save refactor helm chart

environments/production/custom-domains.yaml

@@ -0,0 +1,25 @@
+# Example values file with custom domains for each component
+global:
+  domain: "videocall.rs"  # This is still needed as a base domain
+  # Custom URLs for each component - these override the default pattern
+  urls:
+    ui: "app.videocall.rs"       # Custom domain for UI (instead of ui.videocall.rs)
+    api: "api.custom-domain.com" # Custom domain for WebSocket API
+    transport: "wt.custom-domain.com"  # Custom domain for WebTransport
+  tls:
+    enabled: true
+    issuer: "letsencrypt-prod"
+
+# We only need to define component toggles - all other settings use defaults
+components:
+  ui:
+    enabled: true
+  websocket:
+    enabled: true
+  webtransport:
+    enabled: true
+
+# Note: You don't need to manually update URLs in the env variables,
+# hosts in the ingress definitions, or annotations in the service.
+# The Helm templates automatically use the correct URL from global.urls
+# or fall back to the default pattern (component.domain) if not specified. 

environments/production/deploy.sh

@@ -0,0 +1,111 @@
+#!/bin/bash
+# Deployment script for videocall.rs production environment
+
+set -e
+
+# Default values
+NAMESPACE="videocall-prod"
+RELEASE_NAME="videocall"
+VALUES_FILE="$(dirname "$0")/values.yaml"
+DRY_RUN=false
+UPGRADE_ONLY=false
+
+# Parse command-line arguments
+while [[ $# -gt 0 ]]; do
+  case $1 in
+    -n|--namespace)
+      NAMESPACE="$2"
+      shift 2
+      ;;
+    -r|--release-name)
+      RELEASE_NAME="$2"
+      shift 2
+      ;;
+    -f|--values-file)
+      VALUES_FILE="$2"
+      shift 2
+      ;;
+    --dry-run)
+      DRY_RUN=true
+      shift
+      ;;
+    --upgrade-only)
+      UPGRADE_ONLY=true
+      shift
+      ;;
+    -h|--help)
+      echo "Usage: $0 [options]"
+      echo ""
+      echo "Options:"
+      echo "  -n, --namespace NAMESPACE   Kubernetes namespace (default: videocall-prod)"
+      echo "  -r, --release-name NAME     Helm release name (default: videocall)"
+      echo "  -f, --values-file FILE      Custom values file (default: values.yaml in same dir)"
+      echo "  --dry-run                   Perform a dry-run of the installation"
+      echo "  --upgrade-only              Only upgrade, don't create the namespace"
+      echo "  -h, --help                  Show this help message"
+      exit 0
+      ;;
+    *)
+      echo "Unknown option: $1"
+      exit 1
+      ;;
+  esac
+done
+
+# Path to the Helm chart (relative to the repository root)
+CHART_PATH="$(git rev-parse --show-toplevel)/helm/videocall"
+
+# Check if the chart exists
+if [[ ! -d "$CHART_PATH" ]]; then
+  echo "Error: Helm chart not found at $CHART_PATH"
+  exit 1
+fi
+
+echo "=== Deploying videocall to PRODUCTION environment ==="
+echo "Namespace: $NAMESPACE"
+echo "Release name: $RELEASE_NAME"
+echo "Values file: $VALUES_FILE"
+echo "Chart path: $CHART_PATH"
+echo "Dry run: $DRY_RUN"
+echo ""
+
+# Create namespace if it doesn't exist
+if [[ "$UPGRADE_ONLY" == "false" ]]; then
+  if ! kubectl get namespace "$NAMESPACE" &>/dev/null; then
+    echo "Creating namespace $NAMESPACE..."
+    if [[ "$DRY_RUN" == "false" ]]; then
+      kubectl create namespace "$NAMESPACE"
+    else
+      echo "DRY RUN: Would create namespace $NAMESPACE"
+    fi
+  else
+    echo "Namespace $NAMESPACE already exists"
+  fi
+fi
+
+# Construct the helm install/upgrade command
+HELM_CMD="helm upgrade --install $RELEASE_NAME $CHART_PATH -n $NAMESPACE -f $VALUES_FILE"
+if [[ "$DRY_RUN" == "true" ]]; then
+  HELM_CMD="$HELM_CMD --dry-run"
+fi
+
+echo "Running: $HELM_CMD"
+
+if [[ "$DRY_RUN" != "true" ]]; then
+  eval "$HELM_CMD"
+  echo "Deployment to PRODUCTION complete!"
+else
+  eval "$HELM_CMD"
+  echo "Dry run complete - no changes were made"
+fi
+
+echo ""
+echo "To check deployment status:"
+echo "  kubectl get pods -n $NAMESPACE"
+echo ""
+
+# Print access information
+echo "Once deployed, access the application at:"
+echo "  UI: https://ui.videocall.rs"
+echo "  API: wss://api.videocall.rs"
+echo "  Transport: https://transport.videocall.rs" 

