people/src/helm/env.d/dev/values.desk.yaml.gotmpl

secrets:
  - name: oidcLogin
    itemId: 753d95be-f0d0-44ff-b8b9-bdd905f2ae1d
    field: username
    podVariable: OIDC_RP_CLIENT_ID
    clusterSecretStore: bitwarden-login-desk
  - name: oidcPass
    itemId: 753d95be-f0d0-44ff-b8b9-bdd905f2ae1d
    field: password
    podVariable: OIDC_RP_CLIENT_SECRET
    clusterSecretStore: bitwarden-login-desk
  - name: mail_provisioning_api_credentials
    itemId: 2fcb5d3c-d037-4ec5-967d-3d15b261e2ab
    field: password
    podVariable: MAIL_PROVISIONING_API_CREDENTIALS
    clusterSecretStore: bitwarden-login-desk
image:
  repository: localhost:5001/people-backend
  pullPolicy: Always
  tag: "latest"

backend:
  replicas: 1
  envVars:
    DJANGO_CSRF_TRUSTED_ORIGINS: https://desk.127.0.0.1.nip.io,http://desk.127.0.0.1.nip.io
    DJANGO_CONFIGURATION: Local
    DJANGO_ALLOWED_HOSTS: "*"
    DJANGO_SECRET_KEY: changeme
    DJANGO_SETTINGS_MODULE: people.settings
    DJANGO_SUPERUSER_EMAIL: admin@example.com
    DJANGO_SUPERUSER_PASSWORD: admin
    DJANGO_EMAIL_HOST: "mailcatcher"
    DJANGO_EMAIL_PORT: 1025
    DJANGO_EMAIL_USE_SSL: False
    OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
    OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
    OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
    OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
    OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end
    OIDC_ORGANIZATION_REGISTRATION_ID_FIELD: "siret"
    OIDC_RP_CLIENT_ID:
      secretKeyRef:
        name: backend
        key: OIDC_RP_CLIENT_ID
    OIDC_RP_CLIENT_SECRET:
      secretKeyRef:
        name: backend
        key: OIDC_RP_CLIENT_SECRET
    OIDC_RP_SIGN_ALGO: RS256
    OIDC_RP_SCOPES: "openid email siret given_name usual_name"
    USER_OIDC_FIELDS_TO_NAME: "given_name,usual_name"
    OIDC_REDIRECT_ALLOWED_HOSTS: https://desk.127.0.0.1.nip.io
    OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
    ORGANIZATION_PLUGINS: "plugins.organizations.NameFromSiretOrganizationPlugin"
    ORGANIZATION_REGISTRATION_ID_VALIDATORS: '[{"NAME": "django.core.validators.RegexValidator", "OPTIONS": {"regex": "^[0-9]{14}$"}}]'
    LOGIN_REDIRECT_URL: https://desk.127.0.0.1.nip.io
    LOGIN_REDIRECT_URL_FAILURE: https://desk.127.0.0.1.nip.io
    LOGOUT_REDIRECT_URL: https://desk.127.0.0.1.nip.io
    DB_HOST: postgres-postgresql
    DB_NAME: people
    DB_USER: dinum
    DB_PASSWORD: pass
    DB_PORT: 5432
    POSTGRES_DB: people
    POSTGRES_USER: dinum
    POSTGRES_PASSWORD: pass
    REDIS_URL: redis://default:pass@redis-master:6379/1
    WEBMAIL_URL: "https://onestendev.yapasdewebmail.fr"
    MAIL_PROVISIONING_API_URL: "http://dimail.127.0.0.1.nip.io"
    MAIL_PROVISIONING_API_CREDENTIALS:
      secretKeyRef:
        name: backend
        key: MAIL_PROVISIONING_API_CREDENTIALS
    SENTRY_DSN: "https://b72746c73d669421e7a8ccd3fab0fad2@sentry.incubateur.net/171"
  command:
    - "gunicorn"
    - "-c"
    - "/usr/local/etc/gunicorn/people.py"
    - "people.wsgi:application"
    - "--reload"

  createsuperuser:
    command:
      - "/bin/sh"
      - "-c"
      - python manage.py createsuperuser --username ${DJANGO_SUPERUSER_EMAIL} --password ${DJANGO_SUPERUSER_PASSWORD} || echo ok
    restartPolicy: Never

frontend:
  envVars:
    PORT: 8080
    NEXT_PUBLIC_API_ORIGIN: https://desk.127.0.0.1.nip.io

  replicas: 1
  command:
    - yarn
    - dev

  image:
    repository: localhost:5001/people-frontend
    pullPolicy: Always
    tag: "latest"

ingress:
  enabled: true
  host: desk.127.0.0.1.nip.io

ingressAdmin:
  enabled: true
  host: desk.127.0.0.1.nip.io

mailcatcher:
  image:
    repository: sj26/mailcatcher
    tag: latest
    pullPolicy: Always
  ingress:
    enabled: true
    host: mailcatcher.127.0.0.1.nip.io