reachableceo/MOHPortalTest-AllAgents-AllLangs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

the middle of the idiots

Browse Source
This commit is contained in:
Charles N Wyble - admin
2025-10-24 16:29:40 -05:00
parent 6a58e19b10
commit 721301c779
2472 changed files with 237076 additions and 418 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
qwen/hack/k8s/configmap.yaml Normal file
View File

@@ -0,0 +1,21 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: moh-config
namespace: merchantsofhope
data:
APP_NAME: "MerchantsOfHope"
APP_VERSION: "0.1.0"
APP_ENV: "production"
DEBUG: "false"
TIMEZONE: "UTC"
DB_HOST: "moh-postgres.merchantsofhope.svc.cluster.local"
DB_NAME: "moh"
DB_PORT: "5432"
JWT_SECRET: "changeme-in-production"
TENANT_ISOLATION_ENABLED: "true"
ACCESSIBILITY_ENABLED: "true"
GDPR_COMPLIANCE_ENABLED: "true"
PCI_DSS_COMPLIANCE_ENABLED: "true"
FRONTEND_URL: "https://merchantsofhope.org"
APP_URL: "https://api.merchantsofhope.org"

63
qwen/hack/k8s/deployment.yaml Normal file
View File

@@ -0,0 +1,63 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: moh-app
namespace: merchantsofhope
spec:
replicas: 3
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 1
maxSurge: 1
selector:
matchLabels:
app: moh-app
template:
metadata:
labels:
app: moh-app
spec:
containers:
- name: app
image: qwen-hack-moh:latest
ports:
- containerPort: 18000
envFrom:
- configMapRef:
name: moh-config
- secretRef:
name: moh-secrets
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /
port: 18000
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
readinessProbe:
httpGet:
path: /
port: 18000
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
volumeMounts:
- name: app-logs
mountPath: /var/log/app
volumes:
- name: app-logs
emptyDir: {}
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 2000

37
qwen/hack/k8s/ingress.yaml Normal file
View File

@@ -0,0 +1,37 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: moh-ingress
namespace: merchantsofhope
annotations:
nginx.ingress.kubernetes.io/rewrite-target: /
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/rate-limit: "100"
nginx.ingress.kubernetes.io/rate-limit-window: "1m"
spec:
tls:
- hosts:
- merchantsofhope.org
- api.merchantsofhope.org
secretName: merchantsofhope-tls
rules:
- host: merchantsofhope.org
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: moh-app-service
port:
number: 80
- host: api.merchantsofhope.org
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: moh-app-service
port:
number: 80

4
qwen/hack/k8s/namespace.yaml Normal file
View File

@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: merchantsofhope

17
qwen/hack/k8s/secrets.yaml Normal file
View File

@@ -0,0 +1,17 @@
apiVersion: v1
kind: Secret
metadata:
name: moh-secrets
namespace: merchantsofhope
type: Opaque
data:
# These values should be replaced with actual base64 encoded values in production
DB_USER: bW9oX3VzZXI= # base64 encoded "moh_user"
DB_PASS: bW9oX3Bhc3N3b3Jk # base64 encoded "moh_password"
GOOGLE_CLIENT_ID: "" # base64 encoded Google client ID
GOOGLE_CLIENT_SECRET: "" # base64 encoded Google client secret
GITHUB_CLIENT_ID: "" # base64 encoded GitHub client ID
GITHUB_CLIENT_SECRET: "" # base64 encoded GitHub client secret
MAIL_USERNAME: "" # base64 encoded mail username
MAIL_PASSWORD: "" # base64 encoded mail password
JWT_SECRET: "" # base64 encoded JWT secret

13
qwen/hack/k8s/service.yaml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: v1
kind: Service
metadata:
name: moh-app-service
namespace: merchantsofhope
spec:
selector:
app: moh-app
ports:
- protocol: TCP
port: 80
targetPort: 18000
type: ClusterIP