mirror of
https://github.com/lukaszraczylo/gohoarder.git
synced 2026-06-05 22:53:53 +00:00
lukaszraczylo
5c8565367c
Eliminated duplicate nginx containers by merging gateway reverse proxy functionality into the frontend container. This simplifies deployment and reduces resource usage. Architecture changes: - Frontend now serves both static files AND reverse proxies to backend - Single nginx container handles all HTTP routing - Gateway container removed from builds and Helm chart Dockerfile.frontend changes: - Added upstream backend configuration - Added proxy locations for /api, /health, /metrics, /npm, /pypi, /go, /ws - Added rate limiting for API and downloads - Added WebSocket support - Configurable via BACKEND_HOST and BACKEND_PORT env vars Helm chart changes: - Updated frontend deployment to configure backend connection - Simplified ingress to single route (all traffic → frontend) - Frontend proxies backend requests internally - Removed separate frontend/api ingress configurations GoReleaser changes: - Removed gohoarder-gateway Docker build - Now builds: server, scanner, migrate, frontend (4 images) Benefits: - Fewer containers to manage - Reduced complexity in Docker Compose and Kubernetes - Single point of configuration for routing - Better resource utilization
125 lines
3.9 KiB
YAML
125 lines
3.9 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "gohoarder.fullname" . }}-frontend
|
|
labels:
|
|
{{- include "gohoarder.frontend.labels" . | nindent 4 }}
|
|
spec:
|
|
{{- if not .Values.autoscaling.enabled }}
|
|
replicas: {{ .Values.replicaCount.frontend }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "gohoarder.frontend.selectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
{{- with .Values.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "gohoarder.frontend.selectorLabels" . | nindent 8 }}
|
|
spec:
|
|
{{- with .Values.global.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "gohoarder.serviceAccountName" . }}
|
|
securityContext:
|
|
fsGroup: 101
|
|
runAsNonRoot: true
|
|
runAsUser: 101
|
|
initContainers:
|
|
- name: copy-static-files
|
|
image: "{{ .Values.image.frontend.repository }}:{{ .Values.image.frontend.tag | default .Chart.AppVersion }}"
|
|
command: ['sh', '-c']
|
|
args:
|
|
- |
|
|
# Copy built frontend files to writable volume
|
|
cp -rp /usr/share/nginx/html/* /html/
|
|
# Copy nginx config to writable volume
|
|
cp -rp /etc/nginx/conf.d/* /conf/
|
|
volumeMounts:
|
|
- name: nginx-html
|
|
mountPath: /html
|
|
- name: nginx-conf
|
|
mountPath: /conf
|
|
securityContext:
|
|
runAsUser: 101
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
containers:
|
|
- name: frontend
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: false
|
|
runAsUser: 101
|
|
image: "{{ .Values.image.frontend.repository }}:{{ .Values.image.frontend.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.image.frontend.pullPolicy }}
|
|
ports:
|
|
- name: http
|
|
containerPort: 80
|
|
protocol: TCP
|
|
env:
|
|
- name: API_BASE_URL
|
|
value: {{ .Values.frontend.backendUrl | default "/api" | quote }}
|
|
- name: APP_VERSION
|
|
value: {{ .Chart.AppVersion | quote }}
|
|
- name: APP_NAME
|
|
value: "GoHoarder"
|
|
# Backend proxy configuration (frontend now includes reverse proxy)
|
|
- name: BACKEND_HOST
|
|
value: {{ include "gohoarder.fullname" . }}-server
|
|
- name: BACKEND_PORT
|
|
value: {{ .Values.server.service.port | quote }}
|
|
- name: SERVER_NAME
|
|
value: {{ .Values.frontend.serverName | default "_" | quote }}
|
|
{{- with .Values.frontend.env }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
livenessProbe:
|
|
{{- toYaml .Values.frontend.livenessProbe | nindent 12 }}
|
|
readinessProbe:
|
|
{{- toYaml .Values.frontend.readinessProbe | nindent 12 }}
|
|
resources:
|
|
{{- toYaml .Values.frontend.resources | nindent 12 }}
|
|
volumeMounts:
|
|
- name: tmp
|
|
mountPath: /tmp
|
|
- name: nginx-cache
|
|
mountPath: /var/cache/nginx
|
|
- name: nginx-run
|
|
mountPath: /var/run
|
|
- name: nginx-html
|
|
mountPath: /usr/share/nginx/html
|
|
- name: nginx-conf
|
|
mountPath: /etc/nginx/conf.d
|
|
volumes:
|
|
- name: tmp
|
|
emptyDir: {}
|
|
- name: nginx-cache
|
|
emptyDir: {}
|
|
- name: nginx-run
|
|
emptyDir: {}
|
|
- name: nginx-html
|
|
emptyDir: {}
|
|
- name: nginx-conf
|
|
emptyDir: {}
|
|
{{- with .Values.frontend.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.frontend.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.frontend.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|