diff --git a/deployment/.gitignore b/deployment/.gitignore index 14cfa18ed..61e591624 100644 --- a/deployment/.gitignore +++ b/deployment/.gitignore @@ -2,3 +2,5 @@ secrets.yaml configmap.yaml **/secrets.yaml **/configmap.yaml +**/staging-values.yaml +**/production-values.yaml \ No newline at end of file diff --git a/deployment/README.md b/deployment/README.md index 0615ccf9b..09dcd5f00 100644 --- a/deployment/README.md +++ b/deployment/README.md @@ -1,11 +1,10 @@ # Human-Connection Nitro \| Deployment Configuration -We deploy with [kubernetes](https://kubernetes.io/). In order to deploy your own -network you have to [install kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/) -and get a kubernetes cluster. +There are a couple different ways we have tested to deploy an instance of Human Connection, with [kubernetes](https://kubernetes.io/) and via [Helm](https://helm.sh/docs/). In order to manage your own +network, you have to [install kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl/), [install Helm](https://helm.sh/docs/intro/install/) (optional, but the preferred way), +and set up a kubernetes cluster. Since there are many different options to host your cluster, we won't go into specifics here. We have tested two different kubernetes providers: [Minikube](./minikube/README.md) and [Digital Ocean](./digital-ocean/README.md). -Check out the specific documentation for your provider. After that, learn how -to apply the specific kubernetes configuration for [Human Connection](./human-connection/README.md). +Check out the specific documentation for your provider. After that, choose whether you want to go with the recommended deploy option [Helm](./helm/README.md), or use kubernetes to apply the configuration for [Human Connection](./human-connection/README.md). diff --git a/deployment/helm/human-connection/.helmignore b/deployment/helm/human-connection/.helmignore new file mode 100644 index 000000000..50af03172 --- /dev/null +++ b/deployment/helm/human-connection/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/deployment/helm/human-connection/Chart.yaml b/deployment/helm/human-connection/Chart.yaml new file mode 100644 index 000000000..525d5a8e8 --- /dev/null +++ b/deployment/helm/human-connection/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "0.3.1" +description: A Helm chart for Human Connection +name: human-connection +version: 0.1.0 diff --git a/deployment/helm/human-connection/README.md b/deployment/helm/human-connection/README.md new file mode 100644 index 000000000..444f9da15 --- /dev/null +++ b/deployment/helm/human-connection/README.md @@ -0,0 +1,72 @@ +# Helm installation of Human Connection + +Deploying Human Connection with Helm is very straight forward. All you have to +do is to change certain parameters, like domain names and API keys, then you +just install our provided Helm chart to your cluster. + +## Configuration + +You can customize the network with your configuration by changing the `values.yaml`, all variables will be available as +environment variables in your deployed kubernetes pods. + +Probably you want to change this environment variable to your actual domain: + +```bash +# in folder /deployment/helm +CLIENT_URI: "https://develop.human-connection.org" +``` + +If you want to edit secrets, you have to `base64` encode them. See [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/secret/#creating-a-secret-manually). You can also use `helm-secrets`, but we have yet to test it. + +```bash +# example how to base64 a string: +$ echo -n 'admin' | base64 +YWRtaW4= +``` +Those secrets get `base64` decoded and are available as environment variables in +your deployed kubernetes pods. + +# https +If you start with setting up the `https`, when you install the app, it will automatically take care of the certificates for you. + +First check that you are using `Helm v3`, this is important since it removes the need for `Tiller`. See, [FAQ](https://helm.sh/docs/faq/#removal-of-tiller) + +```bash +$ helm version +# output should look similar to this: +#version.BuildInfo{Version:"v3.0.2", GitCommit:"19e47ee3283ae98139d98460de796c1be1e3975f", GitTreeState:"clean", GoVersion:"go1.13.5"} +``` + +Apply cert-manager CRDs before installing (or it will fail) + +```bash +$ kubectl apply --validate=false -f https://raw.githubusercontent.com/jetstack/cert-manager/release-0.13.0/deploy/manifests/00-crds.yaml +``` + +Next, create the `cert-manager` namespace +```bash +$ kubectl create namespace cert-manager +``` +Add the `jetstack` repo and update + +```bash +$ helm repo add jetstack https://charts.jetstack.io +$ helm repo update +``` + +Install cert-manager +```bash +$ helm install cert-manager --namespace cert-manager --version v0.13.0 jetstack/cert-manager +``` + +# Deploy + +Once you are satisfied with the configuration, you can install the app. + +```bash +# in folder /deployment/helm/human-connection +$ helm install develop ./ --namespace human-connection +``` +Where `develop` is the release name, in this case develop for our develop server and `human-connection` is the namespace, again customize for your needs. The release name can be anything you want. Just keep in mind that it is used in the templates to prepend the `CLIENT_URI` and other places. + +This will set up everything you need for the network, including `deployments`, and their `pods`, `services`, `ingress`, `volumes`(PersitentVolumes), `PersistentVolumeClaims`, and even `ClusterIssuers` for https certificates. diff --git a/deployment/helm/human-connection/templates/cluster-issuers/letsencrypt-prod.yaml b/deployment/helm/human-connection/templates/cluster-issuers/letsencrypt-prod.yaml new file mode 100644 index 000000000..ac11e76b8 --- /dev/null +++ b/deployment/helm/human-connection/templates/cluster-issuers/letsencrypt-prod.yaml @@ -0,0 +1,20 @@ +apiVersion: cert-manager.io/v1alpha2 +kind: ClusterIssuer +metadata: + name: letsencrypt-prod + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + acme: + server: https://acme-v02.api.letsencrypt.org/directory + email: {{ .Values.supportEmail }} + privateKeySecretRef: + name: letsencrypt-prod + solvers: + - http01: + ingress: + class: nginx diff --git a/deployment/helm/human-connection/templates/cluster-issuers/letsencrypt-staging.yaml b/deployment/helm/human-connection/templates/cluster-issuers/letsencrypt-staging.yaml new file mode 100644 index 000000000..cc9d9fdd7 --- /dev/null +++ b/deployment/helm/human-connection/templates/cluster-issuers/letsencrypt-staging.yaml @@ -0,0 +1,20 @@ +apiVersion: cert-manager.io/v1alpha2 +kind: ClusterIssuer +metadata: + name: letsencrypt-staging + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + acme: + server: https://acme-staging-v02.api.letsencrypt.org/directory + email: {{ .Values.supportEmail }} + privateKeySecretRef: + name: letsencrypt-staging + solvers: + - http01: + ingress: + class: nginx diff --git a/deployment/helm/human-connection/templates/deployments/deployment-backend.yaml b/deployment/helm/human-connection/templates/deployments/deployment-backend.yaml new file mode 100644 index 000000000..33aa8a0e0 --- /dev/null +++ b/deployment/helm/human-connection/templates/deployments/deployment-backend.yaml @@ -0,0 +1,58 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-backend + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + replicas: 1 + minReadySeconds: 15 + progressDeadlineSeconds: 60 + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: "100%" + selector: + matchLabels: + human-connection.org/selector: deployment-backend + template: + metadata: + name: deployment-backend + annotations: + backup.velero.io/backup-volumes: uploads + labels: + human-connection.org/commit: {{ .Values.commit }} + human-connection.org/selector: deployment-backend + spec: + containers: + - name: backend + image: "{{ .Values.backendImage }}:{{ .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - configMapRef: + name: {{ .Release.Name }}-configmap + - secretRef: + name: {{ .Release.Name }}-secrets + ports: + - containerPort: 4000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /nitro-backend/public/uploads + name: uploads + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: uploads-claim +status: {} diff --git a/deployment/helm/human-connection/templates/deployments/deployment-mailserver.yaml b/deployment/helm/human-connection/templates/deployments/deployment-mailserver.yaml new file mode 100644 index 000000000..85c587197 --- /dev/null +++ b/deployment/helm/human-connection/templates/deployments/deployment-mailserver.yaml @@ -0,0 +1,40 @@ +{{- if .Values.developmentMailserverDomain }} +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-mailserver + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + replicas: 1 + minReadySeconds: 15 + progressDeadlineSeconds: 60 + selector: + matchLabels: + human-connection.org/selector: deployment-mailserver + template: + metadata: + labels: + human-connection.org/selector: deployment-mailserver + name: mailserver + spec: + containers: + - name: mailserver + image: djfarrelly/maildev + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: 80 + - containerPort: 25 + envFrom: + - configMapRef: + name: {{ .Release.Name }}-configmap + - secretRef: + name: {{ .Release.Name }}-secrets + restartPolicy: Always + terminationGracePeriodSeconds: 30 +status: {} +{{- end}} diff --git a/deployment/helm/human-connection/templates/deployments/deployment-maintenance.yaml b/deployment/helm/human-connection/templates/deployments/deployment-maintenance.yaml new file mode 100644 index 000000000..b12069f7e --- /dev/null +++ b/deployment/helm/human-connection/templates/deployments/deployment-maintenance.yaml @@ -0,0 +1,32 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-maintenance + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + selector: + matchLabels: + human-connection.org/selector: deployment-maintenance + template: + metadata: + labels: + human-connection.org/commit: {{ .Values.commit }} + human-connection.org/selector: deployment-maintenance + name: maintenance + spec: + containers: + - name: maintenance + env: + - name: HOST + value: 0.0.0.0 + image: "{{ .Values.maintenanceImage }}:{{ .Chart.AppVersion }}" + ports: + - containerPort: 80 + imagePullPolicy: Always + restartPolicy: Always + terminationGracePeriodSeconds: 30 diff --git a/deployment/helm/human-connection/templates/deployments/deployment-neo4j.yaml b/deployment/helm/human-connection/templates/deployments/deployment-neo4j.yaml new file mode 100644 index 000000000..ae244fdce --- /dev/null +++ b/deployment/helm/human-connection/templates/deployments/deployment-neo4j.yaml @@ -0,0 +1,52 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-neo4j + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + replicas: 1 + strategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: "100%" + selector: + matchLabels: + human-connection.org/selector: deployment-neo4j + template: + metadata: + name: neo4j + annotations: + backup.velero.io/backup-volumes: neo4j-data + labels: + human-connection.org/commit: {{ .Values.commit }} + human-connection.org/selector: deployment-neo4j + spec: + containers: + - name: neo4j + image: "{{ .Values.neo4jImage }}:{{ .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - containerPort: 7687 + - containerPort: 7474 + resources: + requests: + memory: {{ .Values.neo4jResourceRequestsMemory | default "1G" | quote }} + limits: + memory: {{ .Values.neo4jResourceLimitsMemory | default "1G" | quote }} + envFrom: + - configMapRef: + name: {{ .Release.Name }}-configmap + volumeMounts: + - mountPath: /data/ + name: neo4j-data + volumes: + - name: neo4j-data + persistentVolumeClaim: + claimName: neo4j-data-claim + restartPolicy: Always + terminationGracePeriodSeconds: 30 diff --git a/deployment/helm/human-connection/templates/deployments/deployment-web.yaml b/deployment/helm/human-connection/templates/deployments/deployment-web.yaml new file mode 100644 index 000000000..3314f7ec0 --- /dev/null +++ b/deployment/helm/human-connection/templates/deployments/deployment-web.yaml @@ -0,0 +1,43 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Release.Name }}-webapp + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + replicas: 2 + minReadySeconds: 15 + progressDeadlineSeconds: 60 + selector: + matchLabels: + human-connection.org/selector: deployment-webapp + template: + metadata: + name: webapp + labels: + human-connection.org/commit: {{ .Values.commit }} + human-connection.org/selector: deployment-webapp + spec: + containers: + - name: webapp + image: "{{ .Values.webappImage }}:{{ .Chart.AppVersion }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + envFrom: + - configMapRef: + name: {{ .Release.Name }}-configmap + - secretRef: + name: {{ .Release.Name }}-secrets + env: + - name: HOST + value: 0.0.0.0 + ports: + - containerPort: 3000 + resources: {} + imagePullPolicy: Always + restartPolicy: Always + terminationGracePeriodSeconds: 30 +status: {} diff --git a/deployment/helm/human-connection/templates/ingress/ingress.template.yaml b/deployment/helm/human-connection/templates/ingress/ingress.template.yaml new file mode 100644 index 000000000..eb8dd65be --- /dev/null +++ b/deployment/helm/human-connection/templates/ingress/ingress.template.yaml @@ -0,0 +1,36 @@ +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ .Release.Name }}-ingress + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + annotations: + kubernetes.io/ingress.class: "nginx" + cert-manager.io/cluster-issuer: {{ .Values.letsencryptIssuer }} + nginx.ingress.kubernetes.io/proxy-body-size: 10m +spec: + tls: + - hosts: + - {{ .Values.domain }} + secretName: tls + rules: + - host: {{ .Values.domain }} + http: + paths: + - path: / + backend: + serviceName: {{ .Release.Name }}-webapp + servicePort: 3000 +{{- if .Values.developmentMailserverDomain }} + - host: {{ .Values.developmentMailserverDomain }} + http: + paths: + - path: / + backend: + serviceName: {{ .Release.Name }}-mailserver + servicePort: 80 +{{- end }} diff --git a/deployment/helm/human-connection/templates/jobs/job-db-migration.yaml b/deployment/helm/human-connection/templates/jobs/job-db-migration.yaml new file mode 100644 index 000000000..8a924f44b --- /dev/null +++ b/deployment/helm/human-connection/templates/jobs/job-db-migration.yaml @@ -0,0 +1,29 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ .Release.Name }}-db-migrations + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + annotations: + "helm.sh/hook": post-upgrade + "helm.sh/hook-weight": "5" + "helm.sh/hook-delete-policy": hook-succeeded, hook-failed +spec: + template: + metadata: + name: {{ .Release.Name }} + spec: + restartPolicy: Never + containers: + - name: db-migrations-job + image: "{{ .Values.backendImage }}:latest" + command: ["/bin/sh", "-c", "{{ .Values.dbMigrations }}"] + envFrom: + - configMapRef: + name: {{ .Release.Name }}-configmap + - secretRef: + name: {{ .Release.Name }}-secrets \ No newline at end of file diff --git a/deployment/helm/human-connection/templates/services/service-backend.yaml b/deployment/helm/human-connection/templates/services/service-backend.yaml new file mode 100644 index 000000000..af23e6910 --- /dev/null +++ b/deployment/helm/human-connection/templates/services/service-backend.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-backend + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + ports: + - name: graphql + port: 4000 + targetPort: 4000 + selector: + human-connection.org/selector: deployment-backend diff --git a/deployment/helm/human-connection/templates/services/service-mailserver.yaml b/deployment/helm/human-connection/templates/services/service-mailserver.yaml new file mode 100644 index 000000000..685becb1d --- /dev/null +++ b/deployment/helm/human-connection/templates/services/service-mailserver.yaml @@ -0,0 +1,22 @@ +{{- if .Values.developmentMailserverDomain }} +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-mailserver + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + ports: + - name: web + port: 80 + targetPort: 80 + - name: smtp + port: 25 + targetPort: 25 + selector: + human-connection.org/selector: deployment-mailserver +{{- end}} diff --git a/deployment/helm/human-connection/templates/services/service-maintenance.yaml b/deployment/helm/human-connection/templates/services/service-maintenance.yaml new file mode 100644 index 000000000..d641ca8ba --- /dev/null +++ b/deployment/helm/human-connection/templates/services/service-maintenance.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-maintenance + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + ports: + - name: web + port: 80 + targetPort: 80 + selector: + human-connection.org/selector: deployment-maintenance diff --git a/deployment/helm/human-connection/templates/services/service-neo4j.yaml b/deployment/helm/human-connection/templates/services/service-neo4j.yaml new file mode 100644 index 000000000..f5c7d5b38 --- /dev/null +++ b/deployment/helm/human-connection/templates/services/service-neo4j.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-neo4j + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + ports: + - name: bolt + port: 7687 + targetPort: 7687 + - name: web + port: 7474 + targetPort: 7474 + selector: + human-connection.org/selector: deployment-neo4j diff --git a/deployment/helm/human-connection/templates/services/service-webapp.yaml b/deployment/helm/human-connection/templates/services/service-webapp.yaml new file mode 100644 index 000000000..d762c2a55 --- /dev/null +++ b/deployment/helm/human-connection/templates/services/service-webapp.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + name: {{ .Release.Name }}-webapp + labels: + app.kubernetes.io/instance: {{ .Release.Name }} + app.kubernetes.io/managed-by: {{ .Release.Service }} + app.kubernetes.io/name: human-connection + app.kubernetes.io/version: {{ .Chart.AppVersion }} + helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" +spec: + ports: + - name: {{ .Release.Name }}-webapp + port: 3000 + protocol: TCP + targetPort: 3000 + selector: + human-connection.org/selector: deployment-webapp diff --git a/deployment/helm/human-connection/templates/volumes/pvc-neo4j-data.yaml b/deployment/helm/human-connection/templates/volumes/pvc-neo4j-data.yaml new file mode 100644 index 000000000..3f85d3ae8 --- /dev/null +++ b/deployment/helm/human-connection/templates/volumes/pvc-neo4j-data.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: neo4j-data-claim +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.neo4jStorage }} diff --git a/deployment/helm/human-connection/templates/volumes/pvc-uploads.yaml b/deployment/helm/human-connection/templates/volumes/pvc-uploads.yaml new file mode 100644 index 000000000..7eb81135b --- /dev/null +++ b/deployment/helm/human-connection/templates/volumes/pvc-uploads.yaml @@ -0,0 +1,16 @@ + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: uploads-claim +spec: + dataSource: + name: uploads-snapshot + kind: VolumeSnapshot + apiGroup: snapshot.storage.k8s.io + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.uploadsStorage }} + diff --git a/deployment/helm/human-connection/values.yaml b/deployment/helm/human-connection/values.yaml new file mode 100644 index 000000000..f30704f89 --- /dev/null +++ b/deployment/helm/human-connection/values.yaml @@ -0,0 +1,53 @@ +# domain is the user-facing domain. +domain: develop.human-connection.org +# commit is the latest github commit deployed. +commit: 889a7cdd24dda04a139b2b77d626e984d6db6781 +# dbInitialization runs the database initializations in a post-install hook. +dbInitializion: "yarn prod:migrate init" +# dbMigrations runs the database migrations in a post-upgrade hook. +dbMigrations: "yarn prod:migrate up" +# bakendImage is the docker image for the backend deployment +backendImage: humanconnection/nitro-backend +# maintenanceImage is the docker image for the maintenance deployment +maintenanceImage: humanconnection/maintenance +# neo4jImage is the docker image for the neo4j deployment +neo4jImage: humanconnection/neo4j +# webappImage is the docker image for the webapp deployment +webappImage: humanconnection/nitro-web +# image configures pullPolicy related to the docker images +image: + # pullPolicy indicates when, if ever, pods pull a new image from docker hub. + pullPolicy: IfNotPresent +# letsencryptIssuer is used by cert-manager to set up certificates with the given provider. +letsencryptIssuer: "letsencrypt-prod" +# neo4jConfig changes any default neo4j config/adds it. +neo4jConfig: + # acceptLicenseAgreement is used to agree to the license agreement for neo4j's enterprise edition. + acceptLicenseAgreement: \"yes\" + # apocImportFileEnabled enables the import of files to neo4j using the plugin apoc + apocImportFileEnabled: \"true\" + # dbmsMemoryHeapInitialSize configures initial heap size. By default, it is calculated based on available system resources.(valid units are `k`, `K`, `m`, `M`, `g`, `G`) + dbmsMemoryHeapInitialSize: "500M" + # dbmsMemoryHeapMaxSize configures maximum heap size. By default it is calculated based on available system resources.(valid units are `k`, `K`, `m`, `M`, `g`, `G`) + dbmsMemoryHeapMaxSize: "500M" + # dbmsMemoryPagecacheSize configures the amount of memory to use for mapping the store files, in bytes (or 'k', 'm', and 'g') + dbmsMemoryPagecacheSize: "490M" +# neo4jResourceLimitsMemory configures the memory limits available. +neo4jResourceLimitsMemory: "2G" +# neo4jResourceLimitsMemory configures the memory available for requests. +neo4jResourceRequestsMemory: "1G" +# supportEmail is used for letsencrypt certs. +supportEmail: "devcom@human-connection.org" +# smtpHost is the host for the mailserver. +smtpHost: "mailserver.human-connection.org" +# smtpPort is the port to be used for the mailserver. +smtpPort: \"25\" +# jwtSecret is used to encode/decode a user's JWT for authentication +jwtSecret: "Yi8mJjdiNzhCRiZmdi9WZA==" +# privateKeyPassphrase is used for activity pub +privateKeyPassphrase: "YTdkc2Y3OHNhZGc4N2FkODdzZmFnc2FkZzc4" +# mapboxToken is used for the Mapbox API, geolocalization. +mapboxToken: "cGsuZXlKMUlqb2lhSFZ0WVc0dFkyOXVibVZqZEdsdmJpSXNJbUVpT2lKamFqbDBjbkJ1Ykdvd2VUVmxNM1Z3WjJsek5UTnVkM1p0SW4wLktaOEtLOWw3MG9talhiRWtrYkhHc1E=" +uploadsStorage: "25Gi" +neo4jStorage: "5Gi" +developmentMailserverDomain: nitro-mailserver.human-connection.org \ No newline at end of file diff --git a/deployment/human-connection/deployment-backend.yaml b/deployment/human-connection/deployment-backend.yaml index 0f75127e5..00aab9ffd 100644 --- a/deployment/human-connection/deployment-backend.yaml +++ b/deployment/human-connection/deployment-backend.yaml @@ -38,7 +38,7 @@ spec: name: human-connection image: humanconnection/nitro-backend:latest imagePullPolicy: Always - name: nitro-backend + name: backend ports: - containerPort: 4000 protocol: TCP diff --git a/deployment/volumes/neo4j-data.yaml b/deployment/volumes/neo4j-data.yaml index 1f453a684..c060750ec 100644 --- a/deployment/volumes/neo4j-data.yaml +++ b/deployment/volumes/neo4j-data.yaml @@ -9,4 +9,4 @@ - ReadWriteOnce resources: requests: - storage: 5Gi + storage: {{ .Values.neo4jStorage }} diff --git a/deployment/volumes/uploads.yaml b/deployment/volumes/uploads.yaml index 2bd64c9ee..c174bf2cb 100644 --- a/deployment/volumes/uploads.yaml +++ b/deployment/volumes/uploads.yaml @@ -9,4 +9,4 @@ - ReadWriteOnce resources: requests: - storage: 25Gi + storage: {{ .Values.uploadsStorage }} diff --git a/deployment/volumes/volume-snapshots/snapshot.yaml b/deployment/volumes/volume-snapshots/snapshot.yaml index 3c3487e14..10a22daf5 100644 --- a/deployment/volumes/volume-snapshots/snapshot.yaml +++ b/deployment/volumes/volume-snapshots/snapshot.yaml @@ -2,9 +2,9 @@ apiVersion: snapshot.storage.k8s.io/v1alpha1 kind: VolumeSnapshot metadata: - name: neo4j-data-snapshot + name: uploads-snapshot namespace: human-connection spec: source: - name: neo4j-data-claim + name: uploads-claim kind: PersistentVolumeClaim