reachableceo/MOHPortalTest-AllAgents-AllLangs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

the middle of the idiots

Browse Source
This commit is contained in:
Charles N Wyble - admin
2025-10-24 16:29:40 -05:00
parent 6a58e19b10
commit 721301c779
2472 changed files with 237076 additions and 418 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
qwen/python/k8s/configmap.yaml Normal file
View File

@@ -0,0 +1,9 @@
# Kubernetes ConfigMap for the MerchantsOfHope application
apiVersion: v1
kind: ConfigMap
metadata:
name: merchants-of-hope-config
data:
debug: "false"
log_level: "INFO"
max_workers: "4"

76
qwen/python/k8s/database.yaml Normal file
View File

@@ -0,0 +1,76 @@
# Kubernetes StatefulSet for PostgreSQL database (for demonstration)
# In production, consider using a managed database service
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: postgres
spec:
serviceName: postgres
replicas: 1 # Only 1 for PostgreSQL to ensure data consistency
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
containers:
- name: postgres
image: postgres:15
ports:
- containerPort: 5432
env:
- name: POSTGRES_DB
value: "merchants_of_hope"
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: postgres-user
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: postgres-password
volumeMounts:
- name: postgres-storage
mountPath: /var/lib/postgresql/data
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
volumes:
- name: postgres-storage
persistentVolumeClaim:
claimName: postgres-pvc
---
# PersistentVolumeClaim for PostgreSQL
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
# Service for PostgreSQL
apiVersion: v1
kind: Service
metadata:
name: postgres
labels:
app: postgres
spec:
ports:
- port: 5432
targetPort: 5432
selector:
app: postgres
clusterIP: None # Headless service for StatefulSet

79
qwen/python/k8s/deployment.yaml Normal file
View File

@@ -0,0 +1,79 @@
# Kubernetes Deployment for the MerchantsOfHope application
apiVersion: apps/v1
kind: Deployment
metadata:
name: merchants-of-hope-app
labels:
app: merchants-of-hope
spec:
replicas: 3
selector:
matchLabels:
app: merchants-of-hope
template:
metadata:
labels:
app: merchants-of-hope
spec:
containers:
- name: app
image: qwen/python-merchants_of_hope:latest
ports:
- containerPort: 21000
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: database-url
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: secret-key
- name: OIDC_ISSUER
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: oidc-issuer
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: oidc-client-id
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: merchants-of-hope-secrets
key: oidc-client-secret
- name: OIDC_REDIRECT_URI
value: "http://merchants-of-hope.org/auth/oidc-callback"
- name: DEBUG
value: "false"
resources:
requests:
memory: "256Mi"
cpu: "250m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /health
port: 21000
initialDelaySeconds: 30
periodSeconds: 10
readinessProbe:
httpGet:
path: /health
port: 21000
initialDelaySeconds: 5
periodSeconds: 5
securityContext:
runAsNonRoot: true
runAsUser: 1000
allowPrivilegeEscalation: false
readOnlyRootFilesystem: false
capabilities:
drop:
- ALL

27
qwen/python/k8s/ingress.yaml Normal file
View File

@@ -0,0 +1,27 @@
# Kubernetes Ingress for the MerchantsOfHope application
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: merchants-of-hope-ingress
annotations:
# Use specific ingress controller annotations as needed (nginx, traefik, etc.)
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
cert-manager.io/cluster-issuer: "letsencrypt-prod" # If using cert-manager
spec:
tls:
- hosts:
- merchants-of-hope.org
secretName: merchants-of-hope-tls
rules:
- host: merchants-of-hope.org
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: merchants-of-hope-service
port:
number: 80

7
qwen/python/k8s/namespace.yaml Normal file
View File

@@ -0,0 +1,7 @@
# Kubernetes Namespace for the MerchantsOfHope application
apiVersion: v1
kind: Namespace
metadata:
name: merchants-of-hope
labels:
name: merchants-of-hope

17
qwen/python/k8s/secrets.yaml Normal file
View File

@@ -0,0 +1,17 @@
# Kubernetes Secret for the MerchantsOfHope application (example template)
# In production, create this with kubectl create secret or use a secret management system
apiVersion: v1
kind: Secret
metadata:
name: merchants-of-hope-secrets
type: Opaque
data:
# These values should be base64 encoded in real deployment
# Example: echo -n 'your-secret-value' | base64
database-url: <base64-encoded-database-url>
secret-key: <base64-encoded-secret-key>
oidc-issuer: <base64-encoded-oidc-issuer>
oidc-client-id: <base64-encoded-oidc-client-id>
oidc-client-secret: <base64-encoded-oidc-client-secret>
postgres-user: <base64-encoded-postgres-user>
postgres-password: <base64-encoded-postgres-password>

15
qwen/python/k8s/service.yaml Normal file
View File

@@ -0,0 +1,15 @@
# Kubernetes Service for the MerchantsOfHope application
apiVersion: v1
kind: Service
metadata:
name: merchants-of-hope-service
labels:
app: merchants-of-hope
spec:
selector:
app: merchants-of-hope
ports:
- protocol: TCP
port: 80
targetPort: 21000
type: LoadBalancer # Change to ClusterIP for internal access only