3df310ee4f
* backend: k8s: - support crawls with multiple wacz files, don't assume crawl complete after first wacz uploaded - if crawl is running and has wacz file, still show as running - k8s: allow configuring node selector for main pods (eg. nodeType=main) and for crawlers (eg. nodeType=crawling) - profiles: support uploading to alternate storage specified via 'shared_profile_storage' value is set - misc fixes for profiles * backend: ensure docker run_profile api matches k8s k8s chart: don't delete pvc and pv in helm chart * dependency: bump authsign to 0.4.0 docker: disable public redis port * profiles: fix path, profile browser return value * fix typo in presigned url cacheing
66 lines
1.9 KiB
YAML
66 lines
1.9 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: auth-secrets
|
|
namespace: {{ .Release.Namespace }}
|
|
|
|
type: Opaque
|
|
stringData:
|
|
PASSWORD_SECRET: "{{ .Values.api_password_secret }}"
|
|
|
|
{{- if .Values.minio_local }}
|
|
{{- with (first .Values.storages) }}
|
|
MINIO_ROOT_USER: "{{ .access_key }}"
|
|
MINIO_ROOT_PASSWORD: "{{ .secret_key }}"
|
|
|
|
MC_HOST: "{{ $.Values.minio_scheme }}://{{ .access_key }}:{{ .secret_key }}@{{ $.Values.minio_host }}"
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
EMAIL_SMTP_PORT: "{{ .Values.email.smtp_port }}"
|
|
EMAIL_SMTP_HOST: "{{ .Values.email.smtp_host }}"
|
|
EMAIL_SENDER: "{{ .Values.email.sender_email }}"
|
|
EMAIL_PASSWORD: "{{ .Values.email.password }}"
|
|
|
|
SUPERUSER_EMAIL: "{{ .Values.superuser.email }}"
|
|
SUPERUSER_PASSWORD: "{{ .Values.superuser.password }}"
|
|
|
|
SHARED_PROFILE_STORAGE: "{{ .Values.shared_profile_storage }}"
|
|
|
|
{{- range $storage := .Values.storages }}
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: storage-{{ $storage.name }}
|
|
namespace: {{ $.Values.crawler_namespace }}
|
|
|
|
type: Opaque
|
|
stringData:
|
|
STORE_ACCESS_KEY: "{{ $storage.access_key }}"
|
|
STORE_SECRET_KEY: "{{ $storage.secret_key }}"
|
|
|
|
{{- if $storage.bucket_name }}
|
|
STORE_ENDPOINT_URL: "{{ $storage.endpoint_url }}{{ $storage.bucket_name }}"
|
|
{{- else }}
|
|
STORE_ENDPOINT_URL: "{{ $storage.endpoint_url }}"
|
|
{{- end }}
|
|
|
|
{{- if $storage.access_endpoint_url }}
|
|
STORE_ACCESS_ENDPOINT_URL: "{{ $storage.access_endpoint_url }}"
|
|
{{- else if and $.Values.ingress.host $.Values.minio_local }}
|
|
STORE_ACCESS_ENDPOINT_URL: {{ $.Values.ingress.scheme | default "https" }}://{{ $.Values.ingress.host }}/data/{{ $storage.bucket_name }}/
|
|
{{- else }}
|
|
STORE_ACCESS_ENDPOINT_URL: "{{ $storage.endpoint_url }}"
|
|
{{- end }}
|
|
|
|
STORE_REGION: {{ $storage.region | default "" }}
|
|
|
|
{{- if $.Values.signer.auth_token }}
|
|
WACZ_SIGN_TOKEN: "{{ $.Values.signer.auth_token }}"
|
|
WACZ_SIGN_URL: "http://auth-signer.default:5053/sign"
|
|
{{- end }}
|
|
|
|
{{- end }}
|