154 lines
3.3 KiB
YAML
154 lines
3.3 KiB
YAML
global:
|
|
namespace: my-apps
|
|
imagePullSecrets: []
|
|
|
|
# Backend configuration
|
|
backend:
|
|
name: backend
|
|
replicaCount: 1
|
|
image:
|
|
repository: harbor.dvirlabs.com/my-apps/tasko-backend
|
|
pullPolicy: IfNotPresent
|
|
tag: "latest"
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 8000
|
|
targetPort: 8000
|
|
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
|
|
env:
|
|
PYTHONUNBUFFERED: "1"
|
|
ENVIRONMENT: "production"
|
|
GOOGLE_REDIRECT_URI: "https://api-tasko.dvirlabs.com/auth/google/callback"
|
|
FRONTEND_URL: "https://tasko.dvirlabs.com"
|
|
|
|
# OAuth Configuration (stored as secrets)
|
|
oauth:
|
|
google:
|
|
clientId: "672182384838-vob26vd0qhmf0g9mru4u4sibkqre0rfa.apps.googleusercontent.com"
|
|
clientSecret: "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"
|
|
|
|
# Session secret for signing cookies (generate with: python -c "import secrets; print(secrets.token_hex(32))")
|
|
sessionSecret: "7f8a9b6c5d4e3f2a1b0c9d8e7f6a5b4c3d2e1f0a9b8c7d6e5f4a3b2c1d0e9f8a"
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: "traefik"
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
hosts:
|
|
- host: api-tasko.dvirlabs.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: api-tasko-tls
|
|
hosts:
|
|
- api-tasko.dvirlabs.com
|
|
|
|
# Frontend configuration
|
|
frontend:
|
|
name: frontend
|
|
replicaCount: 1
|
|
image:
|
|
repository: harbor.dvirlabs.com/my-apps/tasko-frontend
|
|
pullPolicy: IfNotPresent
|
|
tag: "latest"
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 80
|
|
targetPort: 80
|
|
|
|
env:
|
|
VITE_API_URL: "https://api-tasko.dvirlabs.com"
|
|
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 64Mi
|
|
limits:
|
|
cpu: 200m
|
|
memory: 256Mi
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: "traefik"
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
hosts:
|
|
- host: tasko.dvirlabs.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
tls:
|
|
- secretName: tasko-tls
|
|
hosts:
|
|
- tasko.dvirlabs.com
|
|
|
|
# PostgreSQL configuration
|
|
postgres:
|
|
name: db
|
|
image:
|
|
repository: postgres
|
|
tag: "16-alpine"
|
|
pullPolicy: IfNotPresent
|
|
|
|
user: tasko_user
|
|
password: tasko_password
|
|
database: tasko_db
|
|
port: 5432
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 5432
|
|
targetPort: 5432
|
|
|
|
persistence:
|
|
enabled: true
|
|
accessMode: ReadWriteOnce
|
|
size: 8Gi
|
|
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 512Mi
|
|
|
|
# Ingress configuration
|
|
ingress:
|
|
enabled: false # Individual frontend/backend ingress resources handle routing instead
|
|
className: "traefik"
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
hosts:
|
|
- host: tasko.dvirlabs.com
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend: frontend
|
|
tls:
|
|
- secretName: tasko-tls
|
|
hosts:
|
|
- tasko.dvirlabs.com
|
|
|
|
# Service Account configuration
|
|
serviceAccount:
|
|
create: true
|
|
annotations: {}
|
|
name: ""
|