secrets: - name: oidcLogin itemId: a25effec-eaea-4ce1-9ed8-3a3cc1c734db field: username podVariable: OIDC_RP_CLIENT_ID clusterSecretStore: bitwarden-login-meet - name: oidcPass itemId: a25effec-eaea-4ce1-9ed8-3a3cc1c734db field: password podVariable: OIDC_RP_CLIENT_SECRET clusterSecretStore: bitwarden-login-meet - name: brevoApiKey itemId: 99107889-6124-4436-97cc-a5193f28443f field: password podVariable: BREVO_API_KEY clusterSecretStore: bitwarden-login-meet image: repository: localhost:5001/meet-backend pullPolicy: Always tag: "latest" backend: replicas: 1 envVars: DJANGO_CSRF_TRUSTED_ORIGINS: https://meet.127.0.0.1.nip.io,http://meet.127.0.0.1.nip.io DJANGO_CONFIGURATION: Production DJANGO_ALLOWED_HOSTS: meet.127.0.0.1.nip.io DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }} DJANGO_SETTINGS_MODULE: meet.settings DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008 DJANGO_SUPERUSER_PASSWORD: admin DJANGO_EMAIL_HOST: "mailcatcher" DJANGO_EMAIL_PORT: 1025 DJANGO_EMAIL_USE_SSL: False DJANGO_EMAIL_BRAND_NAME: "La Suite Numérique" DJANGO_EMAIL_SUPPORT_EMAIL: "test@yopmail.com" DJANGO_EMAIL_LOGO_IMG: https://meet.127.0.0.1.nip.io/assets/logo-suite-numerique.png DJANGO_EMAIL_DOMAIN: meet.127.0.0.1.nip.io DJANGO_EMAIL_APP_BASE_URL: https://meet.127.0.0.1.nip.io OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end OIDC_RP_CLIENT_ID: secretKeyRef: name: backend key: OIDC_RP_CLIENT_ID OIDC_RP_CLIENT_SECRET: secretKeyRef: name: backend key: OIDC_RP_CLIENT_SECRET OIDC_RP_SIGN_ALGO: RS256 OIDC_RP_SCOPES: "openid email given_name usual_name" OIDC_REDIRECT_ALLOWED_HOSTS: https://meet.127.0.0.1.nip.io OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}" LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io DB_HOST: postgres DB_NAME: meet DB_USER: dinum DB_PASSWORD: pass DB_PORT: 5432 REDIS_URL: redis://default:pass@redis-master:6379/1 STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage {{- with .Values.livekit.keys }} {{- range $key, $value := . }} LIVEKIT_API_SECRET: {{ $value }} LIVEKIT_API_KEY: {{ $key }} {{- end }} {{- end }} LIVEKIT_API_URL: https://livekit.127.0.0.1.nip.io/ LIVEKIT_WEBHOOK_EVENTS_FILTER_REGEX: "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}" ALLOW_UNREGISTERED_ROOMS: False FRONTEND_SILENCE_LIVEKIT_DEBUG: False FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}" AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000 AWS_S3_ACCESS_KEY_ID: meet AWS_S3_SECRET_ACCESS_KEY: password AWS_STORAGE_BUCKET_NAME: meet-media-storage AWS_S3_REGION_NAME: local RECORDING_ENABLE: True RECORDING_STORAGE_EVENT_ENABLE: True RECORDING_STORAGE_EVENT_TOKEN: password SUMMARY_SERVICE_ENDPOINT: http://meet-summary:80/api/v1/tasks/ SUMMARY_SERVICE_API_TOKEN: password RECORDING_DOWNLOAD_BASE_URL: https://meet.127.0.0.1.nip.io/recording SIGNUP_NEW_USER_TO_MARKETING_EMAIL: True BREVO_API_KEY: secretKeyRef: name: backend key: BREVO_API_KEY BREVO_API_CONTACT_LIST_IDS: 8 ROOM_TELEPHONY_ENABLED: True SSL_CERT_FILE: /usr/local/lib/python3.13/site-packages/certifi/cacert.pem migrate: command: - "/bin/sh" - "-c" - | python manage.py migrate --no-input restartPolicy: Never command: - "gunicorn" - "-c" - "/usr/local/etc/gunicorn/meet.py" - "meet.wsgi:application" - "--reload" createsuperuser: command: - "/bin/sh" - "-c" - | python manage.py createsuperuser --email admin@example.com --password admin restartPolicy: Never # Extra volume mounts to manage our local custom CA and avoid to set ssl_verify: false extraVolumeMounts: - name: certs mountPath: /usr/local/lib/python3.13/site-packages/certifi/cacert.pem subPath: cacert.pem # Extra volumes to manage our local custom CA and avoid to set ssl_verify: false extraVolumes: - name: certs configMap: name: certifi items: - key: cacert.pem path: cacert.pem frontend: envVars: VITE_APP_TITLE: "LaSuite Meet" VITE_PORT: 8080 VITE_HOST: 0.0.0.0 VITE_API_BASE_URL: https://meet.127.0.0.1.nip.io/ replicas: 1 image: repository: localhost:5001/meet-frontend pullPolicy: Always tag: "latest" ingress: enabled: true host: meet.127.0.0.1.nip.io ingressAdmin: enabled: true host: meet.127.0.0.1.nip.io posthog: ingress: enabled: false ingressAssets: enabled: false summary: replicas: 1 envVars: APP_NAME: summary-microservice APP_API_TOKEN: password AWS_STORAGE_BUCKET_NAME: meet-media-storage AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000 AWS_S3_ACCESS_KEY_ID: meet AWS_S3_SECRET_ACCESS_KEY: password AWS_S3_SECURE_ACCESS: False WHISPERX_API_KEY: your-secret-value WHISPERX_BASE_URL: https://configure-your-url.com WHISPERX_ASR_MODEL: large-v2 LLM_BASE_URL: https://configure-your-url.com LLM_API_KEY: your-secret-value LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct WEBHOOK_API_TOKEN: password WEBHOOK_URL: https://www.mock-impress.com/webhook/ CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1 CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1 image: repository: localhost:5001/meet-summary pullPolicy: Always tag: "latest" command: - "uvicorn" - "summary.main:app" - "--host" - "0.0.0.0" - "--port" - "8000" - "--reload" celeryTranscribe: replicas: 1 envVars: APP_NAME: summary-microservice APP_API_TOKEN: password AWS_STORAGE_BUCKET_NAME: meet-media-storage AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000 AWS_S3_ACCESS_KEY_ID: meet AWS_S3_SECRET_ACCESS_KEY: password AWS_S3_SECURE_ACCESS: False WHISPERX_API_KEY: your-secret-value WHISPERX_BASE_URL: https://configure-your-url.com WHISPERX_ASR_MODEL: large-v2 LLM_BASE_URL: https://configure-your-url.com LLM_API_KEY: your-secret-value LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct WEBHOOK_API_TOKEN: password WEBHOOK_URL: https://www.mock-impress.com/webhook/ CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1 CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1 TASK_TRACKER_REDIS_URL: redis://default:pass@redis-master:6379/1 image: repository: localhost:5001/meet-summary pullPolicy: Always tag: "latest" command: - "celery" - "-A" - "summary.core.celery_worker" - "worker" - "--pool=solo" - "--loglevel=info" - "-Q transcribe-queue" celerySummarize: replicas: 1 envVars: APP_NAME: summary-microservice APP_API_TOKEN: password AWS_STORAGE_BUCKET_NAME: meet-media-storage AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000 AWS_S3_ACCESS_KEY_ID: meet AWS_S3_SECRET_ACCESS_KEY: password AWS_S3_SECURE_ACCESS: False WHISPERX_API_KEY: your-secret-value WHISPERX_BASE_URL: https://configure-your-url.com WHISPERX_ASR_MODEL: large-v2 LLM_BASE_URL: https://configure-your-url.com LLM_API_KEY: your-secret-value LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct WEBHOOK_API_TOKEN: password WEBHOOK_URL: https://www.mock-impress.com/webhook/ CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1 CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1 TASK_TRACKER_REDIS_URL: redis://default:pass@redis-master:6379/1 image: repository: localhost:5001/meet-summary pullPolicy: Always tag: "latest" command: - "celery" - "-A" - "summary.core.celery_worker" - "worker" - "--pool=solo" - "--loglevel=info" - "-Q summarize-queue" ingressMedia: enabled: true host: meet.127.0.0.1.nip.io annotations: nginx.ingress.kubernetes.io/auth-url: https://meet.127.0.0.1.nip.io/api/v1.0/recordings/media-auth/ nginx.ingress.kubernetes.io/auth-response-headers: "Authorization, X-Amz-Date, X-Amz-Content-SHA256" nginx.ingress.kubernetes.io/upstream-vhost: minio.meet.svc.cluster.local:9000 nginx.ingress.kubernetes.io/rewrite-target: /meet-media-storage/$1 serviceMedia: host: minio.meet.svc.cluster.local port: 9000