Elgato_dark/Olares
1
0
Fork 0
mirror of https://github.com/beclab/Olares synced 2026-05-24 09:18:23 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

olares: add nats info for system files,vault,seafile,search,notification (#1359)

Browse source
This commit is contained in:
hysyeah 2025-05-29 20:05:09 +08:00 committed by GitHub
parent 73d484b681
commit 37e37a814d
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 178 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
apps/.olares/config/cluster/deploy/files_deploy.yaml
View file

@ -237,9 +237,12 @@ spec:
- name: NATS_PORT
value: '4222'
- name: NATS_USERNAME
value: os-system-files-server
value: admin
- name: NATS_PASSWORD
value: {{ $files_nats_password | b64dec }}
valueFrom:
secretKeyRef:
name: nats-secrets
key: nats_password
- name: NATS_SUBJECT
value: terminus.os-system.files-notify
- name: RESERVED_SPACE

13
apps/.olares/config/cluster/deploy/vault_server_deploy.yaml
View file

@ -108,6 +108,19 @@ spec:
value: {{ $pg_password | b64dec }}
- name: PL_ATTACHMENTS_FS_DIR
value: /padloc/packages/server/attachments
- name: NATS_HOST
value: nats
- name: NATS_PORT
value: "4222"
- name: NATS_USERNAME
value: admin
- name: NATS_PASSWORD
valueFrom:
secretKeyRef:
key: nats_password
name: nats-secrets
- name: NATS_SUBJECT_SYSTEM_VAULT
value: "terminus.{{ .Release.Namespace }}.system.vault"
volumeMounts:
- name: vault-data
mountPath: /padloc/packages/server/data

132
apps/.olares/config/user/helm-charts/monitoring/templates/system-frontend.yaml
View file

@ -898,6 +898,13 @@ spec:
perm:
- pub
- sub
- appName: user-files
appNamespace: "user.{{ .Values.bfl.username }}"
subjects:
- name: files
perm:
- pub
- sub
user: user-system-{{ .Values.bfl.username }}-files-frontend
---
apiVersion: v1
@ -3338,3 +3345,128 @@ data:
}
}
---
apiVersion: apr.bytetrade.io/v1alpha1
kind: MiddlewareRequest
metadata:
name: user-files-nats
namespace: user-system-{{ .Values.bfl.username }}
spec:
app: user-files
appNamespace: "user.{{ .Values.bfl.username }}"
middleware: nats
nats:
password:
valueFrom:
secretKeyRef:
key: vault_nats_password
name: vault-nats-secrets
refs: []
subjects:
- export:
- appName: files-frontend
sub: allow
pub: allow
name: files
permission:
pub: allow
sub: allow
user: user-{{ .Values.bfl.username }}-files
---
apiVersion: apr.bytetrade.io/v1alpha1
kind: MiddlewareRequest
metadata:
name: user-notification-nats
namespace: user-system-{{ .Values.bfl.username }}
spec:
app: user-notifications
appNamespace: "user.{{ .Values.bfl.username }}"
middleware: nats
nats:
password:
valueFrom:
secretKeyRef:
key: vault_nats_password
name: vault-nats-secrets
refs: []
subjects:
- name: notification
permission:
pub: allow
sub: allow
user: user-{{ .Values.bfl.username }}-notification
---
apiVersion: apr.bytetrade.io/v1alpha1
kind: MiddlewareRequest
metadata:
name: user-search-nats
namespace: user-system-{{ .Values.bfl.username }}
spec:
app: user-search
appNamespace: "user.{{ .Values.bfl.username }}"
middleware: nats
nats:
password:
valueFrom:
secretKeyRef:
key: vault_nats_password
name: vault-nats-secrets
refs: []
subjects:
- name: search
permission:
pub: allow
sub: allow
user: user-{{ .Values.bfl.username }}-search
---
apiVersion: apr.bytetrade.io/v1alpha1
kind: MiddlewareRequest
metadata:
name: user-seafile-nats
namespace: user-system-{{ .Values.bfl.username }}
spec:
app: user-seafile
appNamespace: "user.{{ .Values.bfl.username }}"
middleware: nats
nats:
password:
valueFrom:
secretKeyRef:
key: vault_nats_password
name: vault-nats-secrets
refs: []
subjects:
- name: seafile
permission:
pub: allow
sub: allow
user: user-{{ .Values.bfl.username }}-seafile
---
apiVersion: apr.bytetrade.io/v1alpha1
kind: MiddlewareRequest
metadata:
name: user-vault-nats
namespace: user-system-{{ .Values.bfl.username }}
spec:
app: user-vault
appNamespace: "user.{{ .Values.bfl.username }}"
middleware: nats
nats:
password:
valueFrom:
secretKeyRef:
key: vault_nats_password
name: vault-nats-secrets
refs: []
subjects:
- export:
- appName: vault
sub: allow
pub: allow
name: vault
permission:
pub: allow
sub: allow
user: user-{{ .Values.bfl.username }}-vault

9
framework/notifications/.olares/config/cluster/deploy/notification_deploy.yaml
View file

@ -169,17 +169,20 @@ spec:
- name: NATS_PORT
value: "4222"
- name: NATS_USERNAME
value: os-system-notifications
value: admin
- name: NATS_PASSWORD
valueFrom:
secretKeyRef:
key: nats_password
name: notifications-secrets
name: nats-secrets
- name: NATS_SUBJECT
value: "terminus.{{ .Release.Namespace }}.system.notification"
- name: NATS_SUBJECT_SYSTEM_USERS
value: "terminus.{{ .Release.Namespace }}.system.users"
- name: NATS_SUBJECT_SYSTEM_APPLICATION
value: "terminus.{{ .Release.Namespace }}.system.application"
- name: NATS_SUBJECT_SYSTEM_VAULT
value: "terminus.{{ .Release.Namespace }}.system.vault"
livenessProbe:
tcpSocket:
port: 3010

11
framework/seahub/.olares/config/cluster/deploy/seafile_deploy.yaml
View file

@ -467,6 +467,17 @@ spec:
value: admin
- name: SEAFILE_SERVER_LETSENCRYPT
value: "false"
- name: NATS_HOST
value: nats
- name: NATS_PORT
value: "4222"
- name: NATS_USERNAME
value: admin
- name: NATS_PASSWORD
valueFrom:
secretKeyRef:
key: nats_password
name: nats-secrets
- name: nginx
image: 'beclab/nginx-lua:n0.0.4'

11
framework/search3/.olares/config/cluster/deploy/search3_server_deploy.yaml
View file

@ -206,6 +206,17 @@ spec:
env:
- name: DATABASE_URL
value: postgres://search3_os_system:{{ $pg_password | b64dec }}@citus-0.citus-headless.os-system:5432/os_system_search3
- name: NATS_HOST
value: nats
- name: NATS_PORT
value: "4222"
- name: NATS_USERNAME
value: admin
- name: NATS_PASSWORD
valueFrom:
secretKeyRef:
key: nats_password
name: nats-secrets
---
apiVersion: v1