generated from coulomb/repo-seed
tegwick
a60cc24914
Some checks failed
Build and Deploy / build-push-deploy (push) Has been cancelled
The Helm init container used /bin/RunProdServer which doesn't exist in IHP's Nix Docker image (binary is at a Nix store path). Additionally, IHP v1.5's RunProdServer starts the server after migrating — it never exits — so init containers are the wrong pattern. IHP applies schema changes on startup. Changes: - Remove initContainers block from deployment.yaml entirely - Set runMigrations: false as default in values.yaml - Update RUNBOOK.md with correct skopeo push procedure (pre-fetch bearer token to work around Gitea's misconfigured token realm URL: port 80 vs actual 32166) - Add note that the Nix image has no /bin/sh or /bin/RunProdServer wrapper k3s registry auth: credentials added to /etc/rancher/k3s/registries.yaml and iptables DNAT rule added on Railiance01 (92.205.130.254:80 → 32166) so the ACME token realm redirect works. hub.coulomb.social DNS A record still needed. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
34 lines
596 B
YAML
34 lines
596 B
YAML
replicaCount: 1
|
|
|
|
image:
|
|
repository: 92.205.130.254:32166/coulomb/inter-hub
|
|
tag: "latest"
|
|
pullPolicy: IfNotPresent
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 8000
|
|
|
|
ingress:
|
|
enabled: true
|
|
className: traefik
|
|
host: hub.coulomb.social
|
|
tls: true
|
|
annotations:
|
|
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
|
traefik.ingress.kubernetes.io/router.tls: "true"
|
|
cert-manager.io/cluster-issuer: letsencrypt-prod
|
|
|
|
resources:
|
|
requests:
|
|
memory: "512Mi"
|
|
cpu: "250m"
|
|
limits:
|
|
memory: "2Gi"
|
|
cpu: "1000m"
|
|
|
|
envFrom:
|
|
secretRef: inter-hub-env
|
|
|
|
runMigrations: false
|