diff --git a/k8s/configmap.yaml b/k8s/configmap.yaml index 4370e69..5148a92 100644 --- a/k8s/configmap.yaml +++ b/k8s/configmap.yaml @@ -6,7 +6,9 @@ metadata: data: SERVER_PORT: "3001" PUBLIC_BASE_URL: "https://portal.estateliga.work" - MINIO_ENDPOINT: "minio.minio.svc.cluster.local:9000" + # MinIO живёт на отдельном сервере. Как в telephony/meet/portal, + # пинним DNS через hostAliases в deployment, чтобы не попасть во + # внутренний Traefik/default-cert. + MINIO_ENDPOINT: "s3-minio.estateliga.work" MINIO_BUCKET: "portal-files" - MINIO_USE_SSL: "false" - + MINIO_USE_SSL: "true" diff --git a/k8s/secrets.yaml b/k8s/secrets.yaml index 0c87dd0..6510e42 100644 --- a/k8s/secrets.yaml +++ b/k8s/secrets.yaml @@ -8,8 +8,8 @@ stringData: DATABASE_URL: "postgres://files:files@postgres.files.svc.cluster.local:5432/files?sslmode=disable" PORTAL_INTERNAL_API_KEY: "36fe89ed40c01fdc54d3cf4e3fcacc8751dc456a4a1acd394e9fed48257c5734" INTERNAL_API_KEY: "36fe89ed40c01fdc54d3cf4e3fcacc8751dc456a4a1acd394e9fed48257c5734" - MINIO_ACCESS_KEY: "files-svc" - MINIO_SECRET_KEY: "REPLACE_AFTER_FIRST_DEPLOY" + MINIO_ACCESS_KEY: "admjn" + MINIO_SECRET_KEY: "TropicalMacaw9Fantasize" --- apiVersion: v1 kind: Secret @@ -21,4 +21,3 @@ stringData: POSTGRES_USER: files POSTGRES_PASSWORD: files POSTGRES_DB: files - diff --git a/k8s/server-deployment.yaml b/k8s/server-deployment.yaml index cba9d6e..9fecabf 100644 --- a/k8s/server-deployment.yaml +++ b/k8s/server-deployment.yaml @@ -13,6 +13,10 @@ spec: labels: app: files-server spec: + hostAliases: + - ip: "77.105.173.42" + hostnames: + - "s3-minio.estateliga.work" terminationGracePeriodSeconds: 15 securityContext: runAsNonRoot: true