25a4e2dfc6
Use the common create_cluster.sh in order to improve cooperation between teams. Also, mount extra volume, to avoid setting ssl_verify to false, while using request module in Python.
121 lines
3.4 KiB
YAML
121 lines
3.4 KiB
YAML
image:
|
|
repository: lasuite/meet-backend
|
|
pullPolicy: Always
|
|
tag: "latest"
|
|
|
|
backend:
|
|
replicas: 1
|
|
envVars:
|
|
DJANGO_CSRF_TRUSTED_ORIGINS: https://meet.127.0.0.1.nip.io,http://meet.127.0.0.1.nip.io
|
|
DJANGO_CONFIGURATION: Production
|
|
DJANGO_ALLOWED_HOSTS: meet.127.0.0.1.nip.io
|
|
DJANGO_SECRET_KEY: ThisCouldBeAReallyGoodOrPerhapsABadKeyToUseSometimes
|
|
DJANGO_SETTINGS_MODULE: meet.settings
|
|
DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008
|
|
DJANGO_SUPERUSER_PASSWORD: admin
|
|
DJANGO_EMAIL_HOST: "mailcatcher"
|
|
DJANGO_EMAIL_PORT: 1025
|
|
DJANGO_EMAIL_USE_SSL: False
|
|
OIDC_OP_JWKS_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/meet/protocol/openid-connect/certs
|
|
OIDC_OP_AUTHORIZATION_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/meet/protocol/openid-connect/auth
|
|
OIDC_OP_TOKEN_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/meet/protocol/openid-connect/token
|
|
OIDC_OP_USER_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/meet/protocol/openid-connect/userinfo
|
|
OIDC_OP_LOGOUT_ENDPOINT: https://keycloak.127.0.0.1.nip.io/realms/meet/protocol/openid-connect/session/end
|
|
OIDC_RP_CLIENT_ID: meet
|
|
OIDC_RP_CLIENT_SECRET: ThisIsAnExampleKeyForDevPurposeOnly
|
|
OIDC_RP_SIGN_ALGO: RS256
|
|
OIDC_RP_SCOPES: "openid email"
|
|
OIDC_REDIRECT_ALLOWED_HOSTS: https://meet.127.0.0.1.nip.io
|
|
OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
|
|
LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io
|
|
LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io
|
|
LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io
|
|
DB_HOST: postgresql
|
|
DB_NAME: meet
|
|
DB_USER: dinum
|
|
DB_PASSWORD: pass
|
|
DB_PORT: 5432
|
|
POSTGRES_DB: meet
|
|
POSTGRES_USER: dinum
|
|
POSTGRES_PASSWORD: pass
|
|
REDIS_URL: redis://default:pass@redis-master:6379/1
|
|
STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
|
|
LIVEKIT_API_SECRET: secret
|
|
LIVEKIT_API_KEY: devkey
|
|
LIVEKIT_API_URL: https://livekit.127.0.0.1.nip.io/
|
|
ALLOW_UNREGISTERED_ROOMS: False
|
|
FRONTEND_SILENCE_LIVEKIT_DEBUG: False
|
|
|
|
|
|
migrate:
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- |
|
|
python manage.py migrate --no-input &&
|
|
python manage.py create_demo --force
|
|
restartPolicy: Never
|
|
|
|
command:
|
|
- "gunicorn"
|
|
- "-c"
|
|
- "/usr/local/etc/gunicorn/meet.py"
|
|
- "meet.wsgi:application"
|
|
- "--reload"
|
|
|
|
createsuperuser:
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- |
|
|
python manage.py createsuperuser --email admin@example.com --password admin
|
|
restartPolicy: Never
|
|
|
|
# Exra volume to manage our local custom CA and avoid to set ssl_verify: false
|
|
extraVolumeMounts:
|
|
- name: certs
|
|
mountPath: /usr/local/lib/python3.12/site-packages/certifi/cacert.pem
|
|
subPath: cacert.pem
|
|
|
|
# Exra volume to manage our local custom CA and avoid to set ssl_verify: false
|
|
extraVolumes:
|
|
- name: certs
|
|
configMap:
|
|
name: certifi
|
|
items:
|
|
- key: cacert.pem
|
|
path: cacert.pem
|
|
|
|
frontend:
|
|
envVars:
|
|
VITE_PORT: 8080
|
|
VITE_HOST: 0.0.0.0
|
|
VITE_API_BASE_URL: https://meet.127.0.0.1.nip.io/
|
|
|
|
replicas: 1
|
|
|
|
image:
|
|
repository: lasuite/meet-frontend
|
|
pullPolicy: Always
|
|
tag: "latest"
|
|
|
|
ingress:
|
|
enabled: true
|
|
host: meet.127.0.0.1.nip.io
|
|
|
|
ingressAdmin:
|
|
enabled: true
|
|
host: meet.127.0.0.1.nip.io
|
|
|
|
posthog:
|
|
ingress:
|
|
enabled: false
|
|
ingressAssets:
|
|
enabled: false
|
|
|
|
summary:
|
|
replicas: 0
|
|
|
|
celery:
|
|
replicas: 0
|