Skip to content

Instantly share code, notes, and snippets.

@sandromello

sandromello/manifest.yaml

Created December 6, 2023 18:26
Show Gist options
  • Save sandromello/5785a04f30a1d5cdf802769fe4b43d35 to your computer and use it in GitHub Desktop.
Save sandromello/5785a04f30a1d5cdf802769fe4b43d35 to your computer and use it in GitHub Desktop.
Download ZIP
Hoop Self Hosted Yaml
Raw
manifest.yaml
---
# Source: hoop-chart/templates/secret-configs.yaml
apiVersion: v1
kind: Secret
metadata:
name: hoop-config
type: Opaque
stringData:
XTDB_ADDRESS: "http://127.0.0.1:3001"
POSTGRES_DB_URI: "postgresql://<user>:<pwd>@<host>:5432/<db>"
API_URL: "https://yourdomain.tld"
GRPC_URL: ""
LEGACY_API: "false"
PGREST_ROLE: "hoop_apiuser"
LEGACY_XTDB: "false"
GIN_MODE: "release"
LOG_ENCODING: "json"
LOG_LEVEL: "info"
LOG_GRPC: "0"
GODEBUG: "http2debug=0"
IDP_CLIENT_ID: "<CLIENT_ID>"
IDP_CLIENT_SECRET: "<CLIENT_SECRET>"
IDP_ISSUER: "<IDP_ISSUER>"
IDP_AUDIENCE: ""
IDP_CUSTOM_SCOPES: ""
TLS_KEY: ""
TLS_CERT: ""
TLS_CA: ""
GOOGLE_APPLICATION_CREDENTIALS_JSON: ''
WEBHOOK_APPKEY: ""
PYROSCOPE_AUTH_TOKEN: ""
PYROSCOPE_INGEST_URL: ""
SEGMENT_KEY: ""
AGENT_SENTRY_DSN: ""
SENTRY_DSN: ""
ADMIN_USERNAME: ""
PLUGIN_AUDIT_PATH: "/opt/hoop/sessions"
PLUGIN_INDEX_PATH: "/opt/hoop/sessions/indexes"
MAGIC_BELL_API_KEY: ""
MAGIC_BELL_API_SECRET: ""
PLUGIN_REGISTRY_URL: ""
SMTP_HOST: ""
SMTP_PORT: ""
SMTP_USER: ""
SMTP_PASS: ""
SLACK_CLIENT_ID: ""
SLACK_CLIENT_SECRET: ""
---
# Source: hoop-chart/templates/secret-configs.yaml
apiVersion: v1
kind: Secret
metadata:
name: xtdb-config
type: Opaque
stringData:
PG_HOST: "<pg-host>"
PG_PORT: "<pg-port>"
PG_USER: "<pg-user>"
PG_PASSWORD: "<pg-passwd>"
PG_DB: "<pg-db>"
LISTEN_ADDR: "127.0.0.1"
ROCKS_DB_CACHE_SIZE: "536870912"
ROCKS_DB_DIR: "/opt/hoop/sessions/rocksdb"
---
# Source: hoop-chart/templates/secret-configs.yaml
apiVersion: v1
kind: Secret
metadata:
name: defaultagent-config
type: Opaque
stringData:
HOOP_DSN: ""
# DEPRECATED
HOOP_TOKEN: ""
# DEPRECATED
HOOP_GRPCURL: ""
TLS_SERVER_NAME: ""
AUTO_REGISTER: ""
LOG_ENCODING: "json"
LOG_LEVEL: "info"
LOG_GRPC: "0"
GODEBUG: "http2debug=0"
---
# Source: hoop-chart/templates/pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: walsessions
finalizers:
- kubernetes.io/pvc-protection
spec:
accessModes:
- 'ReadWriteOnce'
resources:
requests:
storage: "100Gi"
storageClassName: gp2
---
# Source: hoop-chart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: hoopgateway
spec:
selector:
app: hoopgateway
ports:
- port: 8010
name: grpc
protocol: TCP
targetPort: 8010
- port: 8009
name: http
protocol: TCP
targetPort: 8009
---
# Source: hoop-chart/templates/service.yaml
apiVersion: v1
kind: Service
metadata:
name: hoopdb
spec:
externalName: "<db-host>"
sessionAffinity: None
type: ExternalName
---
# Source: hoop-chart/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: hoopgateway
spec:
selector:
matchLabels:
app: hoopgateway
strategy:
type: Recreate
template:
metadata:
annotations:
checksum/config: 3fe3d5daca1069ed2fd2c1d5551b18c8d0164bed8e5bda0d19ed5b5e89d838d3
labels:
app: hoopgateway
spec:
containers:
- image: "hoophq/hoop:latest"
name: hoopgateway
imagePullPolicy: Always
args:
- hoop
- start
- gateway
envFrom:
- secretRef:
name: hoop-config
- secretRef:
name: xtdb-config
resources:
limits:
cpu: 2048m
memory: 2Gi
requests:
cpu: 1024m
memory: 2Gi
volumeMounts:
- mountPath: /opt/hoop/sessions
name: walsessions
ports:
- containerPort: 8010
name: grpc
- containerPort: 8009
name: api
- image: "hoophq/xtdb:latest"
name: xtdb
imagePullPolicy: Always
envFrom:
- secretRef:
name: xtdb-config
resources:
limits:
cpu: 2048m
memory: 4Gi
requests:
cpu: 1024m
memory: 4Gi
ports:
- containerPort: 3001
name: api
volumeMounts:
- mountPath: /opt/hoop/sessions
name: walsessions
lifecycle:
preStop:
exec:
command: ["/bin/sh","-c","until stat /tmp/xtdb-shutdown.placeholder 2>/dev/null; do sleep 1; done"]
- image: "hoophq/hoopdev:latest"
name: defaultagent
imagePullPolicy: Always
volumeMounts:
- mountPath: /opt/hoop/sessions
name: walsessions
envFrom:
- secretRef:
name: defaultagent-config
volumes:
- name: walsessions
persistentVolumeClaim:
claimName: walsessions
---
# Source: hoop-chart/templates/ingress-api.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
alb.ingress.kubernetes.io/certificate-arn: <arn>
alb.ingress.kubernetes.io/group.name: <group-name>
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/security-groups: <sg-id>
alb.ingress.kubernetes.io/ssl-redirect: "443"
alb.ingress.kubernetes.io/subnets: subnet-<id>,subnet-<id>
alb.ingress.kubernetes.io/target-type: ip
labels:
app: hoopgateway-web
name: hoopgateway-web
spec:
ingressClassName: "alb"
rules:
- host: "yourdomain.tld"
http:
paths:
- backend:
service:
name: hoopgateway
port:
number: 8009
pathType: ImplementationSpecific
---
# Source: hoop-chart/templates/ingress-grpc.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
alb.ingress.kubernetes.io/backend-protocol-version: GRPC
alb.ingress.kubernetes.io/certificate-arn: <arn-id>
alb.ingress.kubernetes.io/group.name: <group-name>
alb.ingress.kubernetes.io/healthcheck-path: /
alb.ingress.kubernetes.io/healthcheck-protocol: HTTP
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS": 8443}]'
alb.ingress.kubernetes.io/scheme: internet-facing
alb.ingress.kubernetes.io/security-groups: <sg-id>
alb.ingress.kubernetes.io/subnets: subnet-<id>,subnet-<id>
alb.ingress.kubernetes.io/target-type: ip
labels:
app: hoopgateway-grpc
name: hoopgateway-grpc
spec:
ingressClassName: "alb"
rules:
- host: "yourdomain.tld"
http:
paths:
- backend:
service:
name: hoopgateway
port:
number: 8010
pathType: ImplementationSpecific
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment