290 lines
11 KiB
YAML
290 lines
11 KiB
YAML
kind: ConfigMap
|
|
apiVersion: v1
|
|
metadata:
|
|
name: {{ include "..fullname" . }}-env
|
|
labels:
|
|
{{- include "..labels" . | nindent 8 }}
|
|
data:
|
|
SMTP_PORT: '2525'
|
|
SMTP_AUTH: 'true'
|
|
SMTP_FROM: 'customer-noreply@v3.nu'
|
|
{{- if .Values.email }}
|
|
{{- if .Values.email.forceFromEmail }}
|
|
SMTP_FORCE_FROM: {{ .Values.email.forceFromEmail }}
|
|
{{- end }}
|
|
{{- if .Values.email.forceFromName }}
|
|
SMTP_FORCE_FROM_NAME: {{ .Values.email.forceFromName }}
|
|
{{- end }}
|
|
{{- if .Values.email.allowedDomains }}
|
|
# join list of allowd domains with comma
|
|
SMTP_ALLOWONLY_DOMAINS: {{ .Values.email.allowedDomains | join "," }}
|
|
{{- end }}
|
|
{{- if .Values.email.allowedEmails }}
|
|
# join list of allowd emails with comma
|
|
SMTP_ALLOWONLY_EMAILS: {{ .Values.email.allowedEmails | join "," }}
|
|
{{- end }}
|
|
{{- else }}
|
|
SMTP_FORCE_FROM: "customer-noreply@v3.nu"
|
|
SMTP_FROM_NAME: "V3 Customer Mailer"
|
|
{{- end }}
|
|
|
|
WP_ENV: "production"
|
|
{{- if .Values.site.overrideMainUrl }}
|
|
WP_HOME: "https://{{ .Values.site.overrideMainUrl }}"
|
|
{{- else }}
|
|
WP_HOME: "https://{{ .Values.site.url }}"
|
|
{{- end }}
|
|
|
|
{{- if and .Values.site.init .Values.site.init.composerPackage }}
|
|
RUN_COMPOSER: 'true'
|
|
INSTALL_SITE: {{ .Values.site.init.composerPackage }}
|
|
SET_THEME: {{ .Values.site.init.themeName | default "" }}
|
|
{{- end }}
|
|
|
|
{{- if and .Values.site.init .Values.site.init.content .Values.site.init.content.import }}
|
|
RUN_IMPORTS: 'true'
|
|
IMPORT_CONTENT: {{ .Values.site.init.content.url }}
|
|
{{- end }}
|
|
|
|
{{- if and .Values.site.init .Values.site.init.database .Values.site.init.database.import }}
|
|
RUN_DATABASEIMPORTS: 'true'
|
|
IMPORT_DATABASE: {{ .Values.site.init.database.url }}
|
|
FORCE_IMPORT_DB: {{ .Values.site.init.database.force | default "false" | quote }}
|
|
{{- end }}
|
|
{{- if .Values.site.additional_env }}
|
|
{{- range $k, $v := .Values.site.additional_env }}
|
|
{{ $k }}: {{ $v }}
|
|
{{- end }}
|
|
{{- end }}
|
|
---
|
|
kind: ConfigMap
|
|
apiVersion: v1
|
|
metadata:
|
|
name: {{ include "..fullname" . }}-cfg
|
|
labels:
|
|
{{- include "..labels" . | nindent 8 }}
|
|
data:
|
|
www.conf: |-
|
|
[www]
|
|
|
|
|
|
{{- if and .Values.global .Values.global.php }}
|
|
listen = {{ .Values.global.php.listenAddress | default "127.0.0.1:8123" }}
|
|
listen.backlog = {{ .Values.global.php.listenBacklog | default "511" }}
|
|
|
|
pm = {{ .Values.global.php.pmMode | default "ondemand" }}
|
|
pm.max_children = {{ .Values.global.php.pmMaxChildren | default "100" }}
|
|
pm.process_idle_timeout = {{ .Values.global.php.pmProcessIdle | default "30s" }}
|
|
pm.max_requests = {{ .Values.global.php.pmMaxRequests | default "1000" }}
|
|
security.limit_extensions = {{ .Values.global.php.limitExtensions | default ".php" }}
|
|
php_admin_value[expose_php] = {{ .Values.global.php.exposePHP | default "Off" }}
|
|
