Newer
Older
---
apiVersion: v1
kind: ConfigMap
metadata:
name: fresh
data:
default.conf: |
server {
listen 8000 default_server;
root /etc/cubicweb.d/fresh/data;
rewrite ^/fresh/(.*) /$1 last;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_buffering off;
# This make cubicweb-signedrequest works even if HTTP Host header is
# not supposed to contains URL path...
proxy_set_header Host $host/fresh;
proxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Remote-user $http_x_remote_user;
}
location /data {
alias /etc/cubicweb.d/fresh/data;
expires 30d;
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: fresh
spec:
selector:
matchLabels:
app: fresh
replicas: 1
template:
metadata:
labels:
app: fresh
spec:
volumes:
- name: static
emptyDir: {}
- name: config
configMap:
name: fresh
- name: cwclientlibrc
secret:
secretName: fresh-cwclientlibrc
- name: bfss
persistentVolumeClaim:
claimName: fresh
image: r.intra.logilab.fr/intranet/fresh
imagePullPolicy: Always
envFrom:
- secretRef:
name: fresh-env
volumeMounts:
- name: static
mountPath: /etc/cubicweb.d/fresh/data
- name: cwclientlibrc
- name: bfss
mountPath: /etc/cubicweb.d/fresh/bfss
command: [
"/bin/sh", "-c",
"install -m 400 /secret/cwclientlibrc /etc/cubicweb.d/fresh/cwclientlibrc && exec /entrypoint.sh start"
memory: 500Mi
limits:
memory: 500Mi
- name: nginx
image: r.intra.logilab.fr/library/nginx
imagePullPolicy: Always
volumeMounts:
- name: config
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
- name: static
mountPath: /etc/cubicweb.d/fresh/data
readinessProbe:
initialDelaySeconds: 5
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 20
httpGet:
path: /siteinfo
port: 8000
httpHeaders:
- name: X-Remote-User
value: admin
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: fresh-scheduler
spec:
selector:
matchLabels:
app: fresh-scheduler
replicas: 1
template:
metadata:
labels:
app: fresh-scheduler
spec:
volumes:
- name: cwclientlibrc
secret:
secretName: fresh-cwclientlibrc
- name: bfss
persistentVolumeClaim:
claimName: fresh
image: r.intra.logilab.fr/intranet/fresh
imagePullPolicy: Always
envFrom:
- secretRef:
name: fresh-env
volumeMounts:
- name: cwclientlibrc
- name: bfss
mountPath: /etc/cubicweb.d/fresh/bfss
command: [
"/bin/sh", "-c",
"install -m 400 /secret/cwclientlibrc /etc/cubicweb.d/fresh/cwclientlibrc && exec cubicweb-ctl scheduler fresh"