208 lines
6.1 KiB
YAML
208 lines
6.1 KiB
YAML
komodo:
|
|
controllers:
|
|
main:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: ghcr.io/moghtech/komodo-core
|
|
tag: 1.19.5
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: COMPOSE_LOGGING_DRIVER
|
|
value: local
|
|
- name: KOMODO_HOST
|
|
value: https://komodo.alexlebens.net
|
|
- name: KOMODO_TITLE
|
|
value: Komodo
|
|
- name: PASSKEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-secret
|
|
key: passkey
|
|
- name: KOMODO_MONITORING_INTERVAL
|
|
value: 15-sec
|
|
- name: KOMODO_RESOURCE_POLL_INTERVAL
|
|
value: 5-min
|
|
- name: KOMODO_PASSKEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-secret
|
|
key: passkey
|
|
- name: KOMODO_WEBHOOK_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-secret
|
|
key: webhook
|
|
- name: KOMODO_JWT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-secret
|
|
key: jwt
|
|
- name: KOMODO_LOCAL_AUTH
|
|
value: true
|
|
- name: KOMODO_ENABLE_NEW_USERS
|
|
value: true
|
|
- name: KOMODO_DISABLE_NON_ADMIN_CREATE
|
|
value: true
|
|
- name: KOMODO_TRANSPARENT_MODE
|
|
value: false
|
|
- name: PERIPHERY_SSL_ENABLED
|
|
value: false
|
|
- name: DB_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-postgresql-17-fdb-cluster-app
|
|
key: user
|
|
- name: DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-postgresql-17-fdb-cluster-app
|
|
key: password
|
|
- name: KOMODO_DATABASE_URI
|
|
value: mongodb://$(DB_USERNAME):$(DB_PASSWORD)@komodo-ferretdb-2.komodo:27017/komodo
|
|
- name: KOMODO_OIDC_ENABLED
|
|
value: true
|
|
- name: KOMODO_OIDC_PROVIDER
|
|
value: http://authentik-server.authentik/application/o/komodo/
|
|
- name: KOMODO_OIDC_REDIRECT_HOST
|
|
value: https://authentik.alexlebens.net
|
|
- name: KOMODO_OIDC_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-secret
|
|
key: oidc-client-id
|
|
- name: KOMODO_OIDC_CLIENT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-secret
|
|
key: oidc-client-secret
|
|
- name: KOMODO_OIDC_USE_FULL_EMAIL
|
|
value: true
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 128Mi
|
|
ferretdb-2:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: ghcr.io/ferretdb/ferretdb
|
|
tag: 2.5.0
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: FERRETDB_POSTGRESQL_URL
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: komodo-postgresql-17-fdb-cluster-app
|
|
key: uri
|
|
resources:
|
|
requests:
|
|
cpu: 10m
|
|
memory: 128Mi
|
|
service:
|
|
main:
|
|
controller: main
|
|
ports:
|
|
http:
|
|
port: 80
|
|
targetPort: 9120
|
|
protocol: HTTP
|
|
ferretdb-2:
|
|
controller: ferretdb-2
|
|
ports:
|
|
http:
|
|
port: 27017
|
|
targetPort: 27017
|
|
protocol: HTTP
|
|
persistence:
|
|
cache:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
retain: true
|
|
advancedMounts:
|
|
main:
|
|
main:
|
|
- path: /repo-cache
|
|
readOnly: false
|
|
syncs:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
retain: true
|
|
advancedMounts:
|
|
main:
|
|
main:
|
|
- path: /syncs
|
|
readOnly: false
|
|
postgresql-17-fdb-cluster:
|
|
nameOverride: komodo-postgresql-17-fdb
|
|
mode: standalone
|
|
cluster:
|
|
image:
|
|
repository: ghcr.io/ferretdb/postgres-documentdb
|
|
tag: "17-0.106.0-ferretdb-2.5.0"
|
|
storage:
|
|
storageClass: local-path
|
|
walStorage:
|
|
storageClass: local-path
|
|
postgresUID: 999
|
|
postgresGID: 999
|
|
enableSuperuserAccess: true
|
|
monitoring:
|
|
enabled: true
|
|
prometheusRule:
|
|
enabled: true
|
|
postgresql:
|
|
parameters:
|
|
cron.database_name: 'ferretDB'
|
|
documentdb.enableCompact: "true"
|
|
documentdb.enableLetAndCollationForQueryMatch: "true"
|
|
documentdb.enableNowSystemVariable: "true"
|
|
documentdb.enableSortbyIdPushDownToPrimaryKey: "true"
|
|
documentdb.enableSchemaValidation: "true"
|
|
documentdb.enableBypassDocumentValidation: "true"
|
|
documentdb.enableUserCrud: "true"
|
|
documentdb.maxUserLimit: "100"
|
|
shared_buffers: 128MB
|
|
max_slot_wal_keep_size: 2000MB
|
|
hot_standby_feedback: "on"
|
|
pg_hba:
|
|
- host ferretDB postgres localhost trust
|
|
- host ferretDB ferret localhost trust
|
|
shared_preload_libraries:
|
|
- pg_cron
|
|
- pg_documentdb_core
|
|
- pg_documentdb
|
|
initdb:
|
|
database: ferretDB
|
|
owner: ferret
|
|
postInitApplicationSQL:
|
|
- create extension if not exists pg_cron;
|
|
- create extension if not exists documentdb cascade;
|
|
- grant documentdb_admin_role to ferret;
|
|
recovery:
|
|
method: objectStore
|
|
objectStore:
|
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/komodo/komodo-postgresql-17-fdb-cluster
|
|
index: 2
|
|
backup:
|
|
objectStore:
|
|
- name: external
|
|
destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/komodo/komodo-postgresql-17-fdb-cluster
|
|
index: 2
|
|
retentionPolicy: "2d"
|
|
scheduledBackups:
|
|
- name: daily-backup
|
|
suspend: false
|
|
schedule: "0 0 0 * * *"
|
|
backupName: external
|