helm/wordyne
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Created version 0.5

Browse Source
This commit is contained in:
Lars Scheibling
2023-06-03 22:01:56 +00:00
parent 8b4a25bafb
commit c9f6674f75
14 changed files with 489 additions and 512 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.gitlab-ci.yml
View File

@@ -1,5 +1,5 @@
variables:
HELM_CHART_VERSION: "0.7.1"
HELM_CHART_VERSION: "0.5.0"
stages:
- deploy
@@ -21,5 +21,5 @@ deploy:
- |
curl --request POST \
--user gitlab-ci-token:$CI_JOB_TOKEN \
--form "chart=@cloudypress-${HELM_CHART_VERSION}.tgz" \
--form "chart=@wordyne-${HELM_CHART_VERSION}.tgz" \
"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/api/stable/charts"

8
Chart/Chart.yaml
View File

@@ -1,6 +1,6 @@
apiVersion: v2
name: cloudypress
description: A helm chart for deploying Wordpress on Cloudyne Hosting
name: wordyne
description: Helm chart for deploying pre-built website containers to kubernetes clusters
type: application
version: "0.7.0"
appVersion: "6.1.1"
version: "0.5.1"
appVersion: "6.2.2"

11
Chart/templates/NOTES.txt
View File

@@ -1,11 +0,0 @@
You have successfully installed your new website {{ .Values.site.url }}
Ingress Domains:
- {{ .Values.site.url | replace "www." "" }}
- www.{{ .Values.site.url | replace "www." "" }}
- {{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
- www.{{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
{{- if .Values.site.additionalIngressNames }}
{{- range .Values.site.additionalIngressNames }}
- {{ . }}
{{- end }}
{{- end }}

19
Chart/templates/_helpers.tpl
View File

@@ -3,13 +3,24 @@ Define the application name and fullname
*/}}
{{- define "..name" -}}
{{- .Values.site.url | trunc 63 | replace "." "-" | trimSuffix "-" }}
{{- .Values.site.domain | trunc 63 | replace "." "-" | trimSuffix "-" }}
{{- end }}
{{- define "..fullname" -}}
{{ include "..name" . }}
{{- end }}
{{- define "..resourcelimits" -}}
resources:
limits:
cpu: {{ .Values.site.resources.cpu.peak }}
memory: {{ .Values.site.resources.mem.peak }}
requests:
cpu: {{ .Values.site.resources.cpu.avg }}
memory: {{ .Values.site.resources.mem.avg }}
{{- end }}
{{/*
Define the chart name and version
*/}}
@@ -27,7 +38,7 @@ app.kubernetes.io/name: {{ include "..name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
cloudyne.systems/package: {{ .Values.customer.package.size }}
cloudyne.systems/customer: {{ .Values.customer.legalName }}
cloudyne.systems/customer-legal-id: {{ .Values.customer.legalId }}
cloudyne.systems/site: {{ .Values.site.domain }}
{{- end }}

16
Chart/templates/certificate.yaml
View File

@@ -11,12 +11,12 @@ spec:
secretName: {{ include "..fullname" . }}-cert-secret
commonName: {{ .Values.site.url }}
dnsNames:
- {{ .Values.site.url | replace "www." "" }}
- www.{{ .Values.site.url | replace "www." "" }}
- {{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
- www.{{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
{{- if .Values.site.additionalIngressNames }}
{{- range .Values.site.additionalIngressNames }}
- {{ .Values.site.domain | replace "www." "" }}
- www.{{ .Values.site.domain | replace "www." "" }}
- {{ .Values.site.domain | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
- www.{{ .Values.site.domain | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
{{- if .Values.site.additionalIngressDomains }}
{{- range .Values.site.additionalIngressDomains }}
- {{ . }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

