2025-12-08 11:15:43 +00:00
4 changed files with 91 additions and 102 deletions
--- a/yonote-chart-service/Chart.yaml
+++ b/yonote-chart-service/Chart.yaml
@ -1,9 +1,9 @@
 apiVersion: v2
 name: yonote-chart
-version: 1.2.0
+version: 1.3.0
 description:
  Generic application Helm chart.
-  This chart includes multiple dependencies. The base of this chart is derived from the Dynix app chart.
+  This chart includes multiple dependencies. The base of this chart is derived from the Dysnix app chart.
 maintainers:
  - name: Dysnix
    email: support@dysnix.com
@ -29,32 +29,32 @@ dependencies:
    version: "0.3.15"
    repository: https://dysnix.github.io/charts
    alias: yonote-worker
- 
+
  - name: app
    version: "0.3.15"
    repository: https://dysnix.github.io/charts
    alias: yonote-collaboration

-  - name: postgresql
-    version: "11.6.6"
-    repository: https://charts.bitnami.com/bitnami
+  - name: postgres
+    version: "0.3.9"
+    repository: https://groundhog2k.github.io/helm-charts/
    condition: yonoteDatabase.enabled
    alias: yonoteDatabase

  - name: redis
-    version: "16.12.1"
-    repository: https://charts.bitnami.com/bitnami
+    version: "0.7.0"
+    repository: https://groundhog2k.github.io/helm-charts/
    condition: yonote-redis.enabled
    alias: yonote-redis

  - name: minio
    version: "12.7.0"
-    repository: https://charts.bitnami.com/bitnami
+    repository: https://charts.min.io/
    condition: minio.enabled
    alias: minio

-  - name: keycloak
-    version: "14.0.0"
-    repository: https://charts.bitnami.com/bitnami
+  - name: keycloakx
+    version: "1.3.2"
+    repository: https://codecentric.github.io/helm-charts
    condition: keycloak.enabled
-    alias: keycloak
+    alias: keycloak
--- a/yonote-chart-service/secret-values.yaml
+++ b/yonote-chart-service/secret-values.yaml
@ -3,8 +3,8 @@ global:
    config:
      secret:
        stringData:
-          DATABASE_URL: 'postgres://{{ .Values.yonoteDatabase.global.postgresql.auth.username }}:{{ .Values.yonoteDatabase.global.postgresql.auth.password }}@yonote-database:5432/{{ .Values.yonoteDatabase.global.postgresql.auth.database }}'
-          POSTGRES_PASSWORD: "{{ .Values.yonoteDatabase.global.postgresql.auth.password }}"
+          DATABASE_URL: 'postgres://{{ .Values.yonoteDatabase.settings.userDatabase.user }}:{{ .Values.yonoteDatabase.settings.userDatabase.password }}@yonote-database:5432/{{ .Values.yonoteDatabase.settings.userDatabase.database }}'
+          POSTGRES_PASSWORD: "{{ .Values.yonoteDatabase.settings.superuserPassword.password }}"
          AWS_ACCESS_KEY_ID: "{{ .Values.minio.customUser }}"  # Ваш идентификатор ключа доступа к AWS. 
          AWS_SECRET_ACCESS_KEY: "{{ .Values.minio.customAccessKey }}" # Ваш секретный ключ доступа AWS. 
          OIDC_CLIENT_SECRET: "Kdq8rk5Pv5RW1c5kHXpnyfrmMRzI9xSD" # Секретный ключ клиента для аутентификации по OpenID Connect (OIDC).
@ -21,23 +21,21 @@ global:
        # 2) Выполнить команду для генерации ключей
        # npx web-push generate-vapid-keys
        # 3) Полученные значения ввести в .env файл (SERVICE_WORKER_PUBLIC_KEY, SERVICE_WORKER_PRIVATE_KEY)
-          
-yonoteDatabase:
-  global:
-    postgresql:
-      auth:
-        password: "wsGZ6kXhr5"
-        postgresPassword: "QQYw4UjOU"

-# yonote-redis: # Если используете auth для redis
-#   auth:
-#     password: "12345678"
+yonoteDatabase:
+  settings:
+    superuserPassword: "QQYw4UjOU"
+  userDatabase:
+    password: "wsGZ6kXhr5"
+
+yonote-redis:
+  args:
+    - "--user redis:redis"

 minio:
-  customAccessKey: "qwer-12314q-qwersa"
-  auth:
-    rootPassword: "qwettaas"
+  #customAccessKey: "qwer-12314q-qwersa"
+  rootPassword: "qwettaas"

 keycloak:
  auth:
-   adminPassword: "root"
+    adminPassword: "root"
--- a/yonote-chart-service/templates/mcJob.yaml
+++ b/yonote-chart-service/templates/mcJob.yaml
@ -13,22 +13,22 @@ spec:
    spec:
      containers:
        - name: mc-client
-          image: "docker.io/bitnami/minio-client:2024.8.13-debian-12-r0"
+          image: "quay.io/minio/mc:RELEASE.2024-12-18T13-15-44Z"
          command: ["/bin/sh", "-c"]
          args:
            - |
-              until mc alias set myminio http://yonote-minio:9000 {{ .Values.minio.auth.rootUser }} {{ .Values.minio.auth.rootPassword }}; do
+              until mc alias set myminio http://yonote-minio:9000 {{ .Values.minio.rootUser }} {{ .Values.minio.rootPassword }}; do
                echo "Waiting for MinIO to be ready..."
                sleep 5
              done
              echo "MinIO is ready and alias is set."

