dvirlabs/my-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: dvirlabs:master
Branches Tags
dvirlabs:master
dvirlabs:develop
dvirlabs:revert-nextcloud-oidc
..
compare: dvirlabs:revert-nextcloud-oidc
Branches Tags
dvirlabs:master
dvirlabs:develop
dvirlabs:revert-nextcloud-oidc

No commits in common. "master" and "revert-nextcloud-oidc" have entirely different histories.
master ... revert-nex

175 changed files with 4 additions and 8422 deletions
Show Stats Expand all files Collapse all files

21
argocd-apps/calink.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: calink
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/calink-chart
helm:
valueFiles:
- ../../manifests/calink/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/dateme.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dateme
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/dateme-chart
helm:
valueFiles:
- ../../manifests/dateme/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/dvirlabs-landing.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: dvirlabs-landing
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/dvirlabs-landing-chart
helm:
valueFiles:
- ../../manifests/dvirlabs-landing/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

20
argocd-apps/external-secrets-my-apps.yaml
View File

@ -1,20 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: external-secrets-my-apps
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: manifests/external-secrets
directory:
recurse: true
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

20
argocd-apps/extra-resources-my-apps.yaml
View File

@ -1,20 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-apps-extra-resources
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: manifests/extra-resources
directory:
recurse: true
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/invy.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: invy
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/invy-chart
helm:
valueFiles:
- ../../manifests/invy/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/ipify.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ipify
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/ipify-chart
helm:
valueFiles:
- ../../manifests/ipify/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/my-recipes.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-recipes
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/my-recipes-chart
helm:
valueFiles:
- ../../manifests/my-recipes/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

22
argocd-apps/pgadmin.yaml
View File

@ -1,22 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: pgadmin
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/pgadmin-chart
helm:
valueFiles:
- ../../manifests/pgadmin/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/tasko.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: tasko
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/tasko-chart
helm:
valueFiles:
- ../../manifests/tasko/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/tennotrade.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: tennotrade
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/tennotrade-chart
helm:
valueFiles:
- ../../manifests/tennotrade/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

21
argocd-apps/wallos.yaml
View File

@ -1,21 +0,0 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: wallos
namespace: argocd
spec:
project: my-apps
source:
repoURL: https://git.dvirlabs.com/dvirlabs/my-apps.git
targetRevision: HEAD
path: charts/wallos
helm:
valueFiles:
- ../../manifests/wallos/values.yaml
destination:
server: https://kubernetes.default.svc
namespace: my-apps
syncPolicy:
automated:
prune: true
selfHeal: true

6
charts/calink-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: calink
description: Calink calendar event generator
type: application
version: 1.0.0
appVersion: "1.0.0"

43
charts/calink-chart/templates/NOTES.txt
View File

@ -1,43 +0,0 @@
Thank you for installing {{ .Chart.Name }}!
Your release is named {{ .Release.Name }}.
To learn more about the release, try:
$ helm status {{ .Release.Name }}
$ helm get all {{ .Release.Name }}
{{- if or .Values.frontend.ingress.enabled .Values.backend.ingress.enabled }}
Calink is accessible at:
{{- if .Values.frontend.ingress.enabled }}
Frontend:
{{- range .Values.frontend.ingress.hosts }}
http{{ if $.Values.frontend.ingress.tls }}s{{ end }}://{{ .host }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.enabled }}
Backend API:
{{- range .Values.backend.ingress.hosts }}
http{{ if $.Values.backend.ingress.tls }}s{{ end }}://{{ .host }}
{{- end }}
{{- end }}
{{- else }}
To access Calink, forward the ports:
kubectl port-forward svc/{{ include "calink.fullname" . }}-frontend 8080:80
kubectl port-forward svc/{{ include "calink.fullname" . }}-backend 8000:8000
Then visit:
Frontend: http://localhost:8080
Backend: http://localhost:8000
{{- end }}
Backend API documentation is available at:
/docs
Health check endpoint:
/health

84
charts/calink-chart/templates/_helpers.tpl
View File

@ -1,84 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "calink.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "calink.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "calink.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "calink.labels" -}}
helm.sh/chart: {{ include "calink.chart" . }}
{{ include "calink.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- with .Values.commonLabels }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "calink.selectorLabels" -}}
app.kubernetes.io/name: {{ include "calink.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Backend labels
*/}}
{{- define "calink.backend.labels" -}}
{{ include "calink.labels" . }}
app.kubernetes.io/component: backend
{{- end }}
{{/*
Backend selector labels
*/}}
{{- define "calink.backend.selectorLabels" -}}
{{ include "calink.selectorLabels" . }}
app.kubernetes.io/component: backend
{{- end }}
{{/*
Frontend labels
*/}}
{{- define "calink.frontend.labels" -}}
{{ include "calink.labels" . }}
app.kubernetes.io/component: frontend
{{- end }}
{{/*
Frontend selector labels
*/}}
{{- define "calink.frontend.selectorLabels" -}}
{{ include "calink.selectorLabels" . }}
app.kubernetes.io/component: frontend
{{- end }}

59
charts/calink-chart/templates/deployment-backend.yaml
View File

@ -1,59 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "calink.fullname" . }}-backend
labels:
{{- include "calink.backend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.backend.replicas }}
selector:
matchLabels:
{{- include "calink.backend.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "calink.backend.selectorLabels" . | nindent 8 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
containers:
- name: backend
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- name: http
containerPort: 8000
protocol: TCP
env:
{{- toYaml .Values.backend.env | nindent 12 }}
{{- if .Values.backend.persistence.enabled }}
volumeMounts:
- name: data
mountPath: {{ .Values.backend.persistence.mountPath }}
{{- end }}
livenessProbe:
httpGet:
path: {{ .Values.backend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.backend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.backend.healthCheck.periodSeconds }}
readinessProbe:
httpGet:
path: {{ .Values.backend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.backend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.backend.healthCheck.periodSeconds }}
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
{{- if .Values.backend.persistence.enabled }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ include "calink.fullname" . }}-backend-data
{{- end }}

46
charts/calink-chart/templates/deployment-frontend.yaml
View File

@ -1,46 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "calink.fullname" . }}-frontend
labels:
{{- include "calink.frontend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
replicas: {{ .Values.frontend.replicas }}
selector:
matchLabels:
{{- include "calink.frontend.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "calink.frontend.selectorLabels" . | nindent 8 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
containers:
- name: frontend
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
livenessProbe:
httpGet:
path: {{ .Values.frontend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.frontend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.frontend.healthCheck.periodSeconds }}
readinessProbe:
httpGet:
path: {{ .Values.frontend.healthCheck.path }}
port: http
initialDelaySeconds: {{ .Values.frontend.healthCheck.initialDelaySeconds }}
periodSeconds: {{ .Values.frontend.healthCheck.periodSeconds }}
resources:
{{- toYaml .Values.frontend.resources | nindent 12 }}

93
charts/calink-chart/templates/ingress.yaml
View File

@ -1,93 +0,0 @@
{{- if .Values.frontend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "calink.fullname" . }}-frontend
labels:
{{- include "calink.labels" . | nindent 4 }}
component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.commonAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "calink.fullname" $ }}-frontend
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.backend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "calink.fullname" . }}-backend
labels:
{{- include "calink.labels" . | nindent 4 }}
component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- with .Values.commonAnnotations }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "calink.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}

21
charts/calink-chart/templates/pvc.yaml
View File

@ -1,21 +0,0 @@
{{- if .Values.backend.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ include "calink.fullname" . }}-backend-data
labels:
{{- include "calink.backend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
accessModes:
- ReadWriteOnce
{{- if .Values.backend.persistence.storageClass }}
storageClassName: {{ .Values.backend.persistence.storageClass }}
{{- end }}
resources:
requests:
storage: {{ .Values.backend.persistence.size }}
{{- end }}

19
charts/calink-chart/templates/service-backend.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "calink.fullname" . }}-backend
labels:
{{- include "calink.backend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "calink.backend.selectorLabels" . | nindent 4 }}

19
charts/calink-chart/templates/service-frontend.yaml
View File

@ -1,19 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "calink.fullname" . }}-frontend
labels:
{{- include "calink.frontend.labels" . | nindent 4 }}
{{- with .Values.commonAnnotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "calink.frontend.selectorLabels" . | nindent 4 }}

99
charts/calink-chart/values.yaml
View File

@ -1,99 +0,0 @@
nameOverride: ""
fullnameOverride: ""
commonLabels: {}
commonAnnotations: {}
backend:
image:
repository: calink-backend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
env:
- name: DATABASE_PATH
value: "/data/app.db"
persistence:
enabled: true
storageClass: ""
size: 1Gi
mountPath: /data
service:
type: ClusterIP
port: 8000
healthCheck:
path: /health
initialDelaySeconds: 10
periodSeconds: 30
ingress:
enabled: true
className: ""
annotations: {}
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/router.tls: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: api-calink.example.com
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: api-calink-tls
# hosts:
# - api-calink.example.com
frontend:
image:
repository: calink-frontend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi
service:
type: ClusterIP
port: 80
healthCheck:
path: /
initialDelaySeconds: 5
periodSeconds: 30
ingress:
enabled: true
className: ""
annotations: {}
# traefik.ingress.kubernetes.io/router.entrypoints: websecure
# traefik.ingress.kubernetes.io/router.tls: "true"
# cert-manager.io/cluster-issuer: letsencrypt-prod
hosts:
- host: calink.example.com
paths:
- path: /
pathType: Prefix
tls: []
# - secretName: calink-tls
# hosts:
# - calink.example.com

12
charts/dateme-chart/Chart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v2
name: dating-app
description: MVP dating app Helm chart for Kubernetes deployment
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- dating
- social
- chat
maintainers:
- name: DevOps Team

201
charts/dateme-chart/README.md
View File

@ -1,201 +0,0 @@
# Helm Chart README
## Dating App Helm Chart
This Helm chart deploys the MVP dating application to Kubernetes with all necessary components.
### Prerequisites
- Kubernetes 1.19+
- Helm 3.0+
- Nginx Ingress Controller (for ingress)
- Storage provisioner (for PVC)
### Installation
#### Basic Installation (Development)
```bash
# Install with default values
helm install dating-app ./helm/dating-app -n dating-app --create-namespace
```
#### Production Installation with Custom Values
```bash
# Create custom values file
cp helm/dating-app/values.yaml my-values.yaml
# Edit my-values.yaml with your configuration
# Then install
helm install dating-app ./helm/dating-app -n dating-app --create-namespace -f my-values.yaml
```
### Configuration
Edit `values.yaml` to customize:
#### Ingress Hosts
```yaml
backend:
ingress:
host: api.yourdomain.com
frontend:
ingress:
host: app.yourdomain.com
```
#### Database
```yaml
postgres:
credentials:
username: your_user
password: your_password
database: your_db
```
#### Backend Environment
```yaml
backend:
environment:
JWT_SECRET: your-secret-key
CORS_ORIGINS: "https://app.yourdomain.com"
```
#### Frontend API URL
```yaml
frontend:
environment:
VITE_API_URL: "https://api.yourdomain.com"
```
#### Storage Classes
For cloud deployments (AWS, GCP, etc.), specify storage class:
```yaml
backend:
persistence:
storageClass: ebs-sc # AWS EBS
size: 10Gi
postgres:
persistence:
storageClass: ebs-sc
size: 20Gi
```
#### Replicas and Resources
```yaml
backend:
replicas: 3
resources:
requests:
memory: "512Mi"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "500m"
frontend:
replicas: 2
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "200m"
```
### Upgrading
```bash
helm upgrade dating-app ./helm/dating-app -f my-values.yaml
```
### Uninstalling
```bash
helm uninstall dating-app -n dating-app
```
### AWS Migration
To deploy to AWS:
1. **RDS for PostgreSQL**: Disable postgres in chart
```yaml
postgres:
enabled: false
```
2. **Update database URL** to RDS endpoint
```yaml
backend:
environment:
DATABASE_URL: "postgresql://user:password@your-rds-endpoint:5432/dating_app"
```
3. **S3 for Media Storage**: Update backend environment
```yaml
backend:
environment:
MEDIA_STORAGE: s3
S3_BUCKET: your-bucket
AWS_REGION: us-east-1
```
4. **Use AWS Load Balancer Controller** for ingress
```yaml
ingress:
className: aws-alb
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
```
5. **Use EBS for persistent storage**
```yaml
backend:
persistence:
storageClass: ebs-sc
```
### Troubleshooting
Check pod status:
```bash
kubectl get pods -n dating-app
kubectl logs -n dating-app <pod-name>
```
Check services:
```bash
kubectl get svc -n dating-app
```
Check ingress:
```bash
kubectl get ingress -n dating-app
```
Port forward for debugging:
```bash
kubectl port-forward -n dating-app svc/backend 8000:8000
kubectl port-forward -n dating-app svc/frontend 3000:80
```
### Database Initialization
The backend automatically initializes tables on startup. To verify:
```bash
kubectl exec -it -n dating-app <postgres-pod> -- psql -U dating_user -d dating_app -c "\dt"
```
### Notes
- This chart is designed to be portable between on-premises and cloud deployments
- Modify `values.yaml` for your specific infrastructure
- For production, use external secrets management (HashiCorp Vault, AWS Secrets Manager, etc.)
- Enable TLS/SSL with cert-manager for production ingress
- Configure proper backup strategies for PostgreSQL PVC

80
charts/dateme-chart/templates/backend-deployment.yaml
View File

@ -1,80 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.backend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
initContainers:
- name: wait-for-postgres
image: postgres:16-alpine
command:
- /bin/sh
- -c
- |
until pg_isready -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -p {{ .Values.postgres.port }}; do
echo "Waiting for PostgreSQL..."
sleep 2
done
echo "PostgreSQL is ready!"
containers:
- name: {{ .Values.backend.name }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.backend.service.targetPort }}
name: http
protocol: TCP
env:
{{- if .Values.backend.env }}
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
envFrom:
- secretRef:
name: {{ .Release.Name }}-db-credentials
startupProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 30
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.backend.resources.requests.cpu }}
memory: {{ .Values.backend.resources.requests.memory }}
limits:
cpu: {{ .Values.backend.resources.limits.cpu }}
memory: {{ .Values.backend.resources.limits.memory }}

17
charts/dateme-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.backend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
type: {{ .Values.backend.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
ports:
- name: http
port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP

37
charts/dateme-chart/templates/db-migration-job.yaml
View File

@ -1,37 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-db-migration
namespace: {{ .Values.global.namespace }}
spec:
template:
spec:
restartPolicy: OnFailure
containers:
- name: migrate
image: postgres:16-alpine
command:
- /bin/sh
- -c
- |
echo "Running DB migration: add display_name to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS display_name TEXT;"
echo "Running DB migration: add age to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS age INTEGER;"
echo "Running DB migration: add gender to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS gender TEXT;"
echo "Running DB migration: add location to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS location TEXT;"
echo "Running DB migration: add bio to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS bio TEXT;"
echo "Running DB migration: add interests to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS interests TEXT;"
echo "Running DB migration: add photos to profiles..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE profiles ADD COLUMN IF NOT EXISTS photos TEXT[];"
echo "Running DB migration: add acknowledged_at to likes..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE likes ADD COLUMN IF NOT EXISTS acknowledged_at TIMESTAMP;"
echo "Running DB migration: add read_at to messages..."
psql -h {{ .Release.Name }}-{{ .Values.postgres.name }}-headless -U {{ .Values.postgres.user }} -d {{ .Values.postgres.database }} -c "ALTER TABLE messages ADD COLUMN IF NOT EXISTS read_at TIMESTAMP;"
env:
- name: PGPASSWORD
value: {{ .Values.postgres.password | quote }}

56
charts/dateme-chart/templates/db-schema-configmap.yaml
View File

@ -1,56 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-db-schema
namespace: {{ .Values.global.namespace }}
data:
schema.sql: |
-- Create users table
CREATE TABLE IF NOT EXISTS users (
id SERIAL PRIMARY KEY,
username TEXT UNIQUE NOT NULL,
email TEXT UNIQUE NOT NULL,
hashed_password TEXT NOT NULL,
first_name TEXT,
last_name TEXT,
age INTEGER,
gender TEXT,
bio TEXT,
profile_picture TEXT,
location TEXT,
interests TEXT[] DEFAULT '{}',
is_active BOOLEAN DEFAULT TRUE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_users_username ON users (username);
CREATE INDEX IF NOT EXISTS idx_users_email ON users (email);
CREATE INDEX IF NOT EXISTS idx_users_is_active ON users (is_active);
-- Profiles table for additional user info
CREATE TABLE IF NOT EXISTS profiles (
id SERIAL PRIMARY KEY,
user_id INTEGER UNIQUE NOT NULL REFERENCES users(id) ON DELETE CASCADE,
verified BOOLEAN DEFAULT FALSE,
verification_token TEXT,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_profiles_user_id ON profiles (user_id);
-- Matches/Likes table
CREATE TABLE IF NOT EXISTS matches (
id SERIAL PRIMARY KEY,
user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
matched_user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
status TEXT DEFAULT 'pending',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_matches_user_id ON matches (user_id);
CREATE INDEX IF NOT EXISTS idx_matches_matched_user_id ON matches (matched_user_id);
-- Prevent duplicate matches in both directions
CREATE UNIQUE INDEX IF NOT EXISTS idx_matches_unique ON matches
(LEAST(user_id, matched_user_id), GREATEST(user_id, matched_user_id));

13
charts/dateme-chart/templates/db-secret.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-db-credentials
namespace: {{ .Values.global.namespace }}
type: Opaque
stringData:
DATABASE_URL: postgresql://{{ .Values.postgres.user }}:{{ .Values.postgres.password }}@{{ .Release.Name }}-{{ .Values.postgres.name }}-headless.{{ .Values.global.namespace }}.svc.cluster.local:{{ .Values.postgres.port }}/{{ .Values.postgres.database }}
DB_HOST: {{ printf "%s-%s-headless.%s.svc.cluster.local" .Release.Name .Values.postgres.name .Values.global.namespace }}
DB_PORT: "{{ .Values.postgres.port }}"
DB_NAME: {{ .Values.postgres.database | quote }}
DB_USER: {{ .Values.postgres.user | quote }}
DB_PASSWORD: {{ .Values.postgres.password | quote }}

35
charts/dateme-chart/templates/db-service.yaml
View File

@ -1,35 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}-headless
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
clusterIP: None
selector:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
ports:
- name: postgres
port: {{ .Values.postgres.port }}
targetPort: {{ .Values.postgres.port }}
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
type: {{ .Values.postgres.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
ports:
- name: postgres
port: {{ .Values.postgres.service.port }}
targetPort: {{ .Values.postgres.port }}
protocol: TCP

84
charts/dateme-chart/templates/db-statefulset.yaml
View File

@ -1,84 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
serviceName: {{ .Release.Name }}-{{ .Values.postgres.name }}-headless
replicas: 1
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
containers:
- name: postgres
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
ports:
- containerPort: {{ .Values.postgres.port }}
name: postgres
protocol: TCP
env:
- name: POSTGRES_USER
value: {{ .Values.postgres.user | quote }}
- name: POSTGRES_PASSWORD
value: {{ .Values.postgres.password | quote }}
- name: POSTGRES_DB
value: {{ .Values.postgres.database | quote }}
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
- name: init-sql
mountPath: /docker-entrypoint-initdb.d
livenessProbe:
exec:
command:
- /bin/sh
- -c
- pg_isready -U {{ .Values.postgres.user }}
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- /bin/sh
- -c
- pg_isready -U {{ .Values.postgres.user }}
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 2
failureThreshold: 3
resources:
requests:
cpu: {{ .Values.postgres.resources.requests.cpu }}
memory: {{ .Values.postgres.resources.requests.memory }}
limits:
cpu: {{ .Values.postgres.resources.limits.cpu }}
memory: {{ .Values.postgres.resources.limits.memory }}
volumes:
- name: init-sql
configMap:
name: {{ .Release.Name }}-db-schema
defaultMode: 0755
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- {{ .Values.postgres.persistence.accessMode }}
storageClassName: {{ .Values.postgres.persistence.storageClass }}
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}

71
charts/dateme-chart/templates/frontend-deployment.yaml
View File

@ -1,71 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.frontend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
initContainers:
- name: wait-for-backend
image: busybox:1.35
command:
- /bin/sh
- -c
- |
echo "Waiting for backend to be ready..."
until wget -q -O- http://{{ .Release.Name }}-{{ .Values.backend.name }}:{{ .Values.backend.service.port }}/health > /dev/null 2>&1; do
echo "Backend not ready, waiting..."
sleep 2
done
echo "Backend is ready!"
containers:
- name: {{ .Values.frontend.name }}
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.frontend.service.targetPort }}
name: http
protocol: TCP
volumeMounts:
- name: env-config
mountPath: /usr/share/nginx/html/env.js
subPath: env.js
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.frontend.resources.requests.cpu }}
memory: {{ .Values.frontend.resources.requests.memory }}
limits:
cpu: {{ .Values.frontend.resources.limits.cpu }}
memory: {{ .Values.frontend.resources.limits.memory }}
volumes:
- name: env-config
configMap:
name: {{ .Release.Name }}-frontend-env-config

13
charts/dateme-chart/templates/frontend-env-configmap.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-frontend-env-config
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
data:
env.js: |
window.__ENV__ = {
API_BASE: "{{ .Values.frontend.env.API_BASE }}"
};

17
charts/dateme-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.frontend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
type: {{ .Values.frontend.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
ports:
- name: http
port: {{ .Values.frontend.service.port }}
targetPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP

89
charts/dateme-chart/templates/ingress.yaml
View File

@ -1,89 +0,0 @@
{{- if .Values.frontend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-frontend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-frontend
component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.frontend.name }}
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.backend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-backend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-backend
component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.backend.name }}
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}

79
charts/dateme-chart/values-aws.yaml
View File

@ -1,79 +0,0 @@
---
# Example values for AWS deployment
# Copy to values-aws.yaml and customize with your AWS details
global:
domain: yourdomain.com
# Disable built-in PostgreSQL and use RDS instead
postgres:
enabled: false
backend:
image:
repository: 123456789.dkr.ecr.us-east-1.amazonaws.com/dating-app-backend
tag: latest
pullPolicy: IfNotPresent
replicas: 3
resources:
requests:
memory: "512Mi"
cpu: "200m"
limits:
memory: "1Gi"
cpu: "500m"
service:
port: 8000
type: ClusterIP
ingress:
enabled: true
className: aws-alb
host: api.yourdomain.com
path: /
pathType: Prefix
environment:
# Use RDS endpoint here with updated credentials
DATABASE_URL: "postgresql://dating_app_user:Aa123456@your-rds-endpoint.us-east-1.rds.amazonaws.com:5432/dating_app"
JWT_SECRET: "your-secure-secret-key"
JWT_EXPIRES_MINUTES: "1440"
MEDIA_DIR: /app/media
CORS_ORIGINS: "https://yourdomain.com,https://api.yourdomain.com"
persistence:
enabled: true
size: 20Gi
storageClass: ebs-sc # AWS EBS storage class
mountPath: /app/media
frontend:
image:
repository: 123456789.dkr.ecr.us-east-1.amazonaws.com/dating-app-frontend
tag: latest
pullPolicy: IfNotPresent
replicas: 3
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "200m"
service:
port: 80
type: ClusterIP
ingress:
enabled: true
className: aws-alb
host: yourdomain.com
path: /
pathType: Prefix
env:
API_BASE: "https://api.yourdomain.com"
ingress:
enabled: true
className: aws-alb
annotations:
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/target-type: ip
cert-manager.io/cluster-issuer: "letsencrypt-prod"
alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:us-east-1:123456789:certificate/xxxx"

80
charts/dateme-chart/values-lab.yaml
View File

@ -1,80 +0,0 @@
---
# Example values for development/lab deployment
# Copy to values-dev.yaml and customize
global:
domain: lab.local
postgres:
enabled: true
replicas: 1
persistence:
enabled: true
size: 5Gi
storageClass: "" # Use default storage class
credentials:
username: dating_app_user
password: Aa123456
database: dating_app
backend:
image:
repository: dating-app-backend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
service:
port: 8000
type: ClusterIP
ingress:
enabled: true
className: nginx
host: api.lab.local
path: /
pathType: Prefix
environment:
JWT_SECRET: dev-secret-key-change-in-production
JWT_EXPIRES_MINUTES: "1440"
MEDIA_DIR: /app/media
CORS_ORIGINS: "http://localhost:5173,http://localhost:3000,http://api.lab.local,http://app.lab.local"
persistence:
enabled: true
size: 5Gi
storageClass: ""
frontend:
image:
repository: dating-app-frontend
tag: latest
pullPolicy: IfNotPresent
replicas: 1
resources:
requests:
memory: "128Mi"
cpu: "50m"
limits:
memory: "256Mi"
cpu: "200m"
service:
port: 80
type: ClusterIP
ingress:
enabled: true
className: nginx
host: app.lab.local
path: /
pathType: Prefix
env:
API_BASE: "http://api.lab.local"
ingress:
enabled: true
className: nginx
annotations: {}

125
charts/dateme-chart/values.yaml
View File

@ -1,125 +0,0 @@
# Default values for dateme-chart
global:
namespace: my-apps
imagePullSecrets: []
# Backend configuration
backend:
name: backend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/dateme-backend
pullPolicy: Always
tag: develop-latest
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
env:
PYTHONUNBUFFERED: "1"
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-dateme.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-dateme-tls
hosts:
- api-dateme.dvirlabs.com
# Frontend configuration
frontend:
name: frontend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/dateme-frontend
pullPolicy: Always
tag: develop-latest
service:
type: ClusterIP
port: 80
targetPort: 80
env:
API_BASE: "https://api-dateme.dvirlabs.com"
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: dateme.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: dateme-tls
hosts:
- dateme.dvirlabs.com
externalUrl: "https://dateme.dvirlabs.com"
# PostgreSQL configuration
postgres:
name: db
image:
repository: postgres
tag: "16"
pullPolicy: IfNotPresent
user: dateme_user
password: dateme_password
database: dateme_db
port: 5432
service:
type: ClusterIP
port: 5432
targetPort: 5432
persistence:
enabled: true
accessMode: ReadWriteOnce
storageClass: "nfs-client"
size: 10Gi
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 500m
memory: 512Mi
# Ingress (top-level, disabled - use component-specific ingress instead)
ingress:
enabled: false
className: "traefik"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: dateme.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: dateme-tls
hosts:
- dateme.dvirlabs.com

6
charts/dvirlabs-landing-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: dvirlabs-landing
description: Simple static landing page for dvirlabs.com
type: application
version: 0.1.0
appVersion: "1.0.0"

15
charts/dvirlabs-landing-chart/templates/_helpers.tpl
View File

@ -1,15 +0,0 @@
{{- define "dvirlabs-landing.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end }}
{{- define "dvirlabs-landing.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name (include "dvirlabs-landing.name" .) | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- define "dvirlabs-landing.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" -}}
{{- end }}

38
charts/dvirlabs-landing-chart/templates/deployment.yaml
View File

@ -1,38 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "dvirlabs-landing.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
helm.sh/chart: {{ include "dvirlabs-landing.chart" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
template:
metadata:
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- name: dvirlabs-landing
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 80
protocol: TCP
env:
- name: LAB_LINKS
value: '{{ toJson .Values.links }}'
resources:
{{- toYaml .Values.resources | nindent 12 }}

42
charts/dvirlabs-landing-chart/templates/ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "dvirlabs-landing.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.className }}
ingressClassName: {{ .Values.ingress.className }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "dvirlabs-landing.fullname" $ }}
port:
number: {{ $.Values.service.port }}
{{- end }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- secretName: {{ .secretName }}
hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

17
charts/dvirlabs-landing-chart/templates/service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "dvirlabs-landing.fullname" . }}
labels:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
app.kubernetes.io/name: {{ include "dvirlabs-landing.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}

54
charts/dvirlabs-landing-chart/values.yaml
View File

@ -1,54 +0,0 @@
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/dvirlabs-landing
tag: "master-2ee2f13"
pullPolicy: IfNotPresent
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
service:
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations: {}
hosts:
- host: dvirlabs.com
paths:
- path: /
pathType: Prefix
tls: []
resources: {}
nodeSelector: {}
tolerations: []
affinity: {}
links:
- id: gitea
label: "Git Service"
desc: "Self-hosted Git repositories & CI integration."
chip: "Gitea"
url: "https://git.dvirlabs.com"
- id: grafana
label: "Observability"
desc: "Dashboards, metrics, and alerts for lab services."
chip: "Grafana"
url: "https://grafana.dvirlabs.com"
- id: argocd
label: "GitOps Control"
desc: "Applications managed declaratively via Argo CD."
chip: "Argo CD"
url: "https://argocd.dvirlabs.com"
- id: wiki
label: "Lab Documentation"
desc: "Architecture diagrams, notes, and how-tos."
chip: "Wiki"
url: "https://wiki.dvirlabs.com"

12
charts/invy-chart/Chart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v2
name: invy
description: A Helm chart for Invy - Wedding Guest List Management Application
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- invy
- wedding
- guest-management
maintainers:
- name: dvir

183
charts/invy-chart/README.md
View File

@ -1,183 +0,0 @@
# Invy Helm Chart
This Helm chart deploys the Invy wedding guest list management application on Kubernetes.
## Prerequisites
- Kubernetes 1.19+
- Helm 3.0+
- Persistent Volume provisioner support in the underlying infrastructure (for PostgreSQL)
- Ingress controller (Traefik recommended)
- Cert-manager (for TLS certificates)
## Components
This chart deploys the following components:
- **Frontend**: React + Vite application (Nginx)
- **Backend**: FastAPI application
- **Database**: PostgreSQL 16
## Installation
### Add the chart repository (if applicable)
```bash
helm repo add invy https://your-helm-repo.com
helm repo update
```
### Install the chart
```bash
# Install with default values
helm install invy ./invy-chart -n my-apps --create-namespace
# Install with custom values
helm install invy ./invy-chart -n my-apps --create-namespace -f custom-values.yaml
```
## Configuration
The following table lists the configurable parameters and their default values.
### Global Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `global.namespace` | Namespace for all resources | `my-apps` |
| `global.imagePullSecrets` | Image pull secrets | `[]` |
### Backend Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `backend.image.repository` | Backend image repository | `harbor.dvirlabs.com/my-apps/invy-backend` |
| `backend.image.tag` | Backend image tag | `latest` |
| `backend.replicaCount` | Number of backend replicas | `1` |
| `backend.service.port` | Backend service port | `8000` |
| `backend.ingress.enabled` | Enable backend ingress | `true` |
| `backend.ingress.hosts[0].host` | Backend ingress hostname | `api-invy.dvirlabs.com` |
### Frontend Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `frontend.image.repository` | Frontend image repository | `harbor.dvirlabs.com/my-apps/invy-frontend` |
| `frontend.image.tag` | Frontend image tag | `latest` |
| `frontend.replicaCount` | Number of frontend replicas | `1` |
| `frontend.service.port` | Frontend service port | `80` |
| `frontend.env.VITE_API_URL` | Backend API URL | `https://api-invy.dvirlabs.com` |
| `frontend.ingress.enabled` | Enable frontend ingress | `true` |
| `frontend.ingress.hosts[0].host` | Frontend ingress hostname | `invy.dvirlabs.com` |
### PostgreSQL Parameters
| Parameter | Description | Default |
|-----------|-------------|---------|
| `postgres.user` | PostgreSQL user | `invy_user` |
| `postgres.password` | PostgreSQL password | `invy_password` |
| `postgres.database` | PostgreSQL database name | `invy_db` |
| `postgres.persistence.enabled` | Enable persistence | `true` |
| `postgres.persistence.size` | Persistent volume size | `10Gi` |
| `postgres.persistence.storageClass` | Storage class | `nfs-client` |
## Building and Pushing Images
### Backend Image
```bash
cd backend
docker build -t harbor.dvirlabs.com/my-apps/invy-backend:latest .
docker push harbor.dvirlabs.com/my-apps/invy-backend:latest
```
### Frontend Image
```bash
cd frontend
docker build --build-arg VITE_API_URL=https://api-invy.dvirlabs.com -t harbor.dvirlabs.com/my-apps/invy-frontend:latest .
docker push harbor.dvirlabs.com/my-apps/invy-frontend:latest
```
## Upgrading
```bash
helm upgrade invy ./invy-chart -n my-apps
```
## Uninstalling
```bash
helm uninstall invy -n my-apps
```
## Customization
Create a `custom-values.yaml` file to override default values:
```yaml
backend:
image:
tag: "v1.0.0"
ingress:
hosts:
- host: api.mycompany.com
paths:
- path: /
pathType: Prefix
frontend:
image:
tag: "v1.0.0"
env:
VITE_API_URL: "https://api.mycompany.com"
ingress:
hosts:
- host: invy.mycompany.com
paths:
- path: /
pathType: Prefix
postgres:
password: "your-secure-password"
persistence:
storageClass: "your-storage-class"
```
Then install with:
```bash
helm install invy ./invy-chart -n my-apps -f custom-values.yaml
```
## Troubleshooting
### Check pod status
```bash
kubectl get pods -n my-apps
```
### View pod logs
```bash
# Backend logs
kubectl logs -n my-apps -l app.kubernetes.io/component=backend
# Frontend logs
kubectl logs -n my-apps -l app.kubernetes.io/component=frontend
# Database logs
kubectl logs -n my-apps -l app.kubernetes.io/component=database
```
### Access the database
```bash
kubectl exec -it -n my-apps invy-db-0 -- psql -U invy_user -d invy_db
```
## Support
For issues and feature requests, please open an issue in the repository.

