ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merged in feature/helm (pull request #16)

Browse Source 
Feature/helm

* Add helm details

* Modify ecr as medicalalert-web-reloaded

* Modify pipeline file

* Remove old deployment artifacts except common and pvc

* Modify for weca namesapce

* Modify for weca namesapce

* Revert the APP Change

* Revert APP to weareconnectamerica-web Again

* merge conflicts


Approved-by: Rachit Bhargava
This commit is contained in:
Jay Sharma
2024-09-04 16:56:19 +00:00
committed by Rachit Bhargava
parent 4e06f267ec
commit ed6b060261
6 changed files with 608 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
bitbucket-pipelines.yml
View File

@@ -15,6 +15,7 @@ definitions:
- "list-schedule-pipelines"
- "update-schedule-pipelines"
- "list-schedule-pipelines-run"
- "SELECT_FROM_DROP_DOWN"
- name: UUID
default: "ENTER_UUID_FOR_DELETION_ONLY"
- name: PIPELINE_NAME
@@ -107,10 +108,38 @@ definitions:
default: "STATIC_FILE_NAME_TO_DEPLOY"
steps:
- step: &helmpush
name: Helm package creation for env
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
script:
- if [ -e setenv.sh ]; then cat setenv.sh ; source setenv.sh ; fi && echo "This is for $ENV environment"
- git clone --branch="develop" https://x-token-auth:${cswtoken}@bitbucket.org/connectamerica/common-scripts-web.git && ls -lrth
- cp -rf ./common-scripts-web/deployment/helm/* ./deployment/helm/ && ls -lrth && cd deployment/helm && ls -lrth
- if [[ "$ENV" = "dev" || "$ENV" = "qa" ]]; then DBENV="dev qa"; else DBENV="stage prod"; fi
- >-
for ENV in $DBENV;
do
export DB_PASSWORD=$(aws ssm get-parameters --names $ENV-weareconnectamerica-masterdbpass --query "Parameters[*].{Value:Value}" --output text);
export CACHE_PASSWORD=$(aws ssm get-parameters --names redis-password --query "Parameters[*].{Value:Value}" --output text);
export DB_PASSWORD=`echo -n "$DB_PASSWORD" | base64` && sed -i "/DB_PASSWORD/c\ DB_PASSWORD:\ $DB_PASSWORD" values-$ENV.tmpl;
export CACHE_PASSWORD=`echo -n "$CACHE_PASSWORD" | base64` && sed -i "/CACHE_PASSWORD/c\ CACHE_PASSWORD:\ $CACHE_PASSWORD" values-$ENV.tmpl;
envsubst '${VERSION}' < values-$ENV.tmpl > values-$ENV.yaml;
cat values-$ENV.yaml;
done
- envsubst '${VERSION} ${APP} ${HELMREPO}' < Chart.tmpl > Chart.yaml && echo ------------ && cat Chart.yaml
- helm package .
- aws ecr get-login-password --region us-east-1 | helm registry login --username AWS --password-stdin 716593996126.dkr.ecr.us-east-1.amazonaws.com
- helm push $HELMREPO-$VERSION-$APP.tgz oci://716593996126.dkr.ecr.us-east-1.amazonaws.com/
- step: &deploy
name: deploy to $ENV environment
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -121,25 +150,11 @@ definitions:
- source setenv.sh
- fi
- echo "This is for $ENV environment"
# importing csw-token common scripts to the workspace #
- git clone --branch="develop" https://x-token-auth:${cswtoken}@bitbucket.org/connectamerica/common-scripts-web.git && ls -lrth && cp -rf ./common-scripts-web/* . && ls -lrth
- chmod 755 ./validation.sh && ./validation.sh default && echo validation-done || exit 9
- ls -lrth && cd build/${ENV}
- export DB_PASSWORD=$(aws ssm get-parameters --names $ENV-weareconnectamerica-masterdbpass --query "Parameters[*].{Value:Value}" --output text)
- export DB_PASSWORD=`echo -n "$DB_PASSWORD" | base64` && sed -i "/DB_PASSWORD/c\ DB_PASSWORD:\ $DB_PASSWORD" secrets.yaml
- envsubst < deployment.tpl > deployment.yaml
- cat deployment.yaml
- pipe: atlassian/aws-eks-kubectl-run:2.2.0
variables:
AWS_ACCESS_KEY_ID: ${AWS_ACCESS_KEY_ID}
AWS_SECRET_ACCESS_KEY: ${AWS_SECRET_ACCESS_KEY}
AWS_DEFAULT_REGION: $AWS_DEFAULT_REGION
CLUSTER_NAME: $CLUSTER
KUBECTL_COMMAND: "apply"
RESOURCE_PATH: "../${ENV}"
KUBECTL_ARGS: ""
KUBECTL_APPLY_ARGS: "-f"
DEBUG: "true"
- aws eks update-kubeconfig --name caresage-eks-cluster-$ENV --region us-east-1
- aws ecr get-login-password --region us-east-1 | helm registry login --username AWS --password-stdin 716593996126.dkr.ecr.us-east-1.amazonaws.com
- export APP="weareconnectamerica-web"
- mkdir helm && cd helm && helm pull oci://716593996126.dkr.ecr.us-east-1.amazonaws.com/$HELMREPO --version $VERSION-$APP
- tar -xzvf *$HELMREPO-$VERSION-$APP.tgz && cd $HELMREPO && helm upgrade --install --timeout 20m $APP . --namespace $APP -f values-$ENV.yaml --debug
after-script:
- aws eks update-kubeconfig --name caresage-eks-cluster-$ENV --region us-east-1
- sleep 10 && while kubectl get po -A |grep -i weareconnectamerica-web|egrep -i '0/1|crash|term'; do sleep 10; echo "--- still getting 0/1 or crash pods-----"; done
@@ -154,7 +169,7 @@ pipelines:
- step:
name: vars for schedule-pipelines
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -212,7 +227,7 @@ pipelines:
- step:
name: vars for common-jobs-prod
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -243,7 +258,7 @@ pipelines:
- step:
name: vars for common-jobs-prod
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -273,7 +288,7 @@ pipelines:
- step:
name: vars for common-jobs-prod
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -331,7 +346,7 @@ pipelines:
- step:
name: vars for common-jobs-dev
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -365,7 +380,7 @@ pipelines:
- step:
name: vars for common-jobs qa/stage/prod
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -398,7 +413,7 @@ pipelines:
- step:
name: vars for subdomain
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -464,7 +479,7 @@ pipelines:
3-release:
- <<: *set-variables
- step:
name: "plan for the release and tag the given version."
name: "plan for the release and push the given version to helm repo"
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:pipelines-awscli-latest-v01
aws:
@@ -478,8 +493,13 @@ pipelines:
- aws ecr put-image --repository-name $BITBUCKET_REPO_SLUG --image-tag $RELEASE --image-manifest "$MANIFEST" && echo ------ image $VERSION has been retagged as $RELEASE || exit 9
- echo "export VERSION=$RELEASE" >> setenv.sh
- echo "export ENV=stage" >> setenv.sh
- echo "export APP="weareconnectamerica-web"" >> setenv.sh
- echo "export HELMREPO=helm-release" >> setenv.sh
artifacts: # define the artifacts to be passed to each future step
- setenv.sh
- step:
<<: *helmpush
name: "helmpush for stage and prod release"
- step:
<<: *deploy
deployment: stage
@@ -488,7 +508,7 @@ pipelines:
- step:
name: vars for prod
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -496,6 +516,8 @@ pipelines:
- source release
- echo "export VERSION=$RELEASE" >> setenv.sh
- echo "export ENV=prod" >> setenv.sh
- echo "export APP="weareconnectamerica-web"" >> setenv.sh
- echo "export HELMREPO=helm-release" >> setenv.sh
artifacts: # define the artifacts to be passed to each future step
- setenv.sh
- step:
@@ -509,7 +531,7 @@ pipelines:
- step:
name: build the application and push that to dev env.
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
@@ -517,9 +539,9 @@ pipelines:
# importing csw-token common scripts to the workspace #
- git clone --branch="develop" https://x-token-auth:${cswtoken}@bitbucket.org/connectamerica/common-scripts-web.git && ls -lrth
- cp -rf ./common-scripts-web/* . && ls -lrth && export ENV=dev
- chmod 755 ./validation.sh && ./validation.sh default
#- chmod 755 ./validation.sh && ./validation.sh default
- export IMAGE="$BITBUCKET_REPO_SLUG" && export VERSION=$BITBUCKET_BUILD_NUMBER
- export IMAGE="$BITBUCKET_REPO_SLUG" && export VERSION="$BITBUCKET_BUILD_NUMBER" && export APP="weareconnectamerica-web"
- aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 716593996126.dkr.ecr.us-east-1.amazonaws.com
- docker build -t ${IMAGE} .
- docker tag ${IMAGE} ${IMAGE}:${VERSION}
@@ -538,15 +560,21 @@ pipelines:
- step:
name: vars for dev
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
script:
- echo "export VERSION=$BITBUCKET_BUILD_NUMBER" >> setenv.sh
- echo "export APP="weareconnectamerica-web"" >> setenv.sh
- echo "export ENV=dev" >> setenv.sh
- echo "export HELMREPO=helm-develop" >> setenv.sh
artifacts: # define the artifacts to be passed to each future step
- setenv.sh
- step:
<<: *helmpush
name: "helmpush for dev and qa"
- step:
<<: *deploy
deployment: dev
@@ -554,13 +582,15 @@ pipelines:
- step:
name: vars for qa
image:
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v01
name: 716593996126.dkr.ecr.us-east-1.amazonaws.com/common-images:atlassian-default-image4.x-v02
aws:
oidc-role: arn:aws:iam::716593996126:role/bitbucket-to-ecr
oidc: true
script:
- echo "export VERSION=$BITBUCKET_BUILD_NUMBER" >> setenv.sh
- echo "export ENV=qa" >> setenv.sh
- echo "export APP="weareconnectamerica-web"" >> setenv.sh
- echo "export HELMREPO=helm-develop" >> setenv.sh
artifacts:
- setenv.sh
- step:

10
build/dev/pvc.yml
View File

@@ -32,7 +32,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -50,7 +50,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -68,7 +68,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -86,7 +86,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -104,4 +104,4 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi

265
build/dev/web-default-conf-cm.yaml → deployment/helm/values-dev.tmpl
View File

@@ -1,17 +1,135 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
replicaCount: 1
appName: weareconnectamerica-web
image:
repository: 716593996126.dkr.ecr.us-east-1.amazonaws.com/medicalalert-web-reloaded
imagetag: $VERSION
environment: "dev"
imagePullSecret: regcred
# ------------------------
isDev: true
# -------------
nameOverride: weareconnectamerica
fullnameOverride: weareconnectamerica-web
# -------------------------------
limits:
cpu: 2000m
memory: 4096Mi
ephemeralstorage: 6Gi
requests:
cpu: 500m
memory: 1024Mi
ephemeralstorage: 1Gi
# -----------------------------
storagequota:
requestsephemeralstorage: 2Gi
limitsephemeralstorage: 20Gi
enable: true
# ------------------
volumeMounts:
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
- mountPath: /usr/share/nginx/subdomain/dev01
name: persistent-storage-dev01
- mountPath: /usr/share/nginx/subdomain/dev02
name: persistent-storage-dev02
- mountPath: /usr/share/nginx/subdomain/dev03
name: persistent-storage-dev03
- mountPath: /usr/share/nginx/subdomain/dev04
name: persistent-storage-dev04
- mountPath: /usr/share/nginx/subdomain/dev05
name: persistent-storage-dev05
- mountPath: /etc/nginx/conf.d/
name: default-conf
- mountPath: /usr/share/nginx/subdomain/www/wp-content/wflogs
name: empty-dir
- mountPath: /usr/share/nginx/subdomain/dev01/wp-content/wflogs
name: empty-dir
- mountPath: /usr/share/nginx/subdomain/dev02/wp-content/wflogs
name: empty-dir
- mountPath: /usr/share/nginx/subdomain/dev03/wp-content/wflogs
name: empty-dir
- mountPath: /usr/share/nginx/subdomain/dev04/wp-content/wflogs
name: empty-dir
- mountPath: /usr/share/nginx/subdomain/dev05/wp-content/wflogs
name: empty-dir
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica
- name: persistent-storage-dev01
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica-dev01
- name: persistent-storage-dev02
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica-dev02
- name: persistent-storage-dev03
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica-dev03
- name: persistent-storage-dev04
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica-dev04
- name: persistent-storage-dev05
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica-dev05
- name: default-conf
configMap:
defaultMode: 420
name: weareconnectamerica-web-default-conf-cm
- emptyDir: {}
name: empty-dir
#-------------------------
pvcnames:
- ""
- "-dev01"
- "-dev02"
- "-dev03"
- "-dev04"
- "-dev05"
#------------------------------------------
restartAt: "2023-06-08T17:04:19-04:00"
#----------------------------
configmap:
enabled: true
data:
DB_HOST: dev-weareconnectamerica-ecommerce.c5om7w6xopq1.us-east-1.rds.amazonaws.com
ENV: dev
WP_DEBUG: "false"
DB_CHARSET: utf8
DB_COLLATE: utf8_general_ci
CACHE_HOST: master.redis-cache-all-be-caresage.cqsmse.use1.cache.amazonaws.com
CACHE_PORT: "6379"
DB_NAME: "www"
DB_USER: "pantheon"
# ---------------------------------
secret:
enabled: true
data:
CACHE_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxxx
DB_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxx
TOKEN: QVRDVFQzeEZmR04wUUI5VHlrR0RDYXo0LXFrc2xGTUlDbjlOYXltZjdxVUxlZmRoT3ZMNnRtMmJnRW91TmRRRXd4ODRDeUxuWEtac0ZDRkQ3NXJIdnRFdEhMZEdTZzlkNGt2V1UwUXlvZEFjX19QRUZtLWdBNVJOVVo0cDhMVndCUXhBQXB3N0UyR2RyUFBPQ1ROckZlQWItaGpjMTZZMmRfZWlzWUZkNGNMNzM4UVB6RVBFaU5vPTY1MkY0MzlE
# -------------------------
service:
serviceName: weareconnectamerica-web
serviceType: NodePort
servicePort: 80
serviceTargetPort: 80
serviceNodePort: 30845
# -----------------------
hpa:
deploymentName: weareconnectamerica-web
