Penpot/penpot-helm
0
Fork 0
mirror of https://github.com/penpot/penpot-helm.git synced 2024-12-21 21:23:04 -05:00
Code Issues Activity

fix: use internal address in exporter and minor doc improvements

Browse source
This commit is contained in:
David Barragán Merino 2024-07-10 15:03:09 +02:00
parent fc5ee21ebc
commit d4317bdcf1
6 changed files with 31 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -38,7 +38,9 @@ pre-commit install --install-hooks -f
helm install penpot ./charts/penpot -f devel/penpot.values.yaml
```
- Access to http://localhost/
- Access to [http://penpot.example.com/](http://penpot.example.com/) (
> :exclamation: You need to add `127.0.1.1 penpot.example.com` to `/etc/hosts`_
> :bulb: if you disable ingress, you can exposing the app in the port 8888 with:
> ```shell
> kubectl port-forward service/penpot 8888:80

4
charts/penpot/README.md
View file

@ -60,7 +60,7 @@ $ helm install my-release penpot/penpot
| config.assets.s3.secretKeys.endpointURIKey | string | `""` | The S3 endpoint URI to use from an existing secret. |
| config.assets.s3.secretKeys.secretAccessKey | string | `""` | The S3 secret access key to use from an existing secret. |
| config.assets.storageBackend | string | `"assets-fs"` | The storage backend for assets to use. Use `assets-fs` for filesystem, and `assets-s3` for S3. |
| config.flags | string | `"enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server"` | The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info. |
| config.flags | string | `"enable-registration enable-login-with-password disable-email-verification enable-smtp"` | The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info. |
| config.postgresql.database | string | `"penpot"` | The PostgreSQL database to use. |
| config.postgresql.existingSecret | string | `""` | The name of an existing secret. |
| config.postgresql.host | string | `""` | The PostgreSQL host to connect to. Empty to use dependencies. |
@ -114,7 +114,7 @@ $ helm install my-release penpot/penpot
| config.providers.secretKeys.googleClientSecretKey | string | `""` | The Google client secret key to use from an existing secret. |
| config.providers.secretKeys.oidcClientIDKey | string | `""` | The OpenID Connect client ID key to use from an existing secret. |
| config.providers.secretKeys.oidcClientSecretKey | string | `""` | The OpenID Connect client secret key to use from an existing secret. |
| config.publicUri | string | `"http://penpot.example.com"` | The public domain to serve Penpot on. Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain. |
| config.publicUri | string | `"http://penpot.example.com"` | The public domain to serve Penpot on. **IMPORTANT:** Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain. |
| config.redis.database | string | `"0"` | The Redis database to connect to. |
| config.redis.host | string | `""` | The Redis host to connect to. Empty to use dependencies |
| config.redis.port | int | `6379` | The Redis host port to use. |

20
charts/penpot/templates/backend-deployment.yml
View file

@ -52,7 +52,7 @@ spec:
{{- omit .Values.backend.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
env:
{{/* General settings */}}
# General settings
- name: PENPOT_PUBLIC_URI
value: {{ .Values.config.publicUri | quote }}
- name: PENPOT_FLAGS
@ -65,7 +65,7 @@ spec:
{{- end }}
- name: PENPOT_TELEMETRY_ENABLED
value: {{ .Values.config.telemetryEnabled | quote }}
{{/* PosgreSQL connection settings */}}
# PosgreSQL connection settings
- name: PENPOT_DATABASE_URI
{{- if .Values.config.postgresql.host }}
value: "postgresql://{{ .Values.config.postgresql.host }}:{{ .Values.config.postgresql.port }}/{{ .Values.config.postgresql.database }}"
@ -90,14 +90,14 @@ spec:
name: {{ .Values.config.postgresql.existingSecret }}
key: {{ .Values.config.postgresql.secretKeys.passwordKey }}
{{- end }}
{{/* Redis connection settings */}}
# Redis connection settings
- name: PENPOT_REDIS_URI
{{- if .Values.config.redis.host }}
value: "redis://{{ .Values.config.redis.host }}:{{ .Values.config.redis.port }}/{{ .Values.config.redis.database }}"
{{- else }}
value: {{ print "redis://" (include "penpot.fullname" .) "-redis-master:" .Values.config.redis.port "/" .Values.config.redis.database }}
{{- end }}
{{/* Assets storage settings */}}
# Assets storage settings
- name: PENPOT_ASSETS_STORAGE_BACKEND
value: {{ .Values.config.assets.storageBackend | quote }}
{{- if eq .Values.config.assets.storageBackend "assets-fs" }}
@ -136,7 +136,7 @@ spec:
key: {{ .Values.config.assets.s3.secretKeys.endpointURIKey }}
{{- end }}
{{- end }}
{{/* SMTP settings */}}
