[Skip-CI] Add secrets and configmaps, add section comments

This commit is contained in:
erik 2023-08-09 16:08:46 +02:00
parent 6ff12a8a58
commit 6e11bfd59e

View file

@ -14,7 +14,8 @@ spec:
labels: labels:
app: taiga app: taiga
spec: spec:
initContainers: # ToDo: add commands to create admin user #################### Init ########################
initContainers:
- name: taiga-manage - name: taiga-manage
image: taigaio/taiga-back:latest image: taigaio/taiga-back:latest
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
@ -38,9 +39,9 @@ spec:
- secretRef: - secretRef:
name: taiga-rabbitmq-secret name: taiga-rabbitmq-secret
env: env:
- name: POSTGRES_USER # ToDo: does taiga need a specific postgres version? Maybe test this - name: POSTGRES_USER # ToDo: Does taiga need a specific postgres version? Maybe test this
valueFrom: valueFrom: # ToDo: How do i reach a container from another container?
secretKeyRef: secretKeyRef: # ToDo: maybe generate container URLs at c4k level?
name: postgres-secret name: postgres-secret
key: postgres-user key: postgres-user
- name: POSTGRES_PASSWORD - name: POSTGRES_PASSWORD
@ -59,7 +60,9 @@ spec:
value: 5432 value: 5432
- name: CELERY_ENABLED - name: CELERY_ENABLED
value: false value: false
containers: # ToDo: Research hostname, network and dependsOn keywords of docker compose and find functional translation for kubernetes #################### Containers ########################
containers: # ToDo: Research dependsOn keyword of docker compose and find functional translation for kubernetes
### taiga-back
- name: taiga-back - name: taiga-back
image: taigaio/taiga-back:latest image: taigaio/taiga-back:latest
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
@ -99,6 +102,7 @@ spec:
value: "postgresql-service" value: "postgresql-service"
- name: POSTGRES_PORT - name: POSTGRES_PORT
value: 5432 value: 5432
### taiga-async
- name: taiga-async - name: taiga-async
image: taigaio/taiga-back:latest image: taigaio/taiga-back:latest
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
@ -139,7 +143,8 @@ spec:
value: "postgresql-service" value: "postgresql-service"
- name: POSTGRES_PORT - name: POSTGRES_PORT
value: 5432 value: 5432
- name: taiga-async-rabbitmq # ToDo: Rabbitmq uses a hostname KW in docker-compose. Whats the equivalent expression in kubernetes? ### taiga-async-rabbitmq
- name: taiga-async-rabbitmq
image: rabbitmq:3.8-management-alpine image: rabbitmq:3.8-management-alpine
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
@ -156,6 +161,7 @@ spec:
value: ERLANG_COOKIE_VALUE value: ERLANG_COOKIE_VALUE
- name: RABBITMQ_DEFAULT_VHOST - name: RABBITMQ_DEFAULT_VHOST
value: RABBITMQ_VHOST value: RABBITMQ_VHOST
### taiga-front
- name: taiga-front - name: taiga-front
image: taigaio/taiga-front:latest image: taigaio/taiga-front:latest
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
@ -168,19 +174,21 @@ spec:
value: WEBSOCKETS_SCHEME://TAIGA_DOMAIN value: WEBSOCKETS_SCHEME://TAIGA_DOMAIN
- name: TAIGA_SUBPATH - name: TAIGA_SUBPATH
value: SUBPATH value: SUBPATH
### taiga-events
- name: taiga-events - name: taiga-events
image: taigaio/taiga-events:latest image: taigaio/taiga-events:latest
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- containerPort: 80 - containerPort: 80
env: envFrom: # ToDo: check if all vars are needed
- name: RABBITMQ_USER - configMapRef:
value: RABBITMQ_USER_VALUE name: taiga-back-configmap
- name: RABBITMQ_PASS - secretRef:
value: RABBITMQ_PASS_VALUE name: taiga-back-secret
- name: TAIGA_SECRET_KEY - secretRef:
value: SECRET_KEY_VALUE name: taiga-rabbitmq-secret
- name: taiga-events-rabbitmq # ToDo: Rabbitmq uses a hostname KW in docker-compose. Whats the equivalent expression in kubernetes? ### taiga-events-rabbitmq
- name: taiga-events-rabbitmq
image: rabbitmq:3.8-management-alpine image: rabbitmq:3.8-management-alpine
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
@ -189,25 +197,26 @@ spec:
- name: taiga-events-rabbitmq-data - name: taiga-events-rabbitmq-data
mountPath: /var/lib/rabbitmq mountPath: /var/lib/rabbitmq
readOnly: false readOnly: false
envFrom:
- secretRef: # ToDo secret key ref
name: taiga-rabbitmq-secret
env: env:
- name: RABBITMQ_ERLANG_COOKIE - name: RABBITMQ_ERLANG_COOKIE
value: ERLANG_COOKIE_VALUE value: ERLANG_COOKIE_VALUE
- name: RABBITMQ_DEFAULT_USER
value: RABBITMQ_USER
- name: RABBITMQ_DEFAULT_PASS
value: RABBITMQ_PASS
- name: RABBITMQ_DEFAULT_VHOST - name: RABBITMQ_DEFAULT_VHOST
value: RABBITMQ_VHOST value: RABBITMQ_VHOST
### taiga-protected
- name: taiga-protected - name: taiga-protected
image: taigaio/taiga-protected:latest image: taigaio/taiga-protected:latest
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
ports: ports:
- containerPort: 80 - containerPort: 80
envFrom: # ToDo secret key ref - secret_key
- secretRef:
name: taiga-back-secret
env: env:
- name: MAX_AGE - name: MAX_AGE
value: ATTACHMENTS_MAX_AGE value: ATTACHMENTS_MAX_AGE
- name: SECRET_KEY
value: SECRET_KEY_VALUE
# - name: taiga-gateway # ToDo: How to replace the gateway in this setup? # - name: taiga-gateway # ToDo: How to replace the gateway in this setup?
volumes: volumes:
@ -223,182 +232,3 @@ spec:
- name: taiga-events-rabbitmq-data - name: taiga-events-rabbitmq-data
persistentVolumeClaim: persistentVolumeClaim:
claimName: taiga-events-rabbitmq-data claimName: taiga-events-rabbitmq-data
x-environment:
&default-back-environment
# These environment variables will be used by taiga-back and taiga-async.
# Database settings
POSTGRES_DB: "taiga"
POSTGRES_USER: "${POSTGRES_USER}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
POSTGRES_HOST: "taiga-db"
# Taiga settings
TAIGA_SECRET_KEY: "${SECRET_KEY}"
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
TAIGA_SUBPATH: "${SUBPATH}"
# Email settings.
EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
EMAIL_HOST: "${EMAIL_HOST}"
EMAIL_PORT: "${EMAIL_PORT}"
EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
# Rabbitmq settings
RABBITMQ_USER: "${RABBITMQ_USER}"
RABBITMQ_PASS: "${RABBITMQ_PASS}"
# Telemetry settings
ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
# ...your customizations go here
x-volumes:
&default-back-volumes
# These volumens will be used by taiga-back and taiga-async.
- taiga-static-data:/taiga-back/static
- taiga-media-data:/taiga-back/media
# - ./config.py:/taiga-back/settings/config.py
services:
taiga-db:
image: postgres:12.3
environment:
POSTGRES_DB: "taiga"
POSTGRES_USER: "${POSTGRES_USER}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
interval: 2s
timeout: 15s
retries: 5
start_period: 3s
volumes:
- taiga-db-data:/var/lib/postgresql/data
networks:
- taiga
taiga-back:
image: taigaio/taiga-back:latest
environment: *default-back-environment
volumes: *default-back-volumes
networks:
- taiga
depends_on:
taiga-db:
condition: service_healthy
taiga-events-rabbitmq:
condition: service_healthy
taiga-async-rabbitmq:
condition: service_healthy
taiga-async:
image: taigaio/taiga-back:latest
entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
environment: *default-back-environment
volumes: *default-back-volumes
networks:
- taiga
depends_on:
taiga-db:
condition: service_healthy
taiga-events-rabbitmq:
condition: service_healthy
taiga-async-rabbitmq:
condition: service_healthy
taiga-async-rabbitmq:
image: rabbitmq:3.8-management-alpine
environment:
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
hostname: "taiga-async-rabbitmq"
healthcheck:
test: rabbitmq-diagnostics -q ping
interval: 2s
timeout: 15s
retries: 5
start_period: 3s
volumes:
- taiga-async-rabbitmq-data:/var/lib/rabbitmq
networks:
- taiga
taiga-front:
image: taigaio/taiga-front:latest
environment:
TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
TAIGA_SUBPATH: "${SUBPATH}"
# ...your customizations go here
networks:
- taiga
# volumes:
# - ./conf.json:/usr/share/nginx/html/conf.json
taiga-events:
image: taigaio/taiga-events:latest
environment:
RABBITMQ_USER: "${RABBITMQ_USER}"
RABBITMQ_PASS: "${RABBITMQ_PASS}"
TAIGA_SECRET_KEY: "${SECRET_KEY}"
networks:
- taiga
depends_on:
taiga-events-rabbitmq:
condition: service_healthy
taiga-events-rabbitmq:
image: rabbitmq:3.8-management-alpine
environment:
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
hostname: "taiga-events-rabbitmq"
healthcheck:
test: rabbitmq-diagnostics -q ping
interval: 2s
timeout: 15s
retries: 5
start_period: 3s
volumes:
- taiga-events-rabbitmq-data:/var/lib/rabbitmq
networks:
- taiga
taiga-protected:
image: taigaio/taiga-protected:latest
environment:
MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
SECRET_KEY: "${SECRET_KEY}"
networks:
- taiga
taiga-gateway:
image: nginx:1.19-alpine
ports:
- "9000:80"
volumes:
- ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
- taiga-static-data:/taiga/static
- taiga-media-data:/taiga/media
networks:
- taiga
depends_on:
- taiga-front
- taiga-back
- taiga-events
volumes:
taiga-static-data:
taiga-media-data:
taiga-db-data:
taiga-async-rabbitmq-data:
taiga-events-rabbitmq-data:
networks:
taiga: