9c93e74318
- Drop @supabase/supabase-js entirely; add drizzle-orm + postgres (porsager) driver - New packages/db: schema (pgSchema ordinarthur_os), client factory, migrate runner, drizzle-kit config - SQL migrations: 0000_init (pgcrypto + schema), 0001_jobs (jobs + job_search_criteria, no RLS) - Rewrite apps/api db module with DI symbols DB/DB_HANDLE + @InjectDb() decorator - Rewrite jobs.service.ts with Drizzle queries (upsert via onConflictDoUpdate, arrayOverlaps for stack filter) - Replace SUPABASE_* env vars with DATABASE_URL in env config + .env.example - Add docker-compose.yml (Postgres 16-alpine, dev only) - Add deploy/k8s/postgres.yaml (StatefulSet + PVC), migrate.job.yaml, updated secrets.template.yaml - Update all docs (README, PLAN, ARCHITECTURE, CLAUDE.md, AGENTS.md, packages/db/README.md) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
54 lines
1.6 KiB
YAML
54 lines
1.6 KiB
YAML
# NE PAS COMMITER LES VRAIES VALEURS.
|
|
# Deux Secrets sont attendus côté cluster — dupliquer, remplir, puis :
|
|
# kubectl -n ordinarthur-os apply -f secrets.yaml
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: ordinarthur-os-secrets
|
|
namespace: ordinarthur-os
|
|
type: Opaque
|
|
stringData:
|
|
API_BEARER_TOKEN: ""
|
|
# Postgres standalone dans le cluster (cf. postgres.yaml).
|
|
# Format : postgres://<user>:<password>@postgres.ordinarthur-os.svc.cluster.local:5432/<db>
|
|
DATABASE_URL: ""
|
|
MISTRAL_API_KEY: ""
|
|
MISTRAL_MODEL: "mistral-small-latest"
|
|
GROQ_API_KEY: ""
|
|
GROQ_STT_MODEL: "whisper-large-v3-turbo"
|
|
GOOGLE_OAUTH_CLIENT_ID: ""
|
|
GOOGLE_OAUTH_CLIENT_SECRET: ""
|
|
GOOGLE_OAUTH_REDIRECT_URI: "https://api.os.arthurbarre.fr/agenda/google/oauth/callback"
|
|
ICAL_FEED_SECRET: ""
|
|
TELEGRAM_BOT_TOKEN: ""
|
|
TELEGRAM_WEBHOOK_SECRET: ""
|
|
---
|
|
# Credentials consommés par le StatefulSet postgres.
|
|
# Les mêmes valeurs doivent composer DATABASE_URL ci-dessus.
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: ordinarthur-os-db-secrets
|
|
namespace: ordinarthur-os
|
|
type: Opaque
|
|
stringData:
|
|
POSTGRES_USER: "ordinarthur"
|
|
POSTGRES_PASSWORD: ""
|
|
POSTGRES_DB: "ordinarthur_os"
|
|
---
|
|
# Credentials du CronJob de backup (bucket S3-compatible à choisir avec Arthur).
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: ordinarthur-os-backup-secrets
|
|
namespace: ordinarthur-os
|
|
type: Opaque
|
|
stringData:
|
|
# Même valeur que DATABASE_URL (utilisable par pg_dump).
|
|
PGURL: ""
|
|
# rclone remote name + bucket, ex. "b2:ordinarthur-os-backups"
|
|
RCLONE_REMOTE: ""
|
|
# Contenu d'un rclone.conf — monté ensuite côté cronjob si besoin.
|
|
RCLONE_CONFIG: ""
|