studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d7ff1da729822f647fd2a1c5f8ce7fe136a6ecf3
sbbb/base/lasuite/projects-deployment.yaml
Sienna Meridian Satterwhite bfe0280732 feat(lasuite): add Projects (Planka Kanban) service 
Deploy Planka-based project management at projects.DOMAIN_SUFFIX:
- ConfigMap with OIDC, S3, SMTP, La Gaufre widget config
- Deployment + Service (init container for DB migrations, Sails on 1337)
- OAuth2Client (client_secret_basic, redirect to /oidc-callback)
- VaultDynamicSecret for DATABASE_URL, VaultStaticSecret for SECRET_KEY
- Pingora route with websocket support (Socket.io)
- Image overrides in both local and production overlays
- TLS cert dnsNames updated for projects subdomain
- Integration service.json updated with Projects entry
- seaweedfs-s3-credentials rolloutRestartTargets includes projects
2026-03-20 13:41:54 +00:00

122 lines
3.2 KiB
YAML
Raw Blame History

# Planka-based Kanban project management — single container (SPA bundled into Sails backend).
# Image: src.DOMAIN_SUFFIX/studio/projects:latest
# Built from projects/Dockerfile
#
# Secrets injected via env vars:
# - projects-db-url (VaultDynamicSecret): DATABASE_URL
# - projects-app-secrets (VaultStaticSecret): SECRET_KEY
# - oidc-projects (Hydra Maester): CLIENT_ID, CLIENT_SECRET
# - seaweedfs-s3-credentials (VaultStaticSecret): S3_ACCESS_KEY, S3_SECRET_KEY
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: projects
namespace: lasuite
spec:
replicas: 1
selector:
matchLabels:
app: projects
template:
metadata:
labels:
app: projects
spec:
initContainers:
- name: db-migrate
image: projects
command: ["node", "db/init.js"]
envFrom:
- configMapRef:
name: projects-config
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: projects-db-url
key: url
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: projects-app-secrets
key: SECRET_KEY
resources:
limits:
memory: 256Mi
requests:
memory: 128Mi
cpu: 50m
containers:
- name: projects
image: projects
command: ["node", "app.js", "--prod"]
ports:
- name: http
containerPort: 1337
envFrom:
- configMapRef:
name: projects-config
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: projects-db-url
key: url
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: projects-app-secrets
key: SECRET_KEY
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc-projects
key: CLIENT_ID
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc-projects
key: CLIENT_SECRET
- name: S3_ACCESS_KEY
valueFrom:
secretKeyRef:
name: seaweedfs-s3-credentials
key: S3_ACCESS_KEY
- name: S3_SECRET_KEY
valueFrom:
secretKeyRef:
name: seaweedfs-s3-credentials
key: S3_SECRET_KEY
resources:
limits:
memory: 512Mi
requests:
memory: 256Mi
cpu: 50m
livenessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 15
periodSeconds: 30
readinessProbe:
httpGet:
path: /
port: http
initialDelaySeconds: 10
periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
name: projects
namespace: lasuite
spec:
selector:
app: projects
ports:
- name: http
port: 80
targetPort: 1337
Reference in New Issue View Git Blame Copy Permalink