studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7ff35d3e0cc2f644b674daa55d29584cdc4641f7
sbbb/overlays/production/kustomization.yaml
Sienna Meridian Satterwhite 7ff35d3e0c feat(infra): production bootstrap — cert-manager, longhorn, monitoring 
Add new bases for cert-manager (Let's Encrypt + wildcard cert), Longhorn
distributed storage, and monitoring (kube-prometheus-stack + Loki + Tempo
+ Grafana OIDC). Add cloud-init for Scaleway Elastic Metal provisioning.

Production overlay: add patches for postgres sizing, SeaweedFS volume,
OpenSearch storage, LiveKit service, Pingora host ports, resource limits,
and CNPG daily barman backups. Update cert-manager.yaml with full dnsNames
for all *.sunbeam.pt subdomains.
2026-03-06 12:06:27 +00:00

58 lines
1.7 KiB
YAML
Raw Blame History

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
# Production overlay — targets Scaleway Elastic Metal (Paris)
#
# Deploy (DOMAIN_SUFFIX and ACME_EMAIL are substituted by sunbeam apply):
# sunbeam apply --env production --domain yourdomain.com
resources:
- ../../base/longhorn
- ../../base/cert-manager
- ../../base/ingress
- ../../base/ory
- ../../base/data
- ../../base/storage
- ../../base/lasuite
- ../../base/media
- ../../base/devtools
- ../../base/vso
- ../../base/monitoring
# cert-manager ClusterIssuer + Certificate (requires cert-manager to be installed)
- cert-manager.yaml
# CNPG daily backup schedule
- postgres-scheduled-backup.yaml
images:
# La Gaufre integration service — built and pushed by `sunbeam build integration`
- name: integration
newName: src.DOMAIN_SUFFIX/studio/integration
newTag: latest
# Meet — built from source and pushed to Gitea registry.
- name: meet-backend
newName: src.DOMAIN_SUFFIX/studio/meet-backend
newTag: latest
- name: meet-frontend
newName: src.DOMAIN_SUFFIX/studio/meet-frontend
newTag: latest
patches:
# Pingora host ports — bind :80/:443 to the host network
- path: patch-pingora-hostport.yaml
# Production resource limits for 64 GiB server
- path: values-resources.yaml
# LiveKit TURN service: ClusterIP (Pingora routes TURN traffic on :443)
- path: patch-livekit-service.yaml
# CNPG: production sizing (500 Gi, 8 Gi RAM) + barman S3 backup config
- path: patch-postgres-production.yaml
# OpenSearch: expand PVC to 50 Gi
- path: patch-opensearch-storage.yaml
# SeaweedFS volume: expand PVC to 600 Gi
- path: patch-seaweedfs-volume-size.yaml
Reference in New Issue View Git Blame Copy Permalink