mirror of
https://github.com/rtomik/helm-charts.git
synced 2026-04-09 03:30:46 +00:00
Compare commits
1 Commits
donetick-1
...
donetick-1
| Author | SHA1 | Date | |
|---|---|---|---|
| c81bb1bbd1 |
@ -2,7 +2,7 @@ apiVersion: v2
|
|||||||
name: donetick
|
name: donetick
|
||||||
description: Donetick helm chart for Kubernetes
|
description: Donetick helm chart for Kubernetes
|
||||||
type: application
|
type: application
|
||||||
version: 1.0.2
|
version: 1.0.3
|
||||||
appVersion: "v0.1.60"
|
appVersion: "v0.1.60"
|
||||||
maintainers:
|
maintainers:
|
||||||
- name: Richard Tomik
|
- name: Richard Tomik
|
||||||
|
|||||||
@ -107,11 +107,18 @@ config:
|
|||||||
type: "postgres"
|
type: "postgres"
|
||||||
host: "postgresql.database.svc.cluster.local"
|
host: "postgresql.database.svc.cluster.local"
|
||||||
port: 5432
|
port: 5432
|
||||||
user: "donetick"
|
|
||||||
name: "donetick"
|
name: "donetick"
|
||||||
# Use existing secret for database credentials
|
|
||||||
existingSecret: "donetick-db-secret"
|
# Use existing secret for postgres credentials
|
||||||
passwordKey: "postgresql-password"
|
database:
|
||||||
|
type: "postgres"
|
||||||
|
host: "postgresql.database.svc.cluster.local"
|
||||||
|
port: 5432
|
||||||
|
name: "donetick"
|
||||||
|
secrets:
|
||||||
|
existingSecret: "donetick-postgres-secret"
|
||||||
|
userKey: "username"
|
||||||
|
passwordKey: "password"
|
||||||
|
|
||||||
# Use existing secret for JWT
|
# Use existing secret for JWT
|
||||||
jwt:
|
jwt:
|
||||||
@ -179,9 +186,10 @@ ingress:
|
|||||||
Create the required secrets:
|
Create the required secrets:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# Database secret
|
# Postgres secret
|
||||||
kubectl create secret generic donetick-db-secret \
|
kubectl create secret generic donetick-postgres-secret \
|
||||||
--from-literal=postgresql-password='your-secure-db-password'
|
--from-literal=username='donetick' \
|
||||||
|
--from-literal=password='your-secure-db-password'
|
||||||
|
|
||||||
# JWT secret
|
# JWT secret
|
||||||
kubectl create secret generic donetick-jwt-secret \
|
kubectl create secret generic donetick-jwt-secret \
|
||||||
@ -234,12 +242,9 @@ helm uninstall donetick
|
|||||||
| `config.oauth2.existingSecret` | Name of existing secret for OAuth2 credentials | `""` |
|
| `config.oauth2.existingSecret` | Name of existing secret for OAuth2 credentials | `""` |
|
||||||
| `config.oauth2.clientIdKey` | Key in the existing secret for OAuth2 client ID | `"client-id"` |
|
| `config.oauth2.clientIdKey` | Key in the existing secret for OAuth2 client ID | `"client-id"` |
|
||||||
| `config.oauth2.clientSecretKey` | Key in the existing secret for OAuth2 client secret | `"client-secret"` |
|
| `config.oauth2.clientSecretKey` | Key in the existing secret for OAuth2 client secret | `"client-secret"` |
|
||||||
| `config.database.existingSecret` | Name of existing secret for database credentials | `""` |
|
| `config.database.secrets.existingSecret` | Name of existing secret for postgres credentials | `""` |
|
||||||
| `config.database.hostKey` | Key in the existing secret for database host | `"db-host"` |
|
| `config.database.secrets.userKey` | Key in the existing secret for postgres username | `"username"` |
|
||||||
| `config.database.portKey` | Key in the existing secret for database port | `"db-port"` |
|
| `config.database.secrets.passwordKey` | Key in the existing secret for postgres password | `"password"` |
|
||||||
| `config.database.userKey` | Key in the existing secret for database user | `"db-user"` |
|
|
||||||
| `config.database.passwordKey` | Key in the existing secret for database password | `"db-password"` |
|
|
||||||
| `config.database.nameKey` | Key in the existing secret for database name | `"db-name"` |
|
|
||||||
|
|
||||||
### Deployment parameters
|
### Deployment parameters
|
||||||
|
|
||||||
|
|||||||
@ -23,14 +23,18 @@ data:
|
|||||||
migration_retry: {{ .Values.config.database.migration_retry }}
|
migration_retry: {{ .Values.config.database.migration_retry }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if eq .Values.config.database.type "postgres" }}
|
{{- if eq .Values.config.database.type "postgres" }}
|
||||||
{{- if not .Values.config.database.existingSecret }}
|
{{- if not .Values.config.database.secrets.existingSecret }}
|
||||||
host: {{ .Values.config.database.host | quote }}
|
host: {{ .Values.config.database.host | quote }}
|
||||||
port: {{ .Values.config.database.port }}
|
port: {{ .Values.config.database.port }}
|
||||||
user: {{ .Values.config.database.user | quote }}
|
user: {{ .Values.config.database.user | quote }}
|
||||||
password: {{ .Values.config.database.password | quote }}
|
password: {{ .Values.config.database.password | quote }}
|
||||||
name: {{ .Values.config.database.name | quote }}
|
name: {{ .Values.config.database.name | quote }}
|
||||||
{{- else }}
|
{{- else }}
|
||||||
# Database credentials will be injected via environment variables from Secret
|
# Database host, port, and name from values, credentials from Secret
|
||||||
|
host: {{ .Values.config.database.host | quote }}
|
||||||
|
port: {{ .Values.config.database.port }}
|
||||||
|
name: {{ .Values.config.database.name | quote }}
|
||||||
|
# Username and password will be injected via environment variables from Secret
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
jwt:
|
jwt:
|
||||||
|
|||||||
@ -88,7 +88,7 @@ spec:
|
|||||||
- name: {{ .name }}
|
- name: {{ .name }}
|
||||||
value: {{ .value | quote }}
|
value: {{ .value | quote }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if or .Values.config.jwt.existingSecret .Values.config.oauth2.existingSecret .Values.config.database.existingSecret }}
|
{{- if or .Values.config.jwt.existingSecret .Values.config.oauth2.existingSecret .Values.config.database.secrets.existingSecret }}
|
||||||
# Secret-based environment variables
|
# Secret-based environment variables
|
||||||
{{- if .Values.config.jwt.existingSecret }}
|
{{- if .Values.config.jwt.existingSecret }}
|
||||||
- name: DT_JWT_SECRET
|
- name: DT_JWT_SECRET
|
||||||
@ -109,32 +109,17 @@ spec:
|
|||||||
name: {{ .Values.config.oauth2.existingSecret }}
|
name: {{ .Values.config.oauth2.existingSecret }}
|
||||||
key: {{ .Values.config.oauth2.clientSecretKey }}
|
key: {{ .Values.config.oauth2.clientSecretKey }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if and .Values.config.database.existingSecret (eq .Values.config.database.type "postgres") }}
|
{{- if and .Values.config.database.secrets.existingSecret (eq .Values.config.database.type "postgres") }}
|
||||||
- name: DT_DB_HOST
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ .Values.config.database.existingSecret }}
|
|
||||||
key: {{ .Values.config.database.hostKey }}
|
|
||||||
- name: DT_DB_PORT
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ .Values.config.database.existingSecret }}
|
|
||||||
key: {{ .Values.config.database.portKey }}
|
|
||||||
- name: DT_DB_USER
|
- name: DT_DB_USER
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ .Values.config.database.existingSecret }}
|
name: {{ .Values.config.database.secrets.existingSecret }}
|
||||||
key: {{ .Values.config.database.userKey }}
|
key: {{ .Values.config.database.secrets.userKey }}
|
||||||
- name: DT_DB_PASSWORD
|
- name: DT_DB_PASSWORD
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: {{ .Values.config.database.existingSecret }}
|
name: {{ .Values.config.database.secrets.existingSecret }}
|
||||||
key: {{ .Values.config.database.passwordKey }}
|
key: {{ .Values.config.database.secrets.passwordKey }}
|
||||||
- name: DT_DB_NAME
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ .Values.config.database.existingSecret }}
|
|
||||||
key: {{ .Values.config.database.nameKey }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- with .Values.extraEnv }}
|
{{- with .Values.extraEnv }}
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
{{- if or (not .Values.config.jwt.existingSecret) (and (not .Values.config.oauth2.existingSecret) (or .Values.config.oauth2.client_id .Values.config.oauth2.client_secret)) (and (eq .Values.config.database.type "postgres") (not .Values.config.database.existingSecret)) }}
|
{{- if or (not .Values.config.jwt.existingSecret) (and (not .Values.config.oauth2.existingSecret) (or .Values.config.oauth2.client_id .Values.config.oauth2.client_secret)) (and (eq .Values.config.database.type "postgres") (not .Values.config.database.secrets.existingSecret)) }}
|
||||||
apiVersion: v1
|
apiVersion: v1
|
||||||
kind: Secret
|
kind: Secret
|
||||||
metadata:
|
metadata:
|
||||||
@ -10,8 +10,8 @@ data:
|
|||||||
{{- if not .Values.config.jwt.existingSecret }}
|
{{- if not .Values.config.jwt.existingSecret }}
|
||||||
{{ .Values.config.jwt.secretKey }}: {{ .Values.config.jwt.secret | b64enc }}
|
{{ .Values.config.jwt.secretKey }}: {{ .Values.config.jwt.secret | b64enc }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if and (eq .Values.config.database.type "postgres") (not .Values.config.database.existingSecret) }}
|
{{- if and (eq .Values.config.database.type "postgres") (not .Values.config.database.secrets.existingSecret) }}
|
||||||
{{ .Values.config.database.passwordKey }}: {{ .Values.config.database.password | b64enc }}
|
{{ .Values.config.database.secrets.passwordKey }}: {{ .Values.config.database.password | b64enc }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
{{- if and (not .Values.config.oauth2.existingSecret) .Values.config.oauth2.client_id }}
|
{{- if and (not .Values.config.oauth2.existingSecret) .Values.config.oauth2.client_id }}
|
||||||
{{ .Values.config.oauth2.clientIdKey }}: {{ .Values.config.oauth2.client_id | b64enc }}
|
{{ .Values.config.oauth2.clientIdKey }}: {{ .Values.config.oauth2.client_id | b64enc }}
|
||||||
|
|||||||
@ -157,21 +157,17 @@ config:
|
|||||||
# Migration options
|
# Migration options
|
||||||
migration_skip: false # Set to true to skip database migrations
|
migration_skip: false # Set to true to skip database migrations
|
||||||
migration_retry: 3 # Number of retries for failed migrations
|
migration_retry: 3 # Number of retries for failed migrations
|
||||||
|
|
||||||
# These are only required for postgres - direct configuration
|
# These are only required for postgres
|
||||||
host: ""
|
host: ""
|
||||||
port: 5432
|
port: 5432
|
||||||
user: ""
|
|
||||||
password: ""
|
|
||||||
name: ""
|
name: ""
|
||||||
|
|
||||||
# Secret configuration for database credentials
|
# Secret configuration for postgres credentials
|
||||||
existingSecret: "" # Name of existing Kubernetes secret
|
secrets:
|
||||||
hostKey: "db-host" # Key in the secret for database host
|
existingSecret: "" # Name of existing Kubernetes secret containing postgres credentials
|
||||||
portKey: "db-port" # Key in the secret for database port
|
userKey: "username" # Key in the secret for database username
|
||||||
userKey: "db-user" # Key in the secret for database user
|
passwordKey: "password" # Key in the secret for database password
|
||||||
passwordKey: "db-password" # Key in the secret for database password
|
|
||||||
nameKey: "db-name" # Key in the secret for database name
|
|
||||||
|
|
||||||
# Security settings
|
# Security settings
|
||||||
# For production, use a generated secret and store in a Kubernetes Secret
|
# For production, use a generated secret and store in a Kubernetes Secret
|
||||||
|
|||||||
Reference in New Issue
Block a user