38
charts/invy-chart/templates/NOTES.txt
View File

@ -1,38 +0,0 @@
Thank you for installing {{ .Chart.Name }}!
Your release is named {{ .Release.Name }}.
To learn more about the release, try:
$ helm status {{ .Release.Name }}
$ helm get all {{ .Release.Name }}
{{- if .Values.frontend.ingress.enabled }}
Application URLs:
{{- range .Values.frontend.ingress.hosts }}
Frontend: https://{{ .host }}
{{- end }}
{{- range .Values.backend.ingress.hosts }}
Backend API: https://{{ .host }}
{{- end }}
{{- else }}
To access your application:
1. Get the frontend URL:
export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.namespace }} -l "app.kubernetes.io/name={{ include "invy.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=frontend" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Values.global.namespace }} port-forward $POD_NAME 8080:80
echo "Visit http://127.0.0.1:8080 to use your application"
2. Get the backend URL:
export POD_NAME=$(kubectl get pods --namespace {{ .Values.global.namespace }} -l "app.kubernetes.io/name={{ include "invy.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=backend" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Values.global.namespace }} port-forward $POD_NAME 8000:8000
echo "Visit http://127.0.0.1:8000 to access the API"
{{- end }}
Database connection:
Host: {{ include "invy.fullname" . }}-db
Port: {{ .Values.postgres.port }}
Database: {{ .Values.postgres.database }}
User: {{ .Values.postgres.user }}

60
charts/invy-chart/templates/_helpers.tpl
View File

@ -1,60 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "invy.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "invy.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "invy.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "invy.labels" -}}
helm.sh/chart: {{ include "invy.chart" . }}
{{ include "invy.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "invy.selectorLabels" -}}
app.kubernetes.io/name: {{ include "invy.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "invy.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "invy.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

100
charts/invy-chart/templates/backend-deployment.yaml
View File

@ -1,100 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "invy.fullname" . }}-backend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
{{- include "invy.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: backend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "invy.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: backend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "invy.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: wait-for-postgres
image: busybox:1.35
command: ['sh', '-c', 'until nc -z {{ include "invy.fullname" . }}-db-headless {{ .Values.postgres.port | default 5432 }}; do echo waiting for postgres; sleep 2; done;']
containers:
- name: backend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: database-url
- name: GOOGLE_CLIENT_ID
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: google-client-id
- name: GOOGLE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: google-client-secret
- name: WHATSAPP_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: whatsapp-access-token
- name: WHATSAPP_PHONE_NUMBER_ID
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: whatsapp-phone-number-id
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

42
charts/invy-chart/templates/backend-ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.backend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "invy.fullname" . }}-backend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "invy.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- end }}

17
charts/invy-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-backend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: backend

126
charts/invy-chart/templates/db-schema-configmap.yaml
View File

@ -1,126 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ include "invy.fullname" . }}-db-schema
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
data:
init.sql: |
-- Invy — Full Database Init Schema
-- Runs only on a FRESH (empty) data directory.
-- For existing production DBs run migrate_production.sql manually.
CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
-- ── Users ──────────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS users (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
email TEXT NOT NULL UNIQUE,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_users_email ON users(email);
-- ── Events ─────────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS events (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
name TEXT NOT NULL,
date TIMESTAMP WITH TIME ZONE,
location TEXT,
partner1_name TEXT,
partner2_name TEXT,
venue TEXT,
event_time TEXT,
guest_link TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_events_created_at ON events(created_at);
CREATE INDEX IF NOT EXISTS idx_events_guest_link ON events(guest_link);
-- ── Event members (authorization) ──────────────────────────────────────
CREATE TABLE IF NOT EXISTS event_members (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
role TEXT NOT NULL DEFAULT 'admin'
CHECK (role IN ('admin', 'editor', 'viewer')),
display_name TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
UNIQUE(event_id, user_id)
);
CREATE INDEX IF NOT EXISTS idx_event_members_event_id ON event_members(event_id);
CREATE INDEX IF NOT EXISTS idx_event_members_user_id ON event_members(user_id);
CREATE INDEX IF NOT EXISTS idx_event_members_event_user ON event_members(event_id, user_id);
-- ── Guests v2 ──────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS guests_v2 (
id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
added_by_user_id UUID NOT NULL REFERENCES users(id),
first_name TEXT NOT NULL,
last_name TEXT NOT NULL DEFAULT '',
email TEXT,
phone TEXT,
phone_number TEXT,
rsvp_status TEXT NOT NULL DEFAULT 'invited'
CHECK (rsvp_status IN ('invited', 'confirmed', 'declined')),
meal_preference TEXT,
has_plus_one BOOLEAN DEFAULT FALSE,
plus_one_name TEXT,
table_number TEXT,
side TEXT,
owner_email TEXT,
source TEXT NOT NULL DEFAULT 'manual'
CHECK (source IN ('google', 'manual', 'self-service')),
notes TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_guests_v2_event_id ON guests_v2(event_id);
CREATE INDEX IF NOT EXISTS idx_guests_v2_added_by ON guests_v2(added_by_user_id);
CREATE INDEX IF NOT EXISTS idx_guests_v2_phone_number ON guests_v2(phone_number);
CREATE INDEX IF NOT EXISTS idx_guests_v2_event_phone ON guests_v2(event_id, phone_number);
CREATE INDEX IF NOT EXISTS idx_guests_v2_event_status ON guests_v2(event_id, rsvp_status);
CREATE INDEX IF NOT EXISTS idx_guests_v2_owner_email ON guests_v2(event_id, owner_email);
CREATE INDEX IF NOT EXISTS idx_guests_v2_source ON guests_v2(event_id, source);
-- ── RSVP tokens ────────────────────────────────────────────────────────
CREATE TABLE IF NOT EXISTS rsvp_tokens (
token TEXT PRIMARY KEY,
event_id UUID NOT NULL REFERENCES events(id) ON DELETE CASCADE,
guest_id UUID REFERENCES guests_v2(id) ON DELETE SET NULL,
phone TEXT,
created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP,
expires_at TIMESTAMP WITH TIME ZONE,
used_at TIMESTAMP WITH TIME ZONE
);
CREATE INDEX IF NOT EXISTS idx_rsvp_tokens_event_id ON rsvp_tokens(event_id);
CREATE INDEX IF NOT EXISTS idx_rsvp_tokens_guest_id ON rsvp_tokens(guest_id);
-- ── updated_at trigger ─────────────────────────────────────────────────
CREATE OR REPLACE FUNCTION _update_updated_at()
RETURNS TRIGGER LANGUAGE plpgsql AS $$
BEGIN
NEW.updated_at = CURRENT_TIMESTAMP;
RETURN NEW;
END;
$$;
DO $$ BEGIN
CREATE TRIGGER trg_guests_v2_updated_at
BEFORE UPDATE ON guests_v2
FOR EACH ROW EXECUTE FUNCTION _update_updated_at();
EXCEPTION WHEN duplicate_object THEN NULL; END $$;
DO $$ BEGIN
CREATE TRIGGER trg_events_updated_at
BEFORE UPDATE ON events
FOR EACH ROW EXECUTE FUNCTION _update_updated_at();
EXCEPTION WHEN duplicate_object THEN NULL; END $$;

36
charts/invy-chart/templates/db-service.yaml
View File

@ -1,36 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-db
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
type: {{ .Values.postgres.service.type }}
ports:
- port: {{ .Values.postgres.service.port }}
targetPort: postgres
protocol: TCP
name: postgres
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: database
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-db-headless
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
type: ClusterIP
clusterIP: None
ports:
- port: {{ .Values.postgres.service.port }}
targetPort: postgres
protocol: TCP
name: postgres
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: database

131
charts/invy-chart/templates/db-statefulset.yaml
View File

@ -1,131 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "invy.fullname" . }}-db
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: database
spec:
serviceName: {{ include "invy.fullname" . }}-db-headless
replicas: 1
selector:
matchLabels:
{{- include "invy.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: database
template:
metadata:
labels:
{{- include "invy.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: database
spec:
securityContext:
fsGroup: 999
initContainers:
- name: fix-permissions
image: busybox:latest
command:
- sh
- -c
- |
chown -R 999:999 /var/lib/postgresql/data || true
chmod 700 /var/lib/postgresql/data || true
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
securityContext:
runAsUser: 0
containers:
- name: postgres
securityContext:
runAsUser: 999
runAsNonRoot: true
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
ports:
- name: postgres
containerPort: {{ .Values.postgres.port }}
protocol: TCP
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: postgres-user
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: postgres-password
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: {{ include "invy.fullname" . }}-secrets
key: postgres-database
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
- name: postgres-run
mountPath: /var/run/postgresql
- name: init-script
mountPath: /docker-entrypoint-initdb.d
resources:
{{- toYaml .Values.postgres.resources | nindent 12 }}
# Health probes aligned with tasko-chart approach
# Use TCP localhost instead of Unix socket to avoid permission issues
# Fixed shell variable expansion: $POSTGRES_USER not $(POSTGRES_USER)
# Specify database name to avoid "database invy_user does not exist" error
startupProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 30 # Allow up to 150s for slow NFS startup
livenessProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- sh
- -c
- pg_isready -h 127.0.0.1 -p 5432 -U "$POSTGRES_USER" -d "$POSTGRES_DB"
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
volumes:
- name: init-script
configMap:
name: {{ include "invy.fullname" . }}-db-schema
- name: postgres-run
emptyDir: {}
{{- if .Values.postgres.persistence.enabled }}
volumeClaimTemplates:
- metadata:
name: postgres-data
spec:
accessModes:
- {{ .Values.postgres.persistence.accessMode }}
{{- if .Values.postgres.persistence.storageClass }}
storageClassName: {{ .Values.postgres.persistence.storageClass }}
{{- end }}
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}
{{- else }}
- name: postgres-data
emptyDir: {}
{{- end }}

77
charts/invy-chart/templates/frontend-deployment.yaml
View File

@ -1,77 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "invy.fullname" . }}-frontend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
{{- include "invy.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: frontend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "invy.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: frontend
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "invy.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: frontend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
{{- if .Values.frontend.env }}
env:
{{- range $key, $value := .Values.frontend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
- name: VITE_ADMIN_USERNAME
value: {{ .Values.frontend.adminUsername | quote }}
- name: VITE_ADMIN_PASSWORD
value: {{ .Values.frontend.adminPassword | quote }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.frontend.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

42
charts/invy-chart/templates/frontend-ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.frontend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "invy.fullname" . }}-frontend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "invy.fullname" $ }}-frontend
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- end }}

17
charts/invy-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ include "invy.fullname" . }}-frontend
labels:
{{- include "invy.labels" . | nindent 4 }}
app.kubernetes.io/component: frontend
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: http
protocol: TCP
name: http
selector:
{{- include "invy.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: frontend

16
charts/invy-chart/templates/secret.yaml
View File

@ -1,16 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ include "invy.fullname" . }}-secrets
labels:
{{- include "invy.labels" . | nindent 4 }}
type: Opaque
stringData:
postgres-user: {{ .Values.postgres.user | quote }}
postgres-password: {{ .Values.postgres.password | quote }}
postgres-database: {{ .Values.postgres.database | quote }}
database-url: "postgresql://{{ .Values.postgres.user }}:{{ .Values.postgres.password }}@{{ include "invy.fullname" . }}-db:{{ .Values.postgres.port }}/{{ .Values.postgres.database }}"
google-client-id: {{ .Values.backend.googleClientId | quote }}
google-client-secret: {{ .Values.backend.googleClientSecret | quote }}
whatsapp-access-token: {{ .Values.backend.whatsappAccessToken | quote }}
whatsapp-phone-number-id: {{ .Values.backend.whatsappPhoneNumberId | quote }}

12
charts/invy-chart/templates/serviceaccount.yaml
View File

@ -1,12 +0,0 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "invy.serviceAccountName" . }}
labels:
{{- include "invy.labels" . | nindent 4 }}
{{- with .Values.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

180
charts/invy-chart/values.yaml
View File

@ -1,180 +0,0 @@
global:
namespace: my-apps
imagePullSecrets: []
# Backend configuration
backend:
name: backend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/invy-backend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
env:
PYTHONUNBUFFERED: "1"
GOOGLE_REDIRECT_URI: "https://api-invy.dvirlabs.com/auth/google/callback"
FRONTEND_URL: "https://invy.dvirlabs.com"
# Google OAuth credentials (set these values!)
googleClientId: "YOUR_GOOGLE_CLIENT_ID"
googleClientSecret: "YOUR_GOOGLE_CLIENT_SECRET"
# WhatsApp Cloud API credentials (set these values!)
whatsappAccessToken: "YOUR_WHATSAPP_ACCESS_TOKEN"
whatsappPhoneNumberId: "YOUR_WHATSAPP_PHONE_NUMBER_ID"
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-invy.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-invy-tls
hosts:
- api-invy.dvirlabs.com
# Frontend configuration
frontend:
name: frontend
replicaCount: 1
image:
repository: harbor.dvirlabs.com/my-apps/invy-frontend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 80
targetPort: 80
env:
VITE_API_URL: "https://api-invy.dvirlabs.com"
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: invy.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: invy-tls
hosts:
- invy.dvirlabs.com
# PostgreSQL configuration
postgres:
name: db
image:
repository: postgres
tag: "16-alpine"
pullPolicy: IfNotPresent
user: invy_user
password: invy_password
database: invy_db
port: 5432
service:
type: ClusterIP
port: 5432
targetPort: 5432
persistence:
enabled: true
accessMode: ReadWriteOnce
storageClass: "nfs-client"
size: 10Gi
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
# Ingress configuration
ingress:
enabled: false # Individual frontend/backend ingress resources handle routing instead
className: "traefik"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: invy.dvirlabs.com
paths:
- path: /
pathType: Prefix
backend: frontend
tls:
- secretName: invy-tls
hosts:
- invy.dvirlabs.com
# Service Account
serviceAccount:
create: true
annotations: {}
name: ""
# Pod annotations
podAnnotations: {}
# Pod security context
podSecurityContext: {}
# fsGroup: 2000
# Container security context
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
# Node selector
nodeSelector: {}
# Tolerations
tolerations: []
# Affinity
affinity: {}
# Replica count (default for both frontend and backend if not specified)
replicaCount: 1

6
charts/ipify-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: ipify
description: A Helm chart for IP Subnet Calculator application
type: application
version: 1.0.0
appVersion: "1.0.0"

20
charts/ipify-chart/templates/_helpers.tpl
View File

@ -1,20 +0,0 @@
{{- define "ipify.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- define "ipify.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{- define "ipify.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}

41
charts/ipify-chart/templates/backend-deployment.yaml
View File

@ -1,41 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.backend.name }}
labels:
app: {{ .Values.backend.name }}
component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
app: {{ .Values.backend.name }}
component: backend
template:
metadata:
labels:
app: {{ .Values.backend.name }}
component: backend
spec:
containers:
- name: backend
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.backend.service.targetPort }}
name: http
protocol: TCP
resources:
{{- toYaml .Values.backend.resources | nindent 10 }}
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 10
periodSeconds: 5

17
charts/ipify-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.backend.name }}
labels:
app: {{ .Values.backend.name }}
component: backend
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
name: http
selector:
app: {{ .Values.backend.name }}
component: backend

44
charts/ipify-chart/templates/frontend-deployment.yaml
View File

@ -1,44 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.frontend.name }}
labels:
app: {{ .Values.frontend.name }}
component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
app: {{ .Values.frontend.name }}
component: frontend
template:
metadata:
labels:
app: {{ .Values.frontend.name }}
component: frontend
spec:
containers:
- name: frontend
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.frontend.service.targetPort }}
name: http
protocol: TCP
env:
- name: VITE_API_URL
value: {{ .Values.env.backendUrl | quote }}
resources:
{{- toYaml .Values.frontend.resources | nindent 10 }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5

17
charts/ipify-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Values.frontend.name }}
labels:
app: {{ .Values.frontend.name }}
component: frontend
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
name: http
selector:
app: {{ .Values.frontend.name }}
component: frontend

43
charts/ipify-chart/templates/ingress.yaml
View File

@ -1,43 +0,0 @@
{{- if .Values.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ipify-ingress
annotations:
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
{{- if eq .backend "backend" }}
name: {{ $.Values.backend.name }}
port:
number: {{ $.Values.backend.service.port }}
{{- else }}
name: {{ $.Values.frontend.name }}
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

66
charts/ipify-chart/values.yaml
View File

@ -1,66 +0,0 @@
# Default values for ipify
# Backend configuration
backend:
name: ipify-backend
replicaCount: 1
image:
repository: ipify-backend
tag: latest
pullPolicy: IfNotPresent
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 250m
memory: 256Mi
# Frontend configuration
frontend:
name: ipify-frontend
replicaCount: 1
image:
repository: ipify-frontend
tag: latest
pullPolicy: IfNotPresent
service:
type: ClusterIP
port: 80
targetPort: 80
resources:
limits:
cpu: 200m
memory: 256Mi
requests:
cpu: 100m
memory: 128Mi
# Ingress configuration
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: ipify.example.com
paths:
- path: /api
pathType: Prefix
backend: backend
- path: /
pathType: Prefix
backend: frontend
tls:
- secretName: ipify-tls
hosts:
- ipify.example.com
# Environment variables
env:
# Backend URL for frontend to use
backendUrl: "https://ipify.example.com/api"

14
charts/my-recipes-chart/Chart.yaml
View File

@ -1,14 +0,0 @@
apiVersion: v2
name: my-recipes
description: Complete recipe management application with PostgreSQL, FastAPI backend, and React frontend
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- recipes
- fastapi
- react
- postgresql
maintainers:
- name: Development Team

45
charts/my-recipes-chart/templates/add-missing-tables-configmap.yaml
View File

@ -1,45 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-add-missing-tables
namespace: {{ .Values.global.namespace }}
data:
add-tables.sql: |
-- Create grocery lists table
CREATE TABLE IF NOT EXISTS grocery_lists (
id SERIAL PRIMARY KEY,
name TEXT NOT NULL,
items TEXT[] NOT NULL DEFAULT '{}',
owner_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
is_pinned BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Create grocery list shares table
CREATE TABLE IF NOT EXISTS grocery_list_shares (
id SERIAL PRIMARY KEY,
list_id INTEGER NOT NULL REFERENCES grocery_lists(id) ON DELETE CASCADE,
shared_with_user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
can_edit BOOLEAN DEFAULT FALSE,
shared_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
UNIQUE(list_id, shared_with_user_id)
);
CREATE INDEX IF NOT EXISTS idx_grocery_lists_owner_id ON grocery_lists (owner_id);
CREATE INDEX IF NOT EXISTS idx_grocery_list_shares_list_id ON grocery_list_shares (list_id);
CREATE INDEX IF NOT EXISTS idx_grocery_list_shares_user_id ON grocery_list_shares (shared_with_user_id);
-- Create notifications table
CREATE TABLE IF NOT EXISTS notifications (
id SERIAL PRIMARY KEY,
user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
type TEXT NOT NULL,
message TEXT NOT NULL,
related_id INTEGER,
is_read BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_notifications_user_id ON notifications (user_id);
CREATE INDEX IF NOT EXISTS idx_notifications_is_read ON notifications (is_read);

49
charts/my-recipes-chart/templates/add-missing-tables-job.yaml
View File

@ -1,49 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-add-missing-tables
namespace: {{ .Values.global.namespace }}
annotations:
"helm.sh/hook": post-upgrade
"helm.sh/hook-weight": "6"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
template:
spec:
restartPolicy: Never
containers:
- name: add-tables
image: postgres:16-alpine
env:
- name: PGHOST
value: {{ .Release.Name }}-db
- name: PGPORT
value: "{{ .Values.postgres.port }}"
- name: PGDATABASE
value: {{ .Values.postgres.database }}
- name: PGUSER
value: {{ .Values.postgres.user }}
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PASSWORD
command:
- sh
- -c
- |
echo "Waiting for database to be ready..."
until pg_isready -h $PGHOST -p $PGPORT -U $PGUSER; do
echo "Database not ready, waiting..."
sleep 2
done
echo "Database ready, adding missing tables..."
psql -v ON_ERROR_STOP=1 -f /sql/add-tables.sql
echo "Tables added successfully!"
volumeMounts:
- name: sql
mountPath: /sql
volumes:
- name: sql
configMap:
name: {{ .Release.Name }}-add-missing-tables

99
charts/my-recipes-chart/templates/admin-init-configmap.yaml
View File

@ -1,99 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-admin-init
namespace: {{ .Values.global.namespace }}
data:
create-admin.py: |
#!/usr/bin/env python3
import os
import sys
import psycopg2
import bcrypt
from time import sleep
def wait_for_db():
"""Wait for database to be ready"""
max_retries = 30
retry_count = 0
while retry_count < max_retries:
try:
conn = psycopg2.connect(
host=os.environ['DB_HOST'],
port=os.environ['DB_PORT'],
database=os.environ['DB_NAME'],
user=os.environ['DB_USER'],
password=os.environ['DB_PASSWORD']
)
conn.close()
print("✓ Database is ready")
return True
except Exception as e:
retry_count += 1
print(f"Waiting for database... ({retry_count}/{max_retries})")
sleep(2)
print("✗ Database connection timeout")
return False
def create_admin_user():
"""Create admin user if not exists"""
try:
# Hash the password
password = os.environ.get('ADMIN_PASSWORD', 'admin123')
password_hash = bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt()).decode('utf-8')
# Connect to database
conn = psycopg2.connect(
host=os.environ['DB_HOST'],
port=os.environ['DB_PORT'],
database=os.environ['DB_NAME'],
user=os.environ['DB_USER'],
password=os.environ['DB_PASSWORD']
)
cur = conn.cursor()
# Insert admin user
cur.execute("""
INSERT INTO users (username, email, password_hash, first_name, last_name, display_name, is_admin)
VALUES (%s, %s, %s, %s, %s, %s, %s)
ON CONFLICT (username) DO UPDATE SET
email = EXCLUDED.email,
password_hash = EXCLUDED.password_hash,
first_name = EXCLUDED.first_name,
last_name = EXCLUDED.last_name,
display_name = EXCLUDED.display_name,
is_admin = EXCLUDED.is_admin
""", (
os.environ.get('ADMIN_USERNAME', 'admin'),
os.environ.get('ADMIN_EMAIL', 'admin@myrecipes.local'),
password_hash,
os.environ.get('ADMIN_FIRST_NAME', 'Admin'),
os.environ.get('ADMIN_LAST_NAME', 'User'),
os.environ.get('ADMIN_DISPLAY_NAME', 'מנהל'),
True
))
conn.commit()
cur.close()
conn.close()
print(f"✓ Admin user '{os.environ.get('ADMIN_USERNAME', 'admin')}' created/updated successfully")
return True
except Exception as e:
print(f"✗ Error creating admin user: {e}")
return False
if __name__ == "__main__":
print("Starting admin user initialization...")
if not wait_for_db():
sys.exit(1)
if not create_admin_user():
sys.exit(1)
print("✓ Admin user initialization completed")
sys.exit(0)

75
charts/my-recipes-chart/templates/admin-init-job.yaml
View File

@ -1,75 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-admin-init-{{ .Release.Revision }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-admin-init
component: init
annotations:
"helm.sh/hook": post-install,post-upgrade
"helm.sh/hook-weight": "10"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
ttlSecondsAfterFinished: 300
template:
metadata:
labels:
app: {{ .Release.Name }}-admin-init
spec:
restartPolicy: Never
containers:
- name: admin-init
image: python:3.12-slim
command:
- /bin/sh
- -c
- |
pip install --no-cache-dir psycopg2-binary bcrypt > /dev/null 2>&1
python3 /scripts/create-admin.py
env:
- name: DB_HOST
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_HOST
- name: DB_PORT
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PORT
- name: DB_NAME
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_NAME
- name: DB_USER
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_USER
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PASSWORD
- name: ADMIN_USERNAME
value: {{ .Values.admin.username | quote }}
- name: ADMIN_EMAIL
value: {{ .Values.admin.email | quote }}
- name: ADMIN_PASSWORD
value: {{ .Values.admin.password | quote }}
- name: ADMIN_FIRST_NAME
value: {{ .Values.admin.firstName | quote }}
- name: ADMIN_LAST_NAME
value: {{ .Values.admin.lastName | quote }}
- name: ADMIN_DISPLAY_NAME
value: {{ .Values.admin.displayName | quote }}
volumeMounts:
- name: init-script
mountPath: /scripts
volumes:
- name: init-script
configMap:
name: {{ .Release.Name }}-admin-init
defaultMode: 0755

33
charts/my-recipes-chart/templates/app-secrets.yaml
View File

@ -1,33 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-app-secrets
namespace: {{ .Values.global.namespace }}
type: Opaque
stringData:
# Google OAuth
GOOGLE_CLIENT_ID: {{ .Values.oauth.google.clientId | quote }}
GOOGLE_CLIENT_SECRET: {{ .Values.oauth.google.clientSecret | quote }}
GOOGLE_REDIRECT_URI: {{ .Values.oauth.google.redirectUri | quote }}
# Microsoft Entra ID (Azure AD) OAuth
AZURE_CLIENT_ID: {{ .Values.oauth.azure.clientId | quote }}
AZURE_CLIENT_SECRET: {{ .Values.oauth.azure.clientSecret | quote }}
AZURE_TENANT_ID: {{ .Values.oauth.azure.tenantId | quote }}
AZURE_REDIRECT_URI: {{ .Values.oauth.azure.redirectUri | quote }}
# Email Configuration
SMTP_HOST: {{ .Values.email.smtpHost | quote }}
SMTP_PORT: {{ .Values.email.smtpPort | quote }}
SMTP_USER: {{ .Values.email.smtpUser | quote }}
SMTP_PASSWORD: {{ .Values.email.smtpPassword | quote }}
SMTP_FROM: {{ .Values.email.smtpFrom | quote }}
# Frontend URL for redirects
FRONTEND_URL: {{ .Values.frontend.externalUrl | quote }}
# R2 Backup Configuration
R2_ENDPOINT: {{ .Values.r2.endpoint | quote }}
R2_ACCESS_KEY: {{ .Values.r2.accessKey | quote }}
R2_SECRET_KEY: {{ .Values.r2.secretKey | quote }}
BACKUP_INTERVAL: {{ .Values.r2.backupInterval | quote }}

119
charts/my-recipes-chart/templates/backend-deployment.yaml
View File

@ -1,119 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.backend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
replicas: {{ .Values.backend.replicaCount }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
initContainers:
- name: db-migration
image: postgres:16-alpine
command:
- /bin/sh
- -c
- |
echo "Waiting for database to be ready..."
until pg_isready -h $DB_HOST -U $DB_USER; do
echo "Database not ready, waiting..."
sleep 2
done
echo "Database is ready, running migration..."
PGPASSWORD=$DB_PASSWORD psql -h $DB_HOST -U $DB_USER -d $DB_NAME -f /migration/migrate.sql
echo "Migration completed successfully"
env:
- name: DB_HOST
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_HOST
- name: DB_PORT
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PORT
- name: DB_NAME
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_NAME
- name: DB_USER
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_USER
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PASSWORD
volumeMounts:
- name: migration-script
mountPath: /migration
containers:
- name: {{ .Values.backend.name }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.backend.service.targetPort }}
name: http
protocol: TCP
env:
{{- if .Values.backend.env }}
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
envFrom:
- secretRef:
name: {{ .Release.Name }}-db-credentials
- secretRef:
name: {{ .Release.Name }}-app-secrets
startupProbe:
httpGet:
path: /docs
port: http
initialDelaySeconds: 15
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 30
livenessProbe:
httpGet:
path: /docs
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /docs
port: http
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.backend.resources.requests.cpu }}
memory: {{ .Values.backend.resources.requests.memory }}
limits:
cpu: {{ .Values.backend.resources.limits.cpu }}
memory: {{ .Values.backend.resources.limits.memory }}
volumes:
- name: migration-script
configMap:
name: {{ .Release.Name }}-db-migration

17
charts/my-recipes-chart/templates/backend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.backend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.backend.name }}
component: backend
spec:
type: {{ .Values.backend.service.type }}
ports:
- port: {{ .Values.backend.service.port }}
targetPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
name: http
selector:
app: {{ .Release.Name }}-{{ .Values.backend.name }}

54
charts/my-recipes-chart/templates/db-migration-configmap.yaml
View File

@ -1,54 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-db-migration
namespace: {{ .Values.global.namespace }}
data:
migrate.sql: |
-- Add made_by column to recipes if it doesn't exist
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'recipes' AND column_name = 'made_by'
) THEN
ALTER TABLE recipes ADD COLUMN made_by TEXT;
END IF;
END $$;
-- Create index if it doesn't exist
CREATE INDEX IF NOT EXISTS idx_recipes_made_by ON recipes (made_by);
-- Add is_admin column to users if it doesn't exist
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'users' AND column_name = 'is_admin'
) THEN
ALTER TABLE users ADD COLUMN is_admin BOOLEAN DEFAULT FALSE;
END IF;
END $$;
-- Add auth_provider column to users if it doesn't exist
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'users' AND column_name = 'auth_provider'
) THEN
ALTER TABLE users ADD COLUMN auth_provider TEXT DEFAULT 'local';
END IF;
END $$;
-- Verify recipes schema
SELECT column_name, data_type
FROM information_schema.columns
WHERE table_name = 'recipes'
ORDER BY ordinal_position;
-- Verify users schema
SELECT column_name, data_type
FROM information_schema.columns
WHERE table_name = 'users'
ORDER BY ordinal_position;

69
charts/my-recipes-chart/templates/db-migration-job.yaml
View File

@ -1,69 +0,0 @@
apiVersion: batch/v1
kind: Job
metadata:
name: {{ .Release.Name }}-db-migration-{{ .Release.Revision }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-db-migration
component: migration
annotations:
"helm.sh/hook": post-upgrade,post-install
"helm.sh/hook-weight": "5"
"helm.sh/hook-delete-policy": before-hook-creation
spec:
ttlSecondsAfterFinished: 300
template:
metadata:
labels:
app: {{ .Release.Name }}-db-migration
spec:
restartPolicy: Never
containers:
- name: migrate
image: postgres:16-alpine
command:
- /bin/sh
- -c
- |
echo "Waiting for database to be ready..."
until pg_isready -h $DB_HOST -U $DB_USER; do
echo "Database not ready, waiting..."
sleep 2
done
echo "Database is ready, running migration..."
PGPASSWORD=$DB_PASSWORD psql -h $DB_HOST -U $DB_USER -d $DB_NAME -f /migration/migrate.sql
echo "Migration completed successfully"
env:
- name: DB_HOST
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_HOST
- name: DB_PORT
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PORT
- name: DB_NAME
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_NAME
- name: DB_USER
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_USER
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name }}-db-credentials
key: DB_PASSWORD
volumeMounts:
- name: migration-script
mountPath: /migration
volumes:
- name: migration-script
configMap:
name: {{ .Release.Name }}-db-migration

134
charts/my-recipes-chart/templates/db-schema-configmap.yaml
View File

@ -1,134 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-db-schema
namespace: {{ .Values.global.namespace }}
data:
schema.sql: |
-- Create users table
CREATE TABLE IF NOT EXISTS users (
id SERIAL PRIMARY KEY,
username TEXT UNIQUE NOT NULL,
email TEXT UNIQUE NOT NULL,
password_hash TEXT NOT NULL,
first_name TEXT,
last_name TEXT,
display_name TEXT NOT NULL,
is_admin BOOLEAN DEFAULT FALSE,
auth_provider TEXT DEFAULT 'local',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_users_username ON users (username);
CREATE INDEX IF NOT EXISTS idx_users_email ON users (email);
-- Create recipes table (matching backend schema with TEXT[] arrays)
CREATE TABLE IF NOT EXISTS recipes (
id SERIAL PRIMARY KEY,
name TEXT NOT NULL,
meal_type TEXT NOT NULL, -- breakfast / lunch / dinner / snack
time_minutes INTEGER NOT NULL,
tags TEXT[] NOT NULL DEFAULT '{}', -- {"מהיר", "בריא"}
ingredients TEXT[] NOT NULL DEFAULT '{}', -- {"ביצה", "עגבניה", "מלח"}
steps TEXT[] NOT NULL DEFAULT '{}', -- {"לחתוך", "לבשל", ...}
image TEXT, -- Base64-encoded image or image URL
made_by TEXT, -- Person who created this recipe version
user_id INTEGER REFERENCES users(id) ON DELETE SET NULL, -- Recipe owner
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Indexes for filters
CREATE INDEX IF NOT EXISTS idx_recipes_meal_type
ON recipes (meal_type);
CREATE INDEX IF NOT EXISTS idx_recipes_time_minutes
ON recipes (time_minutes);
CREATE INDEX IF NOT EXISTS idx_recipes_made_by
ON recipes (made_by);
CREATE INDEX IF NOT EXISTS idx_recipes_user_id
ON recipes (user_id);
-- Add new columns to existing users table
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'users' AND column_name = 'first_name'
) THEN
ALTER TABLE users ADD COLUMN first_name TEXT;
END IF;
END $$;
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'users' AND column_name = 'last_name'
) THEN
ALTER TABLE users ADD COLUMN last_name TEXT;
END IF;
END $$;
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'users' AND column_name = 'display_name'
) THEN
ALTER TABLE users ADD COLUMN display_name TEXT;
-- Set display_name to username for existing users
UPDATE users SET display_name = username WHERE display_name IS NULL;
ALTER TABLE users ALTER COLUMN display_name SET NOT NULL;
END IF;
END $$;
DO $$
BEGIN
IF NOT EXISTS (
SELECT 1 FROM information_schema.columns
WHERE table_name = 'users' AND column_name = 'is_admin'
) THEN
ALTER TABLE users ADD COLUMN is_admin BOOLEAN DEFAULT FALSE;
END IF;
END $$;
-- Create grocery lists table
CREATE TABLE IF NOT EXISTS grocery_lists (
id SERIAL PRIMARY KEY,
name TEXT NOT NULL,
items TEXT[] NOT NULL DEFAULT '{}',
owner_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
is_pinned BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
-- Create grocery list shares table
CREATE TABLE IF NOT EXISTS grocery_list_shares (
id SERIAL PRIMARY KEY,
list_id INTEGER NOT NULL REFERENCES grocery_lists(id) ON DELETE CASCADE,
shared_with_user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
can_edit BOOLEAN DEFAULT FALSE,
shared_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
UNIQUE(list_id, shared_with_user_id)
);
CREATE INDEX IF NOT EXISTS idx_grocery_lists_owner_id ON grocery_lists (owner_id);
CREATE INDEX IF NOT EXISTS idx_grocery_list_shares_list_id ON grocery_list_shares (list_id);
CREATE INDEX IF NOT EXISTS idx_grocery_list_shares_user_id ON grocery_list_shares (shared_with_user_id);
-- Create notifications table
CREATE TABLE IF NOT EXISTS notifications (
id SERIAL PRIMARY KEY,
user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
type TEXT NOT NULL,
message TEXT NOT NULL,
related_id INTEGER,
is_read BOOLEAN DEFAULT FALSE,
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
);
CREATE INDEX IF NOT EXISTS idx_notifications_user_id ON notifications (user_id);
CREATE INDEX IF NOT EXISTS idx_notifications_is_read ON notifications (is_read);

