tea/browsertrix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
aabb0b2a92
browsertrix/chart/templates/secrets.yaml
Ilya Kreymer aabb0b2a92
chart / deployment fixes to run on microk8s: (fixes #385) (#387) 
- ingress: fix proxying /data to minio, use another ingress which proxies correct host to ensure presigned urls work
- presigning: determine if signing endpoint url (minio) or access endpoint (cloud bucket) based on if access endpoint is provided, set bool on storage object
- chart: fix indent on incorrect storageClassName configs
- ingress: make 'ingress_class' configurable (set to 'public' for microk8s, default to 'nginx')
- minio: use older minio image which supports legacy fs based setup (for now)
- nginx service: add 'nginx_service_use_node_port' config setting: if true, will use NodePort for frontend,
other will use default (ClusterIP) and only for the frontend / nginx
- chart: remove changing service type for other services
2022-11-30 09:21:58 -08:00

69 lines
2.0 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Secret
metadata:
name: auth-secrets
namespace: {{ .Release.Namespace }}
type: Opaque
stringData:
PASSWORD_SECRET: "{{ .Values.api_password_secret }}"
{{- if .Values.minio_local }}
{{- with (first .Values.storages) }}
MINIO_ROOT_USER: "{{ .access_key }}"
MINIO_ROOT_PASSWORD: "{{ .secret_key }}"
MC_HOST: "{{ $.Values.minio_scheme }}://{{ .access_key }}:{{ .secret_key }}@{{ $.Values.minio_host }}"
{{- end }}
{{- end }}
EMAIL_SMTP_PORT: "{{ .Values.email.smtp_port }}"
EMAIL_SMTP_HOST: "{{ .Values.email.smtp_host }}"
EMAIL_SENDER: "{{ .Values.email.sender_email }}"
EMAIL_PASSWORD: "{{ .Values.email.password }}"
SUPERUSER_EMAIL: "{{ .Values.superuser.email }}"
SUPERUSER_PASSWORD: "{{ .Values.superuser.password }}"
SHARED_PROFILE_STORAGE: "{{ .Values.shared_profile_storage }}"
{{- range $storage := .Values.storages }}
---
apiVersion: v1
kind: Secret
metadata:
name: storage-{{ $storage.name }}
namespace: {{ $.Values.crawler_namespace }}
type: Opaque
stringData:
STORE_ACCESS_KEY: "{{ $storage.access_key }}"
STORE_SECRET_KEY: "{{ $storage.secret_key }}"
{{- if $storage.bucket_name }}
STORE_ENDPOINT_URL: "{{ $storage.endpoint_url }}{{ $storage.bucket_name }}/"
{{- else }}
STORE_ENDPOINT_URL: "{{ $storage.endpoint_url }}"
{{- end }}
{{- if $storage.access_endpoint_url }}
STORE_ACCESS_ENDPOINT_URL: "{{ $storage.access_endpoint_url }}/"
STORE_USE_ACCESS_FOR_PRESIGN: "1"
{{- else if and $.Values.ingress.host $.Values.minio_local }}
STORE_ACCESS_ENDPOINT_URL: {{ $.Values.ingress.scheme | default "https" }}://{{ $.Values.ingress.host }}/data/{{ $storage.bucket_name }}/
STORE_USE_ACCESS_FOR_PRESIGN: "0"
{{- else }}
STORE_ACCESS_ENDPOINT_URL: "{{ $storage.endpoint_url }}"
STORE_USE_ACCESS_FOR_PRESIGN: "0"
{{- end }}
STORE_REGION: "{{ $storage.region }}"
{{- if $.Values.signer.auth_token }}
WACZ_SIGN_TOKEN: "{{ $.Values.signer.auth_token }}"
WACZ_SIGN_URL: "http://auth-signer.default:5053/sign"
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink