Compare commits
3 Commits
e612043e5f
...
82a928c96a
| Author | SHA1 | Date | |
|---|---|---|---|
|
82a928c96a | ||
|
|
8cf6415e15 | ||
|
|
3034c7f391 |
@ -2,6 +2,16 @@
|
||||
{{- $fullName := include "admin.fullname" . -}}
|
||||
{{- $ns := include "admin.namespace" . -}}
|
||||
{{- $hosts := .Values.admin.ingress.hosts | default list -}}
|
||||
{{- $tlsSecret := .Values.admin.ingress.tlsSecret | default "" -}}
|
||||
{{- $useCertManager := $.Values.certManager.enabled -}}
|
||||
{{- $secretName := "" -}}
|
||||
{{- if ne $tlsSecret "" -}}
|
||||
{{- $secretName = $tlsSecret -}}
|
||||
{{- else if $useCertManager -}}
|
||||
{{- $secretName = printf "%s-admin-tls" $fullName -}}
|
||||
{{- end -}}
|
||||
{{- $tlsEnabled := or $useCertManager (ne $tlsSecret "") -}}
|
||||
{{- $addCertManagerAnnotation := and $useCertManager (eq $tlsSecret "") -}}
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
@ -14,7 +24,7 @@ metadata:
|
||||
{{- if .Values.admin.ingress.annotations }}
|
||||
{{- toYaml .Values.admin.ingress.annotations | nindent 4 }}
|
||||
{{- end }}
|
||||
{{- if $.Values.certManager.enabled }}
|
||||
{{- if and $addCertManagerAnnotation (not (hasKey (.Values.admin.ingress.annotations | default dict) "cert-manager.io/cluster-issuer")) }}
|
||||
cert-manager.io/cluster-issuer: {{ $.Values.certManager.clusterIssuerName }}
|
||||
{{- end }}
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: "50m"
|
||||
@ -24,17 +34,17 @@ metadata:
|
||||
nginx.ingress.kubernetes.io/enable-websocket: "true"
|
||||
spec:
|
||||
ingressClassName: nginx
|
||||
{{- if and $hosts $.Values.certManager.enabled }}
|
||||
{{- if and $hosts $tlsEnabled }}
|
||||
tls:
|
||||
{{- range $hosts }}
|
||||
- hosts:
|
||||
- {{ .host }}
|
||||
secretName: {{ $fullName }}-admin-tls
|
||||
- {{ . | toString }}
|
||||
secretName: {{ $secretName }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
rules:
|
||||
{{- range $hosts }}
|
||||
- host: {{ .host }}
|
||||
- host: {{ . | toString }}
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
|
||||
@ -33,9 +33,14 @@ admin:
|
||||
port: 3000
|
||||
|
||||
ingress:
|
||||
enabled: false
|
||||
hosts: [ ]
|
||||
annotations: { }
|
||||
enabled: true
|
||||
hosts:
|
||||
- admin.gitdata.me
|
||||
# tlsSecret: my-tls-secret # uncomment to use a pre-existing TLS secret (overrides cert-manager auto-issue)
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: cloudflare-acme-cluster-issuer # auto-set by template when certManager.enabled=true
|
||||
kubernetes.io/ingress.class: nginx
|
||||
|
||||
|
||||
resources:
|
||||
requests:
|
||||
@ -64,15 +69,25 @@ admin:
|
||||
redisUrl: APP_REDIS_URL
|
||||
nextAuthSecret: APP_NEXTAUTH_SECRET
|
||||
|
||||
env: [ ]
|
||||
env:
|
||||
DATABASE_URL: "postgresql://gitdataai:gitdataai123@cnpg-cluster-rw.cnpg:5432/gitdataai?sslmode=disable"
|
||||
REDIS_CLUSTER_URLS: "redis://:redis123@valkey-cluster.valkey-cluster.svc.cluster.local:6379"
|
||||
REDIS_URL: "redis://:redis123@valkey-cluster.valkey-cluster.svc.cluster.local:6379"
|
||||
ADMIN_SESSION_COOKIE_NAME: admin_session
|
||||
ADMIN_SESSION_TTL: 604800
|
||||
ADMIN_SUPER_USERNAME: admin
|
||||
ADMIN_SUPER_PASSWORD: admin123
|
||||
COOKIE_SECURE: false
|
||||
COOKIE_SAME_SITE: lax
|
||||
|
||||
|
||||
nodeSelector: { }
|
||||
tolerations: [ ]
|
||||
affinity: { }
|
||||
|
||||
secrets:
|
||||
enabled: false
|
||||
databaseUrl: ""
|
||||
redisUrl: ""
|
||||
enabled: true
|
||||
databaseUrl: "postgresql://gitdataai:gitdataai123@cnpg-cluster-rw.cnpg:5432/gitdataai?sslmode=disable"
|
||||
redisUrl: "redis://:redis123@valkey-cluster.valkey-cluster.svc.cluster.local:6379"
|
||||
nextAuthSecret: ""
|
||||
extra: { }
|
||||
|
||||
Loading…
Reference in New Issue
Block a user