13
charts/my-recipes-chart/templates/db-secret.yaml
View File

@ -1,13 +0,0 @@
apiVersion: v1
kind: Secret
metadata:
name: {{ .Release.Name }}-db-credentials
namespace: {{ .Values.global.namespace }}
type: Opaque
stringData:
DB_HOST: {{ printf "%s-%s-headless.%s.svc.cluster.local" .Release.Name .Values.postgres.name .Values.global.namespace }}
DB_PORT: "{{ .Values.postgres.port }}"
DB_NAME: {{ .Values.postgres.database | quote }}
DB_USER: {{ .Values.postgres.user | quote }}
DB_PASSWORD: {{ .Values.postgres.password | quote }}

36
charts/my-recipes-chart/templates/db-service.yaml
View File

@ -1,36 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}-headless
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
clusterIP: None
selector:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
ports:
- name: postgres
port: {{ .Values.postgres.port }}
targetPort: {{ .Values.postgres.port }}
protocol: TCP
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
type: {{ .Values.postgres.service.type }}
selector:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
ports:
- name: postgres
port: {{ .Values.postgres.service.port }}
targetPort: {{ .Values.postgres.port }}
protocol: TCP

86
charts/my-recipes-chart/templates/db-statefulset.yaml
View File

@ -1,86 +0,0 @@
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ .Release.Name }}-{{ .Values.postgres.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
serviceName: {{ .Release.Name }}-{{ .Values.postgres.name }}-headless
replicas: 1
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.postgres.name }}
component: database
spec:
containers:
- name: postgres
image: "{{ .Values.postgres.image.repository }}:{{ .Values.postgres.image.tag }}"
imagePullPolicy: {{ .Values.postgres.image.pullPolicy }}
ports:
- containerPort: {{ .Values.postgres.port }}
name: postgres
protocol: TCP
env:
- name: POSTGRES_USER
value: {{ .Values.postgres.user | quote }}
- name: POSTGRES_PASSWORD
value: {{ .Values.postgres.password | quote }}
- name: POSTGRES_DB
value: {{ .Values.postgres.database | quote }}
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
- name: init-sql
mountPath: /docker-entrypoint-initdb.d
livenessProbe:
exec:
command:
- /bin/sh
- -c
- pg_isready -U {{ .Values.postgres.user }}
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
exec:
command:
- /bin/sh
- -c
- pg_isready -U {{ .Values.postgres.user }}
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.postgres.resources.requests.cpu }}
memory: {{ .Values.postgres.resources.requests.memory }}
limits:
cpu: {{ .Values.postgres.resources.limits.cpu }}
memory: {{ .Values.postgres.resources.limits.memory }}
volumes:
- name: init-sql
configMap:
name: {{ .Release.Name }}-db-schema
volumeClaimTemplates:
- metadata:
name: data
spec:
accessModes:
- {{ .Values.postgres.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.postgres.persistence.size }}
{{- if .Values.postgres.persistence.storageClass }}
storageClassName: {{ .Values.postgres.persistence.storageClass | quote }}
{{- end }}

57
charts/my-recipes-chart/templates/frontend-deployment.yaml
View File

@ -1,57 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-{{ .Values.frontend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
replicas: {{ .Values.frontend.replicaCount }}
selector:
matchLabels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
template:
metadata:
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
containers:
- name: {{ .Values.frontend.name }}
image: "{{ .Values.frontend.image.repository }}:{{ .Values.frontend.image.tag }}"
imagePullPolicy: {{ .Values.frontend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.frontend.service.targetPort }}
name: http
protocol: TCP
{{- with .Values.frontend.env }}
env:
{{- range $key, $value := . }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 2
resources:
requests:
cpu: {{ .Values.frontend.resources.requests.cpu }}
memory: {{ .Values.frontend.resources.requests.memory }}
limits:
cpu: {{ .Values.frontend.resources.limits.cpu }}
memory: {{ .Values.frontend.resources.limits.memory }}

17
charts/my-recipes-chart/templates/frontend-service.yaml
View File

@ -1,17 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-{{ .Values.frontend.name }}
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}
component: frontend
spec:
type: {{ .Values.frontend.service.type }}
ports:
- port: {{ .Values.frontend.service.port }}
targetPort: {{ .Values.frontend.service.targetPort }}
protocol: TCP
name: http
selector:
app: {{ .Release.Name }}-{{ .Values.frontend.name }}

89
charts/my-recipes-chart/templates/ingress.yaml
View File

@ -1,89 +0,0 @@
{{- if .Values.frontend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-frontend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-frontend
component: frontend
{{- with .Values.frontend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.frontend.ingress.className }}
ingressClassName: {{ .Values.frontend.ingress.className }}
{{- end }}
rules:
{{- range .Values.frontend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.frontend.name }}
port:
number: {{ $.Values.frontend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.frontend.ingress.tls }}
tls:
{{- range .Values.frontend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.backend.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}-backend
namespace: {{ .Values.global.namespace }}
labels:
app: {{ .Release.Name }}-backend
component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ $.Release.Name }}-{{ $.Values.backend.name }}
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
{{- end }}

169
charts/my-recipes-chart/values.yaml
View File

@ -1,169 +0,0 @@
global:
namespace: my-apps
imagePullSecrets: []
# Backend configuration
backend:
name: backend
replicaCount: 2
image:
repository: harbor.dvirlabs.com/my-apps/my-recipes-backend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 8000
targetPort: 8000
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
env:
PYTHONUNBUFFERED: "1"
# Secrets are created in db-secret.yaml
# These are passed via envFrom secretRef
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: api-my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: api-my-recipes-tls
hosts:
- api-my-recipes.dvirlabs.com
# Frontend configuration
frontend:
name: frontend
replicaCount: 2
image:
repository: harbor.dvirlabs.com/my-apps/my-recipes-frontend
pullPolicy: IfNotPresent
tag: "latest"
service:
type: ClusterIP
port: 80
targetPort: 80
env:
API_BASE: "https://api-my-recipes.dvirlabs.com"
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
cpu: 200m
memory: 256Mi
ingress:
enabled: true
className: "traefik"
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: my-recipes-tls
hosts:
- my-recipes.dvirlabs.com
externalUrl: "https://my-recipes.dvirlabs.com"
# PostgreSQL configuration
postgres:
name: db
image:
repository: postgres
tag: "16-alpine"
pullPolicy: IfNotPresent
user: recipes_user
password: recipes_password
database: recipes_db
port: 5432
service:
type: ClusterIP
port: 5432
targetPort: 5432
persistence:
enabled: true
accessMode: ReadWriteOnce
storageClass: "nfs-client"
size: 10Gi
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
cpu: 1000m
memory: 1Gi
# OAuth Configuration
oauth:
google:
clientId: "143092846986-hsi59m0on2c9rb5qrdoejfceieao2ioc.apps.googleusercontent.com"
clientSecret: "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"
redirectUri: "https://api-my-recipes.dvirlabs.com/auth/google/callback"
azure:
clientId: "db244cf5-eb11-4738-a2ea-5b0716c9ec0a"
clientSecret: "Zad8Q~qRBxaQq8up0lLXAq4pHzrVM2JFGFJhHaDp"
tenantId: "consumers"
redirectUri: "https://api-my-recipes.dvirlabs.com/auth/azure/callback"
# Email Configuration
email:
smtpHost: "smtp.gmail.com"
smtpPort: "587"
smtpUser: "dvirlabs@gmail.com"
smtpPassword: "agaanrhbbazbdytv"
smtpFrom: "dvirlabs@gmail.com"
# R2 Backup Configuration
r2:
endpoint: "https://d4704b8c40b2f95b2c7bf7ee4ecc52f8.r2.cloudflarestorage.com"
accessKey: "" # Set this in my-recipes/values.yaml
secretKey: "" # Set this in my-recipes/values.yaml
backupInterval: "weekly" # Options: test (1 min), daily, weekly
# Ingress configuration
ingress:
enabled: false # Individual frontend/backend ingress resources handle routing instead
className: "nginx"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
hosts:
- host: my-recipes.dvirlabs.com
paths:
- path: /
pathType: Prefix
backend: frontend
tls:
- secretName: recipes-tls
hosts:
- my-recipes.dvirlabs.com

13
charts/navix-chart/templates/backend-deployment.yaml
View File

@ -26,15 +26,4 @@ spec:
- name: MINIO_ENDPOINT - name: MINIO_ENDPOINT
value: "{{ .Values.backend.env.MINIO_ENDPOINT }}" value: "{{ .Values.backend.env.MINIO_ENDPOINT }}"
- name: MINIO_BUCKET - name: MINIO_BUCKET
value: "{{ .Values.backend.env.MINIO_BUCKET }}" value: "{{ .Values.backend.env.MINIO_BUCKET }}"
{{- if .Values.backend.persistence.enabled }}
volumeMounts:
- name: data
mountPath: /data
{{- end }}
{{- if .Values.backend.persistence.enabled }}
volumes:
- name: data
persistentVolumeClaim:
claimName: navix-backend-data
{{- end }}

15
charts/navix-chart/templates/backend-pvc.yaml
View File

@ -1,15 +0,0 @@
{{- if .Values.backend.persistence.enabled }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: navix-backend-data
spec:
accessModes:
- {{ .Values.backend.persistence.accessMode }}
resources:
requests:
storage: {{ .Values.backend.persistence.size }}
{{- if .Values.backend.persistence.storageClass }}
storageClassName: {{ .Values.backend.persistence.storageClass }}
{{- end }}
{{- end }}

5
charts/navix-chart/values.yaml
View File

@ -35,11 +35,6 @@ backend:
MINIO_SECRET_KEY: "your-secret-key" MINIO_SECRET_KEY: "your-secret-key"
MINIO_ENDPOINT: "s3.dvirlabs.com" MINIO_ENDPOINT: "s3.dvirlabs.com"
MINIO_BUCKET: "navix-icons" MINIO_BUCKET: "navix-icons"
persistence:
enabled: true
accessMode: ReadWriteOnce
size: 1Gi
storageClass: ""
ingress: ingress:
enabled: true enabled: true
className: traefik className: traefik

6
charts/pgadmin-chart/Chart.yaml
View File

@ -1,6 +0,0 @@
apiVersion: v2
name: pgadmin
description: Simple pgAdmin 4
type: application
version: 0.1.0
appVersion: "8"

