# Deployment description apiVersion: apps/v1 kind: Deployment metadata: name: semcust-deployment namespace: prod-environment labels: app: semcust-prod spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: semcust-prod template: metadata: labels: app: semcust-prod spec: containers: - name: semcust-frontend image: packages.semapp.lan:5000/semcust_frontend:1.2.2 resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "512Mi" cpu: "4" ports: - containerPort: 8200 name: semcust-http protocol: TCP volumeMounts: - mountPath: /etc/nginx/conf.d readOnly: true name: nginx-conf imagePullPolicy: Always - name: semcust-backend image: packages.semapp.lan:5000/semcust_backend:1.2.2 resources: requests: memory: "256Mi" cpu: "100m" limits: memory: "512Mi" cpu: "4" ports: - containerPort: 5200 name: semcust-backend protocol: TCP imagePullPolicy: Always envFrom: - configMapRef: name: semcust-prod-config volumes: - name: nginx-conf configMap: name: semcust-nginx-conf --- apiVersion: v1 kind: ConfigMap metadata: namespace: prod-environment name: semcust-prod-config labels: app: semcust-prod data: DJANGO_DB_ENGINE: "django.db.backends.postgresql_psycopg2" DJANGO_DB_NAME: "semcust_prod" DJANGO_DB_USER: "semcust_prod" DJANGO_DB_PASSWORD: "P{*~976@$S[;%-H35jXw" DJANGO_DB_HOST: "psql.semprod.local" DJANGO_DB_PORT: "5432" ALLOWED_HOSTS: '["*"]' FRONTEND_URL: "https://portal.semapp.de" API_URL: "https://portal.semapp.de" PORT_FRONTEND: "8200" PORT_BACKEND: "5200" DEFAULT_FILE_STORAGE: "minio_storage.storage.MinioMediaStorage" MINIO_STORAGE_ENDPOINT: "minio-api.semprod.local" MINIO_STORAGE_ACCESS_KEY: "semcust-prod" MINIO_STORAGE_SECRET_KEY: "8c2$5xVFfg9J&s{QmA!_" MINIO_STORAGE_USE_HTTPS: "False" MINIO_STORAGE_MEDIA_BUCKET_NAME: "semcust-prod" MINIO_STORAGE_AUTO_CREATE_MEDIA_BUCKET: "True" EMAIL_USE_TLS: "True" EMAIL_HOST: "smtp.strato.de" EMAIL_PORT: "587" EMAIL_HOST_USER: "support@semantic-applications.de" EMAIL_HOST_PASSWORD: "uN1zPIqN9@br" // BASELINE NEDDED VARIABLES (this will be need changed then keyclak will be on internet) BASELINE_KEY: "MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQCywAtKmrwdhu0xyEWy/xaGo1pzFyK3AMq41puS2FgOolXnTpCQDRxpo1Jb6p7GsGQCItgyPlTHs5Tki9ZvGa11VjrOWbIrovkU2sXRfZlhNh0uo/zAgB3kYjvHAckflStjVbJ3erZOYHYcLmUhGNRBqabVUpC1utXk8wm/71FJ7s6XbYOObojd1TBAgvWh4JYHFosrh3hutmb6vGrUhiGCKYtO/2hAnNPs0BkZUUawFx+t9WTwFdqlfmotCYriFDEEXj60oWDn01UeAOxuNoDxlF4TKKrHUYlwsDOkRiRKt+KD4ic6zKvyqpMpHb5ckXfO8Pg/x+6iBVIrr/PAxZI6c/LKnxeXUEMVisy5sHEsxIXdUqIsrUF/UhH6qE+aHPFyUkeSlonj7kO5bZ+lwMPT/jxdMF/9nQFoRZ9guOQVRpslCnum9sOF240ITAbvFlJKuH5ePcpCBJ3ufWxXBU3oa8hZb4Afn8qhsB7lmQprTOscuVA0381jQonUKkQ+Z3J9gMM0fUkzUvrsiJ99uTcqh5Y8SI1LlKvCvDwD36ETTN47SV5GdZenEoY3fhcDQGkzZESzNfVl5s0WRgUEW02hucerdqbDveyavmP7kILTQrWB1++/YKwKSzBnTkl0rAzUwuIX8N62ug0UrXi7zCezp1qo3kT0EEK7tR51HHcmlwIDAQABAoICAQCEyW9Z65rlYG9iNQG6GA9203EE4GH0is0OBLcrnjXEIUope86ehG7f9ujeyWtL9ItGnvX2VSGL/NcV9N/GRs/5w6YJ1s4p5naczGx51JEViyqglEfWBRavq13211e+c4T41Rev9GPr03LKOpj7vkMnyEzcWeqQZgwxeW57u9+qSZIFIeDB9VENYirnMaIhsAIjn9ag7pFDxZK4nzHJUR8hX5VSiR+8KASy/mA2047sjzEEfLCQPdvgZwmfDWCz1AYZ1Z1FeEDR1sd7c3ov4aNmUy6TkvlS+jpckTi7xzN8oh/OkzlLT/JIYfjSaXsZryLOg2oXj4GxsLw7Igm04dBfB+ViNvE4B6nIdLwQr8F3BZLkP64QtkiOwcjJwpEJP3fyVO3q+Mua+FNU5pAIIrIJWUD9jwMuIjrZeh8E0154embo0cOPUZEYS1mDMHcPkc9mwHqSisR5QaOdbyAAF/FQfmeQ8VjE0tX5DPUhmxa9AQ/cvNa6CSfpgHTcsLtgGS4YpKKcTw6+hCe45THobjtHOCbn1MSLMxXwT3B2FByxyN9qxLj6YreKTuyXlArIG88+l9A6XgDr1yhsYKjIBK8m63cCV95Scjx4bEavvwTfEUPsvqaijPMRduUNC8a4WJMDSJTue54nL2G8gQxXR2Ge32Wzy/lOauoIJRO6S/7z0QKCAQEA3lp8LKmOtKwxXSBSamEJn7yscaDzsljPeO37xppARc6Iv1/cvw9zWdYgF6UKrf2Ve3c4bVPnmYtR4KUETL93G9t5g8lCIFmjRqsJR3y9Y/yec4rJDRbZRyDDT6PrQ5oBnZP25/lMY+mFY1Ee7lx64WSRfZGnWWpxOn1K25RusxzsVS0TM107XmgGV9jFwf4qjXkcfnPZye9NgWBEURo8gVv7RSuf8YQW6FSNzQoNIMNQ8/XgJ2EVleWzXxDewtteMV06xDFHr97/yc2d9/p+a2LeF2HtAeYuNQW2pqc5yDb6oKBQ9xQXFaNQAIeuvFknLygVOYEEiesswJEIcQ6COQKCAQEAzcx1JXTmro/0e03cwrsqGE71JEcZFNtw6O8D9ZX4bYcdkDDGWrDRJ2q3WyM+UYf9s2mr26LoqfG2JDw6B/nr2oq7zrvE3SRdrQZOni459USDHQH+4qmTdT2cfbz7pRcY1EBYfeUdrtJJu2aJeYyl/WxA41AtOaWyLZSsPC63RCcdweS3LEJqyrC1S0oixtUFiGMByY+ipLfNYMGQg1aYQU3Tpxs6vQDKeLok/Bb/q2lcBUlsWHJDCH2SJcIGyOKFGb1WlcbVgDNbO0N1PnG4ZUlHo73nDEm9pCoMgfGI8/tQGxKvAsTyGD+eTpJjtvE0bLB8TGo81L7+dkp9XbivTwKCAQAd3sH3rf+BvfATtpfbupV0ZAA2c4zJVKzqbe34zBf+SLSOIO6irAyu8Nj21DEPFpXSND3cUf0230RsjT56oO37TAyS66J6fhA1GhzxAYzftbwDgY1ouL0PlRMny7l7J2E4LfxpRVBBy8kjgm5JTxsi1EPHPp3goS/8z4AS52nHngcRmjCOIeQr1oWjn3dRjDdjMfXl9uI3AnLDAo+q5X9jUVv7+tRNuZTqORGjjcodsJ9bZphqMdyYencSOk3yl02cDA4s9QHQWoC6N2kVOw1ol6uGMJ2KN8XVUaMr2CMnBlu84EyAJK7FNV818wRCQSfGafgP9YkKjhFA/TrJFU3hAoIBAHbw5P+5+Z0IHB+rl5yAOcsEz0+hO9C/JxmpElu8ynDa924fknRV3vvuBHzK+Lh8ZVdtCmONWvTlewSkPlHf0r1jEzpfcV7yJqXakFOBmgO0DicUwTBVG6FV830EXVhD6hi5+6r/YVFpvi1uDKRQcpruFu6Jpym7JyiK1aSOx2K/TMaEHo2Y8UmmKZGTDlhmQ6VYu2638iNLC4sRNCmEQcj0ZxAcf60+qMZvpvJ/hFKYORPhJJpVp4JfuLjT08IEkTKYKFO2MCzBAchVq4xkg1MesCXlmoSSleUsXEA5zZJdPCX5fWaXVuhG1ILKvpC8BTWQJrava+r1W/IYCS7Cj6cCggEBAK4LLJodfOODAKe7Mpy3BExyjANy4dbEU6/vUlR1pChx8j+rwDCbhYIcfDaGMk62qF0wpd4fK3gOLQ0L5FUpay0rs5UPDfvl/vYkZXlVsJbqGoyAbunRNqGpm6sqh8M6jUDDocsk69aOSQoM5Y9SPQhnfkJROPLWxI4fREy2drSxU0Mw6l+K6G9SZdrtn3f6zSEsBPYnMmz1O8KCJk6qbInFoPphc+Xatm85RxEaSnVAStUnYwvWlZcKzIPQ+wWmVPHzKUOhHZpoly7vkP6d7MlCt9tK8J7WeWKzDEnUbvJZoBvMDQcVbZGTVmZoxhiVjqYBYPzE+3IprAcZIHZbl7Q=" BASE_KEYCLOAK_URL: "http://keycloak.semprod.local" BASELINE_KEYCLOAK_CLIENT_ID: "baseline_prod" BASELINE_KEYCLOAK_REALM: "baseline_production" KEYCLOAK_ADMIN_USERNAME: "admin" KEYCLOAK_ADMIN_PASSWORD: "admin" KEYCLOAK_ADMIN_CLIENT_ID: "admin-cli" --- apiVersion: v1 kind: ConfigMap metadata: namespace: prod-environment name: semcust-nginx-conf data: default.conf: | upstream backend { server semcust-backend-prod:5200; } server { listen 8200; #server_name semcust-dev.semapp.lan; access_log /var/log/nginx/access.log; charset utf-8; client_max_body_size 1G; location / { root /srv/semcust; #add_header X-Frame-Options "SAMEORIGIN"; index index.html index.htm; try_files $uri $uri /index.html =404; } location /administration { root /srv/semcust; #add_header X-Frame-Options "SAMEORIGIN"; index index.html index.htm; try_files $uri $uri /index.html =404; } location /confluence { root /srv/semcust; #add_header X-Frame-Options "SAMEORIGIN"; index index.html index.htm; try_files $uri $uri /index.html =404; } location ~ ^/api { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } location /admin { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } location /forum { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } location /confluence/page-overview/ { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } location /confluence/storage/ { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } location /help-desk { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } location /help-desk-customer { root /srv/semcust; #add_header X-Frame-Options "SAMEORIGIN"; index index.html index.htm; try_files $uri $uri /index.html =404; } location /static-backend { proxy_pass http://backend; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_read_timeout 300s; proxy_send_timeout 300s; send_timeout 300s; } error_page 404 =200 /index.html; add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; expires off; open_file_cache off; sendfile off; } --- # semcust Service apiVersion: v1 kind: Service metadata: name: semcust-frontend-prod namespace: prod-environment spec: selector: app: semcust-prod ports: - name: semcust-http port: 8200 targetPort: semcust-http type: NodePort --- # semcust backend apiVersion: v1 kind: Service metadata: name: semcust-backend-prod namespace: prod-environment spec: selector: app: semcust-prod ports: - name: semcust-backend port: 5200 targetPort: semcust-backend type: NodePort --- # Ingress description apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: semcust-prod-ingress namespace: prod-environment annotations: kubernetes.io/ingress.class: "traefik" spec: rules: - host: semcust-prod.k8s.semprod.local http: paths: - backend: service: name: semcust-frontend-prod port: number: 8200 path: / pathType: ImplementationSpecific - host: portal.semapp.de http: paths: - backend: service: name: semcust-frontend-prod port: number: 8200 path: / pathType: ImplementationSpecific