stage: cusqa # minio tenant tenant: tenant: name: s3-cusqa-prodwork01 configuration: name: minio-config pools: - servers: 4 volumesPerServer: 2 storageClassName: hcloud-volumes size: 60Gi buckets: - name: postgres region: "" - name: wordpress region: "" users: - name: pgbackup - name: wpbackup prometheus: diskCapacityGB: false log: audit: diskCapacityGB: false env: - name: MINIO_PROMETHEUS_AUTH_TYPE value: "public" - name: MINIO_PROMETHEUS_JOB_ID value: "minio-cusqa" - name: MINIO_PROMETHEUS_URL value: "http://kube-prometheus-stack-prometheus.monitoring:9090" - name: CONSOLE_PROMETHEUS_URL value: "http://kube-prometheus-stack-prometheus.monitoring:9090" ingress: api: enabled: true ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/custom-http-errors: "599" nginx.ingress.kubernetes.io/force-ssl-redirect: "true" nginx.ingress.kubernetes.io/proxy-body-size: 32m nginx.ingress.kubernetes.io/whitelist-source-range: >- 212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,195.201.31.227/32,167.235.150.201/32,167.235.150.198/32,167.235.150.195/32,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,195.201.127.50/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32 host: s3storage-cusqa-prodwork01.smardigo.digital tls: - secretName: s3-miniotest-cert hosts: - s3storage-cusqa-prodwork01.smardigo.digital console: enabled: true ingressClassName: nginx annotations: cert-manager.io/cluster-issuer: letsencrypt-prod cert-manager.io/issue-temporary-certificate: "true" nginx.ingress.kubernetes.io/backend-protocol: HTTPS nginx.ingress.kubernetes.io/force-ssl-redirect: "true" host: s3console-cusqa-prodwork01.smardigo.digital tls: - secretName: s3-console-cert hosts: - s3console-cusqa-prodwork01.smardigo.digital kibana: name: kibana-cusqa-prodwork01.smardigo.digital pgadmin: name: pgadmin-cusqa-prodwork01.smardigo.digital image: name: dpage/pgadmin4 tag: 7 env: email: smardigo-admin@smardigo.dev password: smardigo-admin servers: connect: Name: "smardigo_connect" Group: "Servers" Port: 5432 Username: "smardigo_connect_admin" Host: "postgres-cluster" SSLMode: "require" MaintenanceDB: "smardigo-connect" Password: valueFrom: secretKeyRef: key: password name: >- smardigo-connect-admin.postgres-cluster.credentials.postgresql.acid.zalan.do ingress: customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" smardigo-connect: postgres: spec: volume: size: 25Gi additionalVolumes: - name: backup-monitoring-script mountPath: /nso_scripts volumeSource: configMap: name: backup-monitoring-script defaultMode: 0777 targetContainers: - postgres - name: pg-backup-script mountPath: /scripts/postgres_backup.sh subPath: postgres_backup.sh volumeSource: configMap: name: pg-backup-script defaultMode: 0777 targetContainers: - postgres - name: pg-reschedulebackup-script mountPath: /scripts/backup_retry.sh subPath: backup_retry.sh volumeSource: configMap: name: pg-backup-script defaultMode: 0777 targetContainers: - postgres monitoring: alerts: postgres: basebackup: timeThreshold: 86400 # for backups older than 1 day teamLabel: alerting-nso-mobene connect: additional_labels: restart: 20230217-1145 domain: connect-cusqa-prodwork01.smardigo.digital ingress: customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,92.42.192.9/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" image: version: 11.1.43 envvars: tenant_id: cusqa-mobene oidc: client_id: cusqa registration_id: cusqa issuer_host: prodnso-keycloak-01.smardigo.digital realm: mobene iam: iam_module: external iam_client_enabled: "true" protocol: http hostname: iam.mobene-keycloak port: 8080 elastic: process_search_module: external_v2 process_search_client_enabled: true ocr: enabled: true four_eyes_principle_deletion: true config_delete_scope_enabled: true processSearch: additional_labels: restart: 20231027-0830 smardigo-worker: uba: enabled: true image: version: 10.6.0 sepa: enabled: true image: version: 10.3.0 ocr: enabled: true image: version: 11.1.2 task: maxTasks: 3 wordpressInitializer: enabled: true image: version: 11.0.2 additional_labels: restart: 20231031-0950 config: amount_retries: 3 base_waittime: 30 waittime_increase_interval: 15 smardigo-wordpress: wordpress: nameOverride: wordpress-thgquotenservice multisite: host: connect-wordpress-cusqa-prodwork01.smardigo.digital customPostInitScripts: install-plugins.sh: | #!/bin/bash wp plugin install https://updraftplus.com/wp-content/uploads/updraftplus.zip --activate-network ingress: hostname: connect-wordpress-cusqa-prodwork01.smardigo.digital extraHosts: - name: "*.connect-wordpress-cusqa-prodwork01.smardigo.digital" path: / extraTls: - hosts: - "*.connect-wordpress-cusqa-prodwork01.smardigo.digital" secretName: "connect-wordpress-cusqa-prodwork01.smardigo.digital-wildcard-tls" annotations: nginx.ingress.kubernetes.io/whitelist-source-range: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,92.42.192.9/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,92.42.192.9/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" commonLabels: app: wordpress project: thgquotenservice egeld24-wordpress: enabled: true wordpress: nameOverride: wordpress-egeld24 multisite: enable: false customPostInitScripts: install-plugins.sh: | #!/bin/bash wp plugin install https://updraftplus.com/wp-content/uploads/updraftplus.zip --activate-network ingress: hostname: egeld24-wordpress-cusqa-prodwork01.smardigo.digital annotations: cert-manager.io/cluster-issuer: letsencrypt-prod-http nginx.ingress.kubernetes.io/whitelist-source-range: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,92.42.192.9/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,92.42.192.9/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32" commonLabels: app: wordpress project: egeld24 prometheus-postgres-exporter: serviceMonitor: enabled: true labels: release: kube-prometheus-stack rbac: pspEnabled: false config: datasourceSecret: name: postgres-exporter-database-connection key: datasource iam: enabled: true iam_module: external iam_client_enabled: "true" protocol: http hostname: iam.cusqa port: 8080 secret_name_keycloak_creds: iam-keycloak-creds envvars: iam_keycloak_auth_server_url: "https://keycloak-prodwork01.smardigo.digital/auth/" netpols: keycloak_ip: 167.235.109.35/32 # prodwork01-ingress.smardigo.digital