meet/src/helm/env.d/preprod/values.meet.yaml.gotmpl

image:
  repository: lasuite/meet-backend
  pullPolicy: Always
  tag: "v0.1.3"

backend:
  migrateJobAnnotations:
    argocd.argoproj.io/hook: PreSync
    argocd.argoproj.io/hook-delete-policy: HookSucceeded
  envVars:
    DJANGO_CSRF_TRUSTED_ORIGINS: http://meet-preprod.beta.numerique.gouv.fr,https://meet-preprod.beta.numerique.gouv.fr
    DJANGO_CONFIGURATION: Production
    DJANGO_ALLOWED_HOSTS: "*"
    DJANGO_SUPERUSER_EMAIL:
      secretKeyRef:
        name: backend
        key: DJANGO_SUPERUSER_EMAIL
    DJANGO_SECRET_KEY:
      secretKeyRef:
        name: backend
        key: DJANGO_SECRET_KEY
    DJANGO_SETTINGS_MODULE: meet.settings
    DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008
    DJANGO_SUPERUSER_PASSWORD:
      secretKeyRef:
        name: backend
        key: DJANGO_SUPERUSER_PASSWORD
    DJANGO_EMAIL_HOST: "snap-mail.numerique.gouv.fr"
    DJANGO_EMAIL_PORT: 465
    DJANGO_EMAIL_USE_SSL: True
    OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
    OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
    OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
    OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
    OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end
    OIDC_RP_CLIENT_ID:
      secretKeyRef:
        name: backend
        key: OIDC_RP_CLIENT_ID
    OIDC_RP_CLIENT_SECRET:
      secretKeyRef:
        name: backend
        key: OIDC_RP_CLIENT_SECRET
    OIDC_RP_SIGN_ALGO: RS256
    OIDC_RP_SCOPES: "openid email"
    OIDC_REDIRECT_ALLOWED_HOSTS: https://meet-preprod.beta.numerique.gouv.fr
    OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
    LOGIN_REDIRECT_URL: https://meet-preprod.beta.numerique.gouv.fr
    LOGIN_REDIRECT_URL_FAILURE: https://meet-preprod.beta.numerique.gouv.fr
    LOGOUT_REDIRECT_URL: https://meet-preprod.beta.numerique.gouv.fr
    DB_HOST:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: host
    DB_NAME:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: database
    DB_USER:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: username
    DB_PASSWORD:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: password
    DB_PORT:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: port
    POSTGRES_USER:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: username
    POSTGRES_DB:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: database
    POSTGRES_PASSWORD:
      secretKeyRef:
        name: postgresql.postgres.libre.sh
        key: password
    REDIS_URL:
      secretKeyRef:
        name: redis.redis.libre.sh
        key: url
    STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
    LIVEKIT_API_SECRET:
      secretKeyRef:
        name: backend
        key: LIVEKIT_API_SECRET
    LIVEKIT_API_KEY:
      secretKeyRef:
        name: backend
        key: LIVEKIT_API_KEY
    LIVEKIT_API_URL: https://livekit-preprod.beta.numerique.gouv.fr
    ALLOW_UNREGISTERED_ROOMS: False

  createsuperuser:
    command:
      - "/bin/sh"
      - "-c"
      - |
        python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD
    restartPolicy: Never

frontend:
  image:
    repository: lasuite/meet-frontend
    pullPolicy: Always
    tag: "v0.1.3"

ingress:
  enabled: true
  host: meet-preprod.beta.numerique.gouv.fr
  className: nginx
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod

ingressAdmin:
  enabled: true
  host: meet-preprod.beta.numerique.gouv.fr
  className: nginx
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/start
    nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy-preprod.beta.numerique.gouv.fr/oauth2/auth