670bcc8c06
- Set primary domain gitdata.ai and static.gitdata.ai with cert-manager TLS - Add LoadBalancer service for gitserver SSH (port 2222) - Exclude .server.yaml from Helm packaging
190 lines
3.6 KiB
YAML
190 lines
3.6 KiB
YAML
# Global image registry and tag
|
|
imageRegistry: ""
|
|
imageTag: ""
|
|
|
|
# External ConfigMap (managed outside Helm)
|
|
configMapName: "app-env"
|
|
|
|
# Service definitions
|
|
services:
|
|
app:
|
|
repository: app
|
|
port: 3000
|
|
replicaCount: 2
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 2
|
|
maxReplicas: 10
|
|
targetCPUUtilization: 80
|
|
command:
|
|
- "app"
|
|
- "--bind"
|
|
- "0.0.0.0:3000"
|
|
resources:
|
|
requests:
|
|
cpu: 200m
|
|
memory: 256Mi
|
|
limits:
|
|
cpu: "1"
|
|
memory: 512Mi
|
|
volumeMounts:
|
|
- name: shared-data
|
|
mountPath: /data/repos
|
|
subPath: repos
|
|
- name: shared-data
|
|
mountPath: /data/avatars
|
|
subPath: avatars
|
|
- name: shared-data
|
|
mountPath: /data/files
|
|
subPath: files
|
|
|
|
email_worker:
|
|
repository: email-worker
|
|
port: 8084
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: false # email must stay at 1 replica
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
|
|
git_hook:
|
|
repository: git-hook
|
|
port: 8083
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 1
|
|
maxReplicas: 5
|
|
targetCPUUtilization: 80
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
volumeMounts:
|
|
- name: shared-data
|
|
mountPath: /data/repos
|
|
subPath: repos
|
|
|
|
gitserver:
|
|
repository: gitserver
|
|
ports:
|
|
http: 8021
|
|
ssh: 2222
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 1
|
|
maxReplicas: 5
|
|
targetCPUUtilization: 80
|
|
# SSH port must match the containerPort
|
|
extraEnv:
|
|
APP_SSH_PORT: "2222"
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
volumeMounts:
|
|
- name: shared-data
|
|
mountPath: /data/repos
|
|
subPath: repos
|
|
|
|
metrics_aggregator:
|
|
repository: metrics-aggregator
|
|
port: 9090
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 1
|
|
maxReplicas: 5
|
|
targetCPUUtilization: 80
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
|
|
static_server:
|
|
repository: static-server
|
|
port: 8081
|
|
replicaCount: 1
|
|
autoscaling:
|
|
enabled: true
|
|
minReplicas: 1
|
|
maxReplicas: 5
|
|
targetCPUUtilization: 80
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 64Mi
|
|
limits:
|
|
cpu: 200m
|
|
memory: 128Mi
|
|
volumeMounts:
|
|
- name: shared-data
|
|
mountPath: /data
|
|
subPath: static
|
|
|
|
# External PVC (managed outside Helm — not deleted on uninstall)
|
|
pvcName: "shared-data"
|
|
|
|
# Ingress — handled by gingress controller
|
|
ingress:
|
|
enabled: true
|
|
className: "gingress"
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
|
hosts:
|
|
- host: gitdata.ai
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
serviceName: app
|
|
servicePort: 3000
|
|
- host: static.gitdata.ai
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
serviceName: static_server
|
|
servicePort: 8081
|
|
tls:
|
|
- secretName: gitdata-ai-tls
|
|
hosts:
|
|
- gitdata.ai
|
|
- static.gitdata.ai
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
create: true
|
|
automount: true
|
|
annotations: {}
|
|
name: ""
|
|
|
|
podSecurityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
|
|
securityContext:
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
|
|
nodeSelector: {}
|
|
tolerations: []
|
|
affinity: {} |