meet/src/helm/env.d/dev/values.meet.yaml.gotmpl

secrets:
  - name: oidcLogin
    itemId: a25effec-eaea-4ce1-9ed8-3a3cc1c734db
    field: username
    podVariable: OIDC_RP_CLIENT_ID
    clusterSecretStore: bitwarden-login-meet
  - name: oidcPass
    itemId: a25effec-eaea-4ce1-9ed8-3a3cc1c734db
    field: password
    podVariable: OIDC_RP_CLIENT_SECRET
    clusterSecretStore: bitwarden-login-meet
  - name: brevoApiKey
    itemId: 99107889-6124-4436-97cc-a5193f28443f
    field: password
    podVariable: BREVO_API_KEY
    clusterSecretStore: bitwarden-login-meet
image:
  repository: localhost:5001/meet-backend
  pullPolicy: Always
  tag: "latest"

backend:
  replicas: 1
  envVars:
    DJANGO_CSRF_TRUSTED_ORIGINS: https://meet.127.0.0.1.nip.io,http://meet.127.0.0.1.nip.io
    DJANGO_CONFIGURATION: Production
    DJANGO_ALLOWED_HOSTS: meet.127.0.0.1.nip.io
    DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }}
    DJANGO_SETTINGS_MODULE: meet.settings
    DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008
    DJANGO_SUPERUSER_PASSWORD: admin
    DJANGO_EMAIL_HOST: "mailcatcher"
    DJANGO_EMAIL_PORT: 1025
    DJANGO_EMAIL_USE_SSL: False
    DJANGO_EMAIL_BRAND_NAME: "La Suite Numérique"
    DJANGO_EMAIL_SUPPORT_EMAIL: "test@yopmail.com"
    DJANGO_EMAIL_LOGO_IMG: https://meet.127.0.0.1.nip.io/assets/logo-suite-numerique.png
    DJANGO_EMAIL_DOMAIN: meet.127.0.0.1.nip.io
    DJANGO_EMAIL_APP_BASE_URL: https://meet.127.0.0.1.nip.io
    OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
    OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
    OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
    OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
    OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end
    OIDC_RP_CLIENT_ID:
      secretKeyRef:
        name: backend
        key: OIDC_RP_CLIENT_ID
    OIDC_RP_CLIENT_SECRET:
      secretKeyRef:
        name: backend
        key: OIDC_RP_CLIENT_SECRET
    OIDC_RP_SIGN_ALGO: RS256
    OIDC_RP_SCOPES: "openid email given_name usual_name"
    OIDC_REDIRECT_ALLOWED_HOSTS: https://meet.127.0.0.1.nip.io
    OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
    LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io
    LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io
    LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io
    DB_HOST: postgres
    DB_NAME: meet
    DB_USER: dinum
    DB_PASSWORD: pass
    DB_PORT: 5432
    REDIS_URL: redis://default:pass@redis-master:6379/1
    STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
    {{- with .Values.livekit.keys }}
    {{- range $key, $value := . }}
    LIVEKIT_API_SECRET: {{ $value }}
    LIVEKIT_API_KEY: {{ $key }}
    {{- end }}
    {{- end }}
    LIVEKIT_API_URL: https://livekit.127.0.0.1.nip.io/
    LIVEKIT_WEBHOOK_EVENTS_FILTER_REGEX: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
    ALLOW_UNREGISTERED_ROOMS: False
    FRONTEND_SILENCE_LIVEKIT_DEBUG: False
    FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
    AWS_S3_ACCESS_KEY_ID: meet
    AWS_S3_SECRET_ACCESS_KEY: password
    AWS_STORAGE_BUCKET_NAME: meet-media-storage
    AWS_S3_REGION_NAME: local
    RECORDING_ENABLE: True
    RECORDING_STORAGE_EVENT_ENABLE: True
    RECORDING_STORAGE_EVENT_TOKEN: password
    SUMMARY_SERVICE_ENDPOINT: http://meet-summary:80/api/v1/tasks/
    SUMMARY_SERVICE_API_TOKEN: password
    RECORDING_DOWNLOAD_BASE_URL: https://meet.127.0.0.1.nip.io/recording
    SIGNUP_NEW_USER_TO_MARKETING_EMAIL: True
    BREVO_API_KEY:
      secretKeyRef:
        name: backend
        key: BREVO_API_KEY
    BREVO_API_CONTACT_LIST_IDS: 8
    ROOM_TELEPHONY_ENABLED: True
    SSL_CERT_FILE: /usr/local/lib/python3.13/site-packages/certifi/cacert.pem


  migrate:
    command:
      - "/bin/sh"
      - "-c"
      - |
        python manage.py migrate --no-input
    restartPolicy: Never

  command:
    - "gunicorn"
    - "-c"
    - "/usr/local/etc/gunicorn/meet.py"
    - "meet.wsgi:application"
    - "--reload"

  createsuperuser:
    command:
      - "/bin/sh"
      - "-c"
      - |
        python manage.py createsuperuser --email admin@example.com --password admin
    restartPolicy: Never

  # Extra volume mounts to manage our local custom CA and avoid to set ssl_verify: false
  extraVolumeMounts:
    - name: certs
      mountPath: /usr/local/lib/python3.13/site-packages/certifi/cacert.pem
      subPath: cacert.pem

  # Extra volumes to manage our local custom CA and avoid to set ssl_verify: false
  extraVolumes:
    - name: certs
      configMap:
        name: certifi
        items:
        - key: cacert.pem
          path: cacert.pem

frontend:
  envVars:
    VITE_APP_TITLE: "LaSuite Meet"
    VITE_PORT: 8080
    VITE_HOST: 0.0.0.0
    VITE_API_BASE_URL: https://meet.127.0.0.1.nip.io/

  replicas: 1

  image:
    repository: localhost:5001/meet-frontend
    pullPolicy: Always
    tag: "latest"

ingress:
  enabled: true
  host: meet.127.0.0.1.nip.io

ingressAdmin:
  enabled: true
  host: meet.127.0.0.1.nip.io

posthog:
  ingress:
    enabled: false

  ingressAssets:
    enabled: false

summary:
  replicas: 1
  envVars:
    APP_NAME: summary-microservice
    APP_API_TOKEN: password
    AWS_STORAGE_BUCKET_NAME: meet-media-storage
    AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000
    AWS_S3_ACCESS_KEY_ID: meet
    AWS_S3_SECRET_ACCESS_KEY: password
    AWS_S3_SECURE_ACCESS: False
    WHISPERX_API_KEY: your-secret-value
    WHISPERX_BASE_URL: https://configure-your-url.com
    WHISPERX_ASR_MODEL: large-v2
    LLM_BASE_URL: https://configure-your-url.com
    LLM_API_KEY: your-secret-value
    LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct
    WEBHOOK_API_TOKEN: password
    WEBHOOK_URL: https://www.mock-impress.com/webhook/
    CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1
    CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1

  image:
    repository: localhost:5001/meet-summary
    pullPolicy: Always
    tag: "latest"

  command:
    - "uvicorn"
    - "summary.main:app"
    - "--host"
    - "0.0.0.0"
    - "--port"
    - "8000"
    - "--reload"

celeryTranscribe:
  replicas: 1
  envVars:
    APP_NAME: summary-microservice
    APP_API_TOKEN: password
    AWS_STORAGE_BUCKET_NAME: meet-media-storage
    AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000
    AWS_S3_ACCESS_KEY_ID: meet
    AWS_S3_SECRET_ACCESS_KEY: password
    AWS_S3_SECURE_ACCESS: False
    WHISPERX_API_KEY: your-secret-value
    WHISPERX_BASE_URL: https://configure-your-url.com
    WHISPERX_ASR_MODEL: large-v2
    LLM_BASE_URL: https://configure-your-url.com
    LLM_API_KEY: your-secret-value
    LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct
    WEBHOOK_API_TOKEN: password
    WEBHOOK_URL: https://www.mock-impress.com/webhook/
    CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1
    CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1
    TASK_TRACKER_REDIS_URL: redis://default:pass@redis-master:6379/1

  image:
    repository: localhost:5001/meet-summary
    pullPolicy: Always
    tag: "latest"

  command:
    - "celery"
    - "-A"
    - "summary.core.celery_worker"
    - "worker"
    - "--pool=solo"
    - "--loglevel=info"
    - "-Q transcribe-queue"

celerySummarize:
  replicas: 1
  envVars:
    APP_NAME: summary-microservice
    APP_API_TOKEN: password
    AWS_STORAGE_BUCKET_NAME: meet-media-storage
    AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000
    AWS_S3_ACCESS_KEY_ID: meet
    AWS_S3_SECRET_ACCESS_KEY: password
    AWS_S3_SECURE_ACCESS: False
    WHISPERX_API_KEY: your-secret-value
    WHISPERX_BASE_URL: https://configure-your-url.com
    WHISPERX_ASR_MODEL: large-v2
    LLM_BASE_URL: https://configure-your-url.com
    LLM_API_KEY: your-secret-value
    LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct
    WEBHOOK_API_TOKEN: password
    WEBHOOK_URL: https://www.mock-impress.com/webhook/
    CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1
    CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1
    TASK_TRACKER_REDIS_URL: redis://default:pass@redis-master:6379/1

  image:
    repository: localhost:5001/meet-summary
    pullPolicy: Always
    tag: "latest"

  command:
    - "celery"
    - "-A"
    - "summary.core.celery_worker"
    - "worker"
    - "--pool=solo"
    - "--loglevel=info"
    - "-Q summarize-queue"

ingressMedia:
  enabled: true
  host: meet.127.0.0.1.nip.io

  annotations:
    nginx.ingress.kubernetes.io/auth-url: https://meet.127.0.0.1.nip.io/api/v1.0/recordings/media-auth/
    nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256"
    nginx.ingress.kubernetes.io/upstream-vhost: minio.meet.svc.cluster.local:9000
    nginx.ingress.kubernetes.io/rewrite-target: /meet-media-storage/$1

serviceMedia:
  host: minio.meet.svc.cluster.local
  port: 9000