[Skip-CI] Add secrets and configmaps, add section comments
This commit is contained in:
parent
6ff12a8a58
commit
6e11bfd59e
1 changed files with 30 additions and 200 deletions
|
@ -14,7 +14,8 @@ spec:
|
|||
labels:
|
||||
app: taiga
|
||||
spec:
|
||||
initContainers: # ToDo: add commands to create admin user
|
||||
#################### Init ########################
|
||||
initContainers:
|
||||
- name: taiga-manage
|
||||
image: taigaio/taiga-back:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
@ -38,9 +39,9 @@ spec:
|
|||
- secretRef:
|
||||
name: taiga-rabbitmq-secret
|
||||
env:
|
||||
- name: POSTGRES_USER # ToDo: does taiga need a specific postgres version? Maybe test this
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
- name: POSTGRES_USER # ToDo: Does taiga need a specific postgres version? Maybe test this
|
||||
valueFrom: # ToDo: How do i reach a container from another container?
|
||||
secretKeyRef: # ToDo: maybe generate container URLs at c4k level?
|
||||
name: postgres-secret
|
||||
key: postgres-user
|
||||
- name: POSTGRES_PASSWORD
|
||||
|
@ -59,7 +60,9 @@ spec:
|
|||
value: 5432
|
||||
- name: CELERY_ENABLED
|
||||
value: false
|
||||
containers: # ToDo: Research hostname, network and dependsOn keywords of docker compose and find functional translation for kubernetes
|
||||
#################### Containers ########################
|
||||
containers: # ToDo: Research dependsOn keyword of docker compose and find functional translation for kubernetes
|
||||
### taiga-back
|
||||
- name: taiga-back
|
||||
image: taigaio/taiga-back:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
@ -99,6 +102,7 @@ spec:
|
|||
value: "postgresql-service"
|
||||
- name: POSTGRES_PORT
|
||||
value: 5432
|
||||
### taiga-async
|
||||
- name: taiga-async
|
||||
image: taigaio/taiga-back:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
@ -139,7 +143,8 @@ spec:
|
|||
value: "postgresql-service"
|
||||
- name: POSTGRES_PORT
|
||||
value: 5432
|
||||
- name: taiga-async-rabbitmq # ToDo: Rabbitmq uses a hostname KW in docker-compose. Whats the equivalent expression in kubernetes?
|
||||
### taiga-async-rabbitmq
|
||||
- name: taiga-async-rabbitmq
|
||||
image: rabbitmq:3.8-management-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
|
@ -156,6 +161,7 @@ spec:
|
|||
value: ERLANG_COOKIE_VALUE
|
||||
- name: RABBITMQ_DEFAULT_VHOST
|
||||
value: RABBITMQ_VHOST
|
||||
### taiga-front
|
||||
- name: taiga-front
|
||||
image: taigaio/taiga-front:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
@ -168,19 +174,21 @@ spec:
|
|||
value: WEBSOCKETS_SCHEME://TAIGA_DOMAIN
|
||||
- name: TAIGA_SUBPATH
|
||||
value: SUBPATH
|
||||
### taiga-events
|
||||
- name: taiga-events
|
||||
image: taigaio/taiga-events:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
env:
|
||||
- name: RABBITMQ_USER
|
||||
value: RABBITMQ_USER_VALUE
|
||||
- name: RABBITMQ_PASS
|
||||
value: RABBITMQ_PASS_VALUE
|
||||
- name: TAIGA_SECRET_KEY
|
||||
value: SECRET_KEY_VALUE
|
||||
- name: taiga-events-rabbitmq # ToDo: Rabbitmq uses a hostname KW in docker-compose. Whats the equivalent expression in kubernetes?
|
||||
envFrom: # ToDo: check if all vars are needed
|
||||
- configMapRef:
|
||||
name: taiga-back-configmap
|
||||
- secretRef:
|
||||
name: taiga-back-secret
|
||||
- secretRef:
|
||||
name: taiga-rabbitmq-secret
|
||||
### taiga-events-rabbitmq
|
||||
- name: taiga-events-rabbitmq
|
||||
image: rabbitmq:3.8-management-alpine
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
|
@ -189,25 +197,26 @@ spec:
|
|||
- name: taiga-events-rabbitmq-data
|
||||
mountPath: /var/lib/rabbitmq
|
||||
readOnly: false
|
||||
envFrom:
|
||||
- secretRef: # ToDo secret key ref
|
||||
name: taiga-rabbitmq-secret
|
||||
env:
|
||||
- name: RABBITMQ_ERLANG_COOKIE
|
||||
value: ERLANG_COOKIE_VALUE
|
||||
- name: RABBITMQ_DEFAULT_USER
|
||||
value: RABBITMQ_USER
|
||||
- name: RABBITMQ_DEFAULT_PASS
|
||||
value: RABBITMQ_PASS
|
||||
- name: RABBITMQ_DEFAULT_VHOST
|
||||
value: RABBITMQ_VHOST
|
||||
### taiga-protected
|
||||
- name: taiga-protected
|
||||
image: taigaio/taiga-protected:latest
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 80
|
||||
envFrom: # ToDo secret key ref - secret_key
|
||||
- secretRef:
|
||||
name: taiga-back-secret
|
||||
env:
|
||||
- name: MAX_AGE
|
||||
value: ATTACHMENTS_MAX_AGE
|
||||
- name: SECRET_KEY
|
||||
value: SECRET_KEY_VALUE
|
||||
# - name: taiga-gateway # ToDo: How to replace the gateway in this setup?
|
||||
|
||||
volumes:
|
||||
|
@ -223,182 +232,3 @@ spec:
|
|||
- name: taiga-events-rabbitmq-data
|
||||
persistentVolumeClaim:
|
||||
claimName: taiga-events-rabbitmq-data
|
||||
|
||||
|
||||
x-environment:
|
||||
&default-back-environment
|
||||
# These environment variables will be used by taiga-back and taiga-async.
|
||||
# Database settings
|
||||
POSTGRES_DB: "taiga"
|
||||
POSTGRES_USER: "${POSTGRES_USER}"
|
||||
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
|
||||
POSTGRES_HOST: "taiga-db"
|
||||
# Taiga settings
|
||||
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
|
||||
TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
|
||||
TAIGA_SUBPATH: "${SUBPATH}"
|
||||
# Email settings.
|
||||
EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
|
||||
DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
|
||||
EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
|
||||
EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
|
||||
EMAIL_HOST: "${EMAIL_HOST}"
|
||||
EMAIL_PORT: "${EMAIL_PORT}"
|
||||
EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
|
||||
EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
|
||||
# Rabbitmq settings
|
||||
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||
# Telemetry settings
|
||||
ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
|
||||
# ...your customizations go here
|
||||
|
||||
x-volumes:
|
||||
&default-back-volumes
|
||||
# These volumens will be used by taiga-back and taiga-async.
|
||||
- taiga-static-data:/taiga-back/static
|
||||
- taiga-media-data:/taiga-back/media
|
||||
# - ./config.py:/taiga-back/settings/config.py
|
||||
|
||||
services:
|
||||
taiga-db:
|
||||
image: postgres:12.3
|
||||
environment:
|
||||
POSTGRES_DB: "taiga"
|
||||
POSTGRES_USER: "${POSTGRES_USER}"
|
||||
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
|
||||
healthcheck:
|
||||
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
|
||||
interval: 2s
|
||||
timeout: 15s
|
||||
retries: 5
|
||||
start_period: 3s
|
||||
volumes:
|
||||
- taiga-db-data:/var/lib/postgresql/data
|
||||
networks:
|
||||
- taiga
|
||||
|
||||
taiga-back:
|
||||
image: taigaio/taiga-back:latest
|
||||
environment: *default-back-environment
|
||||
volumes: *default-back-volumes
|
||||
networks:
|
||||
- taiga
|
||||
depends_on:
|
||||
taiga-db:
|
||||
condition: service_healthy
|
||||
taiga-events-rabbitmq:
|
||||
condition: service_healthy
|
||||
taiga-async-rabbitmq:
|
||||
condition: service_healthy
|
||||
|
||||
taiga-async:
|
||||
image: taigaio/taiga-back:latest
|
||||
entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
|
||||
environment: *default-back-environment
|
||||
volumes: *default-back-volumes
|
||||
networks:
|
||||
- taiga
|
||||
depends_on:
|
||||
taiga-db:
|
||||
condition: service_healthy
|
||||
taiga-events-rabbitmq:
|
||||
condition: service_healthy
|
||||
taiga-async-rabbitmq:
|
||||
condition: service_healthy
|
||||
|
||||
taiga-async-rabbitmq:
|
||||
image: rabbitmq:3.8-management-alpine
|
||||
environment:
|
||||
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
|
||||
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
|
||||
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
|
||||
hostname: "taiga-async-rabbitmq"
|
||||
healthcheck:
|
||||
test: rabbitmq-diagnostics -q ping
|
||||
interval: 2s
|
||||
timeout: 15s
|
||||
retries: 5
|
||||
start_period: 3s
|
||||
volumes:
|
||||
- taiga-async-rabbitmq-data:/var/lib/rabbitmq
|
||||
networks:
|
||||
- taiga
|
||||
|
||||
taiga-front:
|
||||
image: taigaio/taiga-front:latest
|
||||
environment:
|
||||
TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
|
||||
TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
|
||||
TAIGA_SUBPATH: "${SUBPATH}"
|
||||
# ...your customizations go here
|
||||
networks:
|
||||
- taiga
|
||||
# volumes:
|
||||
# - ./conf.json:/usr/share/nginx/html/conf.json
|
||||
|
||||
taiga-events:
|
||||
image: taigaio/taiga-events:latest
|
||||
environment:
|
||||
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||
networks:
|
||||
- taiga
|
||||
depends_on:
|
||||
taiga-events-rabbitmq:
|
||||
condition: service_healthy
|
||||
|
||||
taiga-events-rabbitmq:
|
||||
image: rabbitmq:3.8-management-alpine
|
||||
environment:
|
||||
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
|
||||
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
|
||||
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
|
||||
hostname: "taiga-events-rabbitmq"
|
||||
healthcheck:
|
||||
test: rabbitmq-diagnostics -q ping
|
||||
interval: 2s
|
||||
timeout: 15s
|
||||
retries: 5
|
||||
start_period: 3s
|
||||
volumes:
|
||||
- taiga-events-rabbitmq-data:/var/lib/rabbitmq
|
||||
networks:
|
||||
- taiga
|
||||
|
||||
taiga-protected:
|
||||
image: taigaio/taiga-protected:latest
|
||||
environment:
|
||||
MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
|
||||
SECRET_KEY: "${SECRET_KEY}"
|
||||
networks:
|
||||
- taiga
|
||||
|
||||
taiga-gateway:
|
||||
image: nginx:1.19-alpine
|
||||
ports:
|
||||
- "9000:80"
|
||||
volumes:
|
||||
- ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
|
||||
- taiga-static-data:/taiga/static
|
||||
- taiga-media-data:/taiga/media
|
||||
networks:
|
||||
- taiga
|
||||
depends_on:
|
||||
- taiga-front
|
||||
- taiga-back
|
||||
- taiga-events
|
||||
|
||||
volumes:
|
||||
taiga-static-data:
|
||||
taiga-media-data:
|
||||
taiga-db-data:
|
||||
taiga-async-rabbitmq-data:
|
||||
taiga-events-rabbitmq-data:
|
||||
|
||||
networks:
|
||||
taiga:
|
||||
|
|
Loading…
Reference in a new issue