studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
mainline
sbbb/overlays/production/kustomization.yaml
Sienna Meridian Satterwhite 0a322c8a7c remove: Docs (impress) and People (desk) from La Suite 
Collabora stays (Drive needs it for WOPI document editing).
Removed: Helm charts, values, nginx configs, patches, OIDC clients,
Vault secrets, S3 buckets, Pingora routes, Kratos return URLs,
overlay image overrides and resource patches, local-up.sh restarts.
2026-03-25 17:53:43 +00:00

119 lines
3.5 KiB
YAML
Raw Permalink Blame History

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Production overlay — targets Scaleway Elastic Metal (Paris)
#
# Deploy (DOMAIN_SUFFIX and ACME_EMAIL are substituted by sunbeam apply):
# sunbeam apply --env production --domain yourdomain.com
resources:
- ../../base/build
- ../../base/longhorn
- ../../base/cert-manager
- ../../base/ingress
- ../../base/ory
- ../../base/data
- ../../base/storage
- ../../base/lasuite
- ../../base/media
- ../../base/devtools
- ../../base/vso
- ../../base/monitoring
- ../../base/matrix
# cert-manager ClusterIssuer + Certificate (requires cert-manager to be installed)
- cert-manager.yaml
# CNPG daily backup schedule
- postgres-scheduled-backup.yaml
images:
# La Gaufre integration service — built and pushed by `sunbeam build integration`
- name: integration
newName: src.DOMAIN_SUFFIX/studio/integration
newTag: latest
# Meet — built from source and pushed to Gitea registry.
- name: meet-backend
newName: src.DOMAIN_SUFFIX/studio/meet-backend
newTag: latest
- name: meet-frontend
newName: src.DOMAIN_SUFFIX/studio/meet-frontend
newTag: latest
# Messages — built from source and pushed to Gitea registry.
- name: messages-backend
newName: src.DOMAIN_SUFFIX/studio/messages-backend
newTag: latest
- name: messages-frontend
newName: src.DOMAIN_SUFFIX/studio/messages-frontend
newTag: latest
- name: messages-mta-in
newName: src.DOMAIN_SUFFIX/studio/messages-mta-in
newTag: latest
- name: messages-mta-out
newName: src.DOMAIN_SUFFIX/studio/messages-mta-out
newTag: latest
- name: messages-mpa
newName: src.DOMAIN_SUFFIX/studio/messages-mpa
newTag: latest
- name: messages-socks-proxy
newName: src.DOMAIN_SUFFIX/studio/messages-socks-proxy
newTag: latest
# Calendars — built from source and pushed to Gitea registry.
- name: calendars-backend
newName: src.DOMAIN_SUFFIX/studio/calendars-backend
newTag: latest
- name: calendars-caldav
newName: src.DOMAIN_SUFFIX/studio/calendars-caldav
newTag: latest
- name: calendars-frontend
newName: src.DOMAIN_SUFFIX/studio/calendars-frontend
newTag: latest
# Projects (Kanban) — built and pushed by `sunbeam build projects`
- name: projects
newName: src.DOMAIN_SUFFIX/studio/projects
newTag: latest
# Tuwunel Matrix homeserver — built and pushed by `sunbeam build tuwunel`
- name: tuwunel
newName: src.DOMAIN_SUFFIX/studio/tuwunel
newTag: latest
# Sol virtual librarian — built and pushed by `sunbeam build sol`
- name: sol
newName: src.DOMAIN_SUFFIX/studio/sol
newTag: latest
patches:
# Pingora host ports — bind :80/:443 to the host network
- path: patch-pingora-hostport.yaml
# Production resource limits for 64 GiB server
- path: values-resources.yaml
# LiveKit TURN service: ClusterIP (Pingora routes TURN traffic on :443)
- path: patch-livekit-service.yaml
# CNPG: production sizing (500 Gi, 8 Gi RAM) + barman S3 backup config
- path: patch-postgres-production.yaml
# OpenSearch: expand PVC to 50 Gi
- path: patch-opensearch-storage.yaml
# Tuwunel: production resource limits and PVC sizing
- path: patch-tuwunel.yaml
# SeaweedFS volume: expand PVC to 600 Gi
- path: patch-seaweedfs-volume-size.yaml
# MTA-in: bind port 25 to the host for inbound email delivery
- patch: |
- op: add
path: /spec/template/spec/containers/0/ports/0/hostPort
value: 25
target:
kind: Deployment
name: messages-mta-in
namespace: lasuite
Reference in New Issue View Git Blame Copy Permalink