wip commit

I've to go diner, wip commit to be achieved.

Makefile

@@ -308,3 +308,21 @@ start-tilt: ## start the kubernetes cluster using kind
 start-tilt-keycloak: ## start the kubernetes cluster using kind, without Pro Connect for authentication, use keycloak
 	DEV_ENV=dev-keycloak tilt up -f ./bin/Tiltfile
 .PHONY: build-k8s-cluster
+
+start-tilt-ngrok: ## start the kubernetes cluster using kind with ngrok
+	DEV_ENV=dev-ngrok tilt up -f ./bin/Tiltfile
+.PHONY: start-tilt-ngrok
+
+install-ngrok-ingress-controller:
+	@echo "Please provide the following information:"
+	@read -p "Enter your Kubernetes namespace: " NAMESPACE; \
+	read -p "Enter your Ngrok authtoken: " NGROK_AUTHTOKEN; \
+	read -p "Enter your Ngrok API key: " NGROK_API_KEY; \
+	echo "\nInstalling Ngrok Ingress Controller..."; \
+	helm install ngrok-ingress-controller ngrok/kubernetes-ingress-controller \
+		--namespace $$NAMESPACE \
+		--create-namespace \
+		--set credentials.apiKey=$$NGROK_API_KEY \
+		--set credentials.authtoken=$$NGROK_AUTHTOKEN
+.PHONY: install-ngrok-ingress-controller
+

