diff --git a/yonote-chart/Chart.lock b/yonote-chart/Chart.lock index 27957fe..ac3ee00 100644 --- a/yonote-chart/Chart.lock +++ b/yonote-chart/Chart.lock @@ -22,6 +22,9 @@ dependencies: version: 16.12.1 - name: keycloak repository: https://charts.bitnami.com/bitnami - version: 10.1.4 -digest: sha256:3ae7e0501380a54b94f6de7d4073b44a5ef6de77333262b6161fa3ab30db4695 -generated: "2024-07-11T23:38:34.270659107+03:00" + version: 21.6.1 +- name: minio + repository: https://charts.bitnami.com/bitnami + version: 14.6.20 +digest: sha256:f05d7ee9b89cf6aa733e8fccce0daf3f8a427a108248f39ccd4b01bdd83a4f1b +generated: "2024-07-12T16:09:51.328475497+03:00" diff --git a/yonote-chart/Chart.yaml b/yonote-chart/Chart.yaml index 68f06c6..8e51918 100644 --- a/yonote-chart/Chart.yaml +++ b/yonote-chart/Chart.yaml @@ -41,7 +41,13 @@ dependencies: alias: yonote-redis - name: keycloak - version: "10.1.4" + version: "21.6.1" repository: https://charts.bitnami.com/bitnami condition: keycloak.enabled alias: keycloak + + - name: minio + version: "14.6.20" + repository: https://charts.bitnami.com/bitnami + condition: minio.enabled + alias: minio \ No newline at end of file diff --git a/yonote-chart/secret-values.yaml b/yonote-chart/secret-values.yaml deleted file mode 100644 index b7328b6..0000000 --- a/yonote-chart/secret-values.yaml +++ /dev/null @@ -1,21 +0,0 @@ -global: - yonote: - config: - secret: - stringData: - AI_API_KEY: 12355 - AWS_ACCESS_KEY_ID: 1234 - AWS_SECRET_ACCESS_KEY: 1234 - OIDC_CLIENT_SECRET: 1234 - SECRET_KEY: 1234 - SMTP_PASSWORD: 1234 - UTILS_SECRET: - YANDEX_METRIKA_ID: - TELEGRAM_BOT_TOKEN: 1234 - UNSPLASH_API_ACCESS_KEY: 1234 - DATABASE_URL: postgres://postgres:TQQYw4UjOU>@localhost:5432/yonote - REDIS_URL: #redis://username:password>@:6379 - LICENSE_KEY: "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJkdW1teSI6ImRhdGEiLCJkYXRhIjoiZHVtbXkiLCJpYXQiOjE2NjQ4OTUyNjUsImV4cCI6MTgyMjY4MzI2NX0.Qudc2d-MKc4DT-UBAVydgowiYQnzzWolvbJTjPB5dwEI32Wb64sgkXOfXKsRf9_wP3UK0-65QYVkMHM76ImhM9HCHv9LWJBQeD0q2rF243cMkMUNfKXAX8-SmLu9kMZzm0fL02IBnv5TCHIF7u6GgGRk3US6WbVhzqHGxrdJ2b3HwD_cI3mcLKCtTfO_GDiUfAv7u5Ddi-6tCfFRvH633BLPKIMO5cePh_AdHykO_2p7z_ypUfsVgqxHkq8KwNuuaI6CpwE48P-7mXuM9xEWu3-prSZpaI4rIZA6JFpGMWyiGs4GDvjRFssq4GUPvYJnkZ2w_W_liSMdC5hg0PFxcw" - SERVICE_WORKER_PUBLIC_KEY: "" - SERVICE_WORKER_PRIVATE_KEY: "" - QUOTA_TOKEN: diff --git a/yonote-chart/values.yaml b/yonote-chart/values.yaml index c8aef1d..5c6205e 100644 --- a/yonote-chart/values.yaml +++ b/yonote-chart/values.yaml @@ -3,8 +3,8 @@ global: auth: database: yonote username: yonote - password: - postgresPassword: + password: wsGZ6kXhr5 + postgresPassword: QQYw4UjOU yonote: ingress: @@ -21,22 +21,22 @@ global: config: plain: data: - DEPLOYMENT: hosted + DEPLOYMENT: undefined #Режим приложения FORCE_HTTPS: "false" PGSSLMODE: disable - BIND_HOST: 0.0.0.0 - PORT: "3000" + BIND_HOST: 0.0.0.0 #Хост по умолчанию + PORT: "3000" #Порт по умолчанию REDIS_URL: redis://yonote-redis-master:6379 - DEFAULT_LANGUAGE: ru_RU + DEFAULT_LANGUAGE: ru_RU #Язык по умолчанию ENABLE_UPDATES: "false" AI_URL: http://engate.wilix.dev:5001 - URL: 'http://app.{{ .Values.global.yonote.baseListenAddress }}' - COLLABORATION_URL: 'wss://app.{{ .Values.global.yonote.baseListenAddress }}' + URL: 'http://app.{{ .Values.global.yonote.baseListenAddress }}' #Базовый url приложения + COLLABORATION_URL: 'wss://app.{{ .Values.global.yonote.baseListenAddress }}' #сервер, для нормальной работы это не нужно устанавливать OIDC_DISPLAY_NAME: email OIDC_SCOPES: openid email @@ -47,15 +47,15 @@ global: OIDC_USERINFO_URI: 'http://{{ .Values.global.yonote.keycloak.hostName }}/realms/{{ .Values.global.yonote.keycloak.realmName }}/protocol/openid-connect/userinfo' AWS_S3_ACL: private - AWS_S3_UPLOAD_BUCKET_URL: example-url-s3 - AWS_S3_UPLOAD_BUCKET_NAME: yonote-bucket + AWS_S3_UPLOAD_BUCKET_URL: example-url-s3 #Адрес S3 хранилища + AWS_S3_UPLOAD_BUCKET_NAME: yonote-bucket #Имя хранилища - полный URL = http://127.0.0.1:9000/yonote-bucket AWS_REGION: "" - AWS_S3_UPLOAD_MAX_SIZE: "226214400" - AWS_S3_FORCE_PATH_STYLE: "false" + AWS_S3_UPLOAD_MAX_SIZE: "226214400" #Максимальный размер хранилища + AWS_S3_FORCE_PATH_STYLE: "false" #Следует ли принудительно использовать URL-адреса стиля пути для объектов S3 - SUBDOMAINS_ENABLED: "true" - BASENAME_FOR_SUBDOMAIN: '{{ .Values.global.yonote.baseListenAddress }}' - NOT_ALLOWED_SUBDOMAINS: app,collaboration,auth,api,dev,docs,doc,admin,test,quota,billing,i,storage,host,updates + SUBDOMAINS_ENABLED: "true" #Поддержка поддоменов для команд + BASENAME_FOR_SUBDOMAIN: '{{ .Values.global.yonote.baseListenAddress }}' #Имя хоста + NOT_ALLOWED_SUBDOMAINS: app,collaboration,auth,api,dev,docs,doc,admin,test,quota,billing,i,storage,host,updates #запрещенные поддомены TELEGRAM_API_URL: https://api.telegram.org @@ -74,9 +74,10 @@ global: secret: stringData: DATABASE_URL: 'postgres://{{ .Values.global.postgresql.auth.username }}:{{ .Values.global.postgresql.auth.password }}@yonote-db/{{ .Values.global.postgresql.auth.database }}' + POSTGRES_PASSWORD: wsGZ6kXhr5 AI_API_KEY: "" - AWS_ACCESS_KEY_ID: "" - AWS_SECRET_ACCESS_KEY: "" + AWS_ACCESS_KEY_ID: "" #Ваш идентификатор ключа доступа к AWS. Поведение в SelfHosted: устанавливает логин сервис аккаунта для доступа приложения к Minio S3 хранилищу + AWS_SECRET_ACCESS_KEY: "" #Ваш секретный ключ доступа AWS. Поведение в SelfHosted: устанавливает пароль сервис аккаунта для доступа приложения к Minio S3 хранилищу OIDC_CLIENT_SECRET: "" SECRET_KEY: "" SMTP_PASSWORD: "" @@ -493,9 +494,9 @@ yonote-database: enabled: true fullnameOverride: yonote-db nameOverride: db + primary: persistence: - storageClass: microk8s-hostpath size: 500Mi resources: limits: @@ -510,8 +511,10 @@ yonote-redis: fullnameOverride: yonote-redis nameOverride: redis architecture: standalone + auth: enabled: false + master: persistence: size: 200Mi @@ -527,35 +530,88 @@ keycloak: enabled: true fullnameOverride: yonote-keycloak nameOverride: keycloak - hostName: auth.example.com + hostName: auth.example.com + realmName: yonote + auth: adminUser: admin adminPassword: "12345" + + ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: traefik + hosts: + - host: keycloak.example.com + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: keycloak-tls + hosts: + - keycloak.example.com + postgresql: name: postgresql enabled: true postgresqlUsername: keycloak postgresqlPassword: keycloak postgresqlDatabase: keycloak + persistence: + size: 500Mi + + # externalDatabase: #Если используете не встроенную БД + # host: + # port: 5432 + # database: keycloak + # user: keycloak + # password: + # existingSecret: app-postgresql + # existingSecretKey: postgresql-password + + extraEnv: | + - name: KC_SPI_ADMIN_REALM + value: 'yonote' + service: type: ClusterIP port: 8080 + +minio: + enabled: true + fullnameOverride: yonote-minio + nameOverride: minio + accessKey: "minioadmin" + secretKey: "minioadminsecret" + persistence: - deployPostgres: true # Если используете встроенный PostgreSQL, оставьте true. + enabled: true size: 500Mi - readinessProbe: - httpGet: - path: /realms/master - port: 8080 - initialDelaySeconds: 30 - timeoutSeconds: 5 - periodSeconds: 10 - failureThreshold: 6 - livenessProbe: - httpGet: - path: /realms/master - port: 8080 - initialDelaySeconds: 30 - timeoutSeconds: 5 - periodSeconds: 10 - failureThreshold: 6 \ No newline at end of file + + ingress: + enabled: true + annotations: + kubernetes.io/ingress.class: traefik + hosts: + - host: minio.example.com + paths: + - path: / + pathType: ImplementationSpecific + tls: + - secretName: minio-tls + hosts: + - minio.example.com + + resources: + requests: + memory: 512Mi + cpu: 250m + limits: + memory: 1Gi + cpu: 500m + + buckets: + - name: mybucket + policy: none + - name: anotherbucket + policy: none \ No newline at end of file