--- # yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: &app tandoor spec: interval: 1h chartRef: kind: OCIRepository name: app-template install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: strategy: rollback retries: 3 values: defaultPodOptions: enableServiceLinks: false securityContext: runAsUser: 568 runAsGroup: 568 controllers: tandoor: annotations: reloader.stakater.com/auto: "true" secret.reloader.stakater.com/reload: lychee-db-secret initContainers: migrations: image: repository: vabene1111/recipes tag: 2.2.0@sha256:7a44db382e5df961878a93ad10113d84a1d913419a0811439e27b790854eeade envFrom: &envFrom - secretRef: name: tandoor-secret - secretRef: name: tandoor-db-secret command: - sh - -c - | set -e source /opt/recipes/venv/bin/activate echo "Updating database" python3 /opt/recipes/manage.py migrate python3 /opt/recipes/manage.py collectstatic --noinput containers: app: image: repository: vabene1111/recipes tag: 2.2.0@sha256:7a44db382e5df961878a93ad10113d84a1d913419a0811439e27b790854eeade envFrom: *envFrom env: DEBUG: "0" ALLOWED_HOSTS: "*" GUNICORN_MEDIA: "0" TZ: ${TIMEZONE} TANDOOR_PORT: &tandoorPort 8888 FRACTION_PREF_DEFAULT: "0" COMMENT_PREF_DEFAULT: "1" SHOPPING_MIN_AUTOSYNC_INTERVAL: "5" command: - /opt/recipes/venv/bin/gunicorn - -b - :8888 - --access-logfile - "-" - --error-logfile - "-" - --log-level - INFO - recipes.wsgi probes: liveness: &probes enabled: true custom: true spec: httpGet: path: /accounts/login/ port: *tandoorPort initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 readiness: *probes startup: enabled: true custom: true spec: httpGet: path: /accounts/login/ port: *tandoorPort failureThreshold: 30 periodSeconds: 10 resources: requests: cpu: 100m memory: 256Mi limits: memory: 512Mi nginx: image: repository: nginxinc/nginx-unprivileged tag: 1.29.1-alpine@sha256:5a3deab083279228447546aa54db9ab82e43065cac3e38f70b2b2a6cdbf57f7a service: app: controller: *app ports: http: port: *tandoorPort nginx: port: &nginxPort 8080 route: app: hostnames: - "{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}" parentRefs: - name: internal namespace: network sectionName: https rules: - backendRefs: - name: *app port: *nginxPort persistence: config: existingClaim: *app advancedMounts: tandoor: app: - path: /opt/recipes/mediafiles nginx: - path: /media nginx-config: type: configMap name: tandoor-configmap advancedMounts: tandoor: nginx: - path: /etc/nginx/nginx.conf subPath: nginx-config django-js-reverse: type: emptyDir advancedMounts: tandoor: app: - path: /opt/recipes/cookbook/static/django_js_reverse migrations: - path: /opt/recipes/cookbook/static/django_js_reverse static: type: emptyDir advancedMounts: tandoor: app: - path: /opt/recipes/staticfiles nginx: - path: /static migrations: - path: /opt/recipes/staticfiles cache: type: emptyDir advancedMounts: tandoor: nginx: - path: /var/cache/nginx