From 1ad0b3a1fd09ef2ba5b3ef29eb1e3204ba01f40d Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Tue, 18 Nov 2025 00:59:33 +0545 Subject: [PATCH 1/5] fix: Updated comments on values.yaml to understand the values better --- charts/templates/secret.yaml | 22 ---------------------- charts/values.yaml | 34 +++++++++++++++++++++++----------- 2 files changed, 23 insertions(+), 33 deletions(-) diff --git a/charts/templates/secret.yaml b/charts/templates/secret.yaml index 85a0c07..2114b0e 100644 --- a/charts/templates/secret.yaml +++ b/charts/templates/secret.yaml @@ -20,30 +20,8 @@ items: tls.key: {{ .Values.secret.TLS_KEY }} kind: Secret metadata: - annotations: - cert-manager.io/alt-names: '*.staging.01cloud.dev,staging.01cloud.dev' - cert-manager.io/certificate-name: zerone-cloud-staging-crt - cert-manager.io/common-name: staging.01cloud.dev - cert-manager.io/ip-sans: "" - cert-manager.io/issuer-group: "" - cert-manager.io/issuer-kind: ClusterIssuer - cert-manager.io/issuer-name: letsencrypt-issuer - cert-manager.io/uri-sans: "" name: zerone-tls-cert type: kubernetes.io/tls - - # metadata: - # annotations: - # cert-manager.io/alt-names: '*.staging.01cloud.dev,staging.01cloud.dev' - # cert-manager.io/certificate-name: zerone-cloud-staging-crt - # cert-manager.io/common-name: staging.01cloud.dev - # cert-manager.io/ip-sans: "" - # cert-manager.io/issuer-group: "" - # cert-manager.io/issuer-kind: ClusterIssuer - # cert-manager.io/issuer-name: letsencrypt-issuer - # cert-manager.io/uri-sans: "" - # name: zerone-tls-cert - # type: kubernetes.io/tls kind: List metadata: resourceVersion: "" diff --git a/charts/values.yaml b/charts/values.yaml index ef1d03a..f513ed4 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -17,17 +17,18 @@ image: backup: 01community/01cloud-backup:v0.0.1 exsecret: 01community/01cloud-exsecret:v0.0.1 +## This secret are stored in the env-sec which will be using in the microservices (e.g. api, controllers) secret: - API_SECRET: --- YOUR-API-SECRET --- - DB_PASSWORD: --- YOUR-DB-PASSWORD --- - SMTP_PASSWORD: --- YOUR-SMTP-PASSWORD --- - DB_URL: --- YOUR-DB-URL --- - MONGO_URL: --- YOUR-MONGO-URL --- + API_SECRET: --- YOUR-API-SECRET --- # Generate a strong random string + DB_PASSWORD: --- YOUR-DB-PASSWORD --- # PSQL DB Password (for helm chart) + SMTP_PASSWORD: --- YOUR-SMTP-PASSWORD --- # SMTP password ( SendGrid API Key or SMTP password) + DB_URL: --- YOUR-DB-URL --- # Full Postgres connection URL + MONGO_URL: --- YOUR-MONGO-URL --- RABBITMQ_URL: --- YOUR-RABBITMQ-URL --- MONGODB_PASSWORD: --- YOUR-MONGO-PASSWORD --- RABBITMQ_PASSWORD: --- YOUR-RABBITMQ-PASSWORD --- - TLS_CRT: --- YOUR-TLS --- - TLS_KEY: --- YOUR-KEY --- + TLS_CRT: --- YOUR-TLS --- # Certification for Domain + TLS_KEY: --- YOUR-KEY --- # Certification Key for Domain MODE: bGVnYWN5 env: @@ -41,12 +42,14 @@ env: paymentFailedUiUrl: https://console.staging.01cloud.dev/payment/failure terminalUrl: https://terminal.staging.01cloud.dev PROMETHEUS_API_URL: http://prometheus-operated.monitoring.svc.cluster.local:9090 + +## UI Configmap REACT_APP_AUTH0_MODE: "legacy" REACT_APP_AUTH0_DOMAIN: " " REACT_APP_AUTH0_CLIENT_ID: " " REACT_APP_AUTH0_AUDIENCE: " " - +# Ingress Domain API_SERVER_WS: ws://cloud-api.01cloud-staging.svc:8081 GRPC_NOTIFICATION_SERVER: cloud-notifications:10081 GRPC_SUPPORT_SERVER: cloud-support:10081 @@ -56,21 +59,33 @@ env: paymentServerUrl: http://cloud-payments:8080 helmcdServerUrl: http://cloud-helm-cd:8080 +### SendGrid SMTP_FROM_ADDRESS: --- YOUR-EMAIL-ADDRESS --- SMTP_HOST: --- YOUR-SMTP-HOST --- SMTP_PORT: --- YOUR-SMTP-PORT --- SMTP_USERNAME: apikey + +### DB_services.yaml DB_DRIVER: postgres DB_HOST: staging-postgres-postgresql DB_NAME: cloud DB_PORT: "5432" DB_USER: berrybytes DB_BACKUP_PATH: /data/db-backup + MONGO_DB: cloud mongoUser: berrybytes rabbitmqUser: berrybytes STORE_TYPE: mongo MESSAGE_TYPE: rabbitmq + +## Payment + invoicePath: /data/invoices + adminEmail: --- YOUR-ADMIN-EMAIL --- + +## Recaptcha + RECAPTCHA_SECRET: --- YOUR-RECAPTCHA-SECRET --- + GCLOUD_NAMESPACE: --- YOUR-GCLOUD-NAMESPACE (OPTIONAL) --- GCLOUD_PROJECT: --- YOUR-GCLOUD-PROJECT (OPTIONAL) --- GOOGLE_APPLICATION_CREDENTIALS: /data/gcloud.json @@ -81,9 +96,6 @@ env: TEKTON_FILE_PATH_v1: data.sample/v1 VCLUSTER_API_URL: https://zerone-4409-9534.01cloud.com/v1 ZERONE_API_URL: https://api.staging.01cloud.dev - invoicePath: /data/invoices - adminEmail: --- YOUR-ADMIN-EMAIL --- - RECAPTCHA_SECRET: --- YOUR-RECAPTCHA-SECRET --- storageAccessKey: --- YOUR-STORAGE-ACCESS-KEY --- storageSecretKey: --- YOUR-STORAGE-SECRET-KEY --- From 300bffc1bd51b702b79b59ef4e21cc90fbdbb25c Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Wed, 19 Nov 2025 17:03:35 +0545 Subject: [PATCH 2/5] chore: sectioned the values.yaml template --- charts/values.yaml | 41 +++++++++++++++++++---------------------- 1 file changed, 19 insertions(+), 22 deletions(-) diff --git a/charts/values.yaml b/charts/values.yaml index f513ed4..d894cb4 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -19,18 +19,20 @@ image: ## This secret are stored in the env-sec which will be using in the microservices (e.g. api, controllers) secret: - API_SECRET: --- YOUR-API-SECRET --- # Generate a strong random string - DB_PASSWORD: --- YOUR-DB-PASSWORD --- # PSQL DB Password (for helm chart) - SMTP_PASSWORD: --- YOUR-SMTP-PASSWORD --- # SMTP password ( SendGrid API Key or SMTP password) - DB_URL: --- YOUR-DB-URL --- # Full Postgres connection URL - MONGO_URL: --- YOUR-MONGO-URL --- - RABBITMQ_URL: --- YOUR-RABBITMQ-URL --- - MONGODB_PASSWORD: --- YOUR-MONGO-PASSWORD --- - RABBITMQ_PASSWORD: --- YOUR-RABBITMQ-PASSWORD --- - TLS_CRT: --- YOUR-TLS --- # Certification for Domain - TLS_KEY: --- YOUR-KEY --- # Certification Key for Domain + API_SECRET: --- YOUR-API-SECRET --- # Generate a strong random string + DB_PASSWORD: --- YOUR-DB-PASSWORD --- # PSQL DB Password (for helm chart) + SMTP_PASSWORD: --- YOUR-SMTP-PASSWORD --- # SMTP password ( SendGrid API Key or SMTP password) + DB_URL: --- YOUR-DB-URL --- # Database connection URL for microservices + MONGO_URL: --- YOUR-MONGO-URL --- # MongoDB connection URL for microservices + RABBITMQ_URL: --- YOUR-RABBITMQ-URL --- # RabbitMQ connection URL for microservices + MONGODB_PASSWORD: --- YOUR-MONGO-PASSWORD --- # MongoDB Password (for helm chart) + RABBITMQ_PASSWORD: --- YOUR-RABBITMQ-PASSWORD --- # RabbitMQ Password (for helm chart) MODE: bGVnYWN5 + # Base64 encoded TLS certs for Ingress TLS termination( can use mkcert to generate self-signed certs for testing) + TLS_CRT: --- YOUR-TLS --- + TLS_KEY: --- YOUR-KEY --- + env: API_SERVER_URL: https://api.staging.01cloud.dev UI_SERVER_URL: https://console.staging.01cloud.dev @@ -43,12 +45,6 @@ env: terminalUrl: https://terminal.staging.01cloud.dev PROMETHEUS_API_URL: http://prometheus-operated.monitoring.svc.cluster.local:9090 -## UI Configmap - REACT_APP_AUTH0_MODE: "legacy" - REACT_APP_AUTH0_DOMAIN: " " - REACT_APP_AUTH0_CLIENT_ID: " " - REACT_APP_AUTH0_AUDIENCE: " " - # Ingress Domain API_SERVER_WS: ws://cloud-api.01cloud-staging.svc:8081 GRPC_NOTIFICATION_SERVER: cloud-notifications:10081 @@ -59,19 +55,20 @@ env: paymentServerUrl: http://cloud-payments:8080 helmcdServerUrl: http://cloud-helm-cd:8080 -### SendGrid +### Your SMTP settings here SMTP_FROM_ADDRESS: --- YOUR-EMAIL-ADDRESS --- SMTP_HOST: --- YOUR-SMTP-HOST --- SMTP_PORT: --- YOUR-SMTP-PORT --- - SMTP_USERNAME: apikey + SMTP_USERNAME: --- YOUR-SMTP-USERNAME --- -### DB_services.yaml +### DB_services.yaml, Change according to your preference DB_DRIVER: postgres DB_HOST: staging-postgres-postgresql DB_NAME: cloud DB_PORT: "5432" DB_USER: berrybytes DB_BACKUP_PATH: /data/db-backup + adminEmail: --- YOUR-ADMIN-MAIL-FOR-01CLOUD --- MONGO_DB: cloud mongoUser: berrybytes @@ -81,13 +78,13 @@ env: ## Payment invoicePath: /data/invoices - adminEmail: --- YOUR-ADMIN-EMAIL --- ## Recaptcha RECAPTCHA_SECRET: --- YOUR-RECAPTCHA-SECRET --- - GCLOUD_NAMESPACE: --- YOUR-GCLOUD-NAMESPACE (OPTIONAL) --- - GCLOUD_PROJECT: --- YOUR-GCLOUD-PROJECT (OPTIONAL) --- +## gcloud namespace and project can be changed as per your preference. Defaults to below values. + GCLOUD_NAMESPACE: sample-namespace + GCLOUD_PROJECT: sample-project GOOGLE_APPLICATION_CREDENTIALS: /data/gcloud.json TLS: zerone-tls-cert From d87f38837726c9917e1366b254bb1f05636408dd Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Fri, 21 Nov 2025 02:07:44 +0545 Subject: [PATCH 3/5] chore: improved README and values.aml, addresed mkcert issue for snap firefox --- .env.sample | 3 +-- README.md | 6 ++++-- charts/templates/configmap.yaml | 2 +- charts/values.yaml | 8 ++++---- docs/mkcert-issue.md | 10 ++++++++++ 5 files changed, 20 insertions(+), 9 deletions(-) create mode 100644 docs/mkcert-issue.md diff --git a/.env.sample b/.env.sample index 988d860..9b9d54b 100644 --- a/.env.sample +++ b/.env.sample @@ -1,4 +1,3 @@ -# Sample environment variables for seting up DNS PROVIDER= NAME= PROJECT_ID= @@ -7,4 +6,4 @@ ORG_ID= ACTIVE= CREDS= ZONE_ID= -TLS= +TLS= \ No newline at end of file diff --git a/README.md b/README.md index bccaa95..df5d0ce 100644 --- a/README.md +++ b/README.md @@ -134,9 +134,9 @@ kubectl cluster-info kubectl get nodes ``` ### 2)Template preparation: -Fill the values [`Values.yaml`](charts/template/values.yaml) and [`ConfigMap.yaml`](charts/template/configmap.yaml) inside the charts/template folder. These Template are necessary during provision for one to get features like 0Auth, mail service etc. +Fill the values [`Values.yaml`](charts/values.yaml) and [`ConfigMap.yaml`](charts/template/configmap.yaml) inside the charts/template folder. These Template are necessary during provision for one to get features like 0Auth, mail service etc. -Ensure the `.env` file contains necessary key values according to the sample(`.env.sample`). This step is necessary during `DBseed` process for DNS creation. +Ensure the `.env` file contains necessary key values according to the sample [`.env.sample`](./.env.sample). This step is necessary during `DBseed` process for DNS creation. ### 3) Bootstrap and run 01Cloud @@ -317,5 +317,7 @@ If your organization uses this environment or contributes improvements, consider - Inspect events/logs: kubectl describe pod/ -n 01cloud-staging; kubectl logs -n 01cloud-staging - Adjust resources: - Edit charts/values.yaml PVC and resource requests/limits as needed +- Self signed cert not getting accepted ( firefox specially) + - Refer to this [doc](docs/mkcert-issue.md) for adding CAroot in your browser. Enjoy building with 01Cloud! diff --git a/charts/templates/configmap.yaml b/charts/templates/configmap.yaml index e7e0ef5..22bbd0a 100644 --- a/charts/templates/configmap.yaml +++ b/charts/templates/configmap.yaml @@ -40,4 +40,4 @@ items: name: config-admin kind: List metadata: - resourceVersion: "" + resourceVersion: "" \ No newline at end of file diff --git a/charts/values.yaml b/charts/values.yaml index d894cb4..5f5f49c 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -60,6 +60,7 @@ env: SMTP_HOST: --- YOUR-SMTP-HOST --- SMTP_PORT: --- YOUR-SMTP-PORT --- SMTP_USERNAME: --- YOUR-SMTP-USERNAME --- + SMTP_USERNAME: --- YOUR-SMTP-USERNAME --- ### DB_services.yaml, Change according to your preference DB_DRIVER: postgres @@ -82,10 +83,9 @@ env: ## Recaptcha RECAPTCHA_SECRET: --- YOUR-RECAPTCHA-SECRET --- -## gcloud namespace and project can be changed as per your preference. Defaults to below values. - GCLOUD_NAMESPACE: sample-namespace - GCLOUD_PROJECT: sample-project - GOOGLE_APPLICATION_CREDENTIALS: /data/gcloud.json +## Change these values according to your preference( used in cname creation for running application) + GCLOUD_NAMESPACE: staging #default + GCLOUD_PROJECT: 01cloud-staging #default TLS: zerone-tls-cert dockerPluginId: "3" diff --git a/docs/mkcert-issue.md b/docs/mkcert-issue.md new file mode 100644 index 0000000..dee2c47 --- /dev/null +++ b/docs/mkcert-issue.md @@ -0,0 +1,10 @@ +### Adding mkcert CAroot for snapd firefox +After running `mkcert -install` you may (not very often) encounter issue regarding refused connection to your host. This is due to firefox being installed as a snap package. To bypass this create a `ceretificates` folder inside `/var/lib/snapd/deskto/` and copy the `CAroot` file inside the `certificates` folder. +```bash +# create folder if not present +sudo mkdir -p /var/lib/snapd/desktop/certificates/ + +# copy the CAroot file +sudo cp "$(mkcert -CAROOT)/rootCA.pem" /var/lib/snapd/desktop/certificates/ +sudo update-ca-certificates +``` \ No newline at end of file From 7aab6c18d51b7306edf8ade9df7360909e22e5e5 Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Fri, 26 Dec 2025 17:26:44 +0545 Subject: [PATCH 4/5] fixL: fixed trailing whitespace --- seeder/package_install.json | 68 ++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/seeder/package_install.json b/seeder/package_install.json index 3aa6f37..fbaef81 100644 --- a/seeder/package_install.json +++ b/seeder/package_install.json @@ -45,13 +45,13 @@ "description": "Reloader is a tool to watch changes in ConfigMap and Secret and do rolling upgrades on Pods with their associated DeploymentConfigs, Deployments, Daemonsets and Statefulsets." }, { - "chart": "zerone/secret-patcher", - "name": "secret-patcher", + "chart": "zerone/secret-patcher", + "name": "secret-patcher", "title": "Secret Patcher", "namespace": "zerone-secret-patcher", - "optional": true, - "icon": "https://console.01cloud.io/meta.jpg", - "description": "Secret Patcher patches the service account with an imagepullsecrets that allows the service account of the pod to pull the images from container registry" + "optional": true, + "icon": "https://console.01cloud.io/meta.jpg", + "description": "Secret Patcher patches the service account with an imagepullsecrets that allows the service account of the pod to pull the images from container registry" }, { "chart": "zerone/velero", @@ -82,14 +82,14 @@ }, { - "chart": "zerone/tekton", - "name": "tekton", - "title": "Tekton", - "namespace": "tekton-pipelines", - "optional": true, - "icon": "https://avatars.githubusercontent.com/u/47602533?s=280&v=4", - "description": "A package to install powerful and flexible kubernetes-native open source CI/CD systems" - }, + "chart": "zerone/tekton", + "name": "tekton", + "title": "Tekton", + "namespace": "tekton-pipelines", + "optional": true, + "icon": "https://avatars.githubusercontent.com/u/47602533?s=280&v=4", + "description": "A package to install powerful and flexible kubernetes-native open source CI/CD systems" + }, { "chart": "zerone/prometheus-operator", @@ -121,28 +121,28 @@ "required_dns": false, "icon": "https://console.01cloud.io/meta.jpg", "description": "The Logging operator manages the log collectors and log forwarders of your logging infrastructure, and the routing rules that specify where you want to send your different log messages." - }, - { - "chart": "zerone/flagger", - "name": "flagger", - "title": "Flagger", - "optional": true, - "namespace": "zerone-flagger", - "required_dns": false, - "icon": "https://console.01cloud.io/meta.jpg", - "description": "Progressive Delivery operator for Kubernetes (Canary, A/B Testing and Blue/Green deployments)" - }, + }, + { + "chart": "zerone/flagger", + "name": "flagger", + "title": "Flagger", + "optional": true, + "namespace": "zerone-flagger", + "required_dns": false, + "icon": "https://console.01cloud.io/meta.jpg", + "description": "Progressive Delivery operator for Kubernetes (Canary, A/B Testing and Blue/Green deployments)" + }, - { - "chart": "zerone/openebs", - "name": "openebs", - "title": "openebs", - "optional": true, - "namespace": "zerone-openebs", - "required_dns": false, - "icon": "https://console.01cloud.io/meta.jpg", - "description": " OpenEBS turns any storage available to Kubernetes worker nodes into Local or Distributed Kubernetes Persistent Volumes." - }], + { + "chart": "zerone/openebs", + "name": "openebs", + "title": "openebs", + "optional": true, + "namespace": "zerone-openebs", + "required_dns": false, + "icon": "https://console.01cloud.io/meta.jpg", + "description": " OpenEBS turns any storage available to Kubernetes worker nodes into Local or Distributed Kubernetes Persistent Volumes." + }], "repositories": [{ "name": "zerone", "url": "https://berrybytes.github.io/helm-chart-org" From a9f2b3ea916f96933e42df1645d872c2a0405b03 Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Fri, 26 Dec 2025 17:47:30 +0545 Subject: [PATCH 5/5] fix: fixed trailing spaces --- .env.sample | 2 +- charts/templates/configmap.yaml | 2 +- charts/values.yaml | 10 +++++----- docs/mkcert-issue.md | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.env.sample b/.env.sample index 9b9d54b..70d1b78 100644 --- a/.env.sample +++ b/.env.sample @@ -6,4 +6,4 @@ ORG_ID= ACTIVE= CREDS= ZONE_ID= -TLS= \ No newline at end of file +TLS= diff --git a/charts/templates/configmap.yaml b/charts/templates/configmap.yaml index c90a3ef..ce92c94 100644 --- a/charts/templates/configmap.yaml +++ b/charts/templates/configmap.yaml @@ -45,4 +45,4 @@ items: name: config-admin kind: List metadata: - resourceVersion: "" \ No newline at end of file + resourceVersion: "" diff --git a/charts/values.yaml b/charts/values.yaml index 30ecce9..76a8db3 100644 --- a/charts/values.yaml +++ b/charts/values.yaml @@ -18,14 +18,14 @@ image: exsecret: 01community/01cloud-exsecret:v0.0.1 logging: 01community/01cloud-exlogger:v0.0.1 -## This secret are stored in the env-sec which will be using in the microservices (e.g. api, controllers) +## This secret are stored in the env-sec which will be using in the microservices (e.g. api, controllers) secret: API_SECRET: --- YOUR-API-SECRET --- # Generate a strong random string DB_PASSWORD: --- YOUR-DB-PASSWORD --- # PSQL DB Password (for helm chart) SMTP_PASSWORD: --- YOUR-SMTP-PASSWORD --- # SMTP password ( SendGrid API Key or SMTP password) DB_URL: --- YOUR-DB-URL --- # Database connection URL for microservices - MONGO_URL: --- YOUR-MONGO-URL --- # MongoDB connection URL for microservices - RABBITMQ_URL: --- YOUR-RABBITMQ-URL --- # RabbitMQ connection URL for microservices + MONGO_URL: --- YOUR-MONGO-URL --- # MongoDB connection URL for microservices + RABBITMQ_URL: --- YOUR-RABBITMQ-URL --- # RabbitMQ connection URL for microservices MONGODB_PASSWORD: --- YOUR-MONGO-PASSWORD --- # MongoDB Password (for helm chart) RABBITMQ_PASSWORD: --- YOUR-RABBITMQ-PASSWORD --- # RabbitMQ Password (for helm chart) MODE: bGVnYWN5 @@ -57,8 +57,8 @@ env: monitoringServerUrl: http://cloud-monitoring:8081 paymentServerUrl: http://cloud-payments:8080 helmcdServerUrl: http://cloud-helm-cd:8080 - -### Your SMTP settings here + +### Your SMTP settings here SMTP_FROM_ADDRESS: --- YOUR-EMAIL-ADDRESS --- SMTP_HOST: --- YOUR-SMTP-HOST --- diff --git a/docs/mkcert-issue.md b/docs/mkcert-issue.md index dee2c47..5559bee 100644 --- a/docs/mkcert-issue.md +++ b/docs/mkcert-issue.md @@ -7,4 +7,4 @@ sudo mkdir -p /var/lib/snapd/desktop/certificates/ # copy the CAroot file sudo cp "$(mkcert -CAROOT)/rootCA.pem" /var/lib/snapd/desktop/certificates/ sudo update-ca-certificates -``` \ No newline at end of file +```