site-profile: global: fullnameOverride: site-profile controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: ghcr.io/alexlebens/site-profile tag: 0.1.5 pullPolicy: IfNotPresent resources: requests: cpu: 100m memory: 256Mi serviceAccount: create: true service: main: controller: main ports: http: port: 80 targetPort: 4321 protocol: HTTP directus: global: fullnameOverride: directus controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: ghcr.io/alexlebens/site-profile tag: 0.1.5 pullPolicy: IfNotPresent env: - name: PUBLIC_URL value: https://directus-site-profile-cl01tl.boreal-beaufort.ts.net - name: ADMIN_EMAIL valueFrom: secretKeyRef: name: directus-config key: admin-email - name: ADMIN_PASSWORD valueFrom: secretKeyRef: name: directus-config key: admin-password - name: SECRET valueFrom: secretKeyRef: name: directus-config key: secret - name: KEY valueFrom: secretKeyRef: name: directus-config key: key - name: DB_CLIENT value: postgres - name: DB_HOST valueFrom: secretKeyRef: name: directus-postgresql-16-cluster-app key: host - name: DB_DATABASE valueFrom: secretKeyRef: name: directus-postgresql-16-cluster-app key: dbname - name: DB_PORT valueFrom: secretKeyRef: name: directus-postgresql-16-cluster-app key: port - name: DB_USER valueFrom: secretKeyRef: name: directus-postgresql-16-cluster-app key: user - name: DB_PASSWORD valueFrom: secretKeyRef: name: directus-postgresql-16-cluster-app key: password - name: REDIS_ENABLED value: true - name: REDIS_HOST value: site-profile-valkey-master - name: REDIS_PORT value: 6379 - name: STORAGE_LOCATIONS value: LOCAL - name: STORAGE_LOCAL_DRIVER value: local - name: STORAGE_LOCAL_ROOT value: /mnt/store - name: AUTH_PROVIDERS value: AUTHENTIK - name: AUTH_AUTHENTIK_DRIVER value: openid - name: AUTH_AUTHENTIK_CLIENT_ID valueFrom: secretKeyRef: name: directus-oidc-secret key: client - name: AUTH_AUTHENTIK_CLIENT_SECRET valueFrom: secretKeyRef: name: directus-oidc-secret key: secret - name: AUTH_AUTHENTIK_SCOPE value: openid profile email - name: AUTH_AUTHENTIK_AUTHORIZE_URL value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/authorize/ - name: AUTH_AUTHENTIK_ACCESS_URL value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/ - name: AUTH_AUTHENTIK_PROFILE_URL value: https://auth-cl01tl.boreal-beaufort.ts.net/application/o/userinfo/ - name: AUTH_AUTHENTIK_IDENTIFIER_KEY value: prefered_username - name: AUTH_AUTHENTIK_ALLOW_PUBLIC_REGISTRATION value: true - name: AUTH_AUTHENTIK_ICON value: https://goauthentik.io/img/icon.png - name: AUTH_AUTHENTIK_LABEL value: SSO Login - name: TELEMETRY value: false resources: requests: cpu: 100m memory: 256Mi serviceAccount: create: true service: main: controller: main ports: http: port: 80 targetPort: 8055 protocol: TCP ingress: tailscale: enabled: true className: tailscale hosts: - host: directus-site-profile-cl01tl paths: - path: / pathType: Prefix service: name: directus port: 80 tls: - hosts: - directus-site-profile-cl01tl persistence: data: storageClass: ceph-block accessMode: ReadWriteOnce size: 10Gi retain: true advancedMounts: main: main: - path: /mnt/store readOnly: false valkey: architecture: standalone auth: enabled: true cloudflared: name: cloudflared existingSecretName: site-profile-cloudflared-api-secret postgres-16-cluster: nameOverride: directus-postgresql-16 mode: standalone cluster: walStorage: storageClass: local-path storage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: false backup: enabled: true endpointURL: https://s3.us-east-2.amazonaws.com destinationPath: s3://cl01tl-postgresql-backups/directus endpointCredentials: directus-postgresql-16-cluster-backup-secret backupIndex: 1 retentionPolicy: 14d