chore: import upstream snapshot with attribution
This commit is contained in:
@@ -0,0 +1,201 @@
|
||||
# Production values example for Trigger.dev v4 Helm chart
|
||||
# Copy this file and customize for your production deployment
|
||||
|
||||
# REQUIRED: Generate your own secrets using: openssl rand -hex 16
|
||||
secrets:
|
||||
sessionSecret: "YOUR_32_CHAR_HEX_SECRET_HERE_001"
|
||||
magicLinkSecret: "YOUR_32_CHAR_HEX_SECRET_HERE_002"
|
||||
encryptionKey: "YOUR_32_CHAR_HEX_SECRET_HERE_003"
|
||||
managedWorkerSecret: "YOUR_32_CHAR_HEX_SECRET_HERE_004"
|
||||
|
||||
# Production webapp configuration
|
||||
webapp:
|
||||
# Origin configuration
|
||||
appOrigin: "https://trigger.example.com"
|
||||
loginOrigin: "https://trigger.example.com"
|
||||
apiOrigin: "https://trigger.example.com"
|
||||
|
||||
# Production ingress
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "nginx"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
hosts:
|
||||
- host: trigger.example.com
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- secretName: trigger-tls
|
||||
hosts:
|
||||
- trigger.example.com
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 2000m
|
||||
memory: 4Gi
|
||||
requests:
|
||||
cpu: 1000m
|
||||
memory: 2Gi
|
||||
|
||||
# Production PostgreSQL (or use external)
|
||||
postgres:
|
||||
primary:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 100Gi
|
||||
storageClass: "fast-ssd"
|
||||
resources:
|
||||
limits:
|
||||
cpu: 1000m
|
||||
memory: 2Gi
|
||||
requests:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
|
||||
# Production Redis (or use external)
|
||||
redis:
|
||||
master:
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 20Gi
|
||||
storageClass: "fast-ssd"
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 512Mi
|
||||
|
||||
# Production ClickHouse
|
||||
clickhouse:
|
||||
# Set to true to enable TLS/secure connections in production
|
||||
secure: true
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 100Gi
|
||||
storageClass: "fast-ssd"
|
||||
# ClickHouse can be very resource intensive, so we recommend setting limits and requests accordingly
|
||||
# Note: not doing this can cause OOM crashes which will cause issues across many different
|
||||
resources:
|
||||
limits:
|
||||
cpu: 4000m
|
||||
memory: 16Gi
|
||||
requests:
|
||||
cpu: 2000m
|
||||
memory: 8Gi
|
||||
|
||||
# Production S3-compatible object storage
|
||||
s3:
|
||||
auth:
|
||||
rootUser: "admin"
|
||||
rootPassword: "your-strong-s3-password"
|
||||
# Webapp credentials for S3 access (can be different from root)
|
||||
accessKeyId: "your-access-key"
|
||||
secretAccessKey: "your-secret-key"
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 500Gi
|
||||
storageClass: "standard"
|
||||
|
||||
# Production Registry
|
||||
registry:
|
||||
repositoryNamespace: "mycompany" # Docker repository namespace for deployed images, will be part of the image ref
|
||||
auth:
|
||||
username: "registry-user"
|
||||
password: "your-strong-registry-password"
|
||||
persistence:
|
||||
enabled: true
|
||||
size: 100Gi
|
||||
storageClass: "standard"
|
||||
|
||||
# Production ingress
|
||||
ingress:
|
||||
enabled: true
|
||||
className: "nginx"
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: "letsencrypt-prod"
|
||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
||||
hosts:
|
||||
- host: registry.example.com
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- secretName: registry-tls
|
||||
hosts:
|
||||
- registry.example.com
|
||||
|
||||
# Production Supervisor (Kubernetes worker orchestrator)
|
||||
supervisor:
|
||||
resources:
|
||||
limits:
|
||||
cpu: 500m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 512Mi
|
||||
# Example: Use external PostgreSQL instead
|
||||
# postgres:
|
||||
# deploy: false
|
||||
# connection:
|
||||
# sslMode: "require" # Use 'require' or 'verify-full' for production
|
||||
# external:
|
||||
# # Database URL configuration - simplified approach using URLs
|
||||
# databaseUrl: "postgresql://trigger_user:your-db-password@your-postgres-host.rds.amazonaws.com:5432/trigger?schema=public&sslmode=require"
|
||||
# directUrl: "" # Optional: Direct URL for migrations (if not set, databaseUrl will be used)
|
||||
# #
|
||||
# # Optional: Connectivity check configuration during webapp startup
|
||||
# connectivityCheck:
|
||||
# host: "your-postgres-host.rds.amazonaws.com:5432"
|
||||
# #
|
||||
# # Secure credential management (recommended for production)
|
||||
# # existingSecret: "postgres-credentials" # Name of existing secret containing DATABASE_URL
|
||||
# # secretKeys:
|
||||
# # databaseUrlKey: "postgres-database-url" # Key in existing secret
|
||||
# # directUrlKey: "postgres-direct-url" # Key in existing secret (optional)
|
||||
|
||||
# Example: Use external Redis instead
|
||||
# redis:
|
||||
# deploy: false
|
||||
# external:
|
||||
# host: "your-redis-cluster.cache.amazonaws.com"
|
||||
# port: 6379
|
||||
# password: "your-redis-password" # Optional - ignored if existingSecret is set
|
||||
# tls:
|
||||
# enabled: true # Set to true for Redis instances requiring TLS (e.g., AWS ElastiCache)
|
||||
# #
|
||||
# # Secure credential management (recommended for production)
|
||||
# # existingSecret: "redis-credentials" # Name of existing secret containing password
|
||||
# # existingSecretPasswordKey: "redis-password" # Key in existing secret containing password
|
||||
|
||||
# Example: Use external ClickHouse instead
|
||||
# clickhouse:
|
||||
# deploy: false
|
||||
# external:
|
||||
# host: "your-clickhouse-host.cloud.provider.com"
|
||||
# httpPort: 8443 # Use 8443 for HTTPS
|
||||
# nativePort: 9440 # Use 9440 for secure native connections
|
||||
# username: "trigger_user"
|
||||
# password: "your-clickhouse-password" # Optional - ignored if existingSecret is set
|
||||
# secure: true # Use true for TLS/secure connections
|
||||
# #
|
||||
# # Secure credential management (recommended for production)
|
||||
# # existingSecret: "clickhouse-credentials" # Name of existing secret containing password
|
||||
# # existingSecretKey: "clickhouse-password" # Key in existing secret containing password
|
||||
|
||||
# Example: Use external S3-compatible storage instead
|
||||
# s3:
|
||||
# deploy: false
|
||||
# external:
|
||||
# endpoint: "https://s3.amazonaws.com" # or your S3-compatible endpoint
|
||||
# accessKeyId: "your-access-key"
|
||||
# secretAccessKey: "your-secret-key"
|
||||
# #
|
||||
# # Secure credential management (recommended for production)
|
||||
# # existingSecret: "s3-credentials" # Name of existing secret containing S3 credentials
|
||||
# # existingSecretAccessKeyIdKey: "access-key-id" # Key in existing secret containing access key ID
|
||||
# # existingSecretSecretAccessKeyKey: "secret-access-key" # Key in existing secret containing secret access key
|
||||
Reference in New Issue
Block a user