407
Chart/templates/configmap.yaml
View File

@@ -8,53 +8,26 @@ data:
SMTP_PORT: '2525'
SMTP_AUTH: 'true'
SMTP_FROM: 'customer-noreply@v3.nu'
{{- if .Values.email }}
{{- if .Values.email.forceFromEmail }}
{{- if .Values.email }}
{{- if .Values.email.forceFromEmail }}
SMTP_FORCE_FROM: {{ .Values.email.forceFromEmail }}
{{- end }}
{{- if .Values.email.forceFromName }}
SMTP_FORCE_FROM_NAME: {{ .Values.email.forceFromName }}
{{- end }}
{{- if .Values.email.allowedDomains }}
# join list of allowd domains with comma
{{- end }}
{{- if .Values.email.domains }}
SMTP_ALLOWONLY_DOMAINS: {{ .Values.email.allowedDomains | join "," }}
{{- end }}
{{- if .Values.email.allowedEmails }}
# join list of allowd emails with comma
{{- end }}
{{- if .Values.email.allowedEmails }}
SMTP_ALLOWONLY_EMAILS: {{ .Values.email.allowedEmails | join "," }}
{{- end }}
{{- else }}
{{- end }}
{{- else }}
SMTP_FORCE_FROM: "customer-noreply@v3.nu"
SMTP_FROM_NAME: "V3 Customer Mailer"
{{- end }}
WP_ENV: "production"
{{- if .Values.site.overrideMainUrl }}
WP_HOME: "https://{{ .Values.site.overrideMainUrl }}"
{{- else }}
WP_HOME: "https://{{ .Values.site.url }}"
{{- end }}
{{- if and .Values.site.init .Values.site.init.composerPackage }}
RUN_COMPOSER: 'true'
INSTALL_SITE: {{ .Values.site.init.composerPackage }}
SET_THEME: {{ .Values.site.init.themeName | default "" }}
{{- end }}
{{- if and .Values.site.init .Values.site.init.content .Values.site.init.content.import }}
RUN_IMPORTS: 'true'
IMPORT_CONTENT: {{ .Values.site.init.content.url }}
{{- end }}
{{- if and .Values.site.init .Values.site.init.database .Values.site.init.database.import }}
RUN_DATABASEIMPORTS: 'true'
IMPORT_DATABASE: {{ .Values.site.init.database.url }}
FORCE_IMPORT_DB: {{ .Values.site.init.database.force | default "false" | quote }}
{{- end }}
{{- end }}
WP_ENV: "{{ .Values.site.environment | default "production" }}"
WP_HOME: "{{ .Values.site.redirectDomain | default ( .Values.site.domain ) }}"
{{- if .Values.site.additional_env }}
{{- range $k, $v := .Values.site.additional_env }}
{{- range $k, $v := .Values.site.additionalEnv }}
{{ $k }}: {{ $v }}
{{- end }}
{{- end }}
{{- end }}
---
kind: ConfigMap
@@ -64,226 +37,152 @@ metadata:
labels:
{{- include "..labels" . | nindent 8 }}
data:
www.conf: |-
[www]
{{- if and .Values.global .Values.global.php }}
listen = {{ .Values.global.php.listenAddress | default "127.0.0.1:8123" }}
listen.backlog = {{ .Values.global.php.listenBacklog | default "511" }}
pm = {{ .Values.global.php.pmMode | default "ondemand" }}
pm.max_children = {{ .Values.global.php.pmMaxChildren | default "100" }}
pm.process_idle_timeout = {{ .Values.global.php.pmProcessIdle | default "30s" }}
pm.max_requests = {{ .Values.global.php.pmMaxRequests | default "1000" }}
security.limit_extensions = {{ .Values.global.php.limitExtensions | default ".php" }}
php_admin_value[expose_php] = {{ .Values.global.php.exposePHP | default "Off" }}
php_admin_value[short_open_tag] = {{ .Values.global.php.shortOpenTag | default "Off" }}
php_admin_value[disable_functions] = {{ .Values.global.php.disableFunctions | default "exec,passthru,shell_exec,system,proc_open,popen" }}
php_value[log_errors] = {{ .Values.global.php.logErrors | default "On" }}
php_admin_value[date.timezone] = {{ .Values.customer.timezone | default "Europe/Stockholm" }}
{{- else }}
listen = 127.0.0.1:8123
listen.backlog = 511
pm = ondemand
pm.max_children = 100
pm.process_idle_timeout = 30s
pm.max_requests = 1000
security.limit_extensions = .php
