ryan/lunarfront-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
lunarfront-app/chart/templates/backend-deployment.yaml
ryan bc8613bbbc
All checks were successful
CI / ci (pull_request) Successful in 27s
Details
CI / e2e (pull_request) Successful in 1m0s
Details
feat: password reset flow with welcome emails 
- POST /auth/forgot-password with welcome/reset email templates
- POST /auth/reset-password with Zod validation, 4-hour tokens
- Per-email rate limiting (3/hr) via Valkey, no user enumeration
- Login page "Forgot password?" toggle with inline form
- /reset-password page for setting new password from email link
- Initial user seed sends welcome email instead of requiring password
- CLI script for force-resetting passwords via kubectl exec
- APP_URL env var in chart, removed INITIAL_USER_PASSWORD

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-05 17:09:23 +00:00

130 lines
4.2 KiB
YAML
Raw Permalink Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-backend
namespace: {{ .Release.Namespace }}
labels:
{{- include "lunarfront.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
app: {{ .Release.Name }}-backend
template:
metadata:
labels:
app: {{ .Release.Name }}-backend
spec:
imagePullSecrets:
{{- toYaml .Values.imagePullSecrets | nindent 8 }}
containers:
- name: backend
image: "{{ .Values.backend.image.repository }}:{{ .Values.backend.image.tag }}"
imagePullPolicy: {{ .Values.backend.image.pullPolicy }}
ports:
- containerPort: {{ .Values.backend.port }}
env:
- name: PORT
value: {{ .Values.backend.port | quote }}
- name: NODE_ENV
value: production
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: database-url
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: redis-url
- name: REDIS_KEY_PREFIX
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: redis-key-prefix
- name: SPACES_KEY
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: spaces-key
- name: SPACES_SECRET
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: spaces-secret
- name: SPACES_BUCKET
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: spaces-bucket
- name: SPACES_ENDPOINT
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: spaces-endpoint
- name: SPACES_PREFIX
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: spaces-prefix
- name: JWT_SECRET
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: jwt-secret
- name: ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: encryption-key
- name: RESEND_API_KEY
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: resend-api-key
- name: MAIL_FROM
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: mail-from
- name: BUSINESS_NAME
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: business-name
- name: APP_URL
value: "https://{{ .Values.ingress.host }}"
- name: INITIAL_USER_EMAIL
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: initial-user-email
optional: true
- name: INITIAL_USER_FIRST_NAME
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: initial-user-first-name
optional: true
- name: INITIAL_USER_LAST_NAME
valueFrom:
secretKeyRef:
name: lunarfront-secrets
key: initial-user-last-name
optional: true
livenessProbe:
httpGet:
path: /v1/health
port: {{ .Values.backend.port }}
initialDelaySeconds: 15
periodSeconds: 30
readinessProbe:
httpGet:
path: /v1/health
port: {{ .Values.backend.port }}
initialDelaySeconds: 5
periodSeconds: 10
resources:
{{- toYaml .Values.backend.resources | nindent 12 }}
Reference in New Issue View Git Blame Copy Permalink