Sienna Meridian Satterwhite
fb91fcd284
sol-config: added [vault] and [services.gitea] sections, fetch allowlist (wttr.in, open-meteo, github), bumped context windows to 200, updated system prompt with run_script docs and tool rules. sol-deployment: added gitea admin credential env vars from sol-secrets, automountServiceAccountToken for vault k8s auth. vault-secrets: added gitea-admin-username and gitea-admin-password templates to sol-secrets VSS.
95 lines
2.5 KiB
YAML
95 lines
2.5 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: sol
|
|
namespace: matrix
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
app: sol
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: sol
|
|
spec:
|
|
enableServiceLinks: false
|
|
automountServiceAccountToken: true
|
|
initContainers:
|
|
- name: fix-permissions
|
|
image: busybox
|
|
command: ["sh", "-c", "chmod -R 777 /data && mkdir -p /data/matrix-state && chmod 777 /data/matrix-state"]
|
|
volumeMounts:
|
|
- name: sol-data
|
|
mountPath: /data
|
|
containers:
|
|
- name: sol
|
|
image: sol
|
|
env:
|
|
- name: SOL_CONFIG
|
|
value: /etc/sol/sol.toml
|
|
- name: SOL_SYSTEM_PROMPT
|
|
value: /etc/sol/system_prompt.md
|
|
- name: SOL_MATRIX_ACCESS_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: sol-secrets
|
|
key: matrix-access-token
|
|
- name: SOL_MATRIX_DEVICE_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: sol-secrets
|
|
key: matrix-device-id
|
|
- name: SOL_MISTRAL_API_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: sol-secrets
|
|
key: mistral-api-key
|
|
- name: SOL_GITEA_ADMIN_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: sol-secrets
|
|
key: gitea-admin-username
|
|
- name: SOL_GITEA_ADMIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: sol-secrets
|
|
key: gitea-admin-password
|
|
volumeMounts:
|
|
- name: sol-config
|
|
mountPath: /etc/sol/sol.toml
|
|
subPath: sol.toml
|
|
readOnly: true
|
|
- name: sol-config
|
|
mountPath: /etc/sol/system_prompt.md
|
|
subPath: system_prompt.md
|
|
readOnly: true
|
|
- name: sol-data
|
|
mountPath: /data
|
|
resources:
|
|
limits:
|
|
memory: 512Mi
|
|
requests:
|
|
memory: 256Mi
|
|
cpu: 100m
|
|
volumes:
|
|
- name: sol-config
|
|
configMap:
|
|
name: sol-config
|
|
- name: sol-data
|
|
persistentVolumeClaim:
|
|
claimName: sol-data
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: sol-data
|
|
namespace: matrix
|
|
spec:
|
|
accessModes: [ReadWriteOnce]
|
|
resources:
|
|
requests:
|
|
storage: 1Gi
|