src/helm/env.d/dev-ngrok/values.meet.yaml.gotmpl

@@ -0,0 +1,186 @@
+image:
+  repository: localhost:5001/meet-backend
+  pullPolicy: Always
+  tag: "latest"
+
+backend:
+  replicas: 1
+  envVars:
+    DJANGO_CSRF_TRUSTED_ORIGINS: https://meet.127.0.0.1.nip.io,http://meet.127.0.0.1.nip.io
+    DJANGO_CONFIGURATION: Production
+    DJANGO_ALLOWED_HOSTS: meet.127.0.0.1.nip.io,closing-moral-oarfish.ngrok-free.app
+    DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }}
+    DJANGO_SETTINGS_MODULE: meet.settings
+    DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008
+    DJANGO_SUPERUSER_PASSWORD: admin
+    DJANGO_EMAIL_HOST: "mailcatcher"
+    DJANGO_EMAIL_PORT: 1025
+    DJANGO_EMAIL_USE_SSL: False
+    OIDC_OP_JWKS_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/jwks
+    OIDC_OP_AUTHORIZATION_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/authorize
+    OIDC_OP_TOKEN_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/token
+    OIDC_OP_USER_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/userinfo
+    OIDC_OP_LOGOUT_ENDPOINT: https://fca.integ01.dev-agentconnect.fr/api/v2/session/end
+    OIDC_RP_CLIENT_ID: {{ .Values.oidc.clientId }}
+    OIDC_RP_CLIENT_SECRET: {{ .Values.oidc.clientSecret }}
+    OIDC_RP_SIGN_ALGO: RS256
+    OIDC_RP_SCOPES: "openid email given_name usual_name"
+    OIDC_REDIRECT_ALLOWED_HOSTS: https://meet.127.0.0.1.nip.io
+    OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
+    LOGIN_REDIRECT_URL: https://closing-moral-oarfish.ngrok-free.app
+    LOGIN_REDIRECT_URL_FAILURE: https://closing-moral-oarfish.ngrok-free.app
+    LOGOUT_REDIRECT_URL: https://closing-moral-oarfish.ngrok-free.app
+    DB_HOST: postgres-postgresql
+    DB_NAME: meet
+    DB_USER: dinum
+    DB_PASSWORD: pass
+    DB_PORT: 5432
+    POSTGRES_DB: meet
+    POSTGRES_USER: dinum
+    POSTGRES_PASSWORD: pass
+    REDIS_URL: redis://default:pass@redis-master:6379/1
+    STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
+    {{- with .Values.livekit.keys }}
+    {{- range $key, $value := . }}
+    LIVEKIT_API_SECRET: {{ $value }}
+    LIVEKIT_API_KEY: {{ $key }}
+    {{- end }}
+    {{- end }}
+    LIVEKIT_API_URL: https://livekit.127.0.0.1.nip.io/
+    ALLOW_UNREGISTERED_ROOMS: False
+    FRONTEND_SILENCE_LIVEKIT_DEBUG: False
+    FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
+    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_SECRET_ACCESS_KEY: password
+    AWS_STORAGE_BUCKET_NAME: meet-media-storage
+    AWS_S3_REGION_NAME: local
+    RECORDING_ENABLE: True
+    RECORDING_VERIFY_SSL: False
+    RECORDING_STORAGE_EVENT_ENABLE: True
+    RECORDING_STORAGE_EVENT_TOKEN: password
+    SUMMARY_SERVICE_ENDPOINT: http://meet-summary:80/api/v1/tasks/
+    SUMMARY_SERVICE_API_TOKEN: password
+
+
+  migrate:
+    command:
+      - "/bin/sh"
+      - "-c"
+      - |
+        python manage.py migrate --no-input &&
+        python manage.py create_demo --force
+    restartPolicy: Never
+
+  command:
+    - "gunicorn"
+    - "-c"
+    - "/usr/local/etc/gunicorn/meet.py"
+    - "meet.wsgi:application"
+    - "--reload"
+
+  createsuperuser:
+    command:
+      - "/bin/sh"
+      - "-c"
+      - |
+        python manage.py createsuperuser --email [email protected] --password admin
+    restartPolicy: Never
+
+frontend:
+  envVars:
+    VITE_PORT: 8080
+    VITE_HOST: 0.0.0.0
+    VITE_API_BASE_URL: https://closing-moral-oarfish.ngrok-free.app/
+
+  replicas: 1
+
+  image:
+    repository: localhost:5001/meet-frontend
+    pullPolicy: Always
+    tag: "latest"
+
+ingress:
+  enabled: true
+  host: meet.127.0.0.1.nip.io
+
+ingressAdmin:
+  enabled: true
+  host: meet.127.0.0.1.nip.io
+
+posthog:
+  ingress:
+    enabled: false
+
+  ingressAssets:
+    enabled: false
+
+summary:
+  replicas: 1
+  envVars:
+    APP_NAME: summary-microservice
+    APP_API_TOKEN: password
+    AWS_STORAGE_BUCKET_NAME: meet-media-storage
+    AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_SECRET_ACCESS_KEY: password
+    OPENAI_API_KEY: password
+    OPENAI_BASE_URL: https://albertine.beta.numerique.gouv.fr/v1
+    OPENAI_ASR_MODEL: openai/whisper-large-v3
+    OPENAI_LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct
+    AWS_S3_SECURE_ACCESS: False
+    WEBHOOK_API_TOKEN: password
+    WEBHOOK_URL: https://www.mock-impress.com/webhook/
+    CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1
+    CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1
+
+  image:
+    repository: localhost:5001/meet-summary
+    pullPolicy: Always
+    tag: "latest"
+
+  command:
+    - "uvicorn"
+    - "summary.main:app"
+    - "--host"
+    - "0.0.0.0"
+    - "--port"
+    - "8000"
+    - "--reload"
+
+celery:
+  replicas: 1
+  envVars:
+    APP_NAME: summary-microservice
+    APP_API_TOKEN: password
+    AWS_STORAGE_BUCKET_NAME: meet-media-storage
+    AWS_S3_ENDPOINT_URL: minio.meet.svc.cluster.local:9000
+    AWS_S3_ACCESS_KEY_ID: meet
+    AWS_S3_SECRET_ACCESS_KEY: password
+    OPENAI_API_KEY: password
+    OPENAI_BASE_URL: https://albertine.beta.numerique.gouv.fr/v1
+    OPENAI_ASR_MODEL: openai/whisper-large-v3
+    OPENAI_LLM_MODEL: meta-llama/Llama-3.1-8B-Instruct
+    AWS_S3_SECURE_ACCESS: False
+    WEBHOOK_API_TOKEN: password
+    WEBHOOK_URL: https://www.mock-impress.com/webhook/
+    CELERY_BROKER_URL: redis://default:pass@redis-master:6379/1
+    CELERY_RESULT_BACKEND: redis://default:pass@redis-master:6379/1
+
+  image:
+    repository: localhost:5001/meet-summary
+    pullPolicy: Always
+    tag: "latest"
+
+  command:
+    - "celery"
+    - "-A"
+    - "summary.core.celery_worker"
+    - "worker"
+    - "--pool=solo"
+    - "--loglevel=info"
+
+ingressNgrok
+  enabled: true
+  className: ngrok
+  host: closing-moral-oarfish.ngrok-free.app

src/helm/env.d/dev/values.meet.yaml.gotmpl

@@ -6,9 +6,9 @@ image:
 backend:
   replicas: 1
   envVars:
-    DJANGO_CSRF_TRUSTED_ORIGINS: https://meet.127.0.0.1.nip.io,http://meet.127.0.0.1.nip.io
+    DJANGO_CSRF_TRUSTED_ORIGINS: https://closing-moral-oarfish.ngrok-free.app,http://closing-moral-oarfish.ngrok-free.app
     DJANGO_CONFIGURATION: Production
-    DJANGO_ALLOWED_HOSTS: meet.127.0.0.1.nip.io
+    DJANGO_ALLOWED_HOSTS: closing-moral-oarfish.ngrok-free.app
     DJANGO_SECRET_KEY: {{ .Values.djangoSecretKey }}
     DJANGO_SETTINGS_MODULE: meet.settings
     DJANGO_SILENCED_SYSTEM_CHECKS: security.W004, security.W008
@@ -27,9 +27,9 @@ backend:
     OIDC_RP_SCOPES: "openid email given_name usual_name"
     OIDC_REDIRECT_ALLOWED_HOSTS: https://meet.127.0.0.1.nip.io
     OIDC_AUTH_REQUEST_EXTRA_PARAMS: "{'acr_values': 'eidas1'}"
-    LOGIN_REDIRECT_URL: https://meet.127.0.0.1.nip.io
-    LOGIN_REDIRECT_URL_FAILURE: https://meet.127.0.0.1.nip.io
-    LOGOUT_REDIRECT_URL: https://meet.127.0.0.1.nip.io
+    LOGIN_REDIRECT_URL: https://closing-moral-oarfish.ngrok-free.app
+    LOGIN_REDIRECT_URL_FAILURE: https://closing-moral-oarfish.ngrok-free.app
+    LOGOUT_REDIRECT_URL: https://closing-moral-oarfish.ngrok-free.app
     DB_HOST: postgres-postgresql
     DB_NAME: meet
     DB_USER: dinum
@@ -40,20 +40,34 @@ backend:
     POSTGRES_PASSWORD: pass
     REDIS_URL: redis://default:pass@redis-master:6379/1
     STORAGES_STATICFILES_BACKEND: django.contrib.staticfiles.storage.StaticFilesStorage
-    {{- with .Values.livekit.keys }}
-    {{- range $key, $value := . }}
-    LIVEKIT_API_SECRET: {{ $value }}
-    LIVEKIT_API_KEY: {{ $key }}
-    {{- end }}
-    {{- end }}
-    LIVEKIT_API_URL: https://livekit.127.0.0.1.nip.io/
+    LIVEKIT_API_SECRET:
+      secretKeyRef:
+        name: backend
+        key: LIVEKIT_API_SECRET
+    LIVEKIT_API_KEY:
+      secretKeyRef:
+        name: backend
+        key: LIVEKIT_API_KEY
+    LIVEKIT_API_URL: https://livekit-staging.beta.numerique.gouv.fr
     ALLOW_UNREGISTERED_ROOMS: False
     FRONTEND_SILENCE_LIVEKIT_DEBUG: False
     FRONTEND_SUPPORT: "{'id': '58ea6697-8eba-4492-bc59-ad6562585041'}"
-    AWS_S3_ENDPOINT_URL: http://minio.meet.svc.cluster.local:9000
-    AWS_S3_ACCESS_KEY_ID: meet
-    AWS_S3_SECRET_ACCESS_KEY: password
-    AWS_STORAGE_BUCKET_NAME: meet-media-storage
+        AWS_S3_ENDPOINT_URL:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: url
+    AWS_S3_ACCESS_KEY_ID:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: accessKey
+    AWS_S3_SECRET_ACCESS_KEY:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: secretKey
+    AWS_STORAGE_BUCKET_NAME:
+      secretKeyRef:
+        name: meet-media-storage.bucket.libre.sh
+        key: bucket
     AWS_S3_REGION_NAME: local
     RECORDING_ENABLE: True
     RECORDING_VERIFY_SSL: False
@@ -91,7 +105,7 @@ frontend:
   envVars:
     VITE_PORT: 8080
     VITE_HOST: 0.0.0.0
-    VITE_API_BASE_URL: https://meet.127.0.0.1.nip.io/
+    VITE_API_BASE_URL: https://closing-moral-oarfish.ngrok-free.app/
 
   replicas: 1
 

src/helm/helmfile.yaml

@@ -3,6 +3,12 @@ environments:
     values:
       - version: 0.0.1
       - env.d/{{ .Environment.Name }}/values.secrets.yaml
+  dev-ngrok:
+    values:
+      - version: 0.0.1
+      - env.d/{{ .Environment.Name }}/values.secrets.yaml
+    secrets:
+      - env.d/{{ .Environment.Name }}/secrets.enc.yaml
   dev:
     values:
       - version: 0.0.1
@@ -33,6 +39,8 @@ repositories:
   oci: true
 - name: livekit
   url: https://helm.livekit.io
+- name: ngrok
+  url: https://charts.ngrok.com
 
 releases:
   - name: postgres
@@ -91,7 +99,7 @@ releases:
 {{ readFile "../../docker/auth/realm.json" | replace "http://localhost:3200" "https://meet.127.0.0.1.nip.io" | indent 14 }}
 
   - name: minio
-    installed: {{ regexMatch "^dev.*" .Environment.Name | toYaml }}
+    installed: {{ regexMatch "^dev(?!.*ngrok).*" .Environment.Name | toYaml }}
     namespace: {{ .Namespace }}
     missingFileHandler: Warn
     chart: bitnami/minio
@@ -157,7 +165,7 @@ releases:
       - env.d/{{ .Environment.Name }}/secrets.enc.yaml
 
   - name: livekit
-    installed: {{ regexMatch "^dev.*" .Environment.Name | toYaml }}
+    installed: {{ regexMatch "^dev(?!.*ngrok).*" .Environment.Name | toYaml }}
     missingFileHandler: Warn
     namespace: {{ .Namespace }}
     chart: livekit/livekit-server
@@ -168,7 +176,7 @@ releases:
       - env.d/{{ .Environment.Name }}/secrets.enc.yaml
 
   - name: livekit-egress
-    installed: {{ regexMatch "^dev.*" .Environment.Name | toYaml }}
+    installed: {{ regexMatch "^dev(?!.*ngrok).*" .Environment.Name | toYaml }}
     missingFileHandler: Warn
     namespace: {{ .Namespace }}
     chart: livekit/egress

src/helm/meet/templates/_helpers.tpl

@@ -166,6 +166,15 @@ Requires top level scope
 {{ include "meet.fullname" . }}-posthog
 {{- end }}
 
+{{/*
+Full name for the Ngrok
+
+Requires top level scope
+*/}}
+{{- define "meet.ingressNgrok.fullname" -}}
+{{ include "meet.fullname" . }}-ngrok
+{{- end }}
+
 {{/*
 Full name for the summary