110 lines
3.5 KiB
Go Template
110 lines
3.5 KiB
Go Template
secrets:
|
|
- name: oidcLogin
|
|
itemId: 753d95be-f0d0-44ff-b8b9-bdd905f2ae1d
|
|
field: username
|
|
podVariable: OIDC_RP_CLIENT_ID
|
|
clusterSecretStore: bitwarden-login-desk
|
|
- name: oidcPass
|
|
itemId: 753d95be-f0d0-44ff-b8b9-bdd905f2ae1d
|
|
field: password
|
|
podVariable: OIDC_RP_CLIENT_SECRET
|
|
clusterSecretStore: bitwarden-login-desk
|
|
- name: mail_provisioning_api_credentials
|
|
itemId: 2fcb5d3c-d037-4ec5-967d-3d15b261e2ab
|
|
field: password
|
|
podVariable: MAIL_PROVISIONING_API_CREDENTIALS
|
|
clusterSecretStore: bitwarden-login-desk
|
|
image:
|
|
repository: localhost:5001/people-backend
|
|
pullPolicy: Always
|
|
tag: "latest"
|
|
|
|
backend:
|
|
replicas: 1
|
|
envVars:
|
|
DJANGO_CSRF_TRUSTED_ORIGINS: https://desk.127.0.0.1.nip.io,http://desk.127.0.0.1.nip.io
|
|
DJANGO_CONFIGURATION: Local
|
|
DJANGO_ALLOWED_HOSTS: "*"
|
|
DJANGO_SECRET_KEY: changeme
|
|
DJANGO_SETTINGS_MODULE: people.settings
|
|
DJANGO_SUPERUSER_EMAIL: admin@example.com
|
|
DJANGO_SUPERUSER_PASSWORD: admin
|
|
DJANGO_EMAIL_HOST: "maildev"
|
|
DJANGO_EMAIL_PORT: 1025
|
|
DJANGO_EMAIL_USE_SSL: False
|
|
OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
|
|
OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
|
|
OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
|
|
OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
|
|
OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end
|
|
OIDC_ORGANIZATION_REGISTRATION_ID_FIELD: "siret"
|
|
OIDC_RP_CLIENT_ID:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: OIDC_RP_CLIENT_ID
|
|
OIDC_RP_CLIENT_SECRET:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: OIDC_RP_CLIENT_SECRET
|
|
OIDC_RP_SIGN_ALGO: RS256
|
|
OIDC_RP_SCOPES: "openid email siret given_name usual_name"
|
|
USER_OIDC_FIELDS_TO_NAME: "given_name,usual_name"
|
|
OIDC_REDIRECT_ALLOWED_HOSTS: https://desk.127.0.0.1.nip.io
|
|
OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
|
|
ORGANIZATION_REGISTRATION_ID_VALIDATORS: '[{"NAME": "django.core.validators.RegexValidator", "OPTIONS": {"regex": "^[0-9]{14}$"}}]'
|
|
LOGIN_REDIRECT_URL: https://desk.127.0.0.1.nip.io
|
|
LOGIN_REDIRECT_URL_FAILURE: https://desk.127.0.0.1.nip.io
|
|
LOGOUT_REDIRECT_URL: https://desk.127.0.0.1.nip.io
|
|
DB_HOST: postgres-postgresql
|
|
DB_NAME: people
|
|
DB_USER: dinum
|
|
DB_PASSWORD: pass
|
|
DB_PORT: 5432
|
|
POSTGRES_DB: people
|
|
POSTGRES_USER: dinum
|
|
POSTGRES_PASSWORD: pass
|
|
REDIS_URL: redis://default:pass@redis-master:6379/1
|
|
WEBMAIL_URL: "https://onestendev.yapasdewebmail.fr"
|
|
MAIL_PROVISIONING_API_URL: "http://dimail.127.0.0.1.nip.io"
|
|
MAIL_PROVISIONING_API_CREDENTIALS:
|
|
secretKeyRef:
|
|
name: backend
|
|
key: MAIL_PROVISIONING_API_CREDENTIALS
|
|
SENTRY_DSN: "https://b72746c73d669421e7a8ccd3fab0fad2@sentry.incubateur.net/171"
|
|
command:
|
|
- "gunicorn"
|
|
- "-c"
|
|
- "/usr/local/etc/gunicorn/people.py"
|
|
- "people.wsgi:application"
|
|
- "--reload"
|
|
|
|
createsuperuser:
|
|
command:
|
|
- "/bin/sh"
|
|
- "-c"
|
|
- python manage.py createsuperuser --username ${DJANGO_SUPERUSER_EMAIL} --password ${DJANGO_SUPERUSER_PASSWORD} || echo ok
|
|
restartPolicy: Never
|
|
|
|
frontend:
|
|
envVars:
|
|
PORT: 8080
|
|
NEXT_PUBLIC_API_ORIGIN: https://desk.127.0.0.1.nip.io
|
|
|
|
replicas: 1
|
|
command:
|
|
- yarn
|
|
- dev
|
|
|
|
image:
|
|
repository: localhost:5001/people-frontend
|
|
pullPolicy: Always
|
|
tag: "latest"
|
|
|
|
ingress:
|
|
enabled: true
|
|
host: desk.127.0.0.1.nip.io
|
|
|
|
ingressAdmin:
|
|
enabled: true
|
|
host: desk.127.0.0.1.nip.io
|