environments/production/values.yaml

@@ -0,0 +1,103 @@
+# Production environment configuration for videocall.rs
+global:
+  environment: production
+  domain: "videocall.rs"  # Base domain for all components
+  tls:
+    enabled: true
+    issuer: "letsencrypt-prod"
+  # Custom URLs for each component (uncomment and modify if you need custom domains)
+  # urls:
+  #   ui: "app.videocall.rs"      # Custom domain for UI
+  #   api: "ws.videocall.rs"      # Custom domain for WebSocket API
+  #   transport: "wt.videocall.rs" # Custom domain for WebTransport
+
+# Component toggles
+components:
+  ui:
+    enabled: true
+  websocket:
+    enabled: true
+  webtransport:
+    enabled: true
+
+# UI Component Configuration
+ui:
+  replicaCount: 3
+  image:
+    tag: stable  # Use stable tag for production
+    pullPolicy: IfNotPresent
+  resources:
+    limits:
+      cpu: 750m
+      memory: 768Mi
+    requests:
+      cpu: 300m
+      memory: 384Mi
+
+# WebSocket Component Configuration
+websocket:
+  replicaCount: 5
+  image:
+    tag: stable
+    pullPolicy: IfNotPresent
+  resources:
+    limits:
+      cpu: 1500m
+      memory: 1.5Gi
+    requests:
+      cpu: 750m
+      memory: 768Mi
+  env:
+    - name: DATABASE_ENABLED
+      value: "true"
+
+# WebTransport Component Configuration
+webtransport:
+  replicaCount: 5
+  image:
+    tag: stable
+    pullPolicy: IfNotPresent
+  resources:
+    limits:
+      cpu: 1500m
+      memory: 1.5Gi
+    requests:
+      cpu: 750m
+      memory: 768Mi
+
+# Dependency configuration
+nats:
+  cluster:
+    enabled: true
+    replicas: 3
+  persistence:
+    enabled: true
+    size: 10Gi
+  resources:
+    limits:
+      cpu: 1500m
+      memory: 1.5Gi
+    requests:
+      cpu: 750m
+      memory: 768Mi
+
+postgresql:
+  auth:
+    # We use a placeholder - this should be replaced with a secure password from a secret manager in production
+    password: "REPLACE_WITH_SECURE_PASSWORD"
+  primary:
+    persistence:
+      enabled: true
+      size: 20Gi
+    resources:
+      limits:
+        cpu: 1500m
+        memory: 3Gi
+      requests:
+        cpu: 750m
+        memory: 1.5Gi
+
+# Disable SSL certificates creation - use cert-manager in production
+secrets:
+  sslCertificates:
+    create: false

helm/videocall/Chart.lock

@@ -0,0 +1,9 @@
+dependencies:
+- name: nats
+  repository: https://nats-io.github.io/k8s/helm/charts/
+  version: 0.17.1
+- name: postgresql
+  repository: https://charts.bitnami.com/bitnami
+  version: 12.1.2
+digest: sha256:ee8f6f9315ee75857f6e00bf04f032c83e9fa76b1ca1fb7f23a415d683f7f2b6
+generated: "2025-03-06T23:40:34.578585-05:00"

helm/videocall/Chart.yaml

@@ -0,0 +1,20 @@
+apiVersion: v2
+name: videocall
+description: A consolidated Helm chart for the videocall.rs platform
+type: application
+version: 1.0.0
+appVersion: "1.0.0"
+maintainers:
+  - name: videocall.rs team
+    email: [email protected]
+
+# Dependencies
+dependencies:
+  - name: nats
+    version: "0.17.1"
+    repository: "https://nats-io.github.io/k8s/helm/charts/"
+    condition: nats.enabled
+  - name: postgresql
+    version: "12.1.2"
+    repository: "https://charts.bitnami.com/bitnami"
+    condition: postgresql.enabled