forked from public/stack
k/invoiceshelf: migrate to invoiceshelf, use statefulset, grab secrets from backup
This commit is contained in:
parent
c3d9a55497
commit
10119fd557
|
@ -4,14 +4,16 @@ metadata:
|
||||||
name: env
|
name: env
|
||||||
stringData:
|
stringData:
|
||||||
DB_PASSWORD: ENC[AES256_GCM,data:nHeFXLOI6bMb1hslXLu9xqbMNppGeGzI,iv:rakHQI3iFNgD9gtUX0HdeFG5afP9ln0a+wenqm692T0=,tag:en9KmjYlZ6xzeC0fs9wKzA==,type:str]
|
DB_PASSWORD: ENC[AES256_GCM,data:nHeFXLOI6bMb1hslXLu9xqbMNppGeGzI,iv:rakHQI3iFNgD9gtUX0HdeFG5afP9ln0a+wenqm692T0=,tag:en9KmjYlZ6xzeC0fs9wKzA==,type:str]
|
||||||
|
APP_KEY: ENC[AES256_GCM,data:pG99OkN9DpXEJ287ty/7e/86v5kEYeikNN6FnV++uNFE4j48aPiQENd+57RxAXFTUl+6,iv:IFXaK2gnXFm6T3O7ClTRk5HqLGmgFdvh7Dn2Jw+MQU0=,tag:0SPKkf5jfyyuwHNvvDVgCg==,type:str]
|
||||||
|
MAIL_PASSWORD: ENC[AES256_GCM,data:+pWcN1GYSA3pibo8WgvFsAHjnrvhDNsjuO+QXYR7bdZFBKWJbshf0sS8,iv:Kw6qiUEFnd5FRGBMWutOoxMNFZYMf8NyQkPBR9TvfXg=,tag:4IOU6qOXWQ02S6rc1RHiOQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
azure_kv: []
|
azure_kv: []
|
||||||
hc_vault: []
|
hc_vault: []
|
||||||
age: []
|
age: []
|
||||||
lastmodified: "2024-03-31T08:56:24Z"
|
lastmodified: "2024-03-31T09:43:12Z"
|
||||||
mac: ENC[AES256_GCM,data:ZzOHxHPOpazpvXHeMJfSyrRQoH9pK33eNYpZKvMXii3rQKWVw8dc4C0HyzbXo5ahJzF9RdBopiXW9tchjejfE1JJoC/a7SXYNCS+wn5wj4CQwu7u3ungbVROcluoBe7NiVzDhWz9URjZgkNWwyDWWQN9SXZW5xVqSYhAS7xPJTY=,iv:emHnnakeNRN1yWM7QvhF/7JH4K6GXpzWL78o9HNxPtE=,tag:9PUAOuO05M1RoQADq3f8gQ==,type:str]
|
mac: ENC[AES256_GCM,data:I9rIuOh2cTJDrlPYs3kf6o6jPPtdElDmjWENc4Yk29ezpWwUj3+BsICpOU0kOrehvuyKtcM6BcxuvJG5Q92gZoVRvlHDoLypMyK3vDBxhGO0CAbcKnKmUSvROr6IWY5jKh9EWczxU3VkDTrm/BmCJAbjC2Ys51ej73InZez4t0g=,iv:gIaUNj8wKew4bH7dBHW+LV5S0a9allRQkWQ/3aWYJ4Q=,tag:mwwI+RDG0i45sPOSh+e1mg==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2024-01-11T20:56:10Z"
|
- created_at: "2024-01-11T20:56:10Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
|
|
|
@ -3,7 +3,7 @@ kind: Kustomization
|
||||||
commonLabels:
|
commonLabels:
|
||||||
app.kubernetes.io/part-of: invoiceshelf
|
app.kubernetes.io/part-of: invoiceshelf
|
||||||
resources:
|
resources:
|
||||||
- deployment.yaml
|
- statefulset.yaml
|
||||||
- service.yaml
|
- service.yaml
|
||||||
- ingress.yaml
|
- ingress.yaml
|
||||||
configMapGenerator:
|
configMapGenerator:
|
||||||
|
@ -14,6 +14,32 @@ configMapGenerator:
|
||||||
- DB_USERNAME=crater
|
- DB_USERNAME=crater
|
||||||
- DB_DATABASE=crater
|
- DB_DATABASE=crater
|
||||||
- DB_PORT=25060
|
- DB_PORT=25060
|
||||||
|
- APP_ENV=production
|
||||||
|
- APP_DEBUG=false
|
||||||
|
- APP_LOG_LEVEL=debug
|
||||||
|
- APP_URL=https://billing.distrust.co
|
||||||
|
- ASSET_URL=https://billing.distrust.co
|
||||||
|
- BROADCAST_DRIVER=log
|
||||||
|
- CACHE_DRIVER=file
|
||||||
|
- QUEUE_DRIVER=sync
|
||||||
|
- SESSION_DRIVER=cookie
|
||||||
|
- SESSION_LIFETIME=1440
|
||||||
|
- REDIS_HOST=127.0.0.1
|
||||||
|
- REDIS_PORT=6379
|
||||||
|
- MAIL_DRIVER=smtp
|
||||||
|
- MAIL_HOST=smtp.migadu.com
|
||||||
|
- MAIL_PORT=465
|
||||||
|
- MAIL_USERNAME=billing@distrust.co
|
||||||
|
- MAIL_FROM_ADDRESS=billing@distrust.co
|
||||||
|
- MAIL_FROM_NAME="billing@distrust.co"
|
||||||
|
- MAIL_ENCRYPTION=ssl
|
||||||
|
- PUSHER_APP_ID=
|
||||||
|
- PUSHER_KEY=
|
||||||
|
- PUSHER_SECRET=
|
||||||
|
- SANCTUM_STATEFUL_DOMAINS=billing.distrust.co
|
||||||
|
- SESSION_DOMAIN=billing.distrust.co
|
||||||
|
- TRUSTED_PROXIES="*"
|
||||||
|
- CRON_JOB_AUTH_TOKEN=""
|
||||||
generators:
|
generators:
|
||||||
- secret-generator.yaml
|
- secret-generator.yaml
|
||||||
images:
|
images:
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
apiVersion: apps/v1
|
apiVersion: apps/v1
|
||||||
kind: Deployment
|
kind: StatefulSet
|
||||||
metadata:
|
metadata:
|
||||||
name: invoiceshelf
|
name: invoiceshelf
|
||||||
labels:
|
labels:
|
||||||
|
@ -27,13 +27,16 @@ spec:
|
||||||
ports:
|
ports:
|
||||||
- name: http
|
- name: http
|
||||||
containerPort: 80
|
containerPort: 80
|
||||||
# Create the flag the install check needs to bypass
|
|
||||||
lifecycle:
|
|
||||||
postStart:
|
|
||||||
exec:
|
|
||||||
command:
|
|
||||||
- /bin/sh
|
|
||||||
- -c
|
|
||||||
- "touch /var/www/html/InvoiceShelf/storage/app/database_created"
|
|
||||||
securityContext:
|
securityContext:
|
||||||
allowPrivilegeEscalation: false
|
allowPrivilegeEscalation: false
|
||||||
|
volumeMounts:
|
||||||
|
- name: invoiceshelf-data
|
||||||
|
mountPath: /var/www/html/InvoiceShelf/storage
|
||||||
|
volumeClaimTemplates:
|
||||||
|
- metadata:
|
||||||
|
name: invoiceshelf-data
|
||||||
|
spec:
|
||||||
|
accessModes: ["ReadWriteOnce"]
|
||||||
|
resources:
|
||||||
|
requests:
|
||||||
|
storage: 10Gi
|
Loading…
Reference in New Issue