diff --git a/api/helm/helm/Chart.yaml.twig b/api/helm/helm/Chart.yaml.twig deleted file mode 100644 index 821c26b..0000000 --- a/api/helm/helm/Chart.yaml.twig +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -appVersion: {{ app_version }} -description: '{{ app_description }}' -name: {{ app_name|replace({' ': ''})|lower }} -version: 0.1.0 -home: https://common-ground.dev -icon: https://common-ground.dev/logo-250x250.png \ No newline at end of file diff --git a/api/helm/helm/Values.yaml.twig b/api/helm/helm/Values.yaml.twig deleted file mode 100644 index 33aebbd..0000000 --- a/api/helm/helm/Values.yaml.twig +++ /dev/null @@ -1,115 +0,0 @@ -# Default values for api. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -settings: - registryBase: {{ container_registry_base }} - projectName: {{ container_project_name }} - name: {{ app_name }} - title: {{ app_title }} - version: {{ app_version }} - description: '{{ app_description }}' - repro: {{ app_repro }}' - demo: {{ app_demo }} - env: {{ app_env }} - debug: {{ app_debug }} - replicaCount: 1 - corsAllowOrigin: ['*'] - trustedHosts: '^(.+\.)?common-ground\.dev$|^(.+\.)?zaakonline\.nl$|^(.+\.)?conduction\.nl$|^example\.com$|^(.+\.)?178.128.142.152$|178.128.142.152|localhost' - pullPolicy: Always - # You will need these proxies on kubernetes - trustedProxies: - - 10.0.0.0/8 - - 172.16.0.0/12 - - 192.168.0.0/16 - # If you are runnig a single component on a kubernetes cluster you can just easaliy enable the load balancer, if not you need to set up a multi component load balancer - loadbalancerEnabled: false - # If you want to enable NLX you are requered to add the appropreate certificates to you nlx-settings folder (located in the /api folder) - nlxInwayEnabled: {{ nlx_inway }} - # If you are runnig a single component on a kubernetes cluster you can just easaliy enable the load balancer, if not you need to set up a multi component load balancer - notificationEnabled: false - audittrailEnabled: false - authorisationEnabled: false - healthEnabled: false - archiveEnabled: false - - -php: - repository: docker.io/conduction/protocomponent-php - tag: latest - mercure: - jwtSecret: "" - env: prod - secret: "" - -nginx: - repository: docker.io/conduction/protocomponent-nginx - tag: latest - pullPolicy: Always - replicaCount: 1 - -varnish: - enabled: true - #url: https://example.com - repository: docker.io/conduction/protocomponent-varnish - tag: latest - pullPolicy: Always - replicaCount: 1 - -postgresql: - enabled: true - imageTag: 10-alpine - # If bringing your own PostgreSQL, the full uri to use - #url: pgsql://api-platform:!ChangeMe!@example.com/api?serverVersion=10.1 - postgresqlUsername: "example" - postgresqlPassword: "!ChangeMe!" - postgresqlDatabase: "api" - # Persistent Volume Storage configuration. - # ref: https://kubernetes.io/docs/user-guide/persistent-volumes - persistence: - enabled: false - pullPolicy: IfNotPresent -# image: -# repository: postgres -# tag: alpine - -mercure: - enabled: true - publishUrl: http://mercure/hub - subscribeUrl: https://mercure.example.com/hub - allowAnonymous: "1" - corsAllowedOrigins: "^https?://.*?\\.example\\.com$" - acmeHosts: "" # TODO: Fix the Mercure chart - service: - type: NodePort - port: 80 - -ingress: - annotations: - # kubernetes.io/ingress.global-static-ip-name: chart-ip - # kubernetes.io/ingress.class: gce - # kubernetes.io/tls-acme: "true" - tls: - # Secrets must be manually created in the namespace, you can also use cert-manager. - # - hosts: - # - example.com - # - mercure.example.com - hosts: - api: - host: example.com - serviceName: varnish - mercure: - host: mercure.example.com - serviceName: mercure - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi diff --git a/api/helm/templates/certificate.yaml b/api/helm/templates/certificate.yaml index 43dacaf..8509557 100644 --- a/api/helm/templates/certificate.yaml +++ b/api/helm/templates/certificate.yaml @@ -1,16 +1,11 @@ apiVersion: cert-manager.io/v1alpha2 kind: Certificate metadata: - name: {{ include "name" . }}-acme-cert + name: {{ include "name" . }}-{{ .Values.settings.env }}-cert spec: - secretName: {{ include "name" . }}-tls-cert + secretName: {{ include "name" . }}-{{ .Values.settings.env }}-cert duration: 24h renewBefore: 12h - {{- if eq .Values.settings.env "prod" }} - commonName: {{ .Values.settings.name }}.{{ .Values.settings.domain }} - {{- else }} - commonName: {{ .Values.settings.name }}.{{ .Values.settings.env }}.{{ .Values.settings.domain }} - {{- end }} dnsNames: {{- if eq .Values.settings.env "prod" }} - {{ .Values.settings.name }}.{{ .Values.settings.domain }} diff --git a/api/helm/templates/ingress.yaml b/api/helm/templates/ingress.yaml index 6b777be..8b34dc0 100644 --- a/api/helm/templates/ingress.yaml +++ b/api/helm/templates/ingress.yaml @@ -12,15 +12,14 @@ metadata: helm.sh/chart: {{ include "chart" . }} app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/managed-by: {{ .Release.Service }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} spec: tls: - hosts: + # {{- range .Values.settings.domains }} + # - {{ .domain | quote }} + # {{- end }} - {{ .Values.settings.domain }} - secretName: {{ include "name" . }}-tls-cert + secretName: {{ include "name" . }}-{{ .Values.settings.env }}-cert rules: # - host: {{ .Values.settings.name }}.{{ .Values.settings.env }}.{{ .Values.settings.domain }} # http: @@ -32,20 +31,14 @@ spec: - host: {{ .Values.settings.domain }} http: paths: - - path: /.well-known/* - backend: - serviceName: {{ include "name" . }}-letsencrypt - servicePort: 80 - - path: /* - backend: + - backend: serviceName: {{ include "name" . }} servicePort: 80 {{- else }} - host: {{ .Values.settings.env }}.{{ .Values.settings.domain }} http: paths: - - path: /* - backend: + - backend: serviceName: {{ include "name" . }} servicePort: 80 {{- end }}