studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6acf598f92cbaff8fea81697fba1b9069488deb8
sbbb/overlays/production/kustomization.yaml
Sienna Meridian Satterwhite 6acf598f92 refactor: remove La Suite services (except Meet + Collabora), delete local overlay 
La Suite Messages, Calendars, Drive, Projects, Hive, Integration, and
Postfix are replaced by Stalwart (mail) and Tuwunel (messaging). Meet
and Collabora remain for video conferencing and document editing.

Local overlay was POC only — all deployment targets production now.

Deleted: 37 La Suite manifests, Drive Helm chart, 7 local overlay files,
stale MTA-in hostPort patch. Cleaned up production image overrides and
resource patches for removed services.
2026-04-06 18:03:55 +01:00

88 lines
2.5 KiB
YAML
Raw Blame History

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Production overlay — targets Scaleway Elastic Metal (Paris)
#
# Deploy (DOMAIN_SUFFIX and ACME_EMAIL are substituted by sunbeam apply):
# sunbeam apply --env production --domain yourdomain.com
resources:
- ../../base/build
- ../../base/longhorn
- ../../base/cert-manager
- ../../base/ingress
- ../../base/ory
- ../../base/data
- ../../base/storage
- ../../base/lasuite
- ../../base/media
- ../../base/devtools
- ../../base/stalwart
- ../../base/vso
- ../../base/monitoring
- ../../base/matrix
# cert-manager ClusterIssuer + Certificate (requires cert-manager to be installed)
- cert-manager.yaml
# CNPG daily backup schedule
- postgres-scheduled-backup.yaml
images:
# Meet — built from source and pushed to Gitea registry.
- name: meet-backend
newName: src.DOMAIN_SUFFIX/studio/meet-backend
newTag: latest
- name: meet-frontend
newName: src.DOMAIN_SUFFIX/studio/meet-frontend
newTag: latest
# Tuwunel Matrix homeserver — built and pushed by `sunbeam build tuwunel`
- name: tuwunel
newName: src.DOMAIN_SUFFIX/studio/tuwunel
newTag: latest
# Sol virtual librarian — built and pushed by `sunbeam build sol`
- name: sol
newName: src.DOMAIN_SUFFIX/studio/sol
newTag: latest
patches:
# Pingora host ports — bind :80/:443 to the host network
- path: patch-pingora-hostport.yaml
# Production resource limits for 64 GiB server
- path: values-resources.yaml
# LiveKit TURN service: ClusterIP (Pingora routes TURN traffic on :443)
- path: patch-livekit-service.yaml
# CNPG: production sizing (500 Gi, 8 Gi RAM) + barman S3 backup config
- path: patch-postgres-production.yaml
# OpenSearch: expand PVC to 50 Gi
- path: patch-opensearch-storage.yaml
# Tuwunel: production resource limits and PVC sizing
- path: patch-tuwunel.yaml
# SeaweedFS volume: expand PVC to 600 Gi
- path: patch-seaweedfs-volume-size.yaml
# Stalwart: bind SMTP (25), submission (587), and IMAPS (993) to the host
- patch: |
- op: add
path: /spec/template/spec/containers/0/ports/0/hostPort
value: 25
- op: add
path: /spec/template/spec/containers/0/ports/1/hostPort
value: 587
- op: add
path: /spec/template/spec/containers/0/ports/2/hostPort
value: 465
- op: add
path: /spec/template/spec/containers/0/ports/4/hostPort
value: 993
target:
kind: Deployment
name: stalwart
namespace: stalwart
Reference in New Issue View Git Blame Copy Permalink