php_admin_value[expose_php] = Off
php_admin_value[short_open_tag] = Off
php_admin_value[disable_functions] = exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source
php_value[log_errors] = On
{{- end }}
ping.path = /fpm-ping
listen.allowed_clients = 127.0.0.1
catch_workers_output = yes
php_value[error_log] = /dev/stderr
{{- if .Values.global.php.adminValues }}
{{- range $k, $v := .Values.global.php.adminValues }}
php_admin_value[{{ $k }}] = {{ $v }}
{{- end }}
{{- end }}
nginx.conf: |
worker_processes auto;
error_log stderr warn;
pid /run/nginx/nginx.pid;
{{- if and .Values.global .Values.global.nginx }}
{{ .Values.global.nginx.globalAdditions | default "" }}
{{- end }}
events {
{{- if and .Values.global .Values.global.nginx }}
worker_connections {{ .Values.global.nginx.workerConnections | default "1024" }};
{{ .Values.global.nginx.eventsAdditions | default "" }}
{{- else }}
worker_connections 1024;
{{- end }}
init.json: |-
{
"exitOnError": true,
"webserverUser": "unit",
"webserverGroup": "unit",
"applicationDir": "/app",
"permissions": "0770",
"updatePermissions": true,
"importDatabase": {{ .Values.database.import | default false }}
"databasePath": "{{ .Values.database.importPath | default "" }}"
"overwriteDatabase": {{ .Values.database.overwrite | default false }}
"generateSalts": true,
"activateTheme": "{{ .Values.site.theme | default .name }}"
}
http {
include mime.types;
default_type application/octet-stream;
unit.json: |-
{
"settings": {
"http": {
"header_read_timeout": 60,
"body_read_timeout": 60,
"idle_timeout": 60,
"max_body_size": 512111110
}
},
"listeners": {
"*:8080": {
"pass": "routes"
}
},
"routes": [
{
"action": {
"return": 200
},
"match": {
"uri": [
"/unit-ping",
"/fpm-ping"
]
}
},
{
"action": {
"return": 404
},
"match": {
"uri": [
"/app/uploads/*.php",
"/app/uploads/*.php/*"
]
}
},
{
"action": {
"pass": "applications/php/direct"
},
"match": {
"uri": [
"*.php",
"*.php/*",
"/wp/wp-admin/"
]
}
},
{
"action": {
"return": 302,
"location": "/wp/wp-admin"
},
"match": {
"uri": [
"/wp-admin",
"/wp-admin/*"
]
}
},
{{- if eq .Values.site.enableWebpRoute "true" }}
{
"match": {
"uri": [
"*.jpg",
"*.jpeg",
"*.gif",
"*.png"
]
},
"action": {
"share": [
"/app/web$uri.webp",
"/app/web$uri"
],
"fallback": {
"pass": "applications/php/index"
}
disable_symlinks off;
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$request_time $upstream_response_time $pipe $upstream_cache_status';
access_log /dev/stdout main_timed;
error_log /dev/stderr notice;
{{- if and .Values.global .Values.global.nginx }}
keepalive_timeout {{ .Values.global.nginx.keepaliveTimeout | default "61" }};
{{- else }}
keepalive_timeout 61;
{{- end }}
client_max_body_size 512m;
client_body_temp_path /tmp/client_temp;
proxy_temp_path /tmp/proxy_temp_path;
fastcgi_temp_path /tmp/fastcgi_temp;
uwsgi_temp_path /tmp/uwsgi_temp;
scgi_temp_path /tmp/scgi_temp;
server {
listen [::]:8080 default_server;
listen 8080 default_server;
server_name _;
{{- if and .Values.global .Values.global.nginx }}
sendfile {{ .Values.global.nginx.sendfile | default "off" }};
tcp_nodelay {{ .Values.global.nginx.tcpNodelay | default "on" }};
absolute_redirect {{ .Values.global.nginx.absoluteRedirects | default "off" }};
{{- else }}
sendfile off;
tcp_nodelay on;
absolute_redirect off;
}
},
{{- end }}
{{- if and .Values.site .Values.site.webroot }}
root {{ .Values.site.webroot.path | default "/app/web" }};
index {{ .Values.site.webroot.indexes | default "index.php index.html index.htm" }};