              # Создание пользователя
-              if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
-                echo "User {{ .Values.minio.customUser }} already exists or failed to create."
-              else
-                echo "User {{ .Values.minio.customUser }} created successfully."
-              fi
+              #if ! mc admin user add myminio {{ .Values.minio.customUser }} {{ .Values.minio.customAccessKey }}; then
+              #  echo "User {{ .Values.minio.customUser }} already exists or failed to create."
+              #else
+              #  echo "User {{ .Values.minio.customUser }} created successfully."
+              #fi

              # Назначение политики для нового пользователя
              cat <<EOF > /tmp/minio-user-policy.json
--- a/yonote-chart-service/values.yaml
+++ b/yonote-chart-service/values.yaml
@ -476,7 +476,7 @@ yonote-collaboration:
    httpGet:
      path: /_health
      port: app
-  
+
  livenessProbe:
    enabled: true
    failureThreshold: 6
@ -490,103 +490,94 @@ yonote-collaboration:

 yonoteDatabase:
  enabled: true
-  global:
-    postgresql:
-      auth:
-        database: "yonote"
-        username: "yonote"
+  settings:
+  # Default postgres
+  #  superuser:
+
+  userDatabase:
+    name: yonote
+    user: yonote
+
  name: yonote-database
  fullnameOverride: yonote-database
  nameOverride: yonote-database
-  
-  primary:
-    persistence:
-      size: 5Gi
-    resources:
-      limits:
-        cpu: 2
-        memory: 8Gi
-      requests:
-        cpu: 500m
-        memory: 512Mi

-    extraVolumes:
-      - name: init-scripts
-        configMap:
-          name: postgres-init-scripts
+  storage:
+    requestedSize: 5Gi
+    #className: ""

-    extraVolumeMounts:
-      - name: init-scripts
-        mountPath: /docker-entrypoint-initdb.d
-        readOnly: true
+  resources:
+    limits:
+      cpu: 2
+      memory: 8Gi
+    requests:
+      cpu: 500m
+      memory: 512Mi
+
+  extraScripts:
+    - name: postgres-init-scripts

 yonote-redis:
  enabled: true
  fullnameOverride: yonote-redis
  nameOverride: redis
-  architecture: standalone
-  image:
-    tag: 7.2.0-debian-11-r0
-  
-  auth:
-    enabled: false
-  
-  master:
-    persistence:
-      size: 5Gi
-    resources:
-      limits:
-        cpu: 1
-        memory: 4Gi
-      requests:
-        cpu: 500m
-        memory: 512Mi
-   
+
+  storage:
+    requestedSize: 5Gi
+    #className: ""
+  resources:
+    limits:
+      cpu: 1
+      memory: 4Gi
+    requests:
+      cpu: 500m
+      memory: 512Mi
+
 minio:
  enabled: true
  name: minio
  fullnameOverride: yonote-minio
-  customUser: yonote
+  #customUser: yonote
  nameOverride: yonote-minio
-  auth:
-    rootUser: admin
+  mode: standalone
+  rootUser: admin

-  image:
-    tag: 2024.8.3-debian-12-r1
+  users:
+    - accessKey: console
+      secretKey: console123
+      policy: readwrite

  persistence:
    enabled: true
    size: 5Gi
-    
+    #storageClass: ""
+
  ingress:
    enabled: true
-    hostname: 's3.example.com'
+    hosts: 's3.example.com'
    ingressClassName: traefik
    path: '/'
-    pathType: ImplementationSpecific
    annotations:
      kubernetes.io/ingress.class: traefik
      # cert-manager.io/cluster-issuer: letsencrypt.example.com # Если используете
-    extraTls:
-    - hosts:
-        - "s3.example.com"
-      secretName: "you_tls_secret"
+    tls:
+      - hosts:
+          - "s3.example.com"
+        secretName: "you_tls_secret"

-  apiIngress:
+  consoleIngress:
    enabled: true
-    hostname: 'api-s3.example.com'
+    hosts: 'api-s3.example.com'
    ingressClassName: traefik
    path: '/'
-    pathType: ImplementationSpecific
-    servicePort: minio-api
    annotations:
      kubernetes.io/ingress.class: traefik
      # cert-manager.io/cluster-issuer: letsencrypt.example.com # Если используете
-    extraTls:
-    - hosts:
-        - "api-s3.example.com"
-      secretName: "api-s3.example.com"
-      
+    tls:
+      - hosts:
+          - "api-s3.example.com"
+        secretName: "api-s3.example.com"
+
  resources:
    requests:
      memory: 512Mi
@ -601,7 +592,7 @@ mcJob:
 keycloak:
  fullnameOverride: yonote-keycloak
  nameOverride: yonote-keycloak
-  
+
  auth:
    adminUser: root

@ -662,7 +653,7 @@ keycloak:
    requests:
      cpu: 250m
      memory: 256Mi
-  
+
  postgresql:
    enabled: false