apiVersion: v1 kind: Secret metadata: name: dashboard-pos-system-secret namespace: internship-pos-live labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin type: Opaque data: DB_PASSWORD: QVZOU18tV2VPd1o2OC03RlJRNHROUURj --- apiVersion: v1 kind: ConfigMap metadata: name: dashboard-pos-system-config namespace: internship-pos-live labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin data: ".env": | APP_NAME="POS-SYSTEM" APP_ENV=local APP_KEY=base64:dOICXdX0z7CSglOXUJQgm7LpFNDNu4ffrOTpY612cGM= APP_DEBUG=true APP_TIMEZONE=UTC APP_URL=https://admin-pos-system.winteraccess.id APP_LOCALE=en APP_FALLBACK_LOCALE=en APP_FAKER_LOCALE=en_US APP_MAINTENANCE_DRIVER=file PHP_CLI_SERVER_WORKERS=4 BCRYPT_ROUNDS=12 LOG_CHANNEL=stack LOG_STACK=single LOG_DEPRECATIONS_CHANNEL=null LOG_LEVEL=debug DB_CONNECTION=pgsql DB_HOST=pg-3079c6fb-ariqakbar-48ad.l.aivencloud.com DB_PORT=11504 DB_DATABASE=pos_system DB_USERNAME=avnadmin SESSION_DRIVER=database SESSION_LIFETIME=120 SESSION_ENCRYPT=false SESSION_PATH=/ SESSION_DOMAIN=null BROADCAST_CONNECTION=log FILESYSTEM_DISK=local QUEUE_CONNECTION=database CACHE_STORE=database CACHE_PREFIX= MEMCACHED_HOST=127.0.0.1 REDIS_CLIENT=phpredis REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 MAIL_MAILER=log MAIL_SCHEME=null MAIL_HOST=127.0.0.1 MAIL_PORT=2525 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_FROM_ADDRESS="hello@example.com" MAIL_FROM_NAME="${APP_NAME}" AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= AWS_DEFAULT_REGION=us-east-1 AWS_BUCKET= AWS_USE_PATH_STYLE_ENDPOINT=false VITE_APP_NAME="${APP_NAME}" --- apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: volume.alpha.kubernetes.io/storage-class: generic volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin name: dashboard-pos-system-storage namespace: internship-pos-live spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi storageClassName: nfs volumeMode: Filesystem --- apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: volume.alpha.kubernetes.io/storage-class: generic volume.beta.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner volume.kubernetes.io/storage-provisioner: cluster.local/nfs-nfs-subdir-external-provisioner labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin name: dashboard-pos-system-public namespace: internship-pos-live spec: accessModes: - ReadWriteMany resources: requests: storage: 1Gi storageClassName: nfs volumeMode: Filesystem --- apiVersion: apps/v1 kind: Deployment metadata: name: dashboard-pos-system namespace: internship-pos-live labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin spec: progressDeadlineSeconds: 1200 replicas: 3 revisionHistoryLimit: 10 selector: matchLabels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system strategy: rollingUpdate: maxSurge: 1 maxUnavailable: 1 type: RollingUpdate template: metadata: labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system spec: affinity: podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system topologyKey: "kubernetes.io/hostname" containers: - name: web image: git.winteraccess.id/internship/pos-system:main imagePullPolicy: Always env: - name: DB_PASSWORD valueFrom: secretKeyRef: name: dashboard-pos-system-secret key: DB_PASSWORD resources: limits: cpu: "500m" memory: 1024M requests: cpu: "100m" memory: 512M ports: - containerPort: 80 name: http protocol: TCP securityContext: allowPrivilegeEscalation: false capabilities: drop: ["ALL"] add: ["NET_ADMIN", "SYS_TIME"] readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /app/logs name: logs - mountPath: /run/apache2 name: run - mountPath: /tmp name: tmp - mountPath: /app/htdocs/.env subPath: '.env' name: config - mountPath: /app/htdocs/bootstrap/cache name: cache - mountPath: /app/htdocs/storage name: storage - mountPath: /app/htdocs/public name: public initContainers: - name: init image: git.winteraccess.id/internship/pos-system:main imagePullPolicy: Always command: ["/scripts/initialize"] env: - name: DB_PASSWORD valueFrom: secretKeyRef: name: dashboard-pos-system-secret key: DB_PASSWORD resources: limits: cpu: "500m" memory: 1024M requests: cpu: "100m" memory: 512M securityContext: allowPrivilegeEscalation: false capabilities: drop: ["ALL"] add: ["NET_ADMIN", "SYS_TIME"] readOnlyRootFilesystem: true terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - mountPath: /app/logs name: logs - mountPath: /run/apache2 name: run - mountPath: /tmp name: tmp - mountPath: /app/htdocs/.env subPath: '.env' name: config - mountPath: /app/htdocs/bootstrap/cache name: cache - mountPath: /app/htdocs/storage name: storage - mountPath: /app/htdocs/public name: public imagePullSecrets: - name: winter-registry dnsPolicy: ClusterFirst restartPolicy: Always schedulerName: default-scheduler securityContext: {} terminationGracePeriodSeconds: 30 volumes: - name: cache emptyDir: {} - name: run emptyDir: {} - name: logs emptyDir: {} - name: tmp emptyDir: {} - name: config configMap: name: dashboard-pos-system-config - name: public persistentVolumeClaim: claimName: dashboard-pos-system-public - name: storage persistentVolumeClaim: claimName: dashboard-pos-system-storage --- apiVersion: v1 kind: Service metadata: name: dashboard-pos-system namespace: internship-pos-live annotations: traefik.ingress.kubernetes.io/service.sticky.cookie: "true" traefik.ingress.kubernetes.io/service.sticky.cookie.name: "dashboard-pos-system" traefik.ingress.kubernetes.io/service.sticky.cookie.secure: "true" traefik.ingress.kubernetes.io/service.sticky.cookie.samesite: "none" labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin spec: internalTrafficPolicy: Cluster ipFamilies: - IPv4 ipFamilyPolicy: SingleStack ports: - name: http port: 80 protocol: TCP targetPort: 80 selector: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system sessionAffinity: None type: ClusterIP --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: web traefik.ingress.kubernetes.io/router.middlewares: default-https-redirect@kubernetescrd labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin name: dashboard-pos-system-http namespace: internship-pos-live spec: ingressClassName: traefik rules: - host: admin-pos-system.winteraccess.id http: paths: - backend: service: name: dashboard-pos-system port: number: 80 path: / pathType: Prefix --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: letsencrypt-production kubernetes.io/ingress.class: traefik traefik.ingress.kubernetes.io/router.entrypoints: websecure labels: app.kubernetes.io/instance: dashboard-pos-system app.kubernetes.io/name: dashboard-pos-system io.portainer.kubernetes.application.name: dashboard-pos-system io.portainer.kubernetes.application.owner: admin name: dashboard-pos-system-https namespace: internship-pos-live spec: ingressClassName: traefik rules: - host: admin-pos-system.winteraccess.id http: paths: - backend: service: name: dashboard-pos-system port: number: 80 path: / pathType: Prefix tls: - hosts: - admin-pos-system.winteraccess.id secretName: dashboard-pos-system-tls