30
charts/pgadmin-chart/templates/deployment.yaml
View File

@ -1,30 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}
spec:
replicas: 1
selector:
matchLabels:
app: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ .Release.Name }}
spec:
containers:
- name: pgadmin
image: {{ .Values.image }}
ports:
- containerPort: 80
env:
- name: PGADMIN_DEFAULT_EMAIL
value: {{ .Values.pgadmin.email | quote }}
- name: PGADMIN_DEFAULT_PASSWORD
value: {{ .Values.pgadmin.password | quote }}
# optional: set a fixed base path if you ever host behind subpath
# env:
# - name: SCRIPT_NAME
# value: /pgadmin
# - name: PGADMIN_CONFIG_SERVER_MODE
# value: "True"

26
charts/pgadmin-chart/templates/ingress.yaml
View File

@ -1,26 +0,0 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ .Release.Name }}
{{- with .Values.ingress.annotations }}
annotations:
{{ toYaml . | nindent 4 }}
{{- end }}
spec:
ingressClassName: {{ .Values.ingress.className }}
rules:
- host: {{ (index .Values.ingress.hosts 0).host }}
http:
paths:
- path: {{ (index .Values.ingress.hosts 0).path }}
pathType: {{ (index .Values.ingress.hosts 0).pathType }}
backend:
service:
name: {{ .Release.Name }}
port:
number: {{ $.Values.service.port }}
tls:
- hosts:
- {{ (index .Values.ingress.hosts 0).host }}
{{- end }}

11
charts/pgadmin-chart/templates/service.yaml
View File

@ -1,11 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}
spec:
type: {{ .Values.service.type }}
selector:
app: {{ .Release.Name }}
ports:
- port: {{ .Values.service.port }}
targetPort: 80

20
charts/pgadmin-chart/values.yaml
View File

@ -1,20 +0,0 @@
image: dpage/pgadmin4:latest
pgadmin:
email: admin@dvirlabs.com
password: supersecret # change me
service:
type: ClusterIP
port: 80
ingress:
enabled: true
className: traefik
annotations:
traefik.ingress.kubernetes.io/router.entrypoints: websecure
traefik.ingress.kubernetes.io/router.tls: "true"
hosts:
- host: pgadmin.dvirlabs.com
path: /
pathType: Prefix

12
charts/tasko-chart-old/Chart.yaml
View File

@ -1,12 +0,0 @@
apiVersion: v2
name: tasko
description: A Helm chart for Tasko - Modern Task Management Application
type: application
version: 1.0.0
appVersion: "1.0.0"
keywords:
- tasko
- task-management
- productivity
maintainers:
- name: dvir

228
charts/tasko-chart-old/README.md
View File

@ -1,228 +0,0 @@
# Tasko Helm Chart
Kubernetes Helm chart for deploying Tasko task management application.
## Architecture
- **Frontend**: React application served by Nginx
- URL: https://tasko.dvirlabs.com
- Port: 80
- **Backend**: FastAPI Python application
- URL: https://api-tasko.dvirlabs.com
- Port: 8000
- **Database**: PostgreSQL
- Managed by Helm subchart
## Prerequisites
- Kubernetes cluster (1.19+)
- Helm 3.0+
- kubectl configured
- Nginx Ingress Controller installed
- cert-manager installed (for automatic TLS certificates)
## Building Docker Images
### Frontend
```bash
cd frontend
docker build -t tasko-frontend:latest .
docker tag tasko-frontend:latest <your-registry>/tasko-frontend:latest
docker push <your-registry>/tasko-frontend:latest
```
### Backend
```bash
cd backend
docker build -t tasko-backend:latest .
docker tag tasko-backend:latest <your-registry>/tasko-backend:latest
docker push <your-registry>/tasko-backend:latest
```
## Installation
### Quick Install with Default Values
```bash
helm install tasko ./helm/tasko
```
### Install with Custom Values
```bash
helm install tasko ./helm/tasko -f custom-values.yaml
```
### Install with Custom Image Registry
```bash
helm install tasko ./helm/tasko \
--set frontend.image.repository=<your-registry>/tasko-frontend \
--set backend.image.repository=<your-registry>/tasko-backend
```
## Configuration
### Key Configuration Options
| Parameter | Description | Default |
|-----------|-------------|---------|
| `frontend.image.repository` | Frontend image repository | `tasko-frontend` |
| `frontend.image.tag` | Frontend image tag | `latest` |
| `backend.image.repository` | Backend image repository | `tasko-backend` |
| `backend.image.tag` | Backend image tag | `latest` |
| `frontend.ingress.hosts[0].host` | Frontend hostname | `tasko.dvirlabs.com` |
| `backend.ingress.hosts[0].host` | Backend hostname | `api-tasko.dvirlabs.com` |
| `postgresql.enabled` | Enable PostgreSQL subchart | `true` |
| `postgresql.auth.username` | PostgreSQL username | `tasko_user` |
| `postgresql.auth.password` | PostgreSQL password | `tasko_password` |
| `postgresql.auth.database` | PostgreSQL database name | `tasko_db` |
### Custom Values Example
Create a `custom-values.yaml` file:
```yaml
frontend:
image:
repository: myregistry.io/tasko-frontend
tag: "1.0.0"
ingress:
hosts:
- host: tasko.mydomain.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: tasko-frontend-tls
hosts:
- tasko.mydomain.com
backend:
image:
repository: myregistry.io/tasko-backend
tag: "1.0.0"
ingress:
hosts:
- host: api-tasko.mydomain.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: tasko-backend-tls
hosts:
- api-tasko.mydomain.com
postgresql:
auth:
password: "your-secure-password"
```
## Upgrading
```bash
helm upgrade tasko ./helm/tasko -f custom-values.yaml
```
## Uninstalling
```bash
helm uninstall tasko
```
## DNS Configuration
Make sure to configure your DNS to point to your Kubernetes cluster's ingress:
```
tasko.dvirlabs.com A/CNAME <your-ingress-ip-or-hostname>
api-tasko.dvirlabs.com A/CNAME <your-ingress-ip-or-hostname>
```
## TLS Certificates
The chart is configured to use cert-manager with Let's Encrypt for automatic TLS certificate provisioning. Make sure you have:
1. cert-manager installed in your cluster
2. A ClusterIssuer named `letsencrypt-prod` configured
Example ClusterIssuer:
```yaml
apiVersion: cert-manager.io/v1
kind: ClusterIssuer
metadata:
name: letsencrypt-prod
spec:
acme:
server: https://acme-v02.api.letsencrypt.org/directory
email: your-email@example.com
privateKeySecretRef:
name: letsencrypt-prod
solvers:
- http01:
ingress:
class: nginx
```
## Troubleshooting
### Check Pod Status
```bash
kubectl get pods -l app.kubernetes.io/name=tasko
```
### View Logs
```bash
# Frontend logs
kubectl logs -l app.kubernetes.io/component=frontend
# Backend logs
kubectl logs -l app.kubernetes.io/component=backend
# PostgreSQL logs
kubectl logs -l app.kubernetes.io/name=postgresql
```
### Check Ingress
```bash
kubectl get ingress
kubectl describe ingress tasko-frontend
kubectl describe ingress tasko-backend
```
### Database Connection Issues
```bash
# Check if PostgreSQL is running
kubectl get pods -l app.kubernetes.io/name=postgresql
# Test database connection from backend pod
kubectl exec -it <backend-pod-name> -- psql $DATABASE_URL -c "SELECT 1"
```
## CORS Configuration
The backend ingress is pre-configured with CORS headers to allow requests from the frontend domain. The configuration includes:
- `nginx.ingress.kubernetes.io/cors-allow-origin: "https://tasko.dvirlabs.com"`
- `nginx.ingress.kubernetes.io/enable-cors: "true"`
If you change the frontend domain, update the CORS configuration in `values.yaml`.
## Production Considerations
1. **Secrets Management**: Consider using external secret management (e.g., Sealed Secrets, External Secrets Operator)
2. **Database Backups**: Set up regular PostgreSQL backups
3. **Monitoring**: Add Prometheus/Grafana for monitoring
4. **Scaling**: Adjust `replicaCount` for horizontal scaling
5. **Resource Limits**: Tune resource requests/limits based on your workload
6. **Image Security**: Scan Docker images for vulnerabilities
7. **Network Policies**: Implement network policies for additional security
## Support
For issues and questions, please refer to the project repository.

22
charts/tasko-chart-old/templates/NOTES.txt
View File

@ -1,22 +0,0 @@
1. Get the frontend application URL by running these commands:
{{- if .Values.frontend.ingress.enabled }}
https://{{ (index .Values.frontend.ingress.hosts 0).host }}
{{- else if contains "NodePort" .Values.frontend.service.type }}
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "tasko.fullname" . }}-frontend)
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.frontend.service.type }}
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "tasko.fullname" . }}-frontend'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "tasko.fullname" . }}-frontend --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.frontend.service.port }}
{{- else if contains "ClusterIP" .Values.frontend.service.type }}
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "tasko.name" . }},app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/component=frontend" -o jsonpath="{.items[0].metadata.name}")
echo "Visit http://127.0.0.1:8080 to use your application"
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80
{{- end }}
2. Get the backend API URL by running these commands:
{{- if .Values.backend.ingress.enabled }}
https://{{ (index .Values.backend.ingress.hosts 0).host }}
{{- end }}

60
charts/tasko-chart-old/templates/_helpers.tpl
View File

@ -1,60 +0,0 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "tasko.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
*/}}
{{- define "tasko.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "tasko.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Common labels
*/}}
{{- define "tasko.labels" -}}
helm.sh/chart: {{ include "tasko.chart" . }}
{{ include "tasko.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "tasko.selectorLabels" -}}
app.kubernetes.io/name: {{ include "tasko.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}
{{/*
Create the name of the service account to use
*/}}
{{- define "tasko.serviceAccountName" -}}
{{- if .Values.serviceAccount.create }}
{{- default (include "tasko.fullname" .) .Values.serviceAccount.name }}
{{- else }}
{{- default "default" .Values.serviceAccount.name }}
{{- end }}
{{- end }}

80
charts/tasko-chart-old/templates/backend-deployment.yaml
View File

@ -1,80 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "tasko.fullname" . }}-backend
labels:
{{- include "tasko.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "tasko.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: backend
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "tasko.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: backend
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "tasko.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
initContainers:
- name: wait-for-postgres
image: busybox:1.35
command: ['sh', '-c', 'until nc -z {{ include "tasko.fullname" . }}-db-headless {{ .Values.postgres.port | default 5432 }}; do echo waiting for postgres; sleep 2; done;']
containers:
- name: backend
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.backend.service.targetPort }}
protocol: TCP
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: {{ include "tasko.fullname" . }}-secrets
key: database-url
{{- range $key, $value := .Values.backend.env }}
- name: {{ $key }}
value: {{ $value | quote }}
{{- end }}
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}

42
charts/tasko-chart-old/templates/backend-ingress.yaml
View File

@ -1,42 +0,0 @@
{{- if .Values.backend.ingress.enabled -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "tasko.fullname" . }}-backend
labels:
{{- include "tasko.labels" . | nindent 4 }}
app.kubernetes.io/component: backend
{{- with .Values.backend.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.backend.ingress.className }}
ingressClassName: {{ .Values.backend.ingress.className }}
{{- end }}
{{- if .Values.backend.ingress.tls }}
tls:
{{- range .Values.backend.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
{{- range .Values.backend.ingress.hosts }}
- host: {{ .host | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
pathType: {{ .pathType }}
backend:
service:
name: {{ include "tasko.fullname" $ }}-backend
port:
number: {{ $.Values.backend.service.port }}
{{- end }}
{{- end }}
{{- end }}

Some files were not shown because too many files have changed in this diff Show More