enabled: true
minReplicas: 1
maxReplicas: 1
cpuTargetAverageValue: "90"
#-----------------------------
config:
default: |
# PLW-49 -----------------
client_max_body_size 512m;
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
@@ -27,49 +145,43 @@ data:
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name dev-weareconnectamerica.com "";
return 301 https://www.dev-weareconnectamerica.com$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
subdomain: |
server {
#-----------------------------
#-----------------------------
client_max_body_size 512m;
# ------------------------
client_body_timeout 1200;
client_header_timeout 600;
# ---------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.dev-weareconnectamerica\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain-web;
index index.php index.html index.htm;
sendfile off;
@@ -112,7 +224,6 @@ data:
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
@@ -133,25 +244,29 @@ data:
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
# ---------------------------------------------------------
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain-web;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
# pass the PHP scripts to FastCGI server listening on socket ~ \.php$
#
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
@@ -169,11 +284,12 @@ data:
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
@@ -188,7 +304,8 @@ data:
}
# deny access to . files, for security
#
# ---------------------------------------
location ~ /\. {
log_not_found off;
deny all;
@@ -196,25 +313,23 @@ data:
}
www.conf: |
www: |
server {
#-----------------------------
#-----------------------------
client_max_body_size 512m;
# ------------------------
client_body_timeout 1200;
client_header_timeout 600;
# ---------------------------
listen 80;
listen [::]:80;
server_name www.dev-weareconnectamerica.com;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
@@ -257,7 +372,6 @@ data:
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
@@ -286,17 +400,20 @@ data:
}
# redirect server error pages to the static page /50x.html
#
# ---------------------------------------------------------
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/www;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
# pass the PHP scripts to FastCGI server listening on socket ~ \.php$
#
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
@@ -333,33 +450,31 @@ data:
}
# deny access to . files, for security
#
# ---------------------------------------
location ~ /\. {
log_not_found off;
deny all;
}
}
dev01.conf: |
dev01: |
server {
#-----------------------------
#-----------------------------
client_max_body_size 512m;
# ------------------------
client_body_timeout 1200;
client_header_timeout 600;
# ---------------------------
listen 80;
listen [::]:80;
server_name dev01.dev-weareconnectamerica.com;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/dev01;
index index.php index.html index.htm;
sendfile off;
@@ -423,25 +538,28 @@ data:
fastcgi_param SUBDOMAIN dev01; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
# ---------------------------------------------------------
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/dev01;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
# pass the PHP scripts to FastCGI server listening on socket ~ \.php$
#
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
@@ -457,13 +575,14 @@ data:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
@@ -478,7 +597,8 @@ data:
}
# deny access to . files, for security
#
# ---------------------------------------
location ~ /\. {
log_not_found off;
deny all;
@@ -486,9 +606,7 @@ data:
}
localhost.conf: |
localhost: |
server {
client_max_body_size 512m;
listen 80;
@@ -547,8 +665,8 @@ data:
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
@@ -580,18 +698,19 @@ data:
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
@@ -603,7 +722,7 @@ data:
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;

