studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7cb6bb1bd2b2d3b261d1372e892174bb3bc7c7d2
sbbb/base/lasuite/meet-backend-deployment.yaml
Sienna Meridian Satterwhite 424db43ccf feat(infra): Meet integration, La Suite theming, Pingora SSH + meet routes 
Meet: add backend/frontend/celery deployments and services, meet-config
ConfigMap, nginx SPA config, VSO secrets (meet-db-credentials VDS,
meet-django-secret and meet-livekit VSS). Wire oidc-meet OAuth2Client.

La Suite overlay discipline: move people/docs frontend nginx ConfigMaps
and patches from overlays/local to base so both environments share them.
Remove values-ory.yaml (folded into base). Add docs-frontend nginx config
with sub_filter theming. Add local gitea mkcert CA patch.

Pingora: add [ssh] TCP passthrough block (port 22 → Gitea SSH pod) and
split meet route into frontend default + backend paths for /api/, /admin/,
/oidc/, /static/, /__. Remove now-unused values-pingora.yaml from production
overlay (host ports moved to patch-pingora-hostport.yaml).

Update both overlay kustomizations to reference all new resources and
add meet-backend/meet-frontend image entries.
2026-03-06 12:08:21 +00:00

170 lines
5.1 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: meet-backend
namespace: lasuite
spec:
replicas: 1
selector:
matchLabels:
app: meet-backend
template:
metadata:
labels:
app: meet-backend
spec:
initContainers:
- name: migrate
image: meet-backend
command: ["python", "manage.py", "migrate", "--no-input"]
envFrom:
- configMapRef:
name: meet-config
- configMapRef:
name: lasuite-postgres
- configMapRef:
name: lasuite-valkey
- configMapRef:
name: lasuite-s3
- configMapRef:
name: lasuite-oidc-provider
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: meet-db-credentials
key: password
- name: DJANGO_SECRET_KEY
valueFrom:
secretKeyRef:
name: meet-django-secret
key: DJANGO_SECRET_KEY
- name: APPLICATION_JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: meet-django-secret
key: APPLICATION_JWT_SECRET_KEY
- name: LIVEKIT_API_KEY
valueFrom:
secretKeyRef:
name: meet-livekit
key: LIVEKIT_API_KEY
- name: LIVEKIT_API_SECRET
valueFrom:
secretKeyRef:
name: meet-livekit
key: LIVEKIT_API_SECRET
- name: OIDC_RP_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc-meet
key: CLIENT_ID
- name: OIDC_RP_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-meet
key: CLIENT_SECRET
- name: AWS_S3_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: seaweedfs-s3-credentials
key: S3_ACCESS_KEY
- name: AWS_S3_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: seaweedfs-s3-credentials
key: S3_SECRET_KEY
resources:
limits:
memory: 512Mi
cpu: 500m
requests:
memory: 128Mi
cpu: 100m
containers:
- name: meet-backend
image: meet-backend
command:
- gunicorn
- -c
- /usr/local/etc/gunicorn/meet.py
- meet.wsgi:application
ports:
- containerPort: 8000
envFrom:
- configMapRef:
name: meet-config
- configMapRef:
name: lasuite-postgres
- configMapRef:
name: lasuite-valkey
- configMapRef:
name: lasuite-s3
- configMapRef:
name: lasuite-oidc-provider
env:
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: meet-db-credentials
key: password
- name: DJANGO_SECRET_KEY
valueFrom:
secretKeyRef:
name: meet-django-secret
key: DJANGO_SECRET_KEY
- name: APPLICATION_JWT_SECRET_KEY
valueFrom:
secretKeyRef:
name: meet-django-secret
key: APPLICATION_JWT_SECRET_KEY
- name: LIVEKIT_API_KEY
valueFrom:
secretKeyRef:
name: meet-livekit
key: LIVEKIT_API_KEY
- name: LIVEKIT_API_SECRET
valueFrom:
secretKeyRef:
name: meet-livekit
key: LIVEKIT_API_SECRET
- name: OIDC_RP_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc-meet
key: CLIENT_ID
- name: OIDC_RP_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-meet
key: CLIENT_SECRET
- name: AWS_S3_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: seaweedfs-s3-credentials
key: S3_ACCESS_KEY
- name: AWS_S3_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: seaweedfs-s3-credentials
key: S3_SECRET_KEY
livenessProbe:
httpGet:
path: /__lbheartbeat__
port: 8000
initialDelaySeconds: 15
periodSeconds: 20
readinessProbe:
httpGet:
path: /__heartbeat__
port: 8000
initialDelaySeconds: 10
periodSeconds: 10
resources:
limits:
memory: 512Mi
cpu: 500m
requests:
memory: 128Mi
cpu: 100m
Reference in New Issue View Git Blame Copy Permalink