pieced/pieced-threema-gateway-public
Public Access
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: pieced:v0.1.2
Branches Tags
pieced:main
pieced:v0.1.8 pieced:v0.1.7 pieced:v0.1.6 pieced:v0.1.5 pieced:v0.1.4 pieced:v0.1.3 pieced:v0.1.2 pieced:v0.1.1
..
compare: pieced:v0.1.5
Branches Tags
pieced:main
pieced:v0.1.8 pieced:v0.1.7 pieced:v0.1.6 pieced:v0.1.5 pieced:v0.1.4 pieced:v0.1.3 pieced:v0.1.2 pieced:v0.1.1

3 Commits
v0.1.2 ... v0.1.5

Author SHA1 Message Date
pieced-ci
b5abc5958f Sync chart from pieced-threema-gateway 0.1.5 2026-05-17 08:19:18 +00:00
pieced-ci
458fbdac9d Sync chart from pieced-threema-gateway 0.1.4 2026-05-17 07:55:13 +00:00
pieced-ci
4a7058fd1e Sync chart from pieced-threema-gateway 0.1.3 2026-05-16 21:40:40 +00:00
4 changed files with 27 additions and 6 deletions
Expand all files Collapse all files

4
deploy/helm/pieced-threema-gateway/Chart.yaml
View File

@@ -2,5 +2,5 @@ apiVersion: v2
name: pieced-threema-gateway name: pieced-threema-gateway
description: PieCed IT central Threema Gateway relay description: PieCed IT central Threema Gateway relay
type: application type: application
version: 0.1.2 version: 0.1.5
appVersion: "0.1.2" appVersion: "0.1.5"

4
deploy/helm/pieced-threema-gateway/templates/deployment.yaml
View File

@@ -17,6 +17,10 @@ spec:
app.kubernetes.io/name: pieced-threema-gateway app.kubernetes.io/name: pieced-threema-gateway
spec: spec:
serviceAccountName: pieced-threema-gateway serviceAccountName: pieced-threema-gateway
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers: containers:
- name: relay - name: relay
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"

11
deploy/helm/pieced-threema-gateway/templates/networkpolicy.yaml
View File

@@ -68,10 +68,17 @@ spec:
- ports: - ports:
- port: "443" - port: "443"
protocol: TCP protocol: TCP
# Postgres (same namespace) # Postgres (same namespace).
#
# We match on the namespace label rather than `cnpg.io/cluster`
# because that CNPG label is not in Cilium's default identity-relevant
# label set in most installations — pods labelled that way still get a
# generic Cilium identity, so a matchLabels on it won't match anything.
# Restricting to port 5432 + same namespace is safe: the only thing
# listening on 5432 in this namespace is CNPG.
- toEndpoints: - toEndpoints:
- matchLabels: - matchLabels:
"cnpg.io/cluster": "pieced-threema-gateway-db" "k8s:io.kubernetes.pod.namespace": {{ .Values.namespace | quote }}
toPorts: toPorts:
- ports: - ports:
- port: "5432" - port: "5432"

14
deploy/helm/pieced-threema-gateway/values.yaml
View File

@@ -6,9 +6,15 @@ namespace: threema-gateway
image: image:
repository: registry.c5ai.ch/pieced/pieced-threema-gateway repository: registry.c5ai.ch/pieced/pieced-threema-gateway
tag: "0.1.2" tag: "0.1.5"
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
# Pull from registry.c5ai.ch — matches operator + portal pattern.
# The Secret must already exist in the namespace (one-shot copy from
# pieced-system on initial bootstrap; see README).
imagePullSecrets:
- name: registry-creds
replicas: 1 replicas: 1
service: service:
@@ -33,7 +39,11 @@ postgres:
instances: 1 instances: 1
storage: storage:
size: 5Gi size: 5Gi
storageClass: longhorn-luks2 # Matches portal-db, litellm-pg, zitadel-pg, twenty-pg in pieced-gitops.
# The relay's `messages` log row payload is small (no message bodies,
# ~80 B per row), so 5Gi covers ~50 M messages — far beyond what a
# single tenant's billing window will need.
storageClass: longhorn
resources: resources:
requests: requests:
cpu: 100m cpu: 100m