171
build/prod/web-default-conf-cm.yaml → deployment/helm/values-prod.tmpl
View File

@@ -1,18 +1,92 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
replicaCount: 3
appName: weareconnectamerica-web
image:
repository: 716593996126.dkr.ecr.us-east-1.amazonaws.com/medicalalert-web-reloaded
imagetag: $VERSION
environment: "prod"
imagePullSecret: regcred
# ------------------------
isDev: false
# -------------
nameOverride: weareconnectamerica
fullnameOverride: weareconnectamerica-web
# -------------------------------
limits:
cpu: 1000m
memory: 3072Mi
requests:
cpu: 300m
memory: 700Mi
# -----------------------------
storagequota:
requestsephemeralstorage: 2Gi
limitsephemeralstorage: 20Gi
enable: false
# ------------------
volumeMounts:
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
- mountPath: /etc/nginx/conf.d/
name: default-conf
- mountPath: /usr/share/nginx/subdomain/www/wp-content/wflogs
name: empty-dir
# ---------------------
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica
- name: default-conf
configMap:
defaultMode: 420
name: weareconnectamerica-web-default-conf-cm
- emptyDir: {}
name: empty-dir
#-------------------------
pvcnames:
- ""
#------------------------------------------
restartAt: "2023-06-08T17:04:19-04:00"
#----------------------------
configmap:
enabled: true
data:
DB_HOST: prod-weareconnectamerica-ecommerce.c5om7w6xopq1.us-east-1.rds.amazonaws.com
ENV: prod
WP_DEBUG: "false"
DB_CHARSET: utf8
DB_COLLATE: utf8_general_ci
CACHE_HOST: master.redis-cache-all-be-caresage.cqsmse.use1.cache.amazonaws.com
CACHE_PORT: "6379"
DB_NAME: "www"
DB_USER: "pantheon"
# ---------------------------------
secret:
enabled: true
data:
CACHE_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxxx
DB_PASSWORD: xxxxxxxxxxxx
TOKEN: QVRDVFQzeEZmR04wUUI5VHlrR0RDYXo0LXFrc2xGTUlDbjlOYXltZjdxVUxlZmRoT3ZMNnRtMmJnRW91TmRRRXd4ODRDeUxuWEtac0ZDRkQ3NXJIdnRFdEhMZEdTZzlkNGt2V1UwUXlvZEFjX19QRUZtLWdBNVJOVVo0cDhMVndCUXhBQXB3N0UyR2RyUFBPQ1ROckZlQWItaGpjMTZZMmRfZWlzWUZkNGNMNzM4UVB6RVBFaU5vPTY1MkY0MzlE
# -------------------------
service:
serviceName: weareconnectamerica-web
serviceType: NodePort
servicePort: 80
serviceTargetPort: 80
serviceNodePort: 30845
# -----------------------
hpa:
deploymentName: weareconnectamerica-web
enabled: true
minReplicas: 3
maxReplicas: 6
cpuTargetAverageValue: "90"
#-----------------------------
config:
default: |
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
fastcgi_cache_use_stale error timeout invalid_header http_500;
@@ -33,11 +107,9 @@ data:
proxy_cache_valid 301 302 0m;
server {
# --------------------------
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
@@ -47,29 +119,14 @@ data:
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
medicalhomealert.conf: |
subdomain: |
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80; ## listen for ipv6
server_name medicalhomealert.com www.medicalhomealert.com;
return 301 https://www.weareconnectamerica.com;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
#-----------------------------
#-----------------------------
client_max_body_size 512m;
# ------------------------
# ------------------------
listen 80;
listen [::]:80;
@@ -118,10 +175,10 @@ data:
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
@@ -142,25 +199,27 @@ data:
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
# ---------------------------------------------------------
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
# pass the PHP scripts to FastCGI server listening on socket ~ #\.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
@@ -176,20 +235,21 @@ data:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
@@ -197,16 +257,16 @@ data:
}
# deny access to . files, for security
#
# ---------------------------------------
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
localhost: |
server {
client_max_body_size 512m;
listen 80;
@@ -248,6 +308,7 @@ data:
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
@@ -266,6 +327,7 @@ data:
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 5m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
@@ -297,16 +359,19 @@ data:
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
@@ -318,7 +383,7 @@ data:
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;

155
build/qa/web-default-conf-cm.yaml → deployment/helm/values-qa.tmpl
View File

@@ -1,17 +1,92 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
replicaCount: 2
appName: weareconnectamerica-web
image:
repository: 716593996126.dkr.ecr.us-east-1.amazonaws.com/medicalalert-web-reloaded
imagetag: $VERSION
environment: "qa"
imagePullSecret: regcred
# ------------------------
isDev: false
# -------------
nameOverride: weareconnectamerica
fullnameOverride: weareconnectamerica-web
# -------------------------------
limits:
cpu: 500m
memory: 1024Mi
requests:
cpu: 300m
memory: 700Mi
# -----------------------------
storagequota:
requestsephemeralstorage: 2Gi
limitsephemeralstorage: 20Gi
enable: false
# ------------------
volumeMounts:
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
- mountPath: /etc/nginx/conf.d/
name: default-conf
- mountPath: /usr/share/nginx/subdomain/www/wp-content/wflogs
name: empty-dir
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica
- name: default-conf
configMap:
defaultMode: 420
name: weareconnectamerica-web-default-conf-cm
- emptyDir: {}
name: empty-dir
#-------------------------
pvcnames:
- ""
#------------------------------------------
restartAt: "2023-06-08T17:04:19-04:00"
#----------------------------
configmap:
enabled: true
data:
DB_HOST: qa-weareconnectamerica-ecommerce.c5om7w6xopq1.us-east-1.rds.amazonaws.com
ENV: qa
WP_DEBUG: "false"
DB_CHARSET: utf8
DB_COLLATE: utf8_general_ci
CACHE_HOST: master.redis-cache-all-be-caresage.cqsmse.use1.cache.amazonaws.com
CACHE_PORT: "6379"
DB_NAME: "www"
DB_USER: "pantheon"
# ---------------------------------
secret:
enabled: true
data:
CACHE_PASSWORD: xxxxxxxxxxx
DB_PASSWORD: xxxxxxxxxxxxxx
TOKEN: QVRDVFQzeEZmR04wUUI5VHlrR0RDYXo0LXFrc2xGTUlDbjlOYXltZjdxVUxlZmRoT3ZMNnRtMmJnRW91TmRRRXd4ODRDeUxuWEtac0ZDRkQ3NXJIdnRFdEhMZEdTZzlkNGt2V1UwUXlvZEFjX19QRUZtLWdBNVJOVVo0cDhMVndCUXhBQXB3N0UyR2RyUFBPQ1ROckZlQWItaGpjMTZZMmRfZWlzWUZkNGNMNzM4UVB6RVBFaU5vPTY1MkY0MzlE
# -------------------------
service:
serviceName: weareconnectamerica-web
serviceType: NodePort
servicePort: 80
serviceTargetPort: 80
serviceNodePort: 30845
# -----------------------
hpa:
deploymentName: weareconnectamerica-web
enabled: true
minReplicas: 1
maxReplicas: 2
cpuTargetAverageValue: "90"
#-----------------------------
config:
default: |
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
@@ -27,39 +102,33 @@ data:
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name qa-weareconnectamerica.com "";
return 301 https://www.qa-weareconnectamerica.com$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
subdomain: |
server {
#-----------------------------
#-----------------------------
client_max_body_size 512m;
# ------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.qa-weareconnectamerica\.com$;
@@ -67,6 +136,7 @@ data:
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain;
index index.php index.html index.htm;
sendfile off;
@@ -105,10 +175,10 @@ data:
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
@@ -137,17 +207,20 @@ data:
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
# pass the PHP scripts to FastCGI server listening on socket ~ \.php$
#
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
@@ -165,11 +238,12 @@ data:
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
@@ -184,16 +258,16 @@ data:
}
# deny access to . files, for security
#
# ---------------------------------------
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
localhost: |
server {
client_max_body_size 512m;
listen 80;
@@ -252,8 +326,8 @@ data:
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
@@ -285,18 +359,19 @@ data:
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
@@ -308,7 +383,7 @@ data:
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;

152
build/stage/web-default-conf-cm.yaml → deployment/helm/values-stage.tmpl
View File

@@ -1,17 +1,92 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
replicaCount: 2
appName: weareconnectamerica-web
image:
repository: 716593996126.dkr.ecr.us-east-1.amazonaws.com/medicalalert-web-reloaded
imagetag: $VERSION
environment: "stage"
imagePullSecret: regcred
# ------------------------
isDev: false
# -------------
nameOverride: weareconnectamerica
fullnameOverride: weareconnectamerica-web
# -------------------------------
limits:
cpu: 1000m
memory: 1024Mi
requests:
cpu: 300m
memory: 700Mi
# -----------------------------
storagequota:
requestsephemeralstorage: 2Gi
limitsephemeralstorage: 20Gi
enable: false
# ------------------
volumeMounts:
- mountPath: /usr/share/nginx/subdomain/www/wp-content/uploads
name: persistent-storage
- mountPath: /etc/nginx/conf.d/
name: default-conf
- mountPath: /usr/share/nginx/subdomain/www/wp-content/wflogs
name: empty-dir
volumes:
- name: persistent-storage
persistentVolumeClaim:
claimName: efs-claim-weareconnectamerica
- name: default-conf
configMap:
defaultMode: 420
name: weareconnectamerica-web-default-conf-cm
- emptyDir: {}
name: empty-dir
#-------------------------
pvcnames:
- ""
#------------------------------------------
restartAt: "2023-06-08T17:04:19-04:00"
#----------------------------
configmap:
enabled: true
data:
DB_HOST: stage-weareconnectamerica-ecommerce.c5om7w6xopq1.us-east-1.rds.amazonaws.com
ENV: stage
WP_DEBUG: "false"
DB_CHARSET: utf8
DB_COLLATE: utf8_general_ci
CACHE_HOST: master.redis-cache-all-be-caresage.cqsmse.use1.cache.amazonaws.com
CACHE_PORT: "6379"
DB_NAME: "www"
DB_USER: "pantheon"
# ---------------------------------
secret:
enabled: true
data:
CACHE_PASSWORD: xxxxxxxxxxxxxxxxx
DB_PASSWORD: xxxxxxxxxxxxxxxxxxx
TOKEN: QVRDVFQzeEZmR04wUUI5VHlrR0RDYXo0LXFrc2xGTUlDbjlOYXltZjdxVUxlZmRoT3ZMNnRtMmJnRW91TmRRRXd4ODRDeUxuWEtac0ZDRkQ3NXJIdnRFdEhMZEdTZzlkNGt2V1UwUXlvZEFjX19QRUZtLWdBNVJOVVo0cDhMVndCUXhBQXB3N0UyR2RyUFBPQ1ROckZlQWItaGpjMTZZMmRfZWlzWUZkNGNMNzM4UVB6RVBFaU5vPTY1MkY0MzlE
# -------------------------
service:
serviceName: weareconnectamerica-web
serviceType: NodePort
servicePort: 80
serviceTargetPort: 80
serviceNodePort: 30845
# -----------------------
hpa:
deploymentName: weareconnectamerica-web
enabled: true
minReplicas: 1
maxReplicas: 2
cpuTargetAverageValue: "90"
#-----------------------------
config:
default: |
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
@@ -27,17 +102,15 @@ data:
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
@@ -47,19 +120,16 @@ data:
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
subdomain: |
server {
#-----------------------------
#-----------------------------
client_max_body_size 512m;
# ------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.stage-weareconnectamerica\.com$;
@@ -105,10 +175,10 @@ data:
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
@@ -129,25 +199,27 @@ data:
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
# pass the PHP scripts to FastCGI server listening on socket ~ \.php$
#
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
@@ -163,13 +235,14 @@ data:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
@@ -184,16 +257,16 @@ data:
}
# deny access to . files, for security
#
# ---------------------------------------
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
localhost: |
server {
client_max_body_size 512m;
listen 80;
@@ -253,7 +326,8 @@ data:
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 5m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
@@ -284,8 +358,9 @@ data:
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid any 1m;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
@@ -305,6 +380,7 @@ data:
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;