wild-cloud/wild-directory
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v2 app deployment--templating mainly in manifest now.

Browse Source
This commit is contained in:
Paul Payne
2025-12-31 06:53:17 +00:00
parent 8818d822cf
commit d1304a2630
84 changed files with 630 additions and 607 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
openproject/configmap_core.yaml
View File

@@ -5,17 +5,17 @@ kind: "ConfigMap"
metadata:
name: "openproject-core"
data:
DATABASE_HOST: "{{ .apps.openproject.dbHostname }}"
DATABASE_HOST: "{{ .dbHostname }}"
DATABASE_PORT: "5432"
DATABASE_URL: "postgresql://{{ .apps.openproject.dbUsername }}@{{ .apps.openproject.dbHostname }}:5432/{{ .apps.openproject.dbName }}"
OPENPROJECT_SEED_ADMIN_USER_PASSWORD_RESET: "{{ .apps.openproject.adminPasswordReset }}"
OPENPROJECT_SEED_ADMIN_USER_NAME: "{{ .apps.openproject.adminUserName }}"
OPENPROJECT_SEED_ADMIN_USER_MAIL: "{{ .apps.openproject.adminUserEmail }}"
OPENPROJECT_HTTPS: "{{ .apps.openproject.https }}"
OPENPROJECT_SEED_LOCALE: "{{ .apps.openproject.seedLocale }}"
OPENPROJECT_HOST__NAME: "{{ .apps.openproject.domain }}"
OPENPROJECT_HSTS: "{{ .apps.openproject.hsts }}"
OPENPROJECT_RAILS__CACHE__STORE: "{{ .apps.openproject.cacheStore }}"
OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "{{ .apps.openproject.railsRelativeUrlRoot }}"
POSTGRES_STATEMENT_TIMEOUT: "{{ .apps.openproject.postgresStatementTimeout }}"
DATABASE_URL: "postgresql://{{ .dbUsername }}@{{ .dbHostname }}:5432/{{ .dbName }}"
OPENPROJECT_SEED_ADMIN_USER_PASSWORD_RESET: "{{ .adminPasswordReset }}"
OPENPROJECT_SEED_ADMIN_USER_NAME: "{{ .adminUserName }}"
OPENPROJECT_SEED_ADMIN_USER_MAIL: "{{ .adminUserEmail }}"
OPENPROJECT_HTTPS: "{{ .https }}"
OPENPROJECT_SEED_LOCALE: "{{ .seedLocale }}"
OPENPROJECT_HOST__NAME: "{{ .domain }}"
OPENPROJECT_HSTS: "{{ .hsts }}"
OPENPROJECT_RAILS__CACHE__STORE: "{{ .cacheStore }}"
OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "{{ .railsRelativeUrlRoot }}"
POSTGRES_STATEMENT_TIMEOUT: "{{ .postgresStatementTimeout }}"
...

2
openproject/configmap_memcached.yaml
View File

@@ -5,5 +5,5 @@ kind: "ConfigMap"
metadata:
name: "openproject-memcached"
data:
OPENPROJECT_CACHE__MEMCACHE__SERVER: "{{ .apps.openproject.memcachedHostname }}:{{ .apps.openproject.memcachedPort }}"
OPENPROJECT_CACHE__MEMCACHE__SERVER: "{{ .memcachedHostname }}:{{ .memcachedPort }}"
...

12
openproject/db-init-job.yaml
View File

@@ -12,7 +12,7 @@ spec:
spec:
containers:
- name: db-init
image: {{ .apps.postgres.image }}
image: postgres:17
command: ["/bin/bash", "-c"]
args:
- |
@@ -36,16 +36,16 @@ spec:
valueFrom:
secretKeyRef:
name: postgres-secrets
key: apps.postgres.password
key: password
- name: DB_HOSTNAME
value: "{{ .apps.openproject.dbHostname }}"
value: "{{ .dbHostname }}"
- name: DB_DATABASE_NAME
value: "{{ .apps.openproject.dbName }}"
value: "{{ .dbName }}"
- name: DB_USERNAME
value: "{{ .apps.openproject.dbUsername }}"
value: "{{ .dbUsername }}"
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
restartPolicy: OnFailure

4
openproject/ingress.yaml
View File

@@ -7,10 +7,10 @@ metadata:
spec:
tls:
- hosts:
- "{{ .apps.openproject.domain }}"
- "{{ .domain }}"
secretName: "wildcard-wild-cloud-tls"
rules:
- host: "{{ .apps.openproject.domain }}"
- host: "{{ .domain }}"
http:
paths:
- path: /

22
openproject/manifest.yaml
View File

@@ -1,11 +1,14 @@
name: openproject
description: OpenProject is an open-source project management software that provides comprehensive features for project planning, tracking, and collaboration.
description: OpenProject is an open-source project management software that provides
comprehensive features for project planning, tracking, and collaboration.
version: 16.1.1
icon: https://www.openproject.org/assets/images/openproject-logo.png
icon: https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/openproject.svg
requires:
- name: postgres
- name: memcached
- name: postgres
- name: memcached
defaultConfig:
namespace: openproject
externalDnsDomain: '{{ .cloud.domain }}'
serverImage: openproject/openproject:16.1.1-slim
timezone: UTC
serverPort: 8080
@@ -20,14 +23,15 @@ defaultConfig:
hsts: true
seedLocale: en
adminUserName: OpenProject Admin
adminUserEmail: "{{ .operator.email }}"
adminUserEmail: '{{ .operator.email }}'
adminPasswordReset: true
postgresStatementTimeout: 120s
tmpVolumesStorage: 2Gi
tlsSecretName: wildcard-wild-cloud-tls
cacheStore: memcache
railsRelativeUrlRoot: ""
railsRelativeUrlRoot: ''
defaultSecrets:
- key: apps.openproject.dbPassword
- key: apps.openproject.adminPassword
- key: apps.postgres.password
- key: dbPassword
- key: adminPassword
requiredSecrets:
- postgres.password

2
openproject/namespace.yaml
View File

@@ -1,4 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: openproject
name: "{{ .namespace }}"

2
openproject/persistentvolumeclaim.yaml
View File

@@ -8,5 +8,5 @@ spec:
accessModes: [ReadWriteMany]
resources:
requests:
storage: "{{ .apps.openproject.storage }}"
storage: "{{ .storage }}"
...

16
openproject/seeder-job.yaml
View File

@@ -27,7 +27,7 @@ spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ .apps.openproject.tmpVolumesStorage }}
storage: {{ .tmpVolumesStorage }}
- name: app-tmp
# we can't use emptyDir due to the sticky bit / world writable issue
# see: https://github.com/kubernetes/kubernetes/issues/110835
@@ -39,13 +39,13 @@ spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ .apps.openproject.tmpVolumesStorage }}
storage: {{ .tmpVolumesStorage }}
- name: "data"
persistentVolumeClaim:
claimName: openproject
initContainers:
- name: check-db-ready
image: "{{ .apps.postgres.image }}"
image: "postgres:17"
imagePullPolicy: Always
command: [
'sh',
@@ -62,12 +62,12 @@ spec:
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
- name: OPENPROJECT_SEED_ADMIN_USER_PASSWORD
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.adminPassword
key: adminPassword
resources:
limits:
memory: 200Mi
@@ -91,7 +91,7 @@ spec:
type: RuntimeDefault
containers:
- name: seeder
image: "{{ .apps.openproject.serverImage }}"
image: "{{ .serverImage }}"
imagePullPolicy: Always
args:
- bash
@@ -106,12 +106,12 @@ spec:
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
- name: OPENPROJECT_SEED_ADMIN_USER_PASSWORD
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.adminPassword
key: adminPassword
resources:
limits:
memory: 512Mi

25
openproject/web-deployment.yaml
View File

@@ -43,7 +43,7 @@ spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ .apps.openproject.tmpVolumesStorage }}
storage: {{ .tmpVolumesStorage }}
- name: app-tmp
# we can't use emptyDir due to the sticky bit / world writable issue
# see: https://github.com/kubernetes/kubernetes/issues/110835
@@ -55,12 +55,12 @@ spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ .apps.openproject.tmpVolumesStorage }}
storage: {{ .tmpVolumesStorage }}
- name: "data"
persistentVolumeClaim:
claimName: openproject
initContainers:
- name: wait-for-db
- name: wait-for-db
securityContext:
allowPrivilegeEscalation: false
capabilities:
@@ -72,8 +72,13 @@ spec:
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
image: {{ .apps.openproject.serverImage }}
image: postgres:17
imagePullPolicy: Always
command: [
'sh',
'-c',
'until pg_isready -h $DATABASE_HOST -p $DATABASE_PORT; do echo "waiting for database $DATABASE_HOST:$DATABASE_PORT"; sleep 2; done; echo "Database is ready!"'
]
envFrom:
- configMapRef:
name: openproject-core
@@ -84,14 +89,12 @@ spec:
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
- name: OPENPROJECT_SEED_ADMIN_USER_PASSWORD
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.adminPassword
args:
- /app/docker/prod/wait-for-db
key: adminPassword
resources:
limits:
memory: 1Gi
@@ -115,7 +118,7 @@ spec:
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
image: {{ .apps.openproject.serverImage }}
image: {{ .serverImage }}
imagePullPolicy: Always
envFrom:
- configMapRef:
@@ -127,12 +130,12 @@ spec:
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
- name: OPENPROJECT_SEED_ADMIN_USER_PASSWORD
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.adminPassword
key: adminPassword
args:
- /app/docker/prod/web
volumeMounts:

22
openproject/worker-deployment.yaml
View File

@@ -43,7 +43,7 @@ spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ .apps.openproject.tmpVolumesStorage }}
storage: {{ .tmpVolumesStorage }}
- name: app-tmp
# we can't use emptyDir due to the sticky bit / world writable issue
# see: https://github.com/kubernetes/kubernetes/issues/110835
@@ -55,7 +55,7 @@ spec:
accessModes: ["ReadWriteOnce"]
resources:
requests:
storage: {{ .apps.openproject.tmpVolumesStorage }}
storage: {{ .tmpVolumesStorage }}
- name: "data"
persistentVolumeClaim:
claimName: openproject
@@ -72,8 +72,13 @@ spec:
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
image: {{ .apps.openproject.serverImage }}
image: postgres:17
imagePullPolicy: Always
command: [
'sh',
'-c',
'until pg_isready -h $DATABASE_HOST -p $DATABASE_PORT; do echo "waiting for database $DATABASE_HOST:$DATABASE_PORT"; sleep 2; done; echo "Database is ready!"'
]
envFrom:
- configMapRef:
name: openproject-core
@@ -84,15 +89,12 @@ spec:
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
- name: OPENPROJECT_SEED_ADMIN_USER_PASSWORD
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.adminPassword
args:
- bash
- /app/docker/prod/wait-for-db
key: adminPassword
resources:
limits:
memory: 1Gi
@@ -116,7 +118,7 @@ spec:
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
image: {{ .apps.openproject.serverImage }}
image: {{ .serverImage }}
imagePullPolicy: Always
envFrom:
- configMapRef:
@@ -132,7 +134,7 @@ spec:
valueFrom:
secretKeyRef:
name: openproject-secrets
key: apps.openproject.dbPassword
key: dbPassword
- name: "OPENPROJECT_GOOD_JOB_QUEUES"
value: ""
volumeMounts: