Gitiles
Code Review Sign In
code.v1.dodo.cloud / helm-charts / refs/heads/main / . / charts / dodo-app / templates / install.yaml
blob: 9a9c2fcc959802b6b2a9fa4cabe1cd139c88eedb [file] [log] [blame]
Giorgi Lekveishvili4ec4c022024-08-17 15:09:24 +0400[diff] [blame]1apiVersion: rbac.authorization.k8s.io/v1
2kind: ClusterRole
3metadata:
4 name: {{ .Values.clusterRoleName }}
5rules:
6- apiGroups:
7 - ""
8 resources:
9 - namespaces
10 verbs:
11 - create
12- apiGroups:
13 - "batch"
14 resources:
15 - jobs
16 verbs:
17 - create
18- apiGroups:
19 - "helm.toolkit.fluxcd.io"
20 resources:
21 - helmreleases
22 verbs:
23 - get
24---
25apiVersion: rbac.authorization.k8s.io/v1
26kind: ClusterRoleBinding
27metadata:
28 name: {{ .Values.clusterRoleName }}
29roleRef:
30 apiGroup: rbac.authorization.k8s.io
31 kind: ClusterRole
32 name: {{ .Values.clusterRoleName }}
33subjects:
34- kind: ServiceAccount
35 name: default
36 namespace: {{ .Release.Namespace }}
37---
38apiVersion: v1
39kind: Secret
40metadata:
41 name: ssh-key
42type: Opaque
43data:
44 private: {{ .Values.sshPrivateKey }}
45---
46apiVersion: v1
47kind: Service
48metadata:
49 name: api
50spec:
Giorgi Lekveishvilic271d5d2024-10-13 12:30:12 +0400[diff] [blame]51 type: ClusterIP
Giorgi Lekveishvili4ec4c022024-08-17 15:09:24 +0400[diff] [blame]52 selector:
53 app: dodo-app
54 ports:
55 - name: http
56 port: 80
57 targetPort: api
58 protocol: TCP
59---
60apiVersion: v1
61kind: Service
62metadata:
63 name: web
64spec:
65 type: ClusterIP
66 selector:
67 app: dodo-app
68 ports:
69 - name: http
70 port: 80
71 targetPort: http
72 protocol: TCP
73---
74apiVersion: apps/v1
75kind: Deployment
76metadata:
77 name: dodo-app
78spec:
79 selector:
80 matchLabels:
81 app: dodo-app
82 replicas: 1
83 template:
84 metadata:
85 labels:
86 app: dodo-app
87 spec:
88 volumes:
89 - name: ssh-key
90 secret:
91 secretName: ssh-key
92 - name: env-config
93 secret:
94 secretName: env-config
95 - name: db
96 persistentVolumeClaim:
97 claimName: {{ .Values.persistentVolumeClaimName }}
98 initContainers:
99 - name: volume-permissions
100 image: busybox:latest
101 command: ["sh", "-c", "chmod -Rv 777 /dodo-app/db"]
102 volumeMounts:
103 - name: db
104 mountPath: /dodo-app/db
105 containers:
106 - name: dodo-app
107 image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
108 imagePullPolicy: {{ .Values.image.pullPolicy }}
109 ports:
110 - name: http
111 containerPort: {{ .Values.port }}
112 protocol: TCP
113 - name: api
114 containerPort: {{ .Values.apiPort }}
115 protocol: TCP
116 command:
117 - pcloud-installer
118 - dodo-app
119 - --repo-addr={{ .Values.repoAddr }}
120 - --ssh-key=/pcloud/ssh-key/private
121 - --port={{ .Values.port }}
122 - --api-port={{ .Values.apiPort }}
123 - --self={{ .Values.self }}
Giorgi Lekveishvili27d58732024-09-25 10:30:06 +0200[diff] [blame]124 - --self-public={{ .Values.selfPublic }}
Giorgi Lekveishvili4ec4c022024-08-17 15:09:24 +0400[diff] [blame]125 - --repo-public-addr={{ .Values.repoPublicAddr }}
126 - --namespace={{ .Values.namespace }} # TODO(gio): maybe use .Release.Namespace ?
127 - --env-app-manager-addr={{ .Values.envAppManagerAddr }}
128 - --env-config=/pcloud/env-config/config.json
129 - --git-repo-public-key={{ .Values.gitRepoPublicKey }}
130 - --db=/dodo-app/db/apps.db
131 - --networks={{ .Values.allowedNetworks }}
132 - --external={{ .Values.external }}
133 - --fetch-users-addr={{ .Values.fetchUsersAddr }}
Giorgi Lekveishvili2c5b94a2024-08-27 14:34:01 +0400[diff] [blame]134 - --headscale-api-addr={{ .Values.headscaleAPIAddr }}
Giorgi Lekveishvili4ec4c022024-08-17 15:09:24 +0400[diff] [blame]135 volumeMounts:
136 - name: ssh-key
137 readOnly: true
138 mountPath: /pcloud/ssh-key
139 - name: env-config
140 readOnly: true
141 mountPath: /pcloud/env-config
142 - name: db
143 mountPath: /dodo-app/db
144---
145apiVersion: v1
146kind: Secret
147metadata:
148 name: env-config
149type: Opaque
150data:
151 config.json: {{ .Values.envConfig }}