEX IF NOT EXISTS idx_guests_v2_owner_email ON guests_v2(event_id, owner_email);
CREATE INDEX IF NOT EXISTS idx_guests_v2_source ON guests_v2(event_id, source);
-- ── RSVP tokens ────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS rsvp_tokens (
token TEXT PRIMARY KEY,
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
guest_id UUID REFERENCES guests_v2(id) ON DELETE SET NULL,
phone TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
expires_at TIMESTAMP WITH TIME ZONE,
used_at TIMESTAMP WITH TIME ZONE
);
CREATE INDEX IF NOT EXISTS idx_rsvp_tokens_event_id ON rsvp_tokens(event_id);
CREATE INDEX IF NOT EXISTS idx_rsvp_tokens_guest_id ON rsvp_tokens(guest_id);
-- ── updated_at trigger ─────────────────────────────────────────────────
CREATE OR REPLACE FUNCTION _update_updated_at()
RETURNS TRIGGER LANGUAGE plpgsql AS $$
BEGIN
NEW.updated_at = CURRENT_TIMESTAMP;
RETURN NEW;
END;
$$;
DO $$ BEGIN
CREATE TRIGGER trg_guests_v2_updated_at
BEFORE UPDATE ON guests_v2
FOR EACH ROW EXECUTE FUNCTION _update_updated_at();
EXCEPTION WHEN duplicate_object THEN NULL; END $$;
DO $$ BEGIN
CREATE TRIGGER trg_events_updated_at
BEFORE UPDATE ON events
FOR EACH ROW EXECUTE FUNCTION _update_updated_at();
EXCEPTION WHEN duplicate_object THEN NULL; END $$;

36
charts/invy-chart/templates/db-service.yaml
View File

@ -1,36 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-db
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
type: {{ .Values.postgres.service.type }}
ports:
- port: {{ .Values.postgres.service.port }}
targetPort: postgres
protocol: TCP
name: postgres
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: database
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-db-headless
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
type: ClusterIP
clusterIP: None
ports:
- port: {{ .Values.postgres.service.port }}
targetPort: postgres
protocol: TCP
name: postgres
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: database

131
charts/invy-chart/templates/db-statefulset.yaml
View File

@ -1,131 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "invy.fullname" . }}-db
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
serviceName: {{ include "invy.fullname" . }}-db-headless
replicas: 1
selector:
matchLabels:
{{- include "invy.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: database
template:
metadata:
labels:
{{- include "invy.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: database
spec:
securityContext:
fsGroup: 999
initContainers:
- name: fix-permissions
image: busybox:latest
command:
- sh
- -c
- |
chown -R 999:999 /var/lib/postgresql/data || true
chmod 700 /var/lib/postgresql/data || true
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
securityContext:
runAsUser: 0
containers:
- name: postgres
securityContext:
runAsUser: 999
runAsNonRoot: true
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
ports:
- name: postgres
containerPort: {{ .Values.postgres.port }}
protocol: TCP
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: postgres-user
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: postgres-password
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: postgres-database
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
- name: postgres-run
mountPath: /var/run/postgresql
- name: init-script
mountPath: /docker-entrypoint-initdb.d
resources:
{{- toYaml .Values.postgres.resources | nindent 12 }}
# Health probes aligned with tasko-chart approach
# Use TCP localhost instead of Unix socket to avoid permission issues
# Fixed shell variable expansion: $POSTGRES_USER not $(POSTGRES_USER)
# Specify database name to avoid "database invy_user does not exist" error
startupProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 30 # Allow up to 150s for slow NFS startup
livenessProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
volumes:
- name: init-script
configMap:
name: {{ include "invy.fullname" . }}-db-schema
- name: postgres-run
emptyDir: {}
{{- if .Values.postgres.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: postgres-data
spec:
accessModes:
- {{ .Values.postgres.persistence.accessMode }}
{{- if .Values.postgres.persistence.storageClass }}
storageClassName: {{ .Values.postgres.persistence.storageClass }}
{{- end }}
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}
{{- else }}
- name: postgres-data
emptyDir: {}
{{- end }}

77
charts/invy-chart/templates/frontend-deployment.yaml
View File

@ -1,77 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "invy.fullname" . }}-frontend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
{{- include "invy.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: frontend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "invy.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: frontend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "invy.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: frontend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
{{- if .Values.frontend.env }}
env:
{{- range $key, $value := .Values.frontend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
- name: VITE_ADMIN_USERNAME
value: {{ .Values.frontend.adminUsername | quote }}
- name: VITE_ADMIN_PASSWORD
value: {{ .Values.frontend.adminPassword | quote }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.frontend.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

42
charts/invy-chart/templates/frontend-ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.frontend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "invy.fullname" . }}-frontend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "invy.fullname" $ }}-frontend
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- end }}

17
charts/invy-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-frontend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: frontend

16
charts/invy-chart/templates/secret.yaml
View File

@ -1,16 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "invy.fullname" . }}-secrets
labels:
{{- include "invy.labels" . | nindent 4 }}
type: Opaque
stringData:
postgres-user: {{ .Values.postgres.user | quote }}
postgres-password: {{ .Values.postgres.password | quote }}
postgres-database: {{ .Values.postgres.database | quote }}
database-url: "postgresql://{{ .Values.postgres.user }}:{{ .Values.postgres.password }}@{{ include "invy.fullname" . }}-db:{{ .Values.postgres.port }}/{{ .Values.postgres.database }}"
google-client-id: {{ .Values.backend.googleClientId | quote }}
google-client-secret: {{ .Values.backend.googleClientSecret | quote }}
whatsapp-access-token: {{ .Values.backend.whatsappAccessToken | quote }}
whatsapp-phone-number-id: {{ .Values.backend.whatsappPhoneNumberId | quote }}

12
charts/invy-chart/templates/serviceaccount.yaml
View File

@ -1,12 +0,0 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "invy.serviceAccountName" . }}
labels:
{{- include "invy.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

181
charts/invy-chart/values.yaml
View File

@ -1,181 +0,0 @@
global:
namespace: my-apps
imagePullSecrets: []
# Backend configuration
backend:
name: backend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/invy-backend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
env:
PYTHONUNBUFFERED: "1"
GOOGLE_REDIRECT_URI: "https://api-invy.dvirlabs.com/auth/google/callback"
FRONTEND_URL: "https://invy.dvirlabs.com"
BACKEND_URL: "https://api-invy.dvirlabs.com"
# Google OAuth credentials (set these values!)
googleClientId: "YOUR_GOOGLE_CLIENT_ID"
googleClientSecret: "YOUR_GOOGLE_CLIENT_SECRET"
# WhatsApp Cloud API credentials (set these values!)
whatsappAccessToken: "YOUR_WHATSAPP_ACCESS_TOKEN"
whatsappPhoneNumberId: "YOUR_WHATSAPP_PHONE_NUMBER_ID"
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-invy.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-invy-tls
hosts:
- api-invy.dvirlabs.com
# Frontend configuration
frontend:
name: frontend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/invy-frontend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 80
targetPort: 80
env:
VITE_API_URL: "https://api-invy.dvirlabs.com"
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: invy.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: invy-tls
hosts:
- invy.dvirlabs.com
# PostgreSQL configuration
postgres:
name: db
image:
repository: postgres
tag: "16-alpine"
pullPolicy: IfNotPresent
user: invy_user
password: invy_password
database: invy_db
port: 5432
service:
type: ClusterIP
port: 5432
targetPort: 5432
persistence:
enabled: true
accessMode: ReadWriteOnce
storageClass: "nfs-client"
size: 10Gi
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
# Ingress configuration
ingress:
enabled: false # Individual frontend/backend ingress resources handle routing instead
className: "traefik"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: invy.dvirlabs.com
paths:
- path: /
pathType: Prefix
backend: frontend
tls:
- secretName: invy-tls
hosts:
- invy.dvirlabs.com
# Service Account
serviceAccount:
create: true
annotations: {}
name: ""
# Pod annotations
podAnnotations: {}
# Pod security context
podSecurityContext: {}
# fsGroup: 2000
# Container security context
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# Node selector
nodeSelector: {}
# Tolerations
tolerations: []
# Affinity
affinity: {}
# Replica count (default for both frontend and backend if not specified)
replicaCount: 1

6
charts/ipify-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: ipify
description: A Helm chart for IP Subnet Calculator application
type: application
version: 1.0.0
appVersion: "1.0.0"

20
charts/ipify-chart/templates/_helpers.tpl
View File

@ -1,20 +0,0 @@
{{- define "ipify.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "ipify.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "ipify.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

45
charts/ipify-chart/templates/backend-deployment.yaml
View File

@ -1,45 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.backend.name }}
labels:
app: {{ .Values.backend.name }}
component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
app: {{ .Values.backend.name }}
component: backend
template:
metadata:
labels:
app: {{ .Values.backend.name }}
component: backend
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: backend
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.backend.service.targetPort }}
name: http
protocol: TCP
resources:
{{- toYaml .Values.backend.resources | nindent 10 }}
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
periodSeconds: 5

17
charts/ipify-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.backend.name }}
labels:
app: {{ .Values.backend.name }}
component: backend
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
name: http
selector:
app: {{ .Values.backend.name }}
component: backend

Some files were not shown because too many files have changed in this diff Show More