Merge pull request 'fix' (#135) from master into prod

Reviewed-on: https://gitea.chocomarsh.com/self/infra/pulls/135
2025-07-12 10:09:55 +03:00 · 2025-07-12 10:09:55 +03:00 · 2d66d20e41
commit 2d66d20e41
parent 49e99f2721 d394210099
1 changed files with 46 additions and 23 deletions
--- a/.deploy-infra/deploy-prod.yaml
+++ b/.deploy-infra/deploy-prod.yaml
@ -27,32 +27,55 @@ services:
        parallelism: 1
        # order: start-first
  
-  authelia:
-    image: mathwave/sprint-repo:authelia
+  zitadel:
+    image: ghcr.io/zitadel/zitadel:latest
    networks:
      - common-infra-nginx
    environment:
-      AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET
-      AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET
-      AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY
-      AUTHELIA_STORAGE_POSTGRES_PORT: "5432"
-      AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia"
-      AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres"
-      AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD
-      AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor"
-      AUTHELIA_NOTIFIER_SMTP_ENABLED: "false"
-    volumes:
-      - /sprint-data/authelia/data:/var/lib/authelia
+      ZITADEL_DATABASE_POSTGRES_HOST: pg.sprinthub.ru
+      ZITADEL_DATABASE_POSTGRES_PORT: 5432
+      ZITADEL_DATABASE_POSTGRES_DATABASE: zitadel
+      ZITADEL_DATABASE_POSTGRES_USER_USERNAME: postgres
+      ZITADEL_DATABASE_POSTGRES_USER_PASSWORD: $DB_PASSWORD_PROD
+      ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE: disable
+      ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME: postgres
+      ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD: $DB_PASSWORD_PROD
+      ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE: disable
+      ZITADEL_EXTERNALSECURE: false
      deploy:
        mode: replicated
        replicas: 1
        restart_policy:
          condition: any
-      placement:
-        constraints: [node.labels.stage == production]
        update_config:
          parallelism: 1
    
+  # authelia:
+  #   image: mathwave/sprint-repo:authelia
+  #   networks:
+  #     - common-infra-nginx
+  #   environment:
+  #     AUTHELIA_JWT_SECRET: $AUTHTHELIA_JWT_SECRET
+  #     AUTHELIA_SESSION_SECRET: $AUTHTHELIA_SESSION_SECRET
+  #     AUTHELIA_STORAGE_ENCRYPTION_KEY: $AUTHELIA_STORAGE_ENCRYPTION_KEY
+  #     AUTHELIA_STORAGE_POSTGRES_PORT: "5432"
+  #     AUTHELIA_STORAGE_POSTGRES_DATABASE: "authelia"
+  #     AUTHELIA_STORAGE_POSTGRES_USERNAME: "postgres"
+  #     AUTHELIA_STORAGE_POSTGRES_PASSWORD: $DB_PASSWORD_PROD
+  #     AUTHELIA_ACCESS_CONTROL_DEFAULT_POLICY: "one_factor"
+  #     AUTHELIA_NOTIFIER_SMTP_ENABLED: "false"
+  #   volumes:
+  #     - /sprint-data/authelia/data:/var/lib/authelia
+  #   deploy:
+  #     mode: replicated
+  #     replicas: 1
+  #     restart_policy:
+  #       condition: any
+  #     placement:
+  #       constraints: [node.labels.stage == production]
+  #     update_config:
+  #       parallelism: 1
+
  grafana:
    image: grafana/grafana
    networks: