argocd
/
prodwork01-mobene-deployment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
cusprod
test
report_task_update_to_11.2.59_PROD
nsodev
hotfix/increase_pg_data_pvc
report_task_update_to_11.2.58_PROD
update_process_search_1.4.32
cusqa
cherry-pick-d7d4519a
cherry-pick-20afe452
pgadmin
MOB-755
ocr-jwt-token
cusqa_cherrypick_try
cherry-pick-9c6aec87
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8ab4a67f6d'
${ noResults }
prodwork01-mobene-deployment/values_cusqa.yaml

250 lines
8.4 KiB
YAML
Raw Blame History

stage: cusqa
# minio tenant
tenant:
tenant:
name: s3-cusqa-prodwork01
configuration:
name: minio-config
pools:
- servers: 4
volumesPerServer: 2
storageClassName: hcloud-volumes
size: 60Gi
buckets:
- name: postgres
region: ""
- name: wordpress
region: ""
users:
- name: pgbackup
- name: wpbackup
prometheus:
diskCapacityGB: false
log:
audit:
diskCapacityGB: false
env:
- name: MINIO_PROMETHEUS_AUTH_TYPE
value: "public"
- name: MINIO_PROMETHEUS_JOB_ID
value: "minio-cusqa"
- name: MINIO_PROMETHEUS_URL
value: "http://kube-prometheus-stack-prometheus.monitoring:9090"
- name: CONSOLE_PROMETHEUS_URL
value: "http://kube-prometheus-stack-prometheus.monitoring:9090"
ingress:
api:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
nginx.ingress.kubernetes.io/proxy-body-size: 32m
nginx.ingress.kubernetes.io/whitelist-source-range: >-
212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,195.201.31.227/32,167.235.150.201/32,167.235.150.198/32,167.235.150.195/32,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,195.201.127.50/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32
host: s3storage-cusqa-prodwork01.smardigo.digital
tls:
- secretName: s3-miniotest-cert
hosts:
- s3storage-cusqa-prodwork01.smardigo.digital
console:
enabled: true
ingressClassName: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
cert-manager.io/issue-temporary-certificate: "true"
nginx.ingress.kubernetes.io/backend-protocol: HTTPS
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
host: s3console-cusqa-prodwork01.smardigo.digital
tls:
- secretName: s3-console-cert
hosts:
- s3console-cusqa-prodwork01.smardigo.digital
kibana:
name: kibana-cusqa-prodwork01.smardigo.digital
pgadmin:
name: pgadmin-cusqa-prodwork01.smardigo.digital
image:
name: dpage/pgadmin4
tag: 7
env:
email: smardigo-admin@smardigo.dev
password: smardigo-admin
servers:
connect:
Name: "smardigo_connect"
Group: "Servers"
Port: 5432
Username: "smardigo_connect_admin"
Host: "postgres-cluster"
SSLMode: "require"
MaintenanceDB: "smardigo-connect"
Password:
valueFrom:
secretKeyRef:
key: password
name: >-
smardigo-connect-admin.postgres-cluster.credentials.postgresql.acid.zalan.do
ingress:
customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32"
smardigo-connect:
postgres:
spec:
volume:
size: 25Gi
additionalVolumes:
-
name: backup-monitoring-script
mountPath: /nso_scripts
volumeSource:
configMap:
name: backup-monitoring-script
defaultMode: 0777
targetContainers:
- postgres
-
name: pg-backup-script
mountPath: /scripts/postgres_backup.sh
subPath: postgres_backup.sh
volumeSource:
configMap:
name: pg-backup-script
defaultMode: 0777
targetContainers:
- postgres
-
name: pg-reschedulebackup-script
mountPath: /scripts/backup_retry.sh
subPath: backup_retry.sh
volumeSource:
configMap:
name: pg-backup-script
defaultMode: 0777
targetContainers:
- postgres
monitoring:
alerts:
postgres:
basebackup:
timeThreshold: 86400 # for backups older than 1 day
teamLabel: alerting-nso-mobene
connect:
additional_labels:
restart: 20230217-1145
domain: connect-cusqa-prodwork01.smardigo.digital
ingress:
customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32"
image:
version: 11.1.9
oidc:
client_id: cusqa
registration_id: cusqa
issuer_host: prodnso-keycloak-01.smardigo.digital
realm: mobene
iam:
iam_module: external
iam_client_enabled: "true"
protocol: http
hostname: iam.mobene-keycloak
port: 8080
elastic:
process_search_module: external_v2
process_search_client_enabled: true
ocr:
enabled: true
four_eyes_principle_deletion: true
config_delete_scope_enabled: true
processSearch:
additional_labels:
restart: 20230927-1200
smardigo-worker:
uba:
enabled: true
image:
version: 10.6.0
sepa:
enabled: true
image:
version: 10.3.0
ocr:
enabled: true
image:
version: 10.4.6
smardigo-wordpress:
wordpress:
nameOverride: wordpress-thgquotenservice
multisite:
host: connect-wordpress-cusqa-prodwork01.smardigo.digital
customPostInitScripts:
install-plugins.sh: |
#!/bin/bash
wp plugin install https://updraftplus.com/wp-content/uploads/updraftplus.zip --activate-network
ingress:
hostname: connect-wordpress-cusqa-prodwork01.smardigo.digital
extraHosts:
- name: "*.connect-wordpress-cusqa-prodwork01.smardigo.digital"
path: /
extraTls:
- hosts:
- "*.connect-wordpress-cusqa-prodwork01.smardigo.digital"
secretName: "connect-wordpress-cusqa-prodwork01.smardigo.digital-wildcard-tls"
annotations:
nginx.ingress.kubernetes.io/whitelist-source-range: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32"
customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32"
commonLabels:
app: wordpress
project: thgquotenservice
egeld24-wordpress:
enabled: true
wordpress:
nameOverride: wordpress-egeld24
multisite:
enable: false
customPostInitScripts:
install-plugins.sh: |
#!/bin/bash
wp plugin install https://updraftplus.com/wp-content/uploads/updraftplus.zip --activate-network
ingress:
hostname: egeld24-wordpress-cusqa-prodwork01.smardigo.digital
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod-http
nginx.ingress.kubernetes.io/whitelist-source-range: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32"
customIpWhitelist: "212.121.131.106/32,149.233.6.129/32,46.245.219.98/32,164.138.195.162/32,10.0.0.0/16,167.235.150.133/32,167.235.150.197/32,23.88.53.161/32,195.201.113.110/32,5.75.184.216/32,92.42.192.157/32,164.92.251.253/32,91.107.228.133/32,167.235.25.0/32"
commonLabels:
app: wordpress
project: egeld24
prometheus-postgres-exporter:
serviceMonitor:
enabled: true
labels:
release: kube-prometheus-stack
rbac:
pspEnabled: false
config:
datasourceSecret:
name: postgres-exporter-database-connection
key: datasource
iam:
enabled: true
iam_module: external
iam_client_enabled: "true"
protocol: http
hostname: iam.cusqa
port: 8080
secret_name_keycloak_creds: iam-keycloak-creds
envvars:
iam_keycloak_auth_server_url: "https://keycloak-prodwork01.smardigo.digital/auth/"
netpols:
keycloak_ip: 167.235.109.35/32 # prodwork01-ingress.smardigo.digital
Reference in New Issue View Git Blame Copy Permalink