a276517278
Proxy analytics requests through our backend to minimize ad-blockers impact. I configured the Helm Charts following PostHog official documentation.
138 lines
4.2 KiB
Go Template
138 lines
4.2 KiB
Go Template
image:
|
|
repository: lasuite/meet-backend
|
|
pullPolicy: Always
|
|
tag: "v0.1.6"
|
|
|
|
backend:
|
|
migrateJobAnnotations:
|
|
argocd.argoproj.io/hook: PostSync
|
|
argocd.argoproj.io/hook-delete-policy: HookSucceeded
|
|
envVars:
|
|
DJANGO_CSRF_TRUSTED_ORIGINS: https://visio.numerique.gouv.fr,https://meet.numerique.gouv.fr
|
|
DJANGO_CONFIGURATION: Production
|
|
DJANGO_ALLOWED_HOSTS: visio.numerique.gouv.fr,meet.numerique.gouv.fr
|
|
DJANGO_SECRET_KEY:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: DJANGO_SECRET_KEY
|
|
DJANGO_SETTINGS_MODULE: meet.settings
|
|
DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008
|
|
DJANGO_SUPERUSER_EMAIL:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: DJANGO_SUPERUSER_EMAIL
|
|
DJANGO_SUPERUSER_PASSWORD:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: DJANGO_SUPERUSER_PASSWORD
|
|
DJANGO_EMAIL_HOST: "snap-mail.numerique.gouv.fr"
|
|
DJANGO_EMAIL_PORT: 465
|
|
DJANGO_EMAIL_USE_SSL: True
|
|
OIDC_OP_JWKS_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/jwks
|
|
OIDC_OP_AUTHORIZATION_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/authorize
|
|
OIDC_OP_TOKEN_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/token
|
|
OIDC_OP_USER_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/userinfo
|
|
OIDC_OP_LOGOUT_ENDPOINT: https://auth.agentconnect.gouv.fr/api/v2/session/end
|
|
OIDC_RP_CLIENT_ID:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: OIDC_RP_CLIENT_ID
|
|
OIDC_RP_CLIENT_SECRET:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: OIDC_RP_CLIENT_SECRET
|
|
OIDC_RP_SIGN_ALGO: RS256
|
|
OIDC_RP_SCOPES: "openid email"
|
|
OIDC_REDIRECT_ALLOWED_HOSTS: https://visio.numerique.gouv.fr
|
|
OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
|
|
LOGIN_REDIRECT_URL: https://visio.numerique.gouv.fr
|
|
LOGIN_REDIRECT_URL_FAILURE: https://visio.numerique.gouv.fr
|
|
LOGOUT_REDIRECT_URL: https://visio.numerique.gouv.fr
|
|
DB_HOST:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: host
|
|
DB_NAME:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: database
|
|
DB_USER:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: username
|
|
DB_PASSWORD:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: password
|
|
DB_PORT:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: port
|
|
POSTGRES_USER:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: username
|
|
POSTGRES_DB:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: database
|
|
POSTGRES_PASSWORD:
|
|
secretKeyRef:
|
|
name: postgresql.postgres.libre.sh
|
|
key: password
|
|
REDIS_URL:
|
|
secretKeyRef:
|
|
name: redis.redis.libre.sh
|
|
key: url
|
|
STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
|
|
LIVEKIT_API_SECRET:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: LIVEKIT_API_SECRET
|
|
LIVEKIT_API_KEY:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: LIVEKIT_API_KEY
|
|
LIVEKIT_API_URL: https://livekit-preprod.beta.numerique.gouv.fr
|
|
ANALYTICS_KEY: mwuxTKi8o2xzWH54
|
|
ALLOW_UNREGISTERED_ROOMS: False
|
|
|
|
createsuperuser:
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- |
|
|
python manage.py createsuperuser --email $DJANGO_SUPERUSER_EMAIL --password $DJANGO_SUPERUSER_PASSWORD
|
|
restartPolicy: Never
|
|
|
|
frontend:
|
|
image:
|
|
repository: lasuite/meet-frontend
|
|
pullPolicy: Always
|
|
tag: "v0.1.6"
|
|
|
|
ingress:
|
|
enabled: true
|
|
host: visio.numerique.gouv.fr
|
|
className: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
|
|
ingressAdmin:
|
|
enabled: true
|
|
host: visio.numerique.gouv.fr
|
|
className: nginx
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt
|
|
nginx.ingress.kubernetes.io/auth-signin: https://oauth2-proxy.beta.numerique.gouv.fr/oauth2/start
|
|
nginx.ingress.kubernetes.io/auth-url: https://oauth2-proxy.beta.numerique.gouv.fr/oauth2/auth
|
|
|
|
posthog:
|
|
ingress:
|
|
enabled: true
|
|
host: product.visio.numerique.gouv.fr
|
|
annotations:
|
|
kubernetes.io/ingress.class: nginx
|
|
nginx.ingress.kubernetes.io/upstream-vhost: eu.i.posthog.com
|
|
nginx.ingress.kubernetes.io/backend-protocol: https
|