mirror of
https://github.com/Ocelot-Social-Community/Ocelot-Social.git
synced 2025-12-12 15:25:57 +00:00
628b57aa29
* feat(other): major improvement of deployment Motivation ---------- Kubernetes: * backend becomes a statefulset (exclusive volume mount) See: https://spacelift.io/blog/statefulset-vs-deployment * implement neo4j backup with job Docker: * consistent targets across all dockerfiles * remove redundant labels * remove unnecessary build args * remove obsolete networks * remove development dependencies for production Rebranding: * add image tags for local tagging and pulling * use Github's docker build workflows * use Github container registry * ONBUILD to simplify caller Dockerfiles * docker compose for branding Tooling: * same node --version as in dockerfile Docs: * missing step in README.md * refactor: remove submodules It's better to keep them all in a separate repository * improve kubernetes chart * better image tag defaults * split neo4j into its own chart (for re-use) * use application defaults where possible * optional resources for all pods * remove obsolete key/value pair from secrets * remove obsolete build argsand and add labels for neo4j enterprise * env vars for webapp * allow to define redirect domains Define a list of Domains that redirect to the domain of the project. The idea is to provide the ability to redirect eg. www.domain.tld to domain.tld * remove maintenance part regarding database * move backup job outside template folder * name the ingress * updated ingress * handle empty case of middlewares * try to default the ingress * use quote * restore todo-next-update * fix docu check * fix naming * try using prod:migrate * try using override config * copy src folder * try using base as image instead of build * fix test build * force build * comment for the problem * fix webapp tests (potentially) --------- Co-authored-by: Ulf Gebhardt <ulf.gebhardt@webcraft-media.de>
77 lines
5.4 KiB
YAML
77 lines
5.4 KiB
YAML
secrets:
|
|
acme_email: ENC[AES256_GCM,data:o+2HnrEqa/uXJwqUwdYU14FiZYPfLcKqkQ==,iv:1ouUU4ewzRL4ZDnwJm6BTVg3a64iC5+I2v+AWIF8W2Q=,tag:7ytv959cVmgSmXMC7A8zxA==,type:str]
|
|
webapp:
|
|
env:
|
|
MAPBOX_TOKEN: ENC[AES256_GCM,data:7Ka4BvQh6NDw9NKUcgGjLwxNHOqhVrZEj/DcGnyv1nXQIG/2WWGGHazAFWUCFpCUmCSaTPSkyLHPFyGQtQ7VAON3AG3tHtv5JvcBb4KDYrjAIzxhAAiHMYFtVJs=,iv:X0YL2dW42TUidJdBlRKb4Vq86X1OzHqipNHTBxmE7ds=,tag:KDH9NwDy6ghqdkXeZxuHgg==,type:str]
|
|
backend:
|
|
env:
|
|
JWT_SECRET: ENC[AES256_GCM,data:8qGviTFMOv9QyoNVwnlFNZ2PmvedbKJM,iv:rmZgs8h2QVsokzMzdGdEcInBLv8AX3xFUjkGhTf3sF0=,tag:SUJpMaIGAb14yg8RxCVUtA==,type:str]
|
|
MAPBOX_TOKEN: ENC[AES256_GCM,data:qK6iTYKiWfkvXBodm8zVmfr5ACTTz1+7Pt7Q/hwgv3SYERyo5NyqfsvbVKuDAD90kTCNODpSwUApJE6do/Umedg4s8mrnHXCckIDbX5BztoeHJBehsUC54ELcrQ=,iv:b65yqfdoOX366UXt7HS6nhL8hlZn4l5hQfrhI6NXc+I=,tag:vF48V+TRS5g9ezXhzAJnPw==,type:str]
|
|
PRIVATE_KEY_PASSPHRASE: ENC[AES256_GCM,data:05WXBFKIk0BtfUYmkWSwAP+/Y7v18LUow4X/,iv:y7VyymcoRLr2CK96BiErXvKP2Gn/QhECBZyeP+wo8LA=,tag:Hg/fIGyIDMY8P3mWfVupCw==,type:str]
|
|
#ENC[AES256_GCM,data:llx+JN8fRqwrLd2ahkmPrhPwcGIkn695l3Ox8VEs9YAR+1wpz3yujA==,iv:4Ctez8zMeqo3cpCCUVy6ZP4T1Z/myPw/FTq+++YAYbc=,tag:al/J8DLqNz6CoLl+TgUdOw==,type:comment]
|
|
EMAIL_DEFAULT_SENDER: ENC[AES256_GCM,data:z1EyEokf/TNkFLhRzsCbHew/6T8=,iv:Satr1c8aZQE73ZolC6n+PO74r+Gj3un5Mj0DIYb3n14=,tag:iK6l0GXuhLauBtFXTmLyKQ==,type:str]
|
|
SMTP_HOST: ENC[AES256_GCM,data:r0qbaUBB3CSUHR76,iv:TJIx71HW1aBB0sCEd1TB/tTgPBxLR1sdGAEf0t7Qilg=,tag:arXYtwVbIXVaUJpyommokQ==,type:str]
|
|
SMTP_USERNAME: ENC[AES256_GCM,data:lZ05DvSu,iv:Tyu7poao1shqKGd/sjTCgGNHU1xgRpjwjMRd+ArGf6o=,tag:dKms4G683JvFzja7YOwYKg==,type:str]
|
|
SMTP_PASSWORD: ENC[AES256_GCM,data:c9rnPIaKHIh2LNIJON3ib1IsA09OWGchDxRPRpvrtJw=,iv:08Acxl74lJbYtEEU6crVIYRXwkER8t1XPrhBA2PwEio=,tag:F0xrrt2PkBUMEyp7a81ssw==,type:str]
|
|
SMTP_PORT: ENC[AES256_GCM,data:MGmv,iv:IFg6oEncN0ICEmw96XL4EuPKqEZ6KLwU5FJYkveMSpY=,tag:kIVXlt0o5TfhOtRVqU/c4w==,type:str]
|
|
SMTP_IGNORE_TLS: ENC[AES256_GCM,data:ORAIWtg=,iv:6X4V3RDeYHrFdBTjsb3Ji0KWsZ2meL8ilqHNGQbcV/M=,tag:R87FgoQwqpes+0ejcOlrPg==,type:str]
|
|
#ENC[AES256_GCM,data:wEE3/SPsZqy9LATseOZG7LsCbjG5gY4VUT/TzxhHLJqcYP5I,iv:gcOA0XiUGWq15G4zTRPZ0qZ/XYMTjr+9krbOx0dwpeY=,tag:jd8LTiVT7UQShqMR9zZUZA==,type:comment]
|
|
SMTP_SECURE: ENC[AES256_GCM,data:PowbGhU=,iv:a1dK5AVySu749vPQvX9OLfMuD+tZkLNtXTMr17+4KuA=,tag:fuJQ7c4RBl25If01MSAmug==,type:str]
|
|
SMTP_DKIM_PRIVATKEY: null
|
|
SMTP_DKIM_DOMAINNAME: null
|
|
SMTP_DKIM_KEYSELECTOR: null
|
|
NEO4J_USERNAME: null
|
|
NEO4J_PASSWORD: null
|
|
REDIS_PASSWORD: null
|
|
neo4j:
|
|
env:
|
|
NEO4J_USERNAME: ""
|
|
NEO4J_PASSWORD: ""
|
|
sops:
|
|
kms: []
|
|
gcp_kms: []
|
|
azure_kv: []
|
|
hc_vault: []
|
|
age:
|
|
- recipient: age1llp6k66265q3rzqemxpnq0x3562u20989vcjf65fl9s3hjhgcscq6mhnjw
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRbjk3QXdyZU5yZnE0dElE
|
|
SW91VGIvSnovRmc4MCtiNDhET3RHQTFoakd3ClB4RlZUZXRwSTgvUTR3Q1AwUGJo
|
|
NEpySWVEOFE4ZmIzek03NzczeVhyY0EKLS0tIG9SZ2ZwQXdFSUVTbWxCQXpUeWd2
|
|
VDlsRlY2Z1RjWFZjcU9UeUpJZHJuSmMKTuy/s49nIwfRQyDyCGBWZPvyR9oNEXxV
|
|
6C0oVQXVTifkMvDet3dZWnOy6TeMkZBLD4BZHXSI+l6DkNdmIiwIpw==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
- recipient: age1zycwtk6dkxj6vuqhj9jw7932ythky9p3att6df4z9qasyw8v5dxquejcmp
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBQaHd0YW83bS9NZ1RBSWl6
|
|
cU0vMStYT3QxOFhOYmdNMUpNaHBLOVJGUFJVCnRjbWswbDhzOStFZTdXSVhTemJx
|
|
TVo1YnpxMDZxd1NWMVpNYXlYbzZtaVkKLS0tIGhmaHZzc2hnYi9WSStpc2lkbkRP
|
|
MElZK25Nc0lZTXBtc1BOQUpCandFKzAKnareBqzmHiSY551Iw8zPNg6aJN2QM0iN
|
|
f05TgS58OSEzXL60/9wBEN+E4Y1VErwOYP9CH8MdiAv1iRwLYgSJ/Q==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
- recipient: age15arcg8x6ltnsacwalvny0h2d4d4wkdmax328mw3v5vda9zm97uqshtavmr
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAyUWtnd1JObWNZZzZtWndv
|
|
dVhLWlRSNDNacHdSMXJ1ejV2RC80elA2TG1rCmc1MTFSMlpYM3hsSDNwWUJ0R3NC
|
|
Y2RrT2pZQllyTkdpcEs2akF0cENpc0EKLS0tIDFxV1B6bzZZVFVlSk5qZWxDbEd4
|
|
MkpsL3phc0M0VXBuUGQ2dFZOZHlKS1EKEmCasI2+d4FBgiI4Ter8Gxbl87yrfBq+
|
|
xze5n0df0GKK6JsML/0m2Z7HoqtCAEsjEfm45GdfAaiqPVh7gJG8TQ==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
- recipient: age1khw2eps099audp3uu5s9rk07qznllh5c8a43gv5dtpnq2a7lue6qrehn5s
|
|
enc: |
|
|
-----BEGIN AGE ENCRYPTED FILE-----
|
|
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRcDlPb1BlVUIwSEUvTjBx
|
|
KytIS0xQWjlzeEJPSDI5SEg5RmpXWFhKZVRvCm1XLzlMUmo1U1BZL2ZFS25GSkhY
|
|
V0tESW1hYTU0V01UQzEvNjZjMDk2WDAKLS0tIEl5TG84VE1UN0V3bk13cFU3bTUr
|
|
aGNFeXZZRmlJM041OHdTM0pmM3BBdGMKGvFgYY1jhKwciAOZKyw0hlFVNbOk7CM7
|
|
041g17JXNV1Wk6WgMZ4w8p54RKQVaWCT4wxChy6wNNdQ3IeKgqEU2w==
|
|
-----END AGE ENCRYPTED FILE-----
|
|
lastmodified: "2024-10-29T14:26:49Z"
|
|
mac: ENC[AES256_GCM,data:YXX7MEAK0wmuxLTmdr7q5uVd6DG6FhGUeE+EzbhWe/OovH6n+CjKZGklnEX+5ztDO0IgZh/T9Hx1CgFYuVbcOkvDoFBDwNpRA/QOQrM0p/+tRlMNCypC/Wh2xL0DhA4A/Qum2oyE/BDkt1Yy8N5wZDZn575+ZAjXEgAzlhpT5qk=,iv:ire3gkHTY6+0lgbV1Es6Lf8bcKTg4WKnq46M+b/VRcU=,tag:MkZULKcwROvIw/C0YtcUbA==,type:str]
|
|
pgp: []
|
|
unencrypted_suffix: _unencrypted
|
|
version: 3.9.0
|