mirror of
https://github.com/dograh-hq/dograh.git
synced 2026-07-04 10:52:17 +02:00
chore: update helm templates
This commit is contained in:
parent
79a4a3c9f1
commit
0dc844f81f
4 changed files with 14 additions and 11 deletions
|
|
@ -26,8 +26,9 @@ data:
|
|||
|
||||
realm={{ .Values.coturn.realm }}
|
||||
|
||||
# static-auth-secret is passed on the turnserver command line (see the
|
||||
# deployment); the ConfigMap stays secret-free.
|
||||
use-auth-secret
|
||||
static-auth-secret=$(TURN_SECRET)
|
||||
|
||||
fingerprint
|
||||
no-cli
|
||||
|
|
|
|||
|
|
@ -39,17 +39,13 @@ spec:
|
|||
- name: coturn
|
||||
image: {{ include "dograh.coturn.image" . }}
|
||||
imagePullPolicy: {{ .Values.coturn.image.pullPolicy }}
|
||||
# coturn doesn't expand env vars in its config file; we render
|
||||
# via envsubst at start so static-auth-secret can come from a
|
||||
# Kubernetes Secret instead of being baked into the ConfigMap.
|
||||
# coturn doesn't expand env vars in its config file; pass the
|
||||
# secret as a CLI flag instead so it can come from a Kubernetes
|
||||
# Secret without being baked into the ConfigMap.
|
||||
command:
|
||||
- sh
|
||||
- -c
|
||||
- |
|
||||
set -e
|
||||
apk add --no-cache gettext >/dev/null 2>&1 || true
|
||||
envsubst < /etc/coturn-template/turnserver.conf > /tmp/turnserver.conf
|
||||
exec turnserver -c /tmp/turnserver.conf
|
||||
- exec turnserver -c /etc/coturn-template/turnserver.conf --static-auth-secret="${TURN_SECRET}"
|
||||
env:
|
||||
- name: TURN_SECRET
|
||||
valueFrom:
|
||||
|
|
|
|||
|
|
@ -24,9 +24,11 @@ spec:
|
|||
{{- end }}
|
||||
rules:
|
||||
- matches:
|
||||
# /api/v1/ (not /api/) — /api/auth/* and /api/config/* are Next.js
|
||||
# routes on the UI and must not be captured here.
|
||||
- path:
|
||||
type: PathPrefix
|
||||
value: /api/
|
||||
value: /api/v1/
|
||||
backendRefs:
|
||||
- name: {{ include "dograh.web.fullname" . }}
|
||||
port: {{ .Values.web.service.port }}
|
||||
|
|
|
|||
|
|
@ -32,7 +32,11 @@ spec:
|
|||
{{- end }}
|
||||
http:
|
||||
paths:
|
||||
- path: /api/
|
||||
# /api/v1/ (not /api/) — the UI serves its own Next.js routes under
|
||||
# /api/auth/* and /api/config/*, which must fall through to the UI.
|
||||
# Everything browser→backend (REST + the signaling WebSocket) is
|
||||
# namespaced under /api/v1/.
|
||||
- path: /api/v1/
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue