Skip to content

Commit

Permalink
Finish kubernetes
Browse files Browse the repository at this point in the history
  • Loading branch information
@oveldman
oveldman committed Sep 29, 2024
1 parent 50e2ed4 commit e1e979c
Show file tree
Hide file tree
Showing 5 changed files with 52 additions and 18 deletions.
2 changes: 2 additions & 0 deletions deployment/MantaRayPlanCloud/templates/admin-bff.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ spec:
timeoutSeconds: 1
failureThreshold: 3
env:
- name: Api__Address
value: "{{ .Values.api.grpc.loadBalancer}}:8080"
- name: OpenTelemetry__LoggerEndpoint
value: "{{ .Values.logging.seq.host.internal }}"
- name: OpenTelemetry__LoggerApiKey
Expand Down
31 changes: 23 additions & 8 deletions deployment/MantaRayPlanCloud/templates/admin-web.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,13 @@ metadata:
data:
default.conf: |
server {
listen 80;
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html =404;
}
add_header X-Frame-Options "DENY" always;
Expand All @@ -27,6 +22,19 @@ data:
add_header content-security-policy "default-src 'self' https://{{ .Values.admin.bff.host }}; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://{{ .Values.admin.bff.host }}; upgrade-insecure-requests; frame-ancestors 'self'";
}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ .Values.admin.web.app }}-appsetting-config"
namespace: {{ .Values.namespace }}
data:
default.conf: |
{
"Api": {
"Address": "https://{{ .Values.admin.bff.host }}/"
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
Expand Down Expand Up @@ -64,12 +72,19 @@ spec:
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
readOnly: true
- name: "{{ .Values.admin.web.app }}-appsettings-config-volume"
mountPath: /usr/share/nginx/html/appsettings.json
subPath: appsettings.json
readOnly: true
ports:
- containerPort: 80
volumes:
- name: "{{ .Values.admin.web.app }}-nginx-config-volume"
configMap:
name: "{{ .Values.admin.web.app }}-nginx-config"
- name: "{{ .Values.admin.web.app }}-appsettings-config-volume"
configMap:
name: "{{ .Values.admin.web.app }}-appsettings-config"
---
apiVersion: v1
kind: Service
Expand Down
2 changes: 2 additions & 0 deletions deployment/MantaRayPlanCloud/templates/viewer-bff.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,8 @@ spec:
timeoutSeconds: 1
failureThreshold: 3
env:
- name: Api__Address
value: "{{ .Values.api.grpc.loadBalancer}}:8080"
- name: OpenTelemetry__LoggerEndpoint
value: "{{ .Values.logging.seq.host.internal }}"
- name: OpenTelemetry__LoggerApiKey
Expand Down
33 changes: 24 additions & 9 deletions deployment/MantaRayPlanCloud/templates/viewer-web.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,25 +6,33 @@ metadata:
data:
default.conf: |
server {
listen 80;
listen 80;
listen [::]:80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
root /usr/share/nginx/html;
try_files $uri $uri/ /index.html =404;
}
add_header X-Frame-Options "DENY" always;
add_header Referrer-Policy "no-referrer";
add_header X-Content-Type-Options "nosniff";
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()";
add_header content-security-policy "default-src 'self' https://{{ .Values.viewer.bff.host }}; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://{{ .Values.viewer.bff.host }}; upgrade-insecure-requests; frame-ancestors 'self'";
add_header content-security-policy "default-src 'self' https://{{ .Values.viewer.bff.host }}; img-src 'self' data: ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://{{ .Values.viewer.bff.host }}; upgrade-insecure-requests; frame-ancestors 'self'";
}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: "{{ .Values.admin.web.app }}-appsetting-config"
namespace: {{ .Values.namespace }}
data:
default.conf: |
{
"Api": {
"Address": "https://{{ .Values.viewer.bff.host }}/"
}
}
---
apiVersion: apps/v1
Expand Down Expand Up @@ -64,12 +72,19 @@ spec:
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
readOnly: true
- name: "{{ .Values.admin.web.app }}-appsettings-config-volume"
mountPath: /usr/share/nginx/html/appsettings.json
subPath: appsettings.json
readOnly: true
ports:
- containerPort: 80
volumes:
- name: "{{ .Values.viewer.web.app }}-nginx-config-volume"
configMap:
name: "{{ .Values.viewer.web.app }}-nginx-config"
- name: "{{ .Values.admin.web.app }}-appsettings-config-volume"
configMap:
name: "{{ .Values.admin.web.app }}-appsettings-config"
---
apiVersion: v1
kind: Service
Expand Down
2 changes: 1 addition & 1 deletion src/docker/Clients.Admin.Web/appsettings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@
"Api": {
"Address": "http://localhost:8080/"
}
}
}

0 comments on commit e1e979c

Please sign in to comment.