{{- else }}
root /app/web;
index index.php index.html;
{{- end }}
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
{{- if and .Values.global .Values.global.nginx }}
{{ .Values.global.nginx.rootLocationAdditions | default "" }}
{{- end }}
{
"action": {
"share": "/app/web$uri",
"fallback": {
"pass": "applications/php/index"
}
}
}
],
location ~* /app/web/app/uploads/.*.php$ {
deny all;
"applications": {
"php": {
"type": "php",
"options": {
"user": {
"display_errors": "{{ .Values.site.displayErrors | default "0" }}"
"log_errors": "{{ .Values.site.logErrors | default "1" }}"
},
"admin": {
"expose_php": "Off",
"short_open_tag": "Off",
"disable_functions": "exec,passthru,shell_exec,system,proc_open,popen,show_source",
"log_errors": "On",
"date.timezone": "{{ .Values.customer.timezone | default "Europe/Stockholm" }}",
{{- if and .Values.advanced .Values.advanced.php .Values.advanced.php.additionalAdminValues }}
{{- range $k, $v := .Values.advanced.php.additionalAdminValues }}
"{{ $k }}": "{{ $v }}",
{{- end }}
{{- else }}
"memory_limit": "{{ .Values.site.resources.php.memory | default "512M" }}",
"upload_max_filesize": "{{ .Values.site.resources.php.upload | default "512M" }}",
"post_max_size": "{{ .Values.site.resources.php.post | default "512M" }}",
"max_execution_time": "{{ .Values.site.resources.php.executionTime | default "300" }}",
"max_input_time": "{{ .Values.site.resources.php.inputTime | default "300" }}",
{{- end }}
}
},
"targets": {
"direct": {
"root": "/app/web"
},
"index": {
"root": "/app/web",
"script": "index.php"
}
}
}
location ~* /wp-content/uploads/.*.php$ {
deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/lib/nginx/html;
}
location ~ \.php$ {
{{- if and .Values.global .Values.global.nginx }}
fastcgi_buffer_size {{ .Values.global.nginx.fcgiBufferSize | default "128k" }};
fastcgi_buffers {{ .Values.global.nginx.fcgiBuffers | default "4 256k" }};
fastcgi_busy_buffers_size {{ .Values.global.nginx.fcgiBusyBufferSize | default "256k" }};
fastcgi_read_timeout {{ .Values.global.nginx.fcgiReadTimeout | default "300" }};
{{- else }}
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_read_timeout 300;
{{- end }}
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:8123;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
{{- if and .Values.global .Values.global.nginx }}
{{ .Values.global.nginx.phpLocationAdditions | default "" }}
{{- end }}
}
location ~* \.(jpg|jpeg|webp|gif|png|css|svg|js|ico|xml)$ {
expires 5d;
}
gzip_comp_level 5;
gzip_min_length 256;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-font-opentype
application/x-font-truetype
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/eot
font/opentype
font/otf
image/svg+xml
image/x-icon
image/vnd.microsoft.icon
text/css
text/plain
text/javascript
text/x-component;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
location ~ /\. {
log_not_found off;
deny all;
}
location ~ ^/(fpm-status|fpm-ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:8123;
}
{{- if and .Values.global .Values.global.nginx }}
{{ .Values.global.nginx.serverAdditions | default "" }}
{{- end }}
}
proxy_hide_header X-Powered-By;
fastcgi_hide_header X-Powered-By;
server_tokens off;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options SAMEORIGIN;
add_header X-XSS-Protection "1; mode=block";
{{- if and .Values.global .Values.global.nginx }}
{{ .Values.global.nginx.httpAdditions }}
{{- end }}
include /etc/nginx/modules/*.conf;
}

