Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Q/A: ENV questions #221

Open
IngwiePhoenix opened this issue Nov 3, 2024 · 1 comment
Open

Q/A: ENV questions #221

IngwiePhoenix opened this issue Nov 3, 2024 · 1 comment
Labels
self-hosting

Comments

@IngwiePhoenix
Copy link

Hello!

I am trying to put together a Kubernetes deployment and I am a little stuck with assigning the proper values for the environment.

Here's the full document so far:

Deployment 
apiVersion: v1
kind: Namespace
metadata:
  name: solidtime
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: solidtime-env
  namespace: solidtime
data:
  APP_DOMAIN: solidtime.birb.it
  APP_URL: "https://solidtime.domain.tld"
  APP_NAME: "SolidTime"
  VITE_APP_NAME: "SolidTime"
  APP_ENV: "production"
  APP_DEBUG: "false"
  APP_FORCE_HTTPS: "true"
  TRUSTED_PROXIES: "0.0.0.0/0,2000:0:0:0:0:0:0:0/3"

  # Authentication
  APP_KEY: ""
  PASSPORT_PRIVATE_KEY: ""
  PASSPORT_PUBLIC_KEY: ""
  SUPER_ADMINS: ""

  # Logging
  LOG_CHANNEL: "stderr_daily"
  LOG_LEVEL: "info"

  # Database
  DB_CONNECTION: "pgsql"
  #DB_SSLMODE: "require"

  # Mail
  MAIL_MAILER: "smtp"
  MAIL_HOST: ""
  MAIL_PORT: ""
  MAIL_ENCRYPTION: "tls"
  MAIL_FROM_ADDRESS: "[email protected]"
  MAIL_FROM_NAME: "SolidTime"
  MAIL_USERNAME: ""
  MAIL_PASSWORD: ""

  # Queue
  QUEUE_CONNECTION: "database"

  # File storage
  FILESYSTEM_DISK: "local"
  PUBLIC_FILESYSTEM_DISK: "public"
---
apiVersion: postgresql.easymile.com/v1alpha1
kind: PostgresqlDatabase
metadata:
  name: solidtime-db
  namespace: solidtime
spec:
  # Engine configuration link
  engineConfiguration:
    # Resource name
    name: default-cluster-instance
    namespace: postgres
  # Database name
  database: solidtime
  # Master role name
  # Master role name will be used to create top group role.
  # Database owner and users will be in this group role.
  # Default is ""
  masterRole: "solidtime-role"
  # Should drop on delete ?
  # Default set to false
  dropOnDelete: true
  # Wait for linked resource deletion to accept deletion of the current resource
  # See documentation for more information
  # Default set to false
  waitLinkedResourcesDeletion: true
---
apiVersion: postgresql.easymile.com/v1alpha1
kind: PostgresqlUserRole
metadata:
  name: solidtime-db-user
  namespace: solidtime
spec:
  # Mode
  mode: MANAGED
  # Role prefix to be used for user created in database engine
  rolePrefix: "solidtime"
  # User password rotation duration in order to roll user/password in secret
  userPasswordRotationDuration: 720h
  # Privileges list
  privileges:
    - # Privilege for the selected database
      privilege: OWNER
      # Database link
      database:
        name: solidtime-db
      # Generated secret name with information for the selected database
      generatedSecretName: solidtime-db-creds
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: solidtime-app
  namespace: solidtime
  labels:
    app: solidtime
spec:
  replicas: 1
  selector:
    matchLabels:
      app: solidtime
  template:
    metadata:
      labels:
        app: solidtime
    spec:
      volume:
        - name: generic-storage-vol
        - name: logs-storage-vol
        - name: app-storage-vol
      containers:
        - name: http
          image: solidtime/solidtime:latest # FIXME
          ports:
            - name: http
              containerPort: 8000
          envFrom:
            - configMapRef:
                name: solidtime-env
          env:
            - name: DB_HOST
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: HOST
            - name: DB_DATABASE
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: DATABASE
            - name: DB_USERNAME
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: LOGIN
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: PASSWORD
            - name: AUTO_DB_MIGRATE
              value: "true"
            - name: CONTAINER_MODE
              value: http
            - name: OCTANE_SERVER
              value: frankenphp
          volumeMounts:
            - name: generic-storage-vol
              mountPath: /var/www/html/storage"
            - name: logs-storage-vol
              mountPath: /var/www/html/storage/logs"
            - name: app-storage-vol
              mountPath: /var/www/html/storage/app"
        - name: scheduler
          image: solidtime/solidtime:latest # FIXME
          envFrom:
            - configMapRef:
                name: solidtime-env
          env:
            - name: DB_HOST
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: HOST
            - name: DB_DATABASE
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: DATABASE
            - name: DB_USERNAME
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: LOGIN
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: PASSWORD
            - name: CONTAINER_MODE
              value: "scheduler"
          volumeMounts:
            - name: generic-storage-vol
              mountPath: /var/www/html/storage"
            - name: logs-storage-vol
              mountPath: /var/www/html/storage/logs"
            - name: app-storage-vol
              mountPath: /var/www/html/storage/app"
        - name: worker
          image: solidtime/solidtime:latest # FIXME
          envFrom:
            - configMapRef:
                name: solidtime-env
          env:
            - name: DB_HOST
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: HOST
            - name: DB_DATABASE
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: DATABASE
            - name: DB_USERNAME
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: LOGIN
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: solidtime-db-creds
                  key: PASSWORD
            - name: CONTAINER_MODE
              value: "worker"
          volumeMounts:
            - name: generic-storage-vol
              mountPath: /var/www/html/storage"
            - name: logs-storage-vol
              mountPath: /var/www/html/storage/logs"
            - name: app-storage-vol
              mountPath: /var/www/html/storage/app"
---
# todo: service, traefik ingressRoute

So far, so good. Here's what I am left with:

  • Do I need the horizon mode?
  • What do I need exactly for the PASSPORT_ variables? Depending on what, I could use an initContainer.
  • Sadly I have no way of "statically" defining my Mailgun credentials (I wish I could use external-secrets with the Webhook feature to do that...). Are there other ways/places to store it? If possible, it'd be nice to not have to put them into the manifest.
  • What exactly is the difference between APP_DOMAIN and APP_URL as well as APP_NAME and VITE_APP_NAME?
  • Are there more logging options? Long term, I want to put some Prometheus exporters and log aggregators ontop - so it'd be helpful in advance to see what I can do with the log settings.

This'll run inside k3s and might make a neat Helm chart down the line. :)

Kind regards,
Ingwie
@korridor
Copy link
Contributor

korridor commented Nov 7, 2024

Hi @IngwiePhoenix, glad to see that you want to try to run solidtime on K8S. Our solidtime cloud also runs on Kubernetes and we do have plans to create a official Helm chart for self-hosting. Currently I'm building a generic Helm chart for Laravel applications called Larakube. The official solidtime Helm chart will most likely be based on that in the future.

You can find the code to this here: https://github.com/solidtime-io/larakube

This is currently not perfect and it's missing documentation, but maybe it helps you.
Regarding your questions:

  • Do I need the horizon mode?
    • No
  • What do I need exactly for the PASSPORT_ variables? Depending on what, I could use an initContainer.
  • Sadly I have no way of "statically" defining my Mailgun credentials
    • Sorry I don't understand the question. You can store the mailgun credentials in a secret and load it in the deployment like you did for the DB_PASSWORD
  • What exactly is the difference between APP_DOMAIN and APP_URL as well as APP_NAME and VITE_APP_NAME?
    • APP_DOMAIN is for the example with the reverse proxy, you can ignore that if you build your own setup. APP_URL is the url that soldtime run under. You can ignore APP_NAME and VITE_APP_NAME.
  • Are there more logging options? Long term, I want to put some Prometheus exporters and log aggregators ontop - so it'd be helpful in advance to see what I can do with the log settings.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
self-hosting
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@IngwiePhoenix @korridor