# SMTP settings
{{- if .Values.config.smtp.enabled }}
{{- if .Values.config.smtp.defaultFrom }}
- name: PENPOT_SMTP_DEFAULT_FROM
@ -183,7 +183,7 @@ spec:
value: {{ .Values.config.smtp.ssl | quote }}
{{- end }}
{{- end }}
{{/* Google Auth provider settings */}}
# Google Auth provider settings
{{- if .Values.config.providers.google.enabled }}
{{- if not .Values.config.providers.secretKeys.googleClientIDKey }}
- name: PENPOT_GOOGLE_CLIENT_ID
@ -206,7 +206,7 @@ spec:
key: {{ .Values.config.providers.secretKeys.googleClientSecretKey }}
{{- end }}
{{- end }}
{{/* Github Auth provider settings */}}
# Github Auth provider settings
{{- if .Values.config.providers.github.enabled }}
{{- if not .Values.config.providers.secretKeys.githubClientIDKey }}
- name: PENPOT_GITHUB_CLIENT_ID
@ -229,7 +229,7 @@ spec:
key: {{ .Values.config.providers.secretKeys.githubClientSecretKey }}
{{- end }}
{{- end }}
{{/* Gitlab Auth provider settings */}}
# Gitlab Auth provider settings
{{- if .Values.config.providers.gitlab.enabled }}
{{- if .Values.config.providers.gitlab.baseURI }}
- name: PENPOT_GITLAB_BASE_URI
@ -256,7 +256,7 @@ spec:
key: {{ .Values.config.providers.secretKeys.gitlabClientSecretKey }}
{{- end }}
{{- end }}
{{/* OIDC provider settings */}}
# OIDC provider settings
{{- if .Values.config.providers.oidc.enabled }}
{{- if .Values.config.providers.oidc.baseURI }}
- name: PENPOT_OIDC_BASE_URI
@ -319,7 +319,7 @@ spec:
value: {{ .Values.config.providers.oidc.userInfoSource | quote }}
{{- end }}
{{- end }}
{{/* LDAP provider settings */}}
# LDAP provider settings
{{- if .Values.config.providers.ldap.enabled }}
{{- if .Values.config.providers.ldap.host }}
- name: PENPOT_LDAP_HOST

6
charts/penpot/templates/exporter-deployment.yml
View file

@ -29,7 +29,7 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "penpot.serviceAccountName" . }}
{{ if .Values.exporter.podSecurityContext.enabled }}
{{- if .Values.exporter.podSecurityContext.enabled }}
securityContext:
{{- omit .Values.exporter.podSecurityContext "enabled" | toYaml | nindent 8 }}
{{- end }}
@ -37,13 +37,13 @@ spec:
- name: {{ .Chart.Name }}-exporter
image: "{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}"
imagePullPolicy: {{ .Values.exporter.image.imagePullPolicy }}
{{ if .Values.exporter.containerSecurityContext.enabled }}
{{- if .Values.exporter.containerSecurityContext.enabled }}
securityContext:
{{- omit .Values.exporter.containerSecurityContext "enabled" | toYaml | nindent 12 }}
{{- end }}
env:
- name: PENPOT_PUBLIC_URI
value: {{ .Values.config.publicURI | quote }}
value: {{ print "http://" (include "penpot.fullname" .) ":" .Values.frontend.service.port }}
- name: PENPOT_REDIS_URI
{{- if .Values.config.redis.host }}
value: "redis://{{ .Values.config.redis.host }}:{{ .Values.config.redis.port }}/{{ .Values.config.redis.database }}"

5
charts/penpot/values.yaml
View file

@ -32,12 +32,13 @@ serviceAccount:
name: "penpot"
config:
# -- The public domain to serve Penpot on. Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain.
# -- The public domain to serve Penpot on.
# **IMPORTANT:** Set `disable-secure-session-cookies` in the flags if you plan on serving it on a non HTTPS domain.
# @section -- Configuration parameters
publicUri: "http://penpot.example.com"
# -- The feature flags to enable. Check [the official docs](https://help.penpot.app/technical-guide/configuration/) for more info.
# @section -- Configuration parameters
flags: "enable-registration enable-login-with-password disable-email-verification enable-smtp enable-prepl-server"
flags: "enable-registration enable-login-with-password disable-email-verification enable-smtp"
# -- A random secret key needed for persistent user sessions. Generate with `python3 -c "import secrets; print(secrets.token_urlsafe(64))"` for example.
# @section -- Configuration parameters
apiSecretKey: "kmZ96pAxhTgk3HZvvBkPeVTspGBneKVLEpO_3ecORs_gwACENZ77z05zCe7skvPsQ3jI3QgkULQOWCuLjmjQsg"

15
devel/penpot.values.yaml
View file

@ -4,25 +4,30 @@ global:
redisEnabled: true
config:
publicUri: "http://localhost"
publicUri: "http://penpot.example.com"
apiSecretKey: "my-secret-key"
flags: "enable-registration enable-login-with-password disable-email-verification enable-smtp disable-secure-session-cookies"
#backend:
# replicaCount: 2
#frontend:
# replicaCount: 2
#
#exporter:
# replicaCount: 2
# podSecurityContext:
# enabled: false
# containerSecurityContext:
# enabled: false
persistence:
assets:
enabled: true
exporter:
enabled: true
# exporter:
# enabled: true
ingress:
enabled: true
hosts:
- "localhost"
- "penpot.example.com"