2
Chart/templates/database.yaml
View File

@@ -6,7 +6,7 @@ metadata:
{{- include "..labels" . | nindent 8 }}
spec:
secretName: {{ include "..fullname" . }}-db-auth
instance: {{ .Values.global.dbInstance | default "kincaid" }}
instance: {{ .Values.database.server | default "kincaid" }}
deletionProtected: yes
backup:
enable: No

88
Chart/templates/deployment.yaml
View File

@@ -6,29 +6,29 @@ metadata:
{{- include "..labels" . | nindent 4 }}
cloudyne.systems/component: site
spec:
{{- if and .Values.customer .Values.customer.package }}
replicas: {{ .Values.customer.package.replicas | default 1 }}
{{- else }}
{{- if .Values.site.resources }}
replicas: {{ .Values.site.resources.replicas | default 1 }}
{{- else }}
replicas: 1
{{- end }}
{{- end }}
selector:
matchLabels:
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
cloudyne.systems/customer: {{ .Values.customer.legalName }}
cloudyne.systems/customer-legal-id: {{ .Values.customer.legalId }}
cloudyne.systems/site: {{ .Values.site.domain }}
template:
metadata:
labels:
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
cloudyne.systems/customer: {{ .Values.customer.legalName }}
cloudyne.systems/customer-legal-id: {{ .Values.customer.legalId }}
cloudyne.systems/site: {{ .Values.site.domain }}
spec:
securityContext:
fsGroup: 65534
fsGroup: 101
volumes:
- name: cloud
persistentVolumeClaim:
claimName: pvc-{{ include "..fullname" . }}
- name: local
emptyDir: {}
- name: serverconfig
configMap:
name: {{ include "..fullname" . }}-cfg
@@ -37,19 +37,22 @@ spec:
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0
{{- if .Values.global }}
image: {{ .Values.global.initImage | default "ghcr.io/cloudynes/php-init" }}:{{ .Values.global.imagetag | default "latest" }}
{{- else }}
image: ghcr.io/cloudynes/php-init:latest
{{- end }}
image: "cloudyne.azurecr.io/buildahome/{{ .Values.site.name | default ( .Values.site.domain | replace "." "-" ) }}:{{ .Values.site.imageTag | default "latest" }}"
imagePullPolicy: Always
imagePullSecrets:
- name: pull-secret
volumeMounts:
- name: local
mountPath: /app
- name: cloud
mountPath: /full-cloud
{{- if and .Values.site .Values.site.storage .Values.site.storage.cloud .Values.site.storage.cloud.folders }}
{{- range $v := .Values.site.storage.cloud.folders }}
{{- if .Values.storage.wpContent }}
{{- range $v := .Values.storage.wpContent }}
- name: cloud
mountPath: "/app/web/app/{{ $v }}"
subPath: "{{ $v }}"
{{- end }}
{{- end }}
{{- if .Values.storage.additionalMounts }}
{{- range $v := .Values.storage.additionalMounts }}
- name: cloud
mountPath: {{ $v.localPath }}
subPath: {{ $v.cloudPath }}
@@ -65,24 +68,22 @@ spec:
containers:
- name: wordpress
securityContext:
runAsUser: 65534
{{- if .Values.global }}
image: {{ .Values.global.serverImage | default "ghcr.io/cloudynes/php-nginx" }}:{{ .Values.global.imagetag | default "latest" }}
{{- else }}
image: ghcr.io/cloudynes/php-nginx:latest
{{- end }}
runAsUser: 101
image: "cloudyne.azurecr.io/buildahome/{{ .Values.site.name | default ( .Values.site.domain | replace "." "-" ) }}:{{ .Values.site.imageTag | default "latest" }}"
imagePullPolicy: Always
volumeMounts:
- name: local
mountPath: /app
- name: serverconfig
mountPath: /etc/nginx/nginx.conf
subPath: nginx.conf
- name: serverconfig
mountPath: /usr/local/etc/php-fpm.d/www.conf
subPath: www.conf
{{- if and .Values.site .Values.site.storage .Values.site.storage.cloud .Values.site.storage.cloud.folders }}
{{- range $v := .Values.site.storage.cloud.folders }}
mountPath: /docker-entrypoint.d/unit.json
subPath: unit.json
{{- if .Values.storage.wpContent }}
{{- range $v := .Values.storage.wpContent }}
- name: cloud
mountPath: "/app/web/app/{{ $v }}"
subPath: "{{ $v }}"
{{- end }}
{{- end }}
{{- if .Values.storage.additionalMounts }}
{{- range $v := .Values.storage.additionalMounts }}
- name: cloud
mountPath: {{ $v.localPath }}
subPath: {{ $v.cloudPath }}
@@ -95,22 +96,7 @@ spec:
name: {{ include "..fullname" . }}-db-auth
- secretRef:
name: global-secrets
resources:
{{- if and .Values.customer .Values.customer.package .Values.customer.package.cpu }}
requests:
cpu: {{ .Values.customer.package.cpu.avg | default "1000m" }}
memory: {{ .Values.customer.package.mem.avg | default "1Gi" }}
limits:
cpu: {{ .Values.customer.package.cpu.peak | default "1000m" }}
memory: {{ .Values.customer.package.mem.peak | default "1Gi" }}
{{- else }}
requests:
cpu: 1000m
memory: 1Gi
limits:
cpu: 1000m
memory: 1Gi
{{- end }}
{{- include "..resourcelimits" . | nindent 10 }}
ports:
- containerPort: 8080
name: http

20
Chart/templates/externalsecret.yaml
View File

@@ -2,7 +2,6 @@ apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: global-secrets-ext
namespace: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 8 }}
spec:
@@ -26,3 +25,22 @@ spec:
- secretKey: SMTP_HOST
remoteRef:
key: secret/SMTP-HOST
---
apiVersion: v1
kind: ExternalSecret
metadata:
name: pull-secret-ext
labels:
{{- include "..labels" . | nindent 8 }}
spec:
refreshInterval: 4h
secretStoreRef:
kind: ClusterSecretStore
name: az-cluster-store
target:
name: pull-secret
creationPolicy: Owner
data:
- secretKey: .dockerconfigjson
remoteRef:
key: secret/CLDY-CR-PULL-TOKEN

73
Chart/templates/ingress.yaml
View File

@@ -12,18 +12,18 @@ spec:
tls:
- secretName: {{ include "..fullname" . }}-cert-secret
hosts:
- {{ .Values.site.url | replace "www." "" }}
- www.{{ .Values.site.url | replace "www." "" }}
- {{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
- www.{{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
{{- if .Values.site.additionalIngressNames }}
{{- range .Values.site.additionalIngressNames }}
- {{ . }}
{{- end }}
- {{ .Values.site.domain | replace "www." "" }}
- www.{{ .Values.site.domain | replace "www." "" }}
- {{ .Values.site.domain | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
- www.{{ .Values.site.domain | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
{{- if .Values.site.additionalIngressDomains }}
{{- range .Values.site.additionalIngressDomains }}
- {{ . }}
{{- end }}
{{- end }}
rules:
- host: {{ .Values.site.url | replace "www." "" }}
- host: {{ .Values.site.domain | replace "www." "" }}
http:
paths:
- path: /
@@ -33,7 +33,28 @@ spec:
name: {{ include "..fullname" . }}
port:
number: 80
- host: www.{{ .Values.site.url | replace "www." "" }}
- host: www.{{ .Values.site.domain | replace "www." "" }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ include "..fullname" . }}
port:
number: 80
- host: {{ .Values.site.domain | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ include "..fullname" . }}
port:
number: 80
- host: www.{{ .Values.site.domain | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
http:
paths:
- path: /
@@ -43,28 +64,8 @@ spec:
name: {{ include "..fullname" . }}
port:
number: 80
- host: {{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ include "..fullname" . }}
port:
number: 80
- host: www.{{ .Values.site.url | replace "www." "" | replace "." "-" }}.eu.cust.azurecd.net
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ include "..fullname" . }}
port:
number: 80
{{- if .Values.site.additionalIngressNames }}
{{- range .Values.site.additionalIngressNames }}
{{- if .Values.site.additionalIngressDomains }}
{{- range .Values.site.additionalIngressDomains }}
- host: {{ . }}
http:
paths:
@@ -72,8 +73,8 @@ spec:
pathType: Prefix
backend:
service:
name: {{ include "..fullname" . }}
name: {{ include "..fullname" $ }}
port:
number: 80
{{- end }}
{{- end }}
number: 80
{{- end }}
{{- end }}

14
Chart/templates/persistentvolume.yaml
View File

@@ -8,19 +8,19 @@ spec:
accessModes:
- ReadWriteOnce
capacity:
storage: {{ .Values.customer.package.disk }}
storage: {{ .Values.site.resources.disk | default "5Gi" }}
csi:
driver: blob.csi.azure.com
nodeStageSecretRef:
name: cloudyne{{ .Values.site.storage.cloud.class }}-credentials
name: cloudyne{{ .Values.storage.class | default "premium01" }}-credentials
namespace: blob-csi
volumeAttributes:
containername: {{ .Values.site.storage.cloud.container }}
containername: {{ .Values.storage.container | default ( .Values.site.domain | replace "." "-") }}
csi.storage.k8s.io/pv/name: pv-{{ include "..fullname" . }}
csi.storage.k8s.io/pvc/namespace: {{ include "..fullname" . }}
secretnamespace: {{ include "..fullname" . }}
skuName: {{ .Values.site.storage.cloud.type }}
volumeHandle: {{ .Values.site.storage.cloud.class }}-retain_{{ include "..fullname" . }}
skuName: {{ .Values.storage.type | default "Premium_LRS" }}
volumeHandle: {{ .Values.storage.class | default "premium01" }}-retain_{{ include "..fullname" . }}
mountOptions:
- -o allow_other
- --file-cache-timeout-in-seconds=120
@@ -31,8 +31,8 @@ spec:
- -o negative_timeout=120
- --log-level=LOG_WARNING
- --cache-size-mb=3500
- -o uid=65534
- -o uid=101
persistentVolumeReclaimPolicy: Retain
storageClassName: {{ .Values.site.storage.cloud.class }}-retain
storageClassName: {{ .Values.storage.class | default "premium01" }}-retain
volumeMode: Filesystem
---

6
Chart/templates/persistentvolumeclaim.yaml
View File

@@ -15,8 +15,8 @@ spec:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.customer.package.disk }}
storage: {{ .Values.site.resources.disk | default "5Gi" }}
{{- if and .Values.site .Values.site.storage .Values.site.storage.cloud }}
storageClassName: {{ .Values.site.storage.cloud.class }}-retain
{{- if and .Values.storage .Values.storage.class }}
storageClassName: {{ .Values.storage.class | default "premium01" }}-retain
{{- end }}

6
Chart/templates/service.yaml
View File

@@ -4,13 +4,13 @@ metadata:
name: {{ include "..fullname" . }}
labels:
{{- include "..labels" . | nindent 8 }}
cloudyne.systems/component: site
spec:
ports:
- name: http
port: 80
targetPort: 8080
selector:
cloudyne.systems/customer: {{ .Values.customer.name }}
cloudyne.systems/site: {{ .Values.site.url }}
cloudyne.systems/customer: {{ .Values.customer.legalName }}
cloudyne.systems/customer-legal-id: {{ .Values.customer.legalId }}
cloudyne.systems/site: {{ .Values.site.domain }}
type: ClusterIP

