tea/browsertrix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
82ffc0dfbc
browsertrix/chart/templates/secrets.yaml
Ilya Kreymer 82ffc0dfbc
Local Deployment Work: Support running locally + test cluster on CI (#396) 
* k8s local deployment work:
- make it easier to deploy w/o ingress by setting 'local_service_port' (suggested port 30870)
- if using local minio, ensure file endpoints set to /data/ and /data/ proxies correctly to local bucket
- if not using minio, ensure file endpoints point to correct access / endpoint url.
- setup should work with docker desktop, minikube, microk8s and k3s!
- nginx chart: bump nginx memory limit to 20Mi
- nginx image: 00-default-override-resolver-config -> 00-browsertrix-nginx-init for clarity
- nginx image: use default nginx.conf, pin to nginx 1.23.2
- mongo: readd readiness probe, bump connect wait timeout (needed for ci)
- config: set superadmin username to 'admin'
- config schema: set 'name' as required 
- add sample chart values overrides:
- chart values: local-config.yaml for running locally with 'local_service_port'
- chart values: add microk8s-hosted.yaml for configuring a hosted microk8s setup
- chart values: add microk8s-ci.yaml for ci tests
- ci: remove docker swarm tests
- ci: add microk8s integration tests: launching cluster, logging in, running a crawl of example.com, downloading/checking WACZ
- bump to 1.1.0-beta.2
2022-12-02 19:58:34 -08:00

70 lines
1.9 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Secret
metadata:
name: auth-secrets
namespace: {{ .Release.Namespace }}
type: Opaque
stringData:
PASSWORD_SECRET: "{{ .Values.api_password_secret }}"
{{- if .Values.minio_local }}
{{- with (first .Values.storages) }}
MINIO_ROOT_USER: "{{ .access_key }}"
MINIO_ROOT_PASSWORD: "{{ .secret_key }}"
MC_HOST: "{{ $.Values.minio_scheme }}://{{ .access_key }}:{{ .secret_key }}@{{ $.Values.minio_host }}"
{{- end }}
{{- end }}
EMAIL_SMTP_PORT: "{{ .Values.email.smtp_port }}"
EMAIL_SMTP_HOST: "{{ .Values.email.smtp_host }}"
EMAIL_SENDER: "{{ .Values.email.sender_email }}"
EMAIL_PASSWORD: "{{ .Values.email.password }}"
SUPERUSER_EMAIL: "{{ .Values.superuser.email }}"
SUPERUSER_PASSWORD: "{{ .Values.superuser.password }}"
SHARED_PROFILE_STORAGE: "{{ .Values.shared_profile_storage }}"
{{- range $storage := .Values.storages }}
---
apiVersion: v1
kind: Secret
metadata:
name: storage-{{ $storage.name }}
namespace: {{ $.Values.crawler_namespace }}
type: Opaque
stringData:
STORE_ACCESS_KEY: "{{ $storage.access_key }}"
STORE_SECRET_KEY: "{{ $storage.secret_key }}"
{{- if $storage.bucket_name }}
STORE_ENDPOINT_URL: "{{ $storage.endpoint_url }}{{ $storage.bucket_name }}/"
{{- else }}
STORE_ENDPOINT_URL: "{{ $storage.endpoint_url }}"
{{- end }}
{{- if $.Values.minio_local }}
#STORE_ACCESS_ENDPOINT_URL: "/data/{{ $storage.bucket_name }}/"
STORE_ACCESS_ENDPOINT_URL: "/data/"
STORE_USE_ACCESS_FOR_PRESIGN: "0"
{{- else if $storage.access_endpoint_url }}
STORE_ACCESS_ENDPOINT_URL: "{{ $storage.access_endpoint_url }}"
STORE_USE_ACCESS_FOR_PRESIGN: "1"
{{- else }}
STORE_ACCESS_ENDPOINT_URL: "{{ $storage.endpoint_url }}"
STORE_USE_ACCESS_FOR_PRESIGN: "1"
{{- end }}
STORE_REGION: "{{ $storage.region }}"
{{- if $.Values.signer.auth_token }}
WACZ_SIGN_TOKEN: "{{ $.Values.signer.auth_token }}"
WACZ_SIGN_URL: "http://auth-signer.default:5053/sign"
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink