ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

malert commit

Browse Source
This commit is contained in:
Jay Sharma
2023-07-28 06:49:53 +05:30
parent 5d0f0734d8
commit 8c2a392196
42 changed files with 2515 additions and 258 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
build/dev/configmap.yaml
View File

@@ -1,17 +1,18 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: medicalalert-web-cm
namespace: caresage-web
name: lifeline-web-cm
namespace: lifeline-web
labels:
app: medicalalert-web
app: lifeline-web
data:
DB_HOST: dev-medicalalert-ecommerce.c5om7w6xopq1.us-east-1.rds.amazonaws.com
DB_HOST: dev-lifeline-ecommerce.c5om7w6xopq1.us-east-1.rds.amazonaws.com
ENV: dev
WP_DEBUG: "false"
DB_CHARSET: utf8
DB_COLLATE: utf8_general_ci
CACHE_HOST: master.redis-cache-all-be-caresage.cqsmse.use1.cache.amazonaws.com
CACHE_PORT: "6379"
DB_NAME: "pantheon"
DB_USER: "pantheon"
DB_USER: pantheon
DB_NAME: pantheon
SUBDB_NAME: dev03

64
build/dev/deployment.tpl
View File

@@ -4,16 +4,16 @@ metadata:
annotations:
deployment.kubernetes.io/revision: "11"
labels:
app: medicalalert-web
name: medicalalert-web
namespace: caresage-web
app: lifeline-web
name: lifeline-web
namespace: lifeline-web
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
app: medicalalert-web
app: lifeline-web
strategy:
rollingUpdate:
maxSurge: 25%
@@ -25,7 +25,7 @@ spec:
kubectl.kubernetes.io/restartedAt: "2023-06-08T17:04:19-04:00"
creationTimestamp: null
labels:
app: medicalalert-web
app: lifeline-web
spec:
affinity:
nodeAffinity:
@@ -41,30 +41,40 @@ spec:
- env:
- name: ENVIRONMENT
value: "$ENV"
image: 716593996126.dkr.ecr.us-east-1.amazonaws.com/medicalalert-web:$VERSION
image: 716593996126.dkr.ecr.us-east-1.amazonaws.com/lifeline-web:$VERSION
envFrom:
- secretRef:
name: medicalalert-web-secrets
name: lifeline-web-secrets
- configMapRef:
name: medicalalert-web-cm
name: lifeline-web-cm
imagePullPolicy: Always
name: medicalalert-web
name: lifeline-web
ports:
- containerPort: 80
name: http
protocol: TCP
resources:
limits:
cpu: 200m
memory: 300Mi
cpu: 500m
memory: 700Mi
requests:
cpu: 100m
memory: 100Mi
cpu: 300m
memory: 500Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /usr/share/nginx/html/wp-content/uploads
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
- mountPath: /usr/share/nginx/subdomain/dev01
name: persistent-storage-dev01
- mountPath: /usr/share/nginx/subdomain/dev02
name: persistent-storage-dev02
- mountPath: /usr/share/nginx/subdomain/dev03
name: persistent-storage-dev03
- mountPath: /usr/share/nginx/subdomain/dev04
name: persistent-storage-dev04
- mountPath: /usr/share/nginx/subdomain/dev05
name: persistent-storage-dev05
- mountPath: /etc/nginx/conf.d/
name: default-conf
dnsPolicy: ClusterFirst
@@ -78,15 +88,23 @@ spec:
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim
claimName: efs-claim-lifeline
- name: persistent-storage-dev01
persistentVolumeClaim:
claimName: efs-claim-lifeline-dev01
- name: persistent-storage-dev02
persistentVolumeClaim:
claimName: efs-claim-lifeline-dev02
- name: persistent-storage-dev03
persistentVolumeClaim:
claimName: efs-claim-lifeline-dev03
- name: persistent-storage-dev04
persistentVolumeClaim:
claimName: efs-claim-lifeline-dev04
- name: persistent-storage-dev05
persistentVolumeClaim:
claimName: efs-claim-lifeline-dev05
- name: default-conf
configMap:
defaultMode: 420
name: medicalalert-web-default-conf-cm
name: lifeline-web-default-conf-cm

14
build/dev/jobs.tpl
View File

@@ -2,11 +2,12 @@ apiVersion: batch/v1
kind: Job
metadata:
name: common-jobs
namespace: caresage-exec
namespace: lifeline-web
labels:
app: lifeline-web
rds: enable
spec:
ttlSecondsAfterFinished: 10
template:
metadata:
labels:
@@ -25,18 +26,18 @@ spec:
- arm64
containers:
- name: common-jobs
image: bitnami/percona-xtrabackup:latest
image: ubuntu:latest
envFrom:
- secretRef:
name: lifeline-web-secrets
- configMapRef:
name: lifeline-web-cm
command: ["bash"]
command: ["bash"]
args:
- -c
- cp -rf /usr/share/nginx/html/wp-content/uploads/common-jobs.sh /root/ && /root/common-jobs.sh $JOBNAME
- cp -rf /usr/share/nginx/subdomain/www/wp-content/uploads/common-jobs.sh /root/ && chmod 755 /root/common-jobs.sh && /root/common-jobs.sh $JOBNAME
volumeMounts:
- mountPath: /usr/share/nginx/html/wp-content/uploads
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
imagePullSecrets:
- name: regcred
@@ -46,5 +47,4 @@ spec:
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim
claimName: efs-claim-lifeline

285
build/dev/lifeline-web-default-conf-cm.yaml Normal file
View File

@@ -0,0 +1,285 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: lifeline-web-default-conf-cm
namespace: lifeline-web
labels:
app: lifeline-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
# -----------------------------------------
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 120;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 15m;
server {
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name dev-lifeline.com "";
return 301 https://www.$host$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.dev-lifeline\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|wp-login.php)")
{
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/subdomain/$subdomain;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
server {
listen 80;
listen [::]:80;
server_name localhost;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
server_tokens off;
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|wp-login.php)")
{
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/subdomain/www;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}

13
build/dev/lifeline-web-hpa.yml Normal file
View File

@@ -0,0 +1,13 @@
apiVersion: autoscaling/v1
kind: HorizontalPodAutoscaler
metadata:
name: lifeline-web-hpa
namespace: lifeline-web
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: lifeline-web
minReplicas: 1
maxReplicas: 1
targetCPUUtilizationPercentage: 70

168
build/dev/medicalalert-web-default-conf-cm-image.yaml
View File

@@ -1,168 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: medicalalert-web-default-conf-cm
namespace: caresage-web
labels:
app: medicalalert-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 15m;
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
# if ($http_x_forwarded_proto != 'https') {
#set $cond A;
#}
#if ($http_host ~ ^localhost) {
#set $cond "${cond}B";
#if ($cond = AB) {
# return 301 http://$host$request_uri;
#}
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/html;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
#server_name local.lifeline-prod.com;
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|wp-login.php)")
{
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache cache;
#proxy_cache_background_update on;
#proxy_cache_lock on;
#proxy_cache_revalidate on;
include /etc/nginx/fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
#try_files $uri $uri/ /index.php?$query_string;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache cache;
#proxy_cache_background_update on;
#proxy_cache_lock on;
#proxy_cache_revalidate on;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
access_log off;
expires max;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}

188
build/dev/medicalalert-web-default-conf-cm.yaml
View File

@@ -2,7 +2,7 @@ apiVersion: v1
kind: ConfigMap
metadata:
name: medicalalert-web-default-conf-cm
namespace: caresage-web
namespace: medicalalert-web
labels:
app: medicalalert-web
data:
@@ -11,39 +11,47 @@ data:
# ---------------------
fastcgi_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
# -----------------------------------------
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 120;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 15m;
server {
listen 80; ## listen for ipv4; this line is default and implied
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
# if ($http_x_forwarded_proto != 'https') {
#set $cond A;
#}
#if ($http_host ~ ^localhost) {
#set $cond "${cond}B";
server_name dev-medicalalert.com "";
#if ($cond = AB) {
# return 301 http://$host$request_uri;
#}
return 301 https://www.$host$request_uri;
if ($http_x_forwarded_proto != 'https') {
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.dev-medicalalert\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/html;
root /usr/share/nginx/subdomain/$subdomain;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
#server_name local.lifeline-prod.com;
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
sendfile off;
# Security - Hide nginx version number in error pages and Server header
@@ -95,11 +103,8 @@ data:
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache cache;
#proxy_cache_background_update on;
#proxy_cache_lock on;
#proxy_cache_revalidate on;
include /etc/nginx/fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
@@ -113,19 +118,14 @@ data:
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
root /usr/share/nginx/subdomain/$subdomain;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
#try_files $uri $uri/ /index.php?$query_string;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache cache;
#proxy_cache_background_update on;
#proxy_cache_lock on;
#proxy_cache_revalidate on;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
@@ -134,7 +134,8 @@ data:
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
include fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
@@ -163,3 +164,122 @@ data:
}
}
localhost.conf: |
server {
listen 80;
listen [::]:80;
server_name localhost;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
server_tokens off;
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|wp-login.php)")
{
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/subdomain/www;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}

43
build/dev/pod.tpl Normal file
View File

@@ -0,0 +1,43 @@
apiVersion: v1
kind: Pod
metadata:
name: common-job-pod
namespace: lifeline-web
labels:
app: lifeline-web
rds: enable
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: kubernetes.io/arch
operator: In
values:
- amd64
- arm64
containers:
- name: common-job
image: ubuntu:latest
envFrom:
- secretRef:
name: lifeline-web-secrets
- configMapRef:
name: lifeline-web-cm
command: ["bash"]
args:
- -c
- sleep infinity
volumeMounts:
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
imagePullSecrets:
- name: regcred
nodeSelector:
kubernetes.io/os: linux
restartPolicy: Never
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim-lifeline

72
build/dev/pvc.yml
View File

@@ -1,13 +1,77 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-claim-lifeline
namespace: lifeline-web
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-claim-medicalalert
namespace: caresage-web
name: efs-claim-lifeline-dev05
namespace: lifeline-web
spec:
accessModes:
- ReadWriteMany
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 10Gi
storage: 3Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-claim-lifeline-dev04
namespace: lifeline-web
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 3Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-claim-lifeline-dev03
namespace: lifeline-web
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 3Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-claim-lifeline-dev02
namespace: lifeline-web
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 3Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: efs-claim-lifeline-dev01
namespace: lifeline-web
spec:
accessModes:
- ReadWriteMany
storageClassName: efs-sc
resources:
requests:
storage: 3Gi

15
build/dev/secrets.yaml
View File

@@ -1,13 +1,12 @@
apiVersion: v1
data:
CACHE_PASSWORD: UU1FRVQ0ZG15VlE4OXZKWUFSUjdQQXhoUU1FRVQ0ZG15VlE4OXZKWUFSUjdQQXho
DB_PASSWORD: cGFudGhlb24=
TOKEN: QVRDVFQzeEZmR04wbXpCZjF4NDVaSkVIa3l0eWVYX0NvWXJRSHJwbHk4RlUzWG1wTjZHcGNjNHU5RzB5bW5DMzg2SjFQUTFSR3Z3VG10QWN3WUVmc2s5MGt4UDQxVEc3Q0xhSWwtYUs2cFRTY0NqYVVQcUdOY3phWEFxdVFXaGhlWjc5d1FXa3dTd2J6NDVhY1Z4T21ZZWtpTFlIU21TMTBsWV9ibF9wZ1ZxbG9kMVFxSy1uYmV3PTg4NjIyMEM3
kind: Secret
metadata:
annotations:
name: lifeline-web-secrets
namespace: lifeline-web
labels:
app: medicalalert-web
name: medicalalert-web-secrets
namespace: caresage-web
app: lifeline-web
type: Opaque
data:
DB_PASSWORD: cGFudGhlb24=
CACHE_PASSWORD: UU1FRVQ0ZG15VlE4OXZKWUFSUjdQQXhoUU1FRVQ0ZG15VlE4OXZKWUFSUjdQQXho
TOKEN: QVRDVFQzeEZmR04wbXpCZjF4NDVaSkVIa3l0eWVYX0NvWXJRSHJwbHk4RlUzWG1wTjZHcGNjNHU5RzB5bW5DMzg2SjFQUTFSR3Z3VG10QWN3WUVmc2s5MGt4UDQxVEc3Q0xhSWwtYUs2cFRTY0NqYVVQcUdOY3phWEFxdVFXaGhlWjc5d1FXa3dTd2J6NDVhY1Z4T21ZZWtpTFlIU21TMTBsWV9ibF9wZ1ZxbG9kMVFxSy1uYmV3PTg4NjIyMEM3

10
build/dev/service.yml
View File

@@ -1,16 +1,16 @@
apiVersion: v1
kind: Service
metadata:
name: medicalalert-web
namespace: caresage-web
name: lifeline-web
namespace: lifeline-web
labels:
app: medicalalert-web
app: lifeline-web
spec:
type: NodePort
selector:
app: medicalalert-web
app: lifeline-web
ports:
- protocol: TCP
port: 80
targetPort: 80
nodePort: 30846
nodePort: 30843

4
build/dev/storageclass.yaml
View File

@@ -3,9 +3,11 @@ apiVersion: storage.k8s.io/v1
metadata:
name: efs-sc
provisioner: efs.csi.aws.com
#reclaimPolicy: Retain
allowVolumeExpansion: true
volumeBindingMode: Immediate
parameters:
provisioningMode: efs-ap
# reclaimPolicy: Retain
fileSystemId: fs-01d898a0e680dbd45
directoryPerms: "700"
gidRangeStart: "1000" # optional