php_admin_value[short_open_tag] = {{ .Values.global.php.shortOpenTag | default "Off" }}
|
|
php_admin_value[disable_functions] = {{ .Values.global.php.disableFunctions | default "exec,passthru,shell_exec,system,proc_open,popen" }}
|
|
php_value[log_errors] = {{ .Values.global.php.logErrors | default "On" }}
|
|
php_admin_value[date.timezone] = {{ .Values.customer.timezone | default "Europe/Stockholm" }}
|
|
|
|
{{- else }}
|
|
|
|
listen = 127.0.0.1:8123
|
|
listen.backlog = 511
|
|
|
|
pm = ondemand
|
|
pm.max_children = 100
|
|
pm.process_idle_timeout = 30s
|
|
pm.max_requests = 1000
|
|
security.limit_extensions = .php
|
|
php_admin_value[expose_php] = Off
|
|
php_admin_value[short_open_tag] = Off
|
|
php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source
|
|
php_value[log_errors] = On
|
|
|
|
{{- end }}
|
|
|
|
ping.path = /fpm-ping
|
|
listen.allowed_clients = 127.0.0.1
|
|
catch_workers_output = yes
|
|
php_value[error_log] = /dev/stderr
|
|
|
|
|
|
{{- if .Values.global.php.adminValues }}
|
|
{{- range $k, $v := .Values.global.php.adminValues }}
|
|
php_admin_value[{{ $k }}] = {{ $v }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
|
|
nginx.conf: |
|
|
worker_processes auto;
|
|
error_log stderr warn;
|
|
pid /run/nginx/nginx.pid;
|
|
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
{{ .Values.global.nginx.globalAdditions | default "" }}
|
|
{{- end }}
|
|
|
|
events {
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
worker_connections {{ .Values.global.nginx.workerConnections | default "1024" }};
|
|
{{ .Values.global.nginx.eventsAdditions | default "" }}
|
|
{{- else }}
|
|
worker_connections 1024;
|
|
{{- end }}
|
|
}
|
|
|
|
http {
|
|
include mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
disable_symlinks off;
|
|
|
|
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
|
|
'$status $body_bytes_sent "$http_referer" '
|
|
'"$http_user_agent" "$http_x_forwarded_for" '
|
|
'$request_time $upstream_response_time $pipe $upstream_cache_status';
|
|
|
|
access_log /dev/stdout main_timed;
|
|
error_log /dev/stderr notice;
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
keepalive_timeout {{ .Values.global.nginx.keepaliveTimeout | default "61" }};
|
|
{{- else }}
|
|
keepalive_timeout 61;
|
|
{{- end }}
|
|
|
|
client_max_body_size 512m;
|
|
client_body_temp_path /tmp/client_temp;
|
|
proxy_temp_path /tmp/proxy_temp_path;
|
|
fastcgi_temp_path /tmp/fastcgi_temp;
|
|
uwsgi_temp_path /tmp/uwsgi_temp;
|
|
scgi_temp_path /tmp/scgi_temp;
|
|
|
|
server {
|
|
listen [::]:8080 default_server;
|
|
listen 8080 default_server;
|
|
server_name _;
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
sendfile {{ .Values.global.nginx.sendfile | default "off" }};
|
|
tcp_nodelay {{ .Values.global.nginx.tcpNodelay | default "on" }};
|
|
absolute_redirect {{ .Values.global.nginx.absoluteRedirects | default "off" }};
|
|
{{- else }}
|
|
sendfile off;
|
|
tcp_nodelay on;
|
|
absolute_redirect off;
|
|
{{- end }}
|
|
|
|
{{- if and .Values.site .Values.site.webroot }}
|
|
root {{ .Values.site.webroot.path | default "/app/web" }};
|
|
index {{ .Values.site.webroot.indexes | default "index.php index.html index.htm" }};
|
|
{{- else }}
|
|
root /app/web;
|
|
index index.php index.html;
|
|
{{- end }}
|
|
|
|
|
|
location / {
|
|
try_files $uri $uri/ /index.php?q=$uri&$args;
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
{{ .Values.global.nginx.rootLocationAdditions | default "" }}
|
|
{{- end }}
|
|
|
|
}
|
|
|
|
location ~* /app/web/app/uploads/.*.php$ {
|
|
deny all;
|
|
}
|
|
|
|
location ~* /wp-content/uploads/.*.php$ {
|
|
deny all;
|
|
}
|
|
|
|
error_page 500 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
root /var/lib/nginx/html;
|
|
}
|
|
|
|
location ~ \.php$ {
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
fastcgi_buffer_size {{ .Values.global.nginx.fcgiBufferSize | default "128k" }};
|
|
fastcgi_buffers {{ .Values.global.nginx.fcgiBuffers | default "4 256k" }};
|
|
fastcgi_busy_buffers_size {{ .Values.global.nginx.fcgiBusyBufferSize | default "256k" }};
|
|
fastcgi_read_timeout {{ .Values.global.nginx.fcgiReadTimeout | default "300" }};
|
|
{{- else }}
|
|
fastcgi_buffer_size 128k;
|
|
fastcgi_buffers 4 256k;
|
|
fastcgi_busy_buffers_size 256k;
|
|
fastcgi_read_timeout 300;
|
|
{{- end }}
|
|
|
|
include fastcgi_params;
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
fastcgi_pass 127.0.0.1:8123;
|
|
fastcgi_index index.php;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
{{ .Values.global.nginx.phpLocationAdditions | default "" }}
|
|
{{- end }}
|
|
}
|
|
|
|
location ~* \.(jpg|jpeg|webp|gif|png|css|svg|js|ico|xml)$ {
|
|
expires 5d;
|
|
}
|
|
|
|
gzip_comp_level 5;
|
|
gzip_min_length 256;
|
|
gzip_types
|
|
application/atom+xml
|
|
application/javascript
|
|
application/json
|
|
application/rss+xml
|
|
application/vnd.ms-fontobject
|
|
application/x-font-ttf
|
|
application/x-font-opentype
|
|
application/x-font-truetype
|
|
application/x-javascript
|
|
application/x-web-app-manifest+json
|
|
application/xhtml+xml
|
|
application/xml
|
|
font/eot
|
|
font/opentype
|
|
font/otf
|
|
image/svg+xml
|
|
image/x-icon
|
|
image/vnd.microsoft.icon
|
|
text/css
|
|
text/plain
|
|
text/javascript
|
|
text/x-component;
|
|
|
|
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
|
|
location ~ /\. {
|
|
log_not_found off;
|
|
deny all;
|
|
}
|
|
|
|
location ~ ^/(fpm-status|fpm-ping)$ {
|
|
access_log off;
|
|
allow 127.0.0.1;
|
|
deny all;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
include fastcgi_params;
|
|
fastcgi_pass 127.0.0.1:8123;
|
|
}
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
{{ .Values.global.nginx.serverAdditions | default "" }}
|
|
{{- end }}
|
|
|
|
}
|
|
|
|
proxy_hide_header X-Powered-By;
|
|
fastcgi_hide_header X-Powered-By;
|
|
server_tokens off;
|
|
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
{{- if and .Values.global .Values.global.nginx }}
|
|
{{ .Values.global.nginx.httpAdditions }}
|
|
{{- end }}
|
|
|
|
include /etc/nginx/modules/*.conf;
|
|
}
|