327
Chart/values.yaml
View File

@@ -1,155 +1,228 @@
# Customer Information
customer:
# The (dns-compliant) customer name
name: scheibling-consulting-ab
# Customer Name/identifier
name: mycustomer
# The legal name of the customer
legalName: Scheibling Consulting AB
# Timezone for customer
# The legal ID of the customer
legalId: 559005-XXXX
# The timezone for the customer
timezone: "Europe/Stockholm"
# Package/Resource Settings
package: {}
email:
# Force a given sender email
# forceSender: "example@email.com"
# Defaults:
# package:
# size: small
# replicas: 1
# cpu:
# avg: 500m
# peak: 1000m
# mem:
# avg: 512Mi
# peak: 1Gi
# disk: 5Gi
# Set a default sender/display name
# defaultSender: "customer-noreply@v3.nu"
# defaultSenderName: "Customer Name"
# Settings for email sent from site
# default is sending from customer@mail
email: {}
# Specify allowed domains/emails to use as senders
domains:
- scheibling.se
emails:
- it@scheibling.se
# email:
# forceFromEmail: "user@domain.com"
# forceFromName: "Some Customer"
# allowedDomains:
# - "customerdomainA.se"
# - "customerdomainB.se"
# allowedEmails:
# - "noreply@customerdomainC.com"
# Database configuration
database:
server: kincaid
# Website Configuration
site:
# The main URL for the website
url: "www.mycustomer.com"
# Import database from file
import: true
importPath: "/path/to/database.sql"
overwriteExisting: false
# Additional environment variables to pass to the container
additional_env: {}
# MY_ENV_VAR: "value"
# Storage Settings
storage:
# The storage class to use for the site
# Default: premium01
class: "premium01"
# Create sites with another main domain for WP,
# but the rest of the components named according to site-tld
# overrideMainUrl: ""
# The storage type to use for the site
# Default: Premium_LRS
type: "Premium_LRS"
# Whether to keep plugins and Wordpress updated
autoUpdate: 'true'
# The storage container to use for the site
# Default: <domain>-<tld>
container: "scheibling-se"
# Storage settings
storage: {}
# Defaults:
# storage:
# cloud:
# class: "premium01"
# type: "Premium_LRS"
# container: "www-mycustomer-com"
# folders:
# - cloudPath: "uploads"
# localPath: "/app/web/app/uploads"
# - cloudyPath: "gallery"
# localPath: "/app/web/app/uploads"
# Initialization Settings
init:
# The composer package that contains the site
composerPackage: "somens/mycustomer-app"
# The name of the theme which the composer package refers to
themeName: "mycustomer-app-theme"
# Optional: Import content to wp-content directory from zip file
content: {}
# content:
# import: 'true'
# url: "https://mycustomer.com/wp-content-data.zip"
# Optional: Import database from URL
database: {}
# database:
# import: 'true'
# force: false
# url: "https://www.mycustomer.com/mysqldump.sql"
# Settings for the webroot (used by Nginx)
webroot:
path: "/app/web"
indexes: "index.php index.html index.htm"
# WP Content Folders
wpContent:
- uploads
- languages
# Additional ingress names for the site
# Default ingress names are (customer domain: testsite.com, domain = testsite, tld = com):
additionalMounts: {}
# - cloudPath: uploads
# localPath: /app/web/app/uploads
site:
# The name of the repository/composerpackage/dockerimage
# Default: domain.replace('.', '-')
name: "scheibling-se"
# Tag of the container to deploy
imageTag: "latest"
# The primary domain/TLD where the site will be available
domain: scheibling.se
# The main url (subdomain) for the site
# Only needed if it differs from the domain
# ex.
redirectDomain: www.scheibling.se
# Additional ingress domains that should all
# point to the same site
# Defaults are:
# - <domain>.<tld>
# - www.<domain>.<tld>
# - <domain>-<tld>.eu.cust.azurecd.net
# - www-<domain>-<tld>.eu.cust.azurecd.net
additionalIngressNames: []
additionalIngressDomains:
- www2.scheibling.se
# PHP Version
phpVersion: "8.0"
# Set environment (production/test/staging)
# Default: production
environment: production
# Additional env vars
# additionalEnv:
# MY_ENV_VAR: "value"
additionalEnv: {}
# Enable the route for trying .webp files before images
enableWebpRoute: "true"
# The resource limits for the site
resources:
replicas: 1
php:
memory: 512M
post: 512M
upload: 512M
inputTime: "300"
executionTime: "300"
cpu:
avg: 500m
peak: 1000m
mem:
avg: 256Mi
peak: 512Mi
disk: 5Gi
# Log Errors
logErrors: "1"
# Display Errors
displayErrors: "0"
# advanced:
# php:
# displayErrors: "0"
# logErrors: "1"
# additionalAdminValues: {}
# # Defaults:
# # storage:
# # cloud:
# # class: "premium01"
# # type: "Premium_LRS"
# # container: "www-mycustomer-com"
# # folders:
# # - cloudPath: "uploads"
# # localPath: "/app/web/app/uploads"
# # - cloudyPath: "gallery"
# # localPath: "/app/web/app/uploads"
# Global configuration
global:
# Which image to use for the web server
serverImage: ghcr.io/cloudynes/php-nginx
# # Initialization Settings
# init:
# # The composer package that contains the site
# composerPackage: "somens/mycustomer-app"
# Which image to use for the initialization
initImage: ghcr.io/cloudynes/php-init
# # The name of the theme which the composer package refers to
# themeName: "mycustomer-app-theme"
# The tag to use for the above images
imageTag: fpm8.0-alpine3.16
# # Optional: Import content to wp-content directory from zip file
# content: {}
# The database instance where the database will be provisioned
dbInstance: "kincaid"
# # content:
# # import: 'true'
# # url: "https://mycustomer.com/wp-content-data.zip"
# # Optional: Import database from URL
# database: {}
# # database:
# # import: 'true'
# # force: false
# # url: "https://www.mycustomer.com/mysqldump.sql"
php:
listenAddress: "127.0.0.1:8123"
listenBacklog: "511"
# # Settings for the webroot (used by Nginx)
# webroot:
# path: "/app/web"
# indexes: "index.php index.html index.htm"
# # Additional ingress names for the site
# # Default ingress names are (customer domain: testsite.com, domain = testsite, tld = com):
# # - <domain>.<tld>
# # - www.<domain>.<tld>
# # - <domain>-<tld>.eu.cust.azurecd.net
# # - www-<domain>-<tld>.eu.cust.azurecd.net
# additionalIngressNames: []
pmMode: "ondemand"
pmMaxChildren: "100"
pmProcessIdle: "30s"
pmMaxRequests: "1000"
limitExtensions: ".php"
exposePHP: "Off"
shortOpenTag": "Off"
disableFunctions: "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source"
logErrors: "On"
# # Global configuration
# global:
# # Which image to use for the web server
# serverImage: ghcr.io/cloudynes/php-nginx
adminValues:
upload_max_filesize: "256M"
post_max_size: "256M"
# # Which image to use for the initialization
# initImage: ghcr.io/cloudynes/php-init
nginx:
workerConnections: "1024"
keepaliveTimeout: "61"
sendfile: "off"
tcpNodelay: "on"
absoluteRedirects: "off"
fcgiBufferSize: "128k"
fcgiBuffers: "4 256k"
fcgiBusyBufferSize: "256k"
fcgiReadTimeout: "300"
globalAdditions: ""
eventsAdditions: ""
httpAdditions: ""
serverAdditions: ""
rootLocationAdditions: ""
phpLocationAdditions: ""
# # The tag to use for the above images
# imageTag: fpm8.0-alpine3.16
# # The database instance where the database will be provisioned
# dbInstance: "kincaid"
# php:
# listenAddress: "127.0.0.1:8123"
# listenBacklog: "511"
# pmMode: "ondemand"
# pmMaxChildren: "100"
# pmProcessIdle: "30s"
# pmMaxRequests: "1000"
# limitExtensions: ".php"
# exposePHP: "Off"
# shortOpenTag": "Off"
# disableFunctions: "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,show_source"
# logErrors: "On"
# adminValues:
# upload_max_filesize: "256M"
# post_max_size: "256M"
# nginx:
# workerConnections: "1024"
# keepaliveTimeout: "61"
# sendfile: "off"
# tcpNodelay: "on"
# absoluteRedirects: "off"
# fcgiBufferSize: "128k"
# fcgiBuffers: "4 256k"
# fcgiBusyBufferSize: "256k"
# fcgiReadTimeout: "300"
# globalAdditions: ""
# eventsAdditions: ""
# httpAdditions: ""
# serverAdditions: ""
# rootLocationAdditions: ""
# phpLocationAdditions: ""