dev.cm/k3s
1
0
派生 0
代码 议题 拉取请求 活动

feat(dify): 新增dify配置

浏览代码
这个提交包含在:
rohow
2025-06-03 14:04:47 +08:00
未验证
父节点 56a6f8af9b
当前提交 145e421b78
修改 9 个文件,包含 101 行新增152 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件
apps/apps/dify/helmchart.yaml
+42 -29
查看文件
@@ -1,25 +1,57 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: halo
name: dify
namespace: apps
spec:
repo: https://borispolonsky.github.io/dify-helm
chart: dify
targetNamespace: apps
version: 0.24.0
version: 0.25.0
valuesContent: |-
nodeSelector:
kubernetes.io/hostname: greenhk
kubernetes.io/hostname: clawhka
image:
api:
tag: "1.4.1"
worker:
tag: "1.4.1"
web:
tag: "1.4.1"
sandbox:
tag: "0.2.12"
pluginDaemon:
tag: "0.1.1-local"
api:
persistence:
enabled: true
storageClass: local-path
accessMode: ReadWriteMany
size: 10Gi
persistentVolumeClaim:
storageClass: local-path
accessModes: ReadWriteOnce
size: 5Gi
extraEnv:
- name: LANG
value: "C.UTF-8"
- name: VECTOR_STORE
value: "pgvector"
- name: PGVECTOR_HOST
value: "cnpg17-cluster-hk-rw.infra-data"
- name: PGVECTOR_PORT
value: "5432"
- name: PGVECTOR_DATABASE
value: "dify"
- name: DB_USERNAME
value: "app"
- name: DB_PASSWORD
value: "QrmOnigueiiKWDxS5HqS8h765fUZoV1fj2WFkHpqZOPnKAGcM9paiXC1VzGUA3PD"
pluginDaemon:
persistence:
persistentVolumeClaim:
storageClass: local-path
accessModes: ReadWriteOnce
size: 5Gi
proxy:
enabled: false
postgresql:
enabled: false
redis:
@@ -29,35 +61,16 @@ spec:
externalPostgres:
enabled: true
username: app
password: nyrHzh9WWlDZzvVw7bDFo74gKb9zsls0Sy7OwRTDWiRTNPQQQkW85taUFAoX2AIC
address: cnpg-cluster-hk-rw.infra-data
password: QrmOnigueiiKWDxS5HqS8h765fUZoV1fj2WFkHpqZOPnKAGcM9paiXC1VzGUA3PD
address: cnpg17-cluster-hk-rw.infra-data
port: 5432
database:
api: dify
pluginDaemon: dify_plugin
externalPgvector:
enabled: false
username: app
password: nyrHzh9WWlDZzvVw7bDFo74gKb9zsls0Sy7OwRTDWiRTNPQQQkW85taUFAoX2AIC
address: cnpg-cluster-hk-rw.infra-data
port: 5432
dbName: dify
externalRedis:
enabled: true
host: redis.example
host: redis-cluster-hk-master.infra-data
port: 6379
username: ""
password: ribiPwYQNU6GWxCYR0Nj
useSSL: false
proxy:
enable: false
ingress:
enabled: true
className: nginx
hosts:
- host: dify.dev.cm
paths:
- path: /
pathType: ImplementationSpecific
apps/apps/dify/ingress.yaml
+48
查看文件
@@ -0,0 +1,48 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dify-web
namespace: apps
annotations:
spec:
ingressClassName: nginx
rules:
- host: dify.dev.cm
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: dify-web
port:
number: 3000
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: dify-api
namespace: apps
annotations:
nginx.ingress.kubernetes.io/use-regex: "true"
spec:
ingressClassName: nginx
rules:
- host: dify.dev.cm
http:
paths:
- path: /(api|console/api|v1|files)
pathType: ImplementationSpecific
backend:
service:
name: dify-api
port:
number: 5001
- path: /e/
pathType: ImplementationSpecific
backend:
service:
name: dify-plugin-daemon
port:
number: 5002
apps/infra/data/cloudnative-pg/cnpg17-cluster-hk.yaml
+3
查看文件
@@ -22,6 +22,9 @@ spec:
postgresql:
parameters:
archive_timeout: 30min
# 启用向量扩展
shared_preload_libraries:
- "vectors.so"
backup:
retentionPolicy: "7d"
barmanObjectStore:
apps/infra/data/postgresql-ha/configmap-pgpool-script.yaml
-15
查看文件
@@ -1,15 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: postgresql-ha-pgpool-script
namespace: infra-data
data:
latency_test.sh: |-
#!/bin/bash
install_packages ping
# 读取环境变量
nodes=$PGPOOL_BACKEND_NODES
echo $nodes
apps/infra/data/postgresql-ha/helmchart.yaml
-85
查看文件
@@ -1,85 +0,0 @@
apiVersion: helm.cattle.io/v1
kind: HelmChart
metadata:
name: postgresql-ha
namespace: infra-data
spec:
chart: oci://registry-1.docker.io/bitnamicharts/postgresql-ha
targetNamespace: infra-data
version: 14.3.1
valuesContent: |-
diagnosticMode:
enabled: false
postgresql:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: postgresql-ha
app.kubernetes.io/component: postgresql
topologyKey: kubernetes.io/hostname
weight: 1
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: postgresql-ha
app.kubernetes.io/component: postgresql
topologyKey: topology.kubernetes.io/region
weight: 1
tolerations:
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
image:
debug: true
username: rohow
password: L#GRtTR2QuL@20pm6+c~
postgresPassword: L#GRtTR2QuL@20pm6+c~
repmgrPassword: yAn0l2eiLw
pgpool:
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: postgresql-ha
app.kubernetes.io/component: pgpool
topologyKey: kubernetes.io/hostname
weight: 1
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: postgresql-ha
app.kubernetes.io/component: pgpool
topologyKey: topology.kubernetes.io/region
weight: 1
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- podAffinityTerm:
labelSelector:
matchLabels:
app.kubernetes.io/name: postgresql-ha
app.kubernetes.io/component: pgpool
topologyKey: kubernetes.io/hostname
weight: 1
tolerations:
- key: "node-role.kubernetes.io/control-plane"
operator: "Exists"
effect: "NoSchedule"
replicaCount: 1
containerSecurityContext:
runAsUser: 0
runAsGroup: 0
runAsNonRoot: false
readOnlyRootFilesystem: false
privileged: true
allowPrivilegeEscalation: true
image:
debug: true
adminPassword: wc8FVC55JX
volumePermissions:
enabled: true
apps/infra/data/postgresql-ha/loadbalancer.yaml
-15
查看文件
@@ -1,15 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: postgresql-ha-lb
namespace: infra-data
spec:
selector:
app.kubernetes.io/instance: postgresql-ha
app.kubernetes.io/name: postgresql-ha
app.kubernetes.io/component: pgpool
ports:
- protocol: TCP
port: 65432
targetPort: 5432
type: LoadBalancer
apps/infra/devops/gitea/helmchart.yaml
+1 -1
查看文件
@@ -36,7 +36,7 @@ spec:
postgresql-ha:
enabled: false
image:
tag: 1.23.7
tag: 1.23.8
ingress:
enabled: true
className: nginx
apps/infra/monitor/prometheus/helmchart.yaml
+1 -1
查看文件
@@ -7,7 +7,7 @@ spec:
repo: https://prometheus-community.github.io/helm-charts
chart: kube-prometheus-stack
targetNamespace: infra-monitor
version: 72.0.1
version: 72.6.3
valuesContent: |-
kubeControllerManager:
enabled: false
apps/infra/net/nginx/helmchart.yaml
+6 -6
查看文件
@@ -35,6 +35,9 @@ spec:
ssl-redirect: "true"
# 自定义错误页面
custom-http-errors: "403,404,502,503"
# 全局限速配置
limit-req-status-code: "429"
limit-conn-status-code: "429"
http-snippet: |
# lua插件配置
lua_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
@@ -43,15 +46,12 @@ spec:
proxy_cache_key $uri$is_args$args;
proxy_cache_lock on;
proxy_cache_use_stale updating;
# 限速配置
limit_req_zone $binary_remote_addr zone=global_limit:10m rate=10r/s;
# 全局限速配置
limit_req_zone $binary_remote_addr zone=global_limit:20m rate=20r/s;
limit_req zone=global_limit burst=50 nodelay;
server-snippet: |
# dns配置 配置在http块下会出现重复配置 所以配置在server块下
resolver 169.254.20.10 10.43.0.10 ipv6=off;
location-snippet: |
# 限速配置
limit_req zone=global_limit burst=30 nodelay;
limit_req_status 429;
# 启用geoip2模块
use-geoip: "false"
use-geoip2: "true"