Initial commit - production deployment

2026-01-21 17:17:16 +01:00
commit c23d00dd92
2289 changed files with 638440 additions and 0 deletions
--- a/infrastructure/platform/nominatim/nominatim-helm/Chart.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/Chart.yaml
@@ -0,0 +1,19 @@
+apiVersion: v2
+name: nominatim
+description: A Helm chart for deploying Nominatim geocoding service for Bakery-IA
+type: application
+version: 0.1.0
+appVersion: "4.4"
+maintainers:
+  - name: Bakery-IA Team
+    email: devops@bakery-ia.com
+keywords:
+  - geocoding
+  - nominatim
+  - openstreetmap
+  - maps
+  - address
+home: https://nominatim.org/
+sources:
+  - https://github.com/mediagis/nominatim-docker
+  - https://hub.docker.com/r/mediagis/nominatim
--- a/infrastructure/platform/nominatim/nominatim-helm/dev/values.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/dev/values.yaml
@@ -0,0 +1,38 @@
+# Development values for Nominatim geocoding service
+# Disabled by default in dev to save resources
+
+# Use local registry image for development
+image:
+  repository: "localhost:5000/mediagis_nominatim_4.4"
+  tag: "latest"
+  pullPolicy: "IfNotPresent"
+
+# Disabled in dev (set to 0 replicas)
+replicaCount: 0
+
+# Init job disabled in dev
+initJob:
+  enabled: false
+
+# Lower resources for dev (when enabled)
+resources:
+  requests:
+    cpu: "500m"
+    memory: "1Gi"
+  limits:
+    cpu: "1"
+    memory: "2Gi"
+
+# Smaller PVCs for dev
+persistence:
+  data:
+    enabled: true
+    size: "10Gi"
+  flatnode:
+    enabled: true
+    size: "5Gi"
+
+# Development annotations
+podAnnotations:
+  environment: "development"
+  managed-by: "helm"
--- a/infrastructure/platform/nominatim/nominatim-helm/prod/values.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/prod/values.yaml
@@ -0,0 +1,45 @@
+# Production values for Nominatim geocoding service
+# Full configuration for production deployment
+
+# Use official Docker Hub image for production
+image:
+  repository: "mediagis/nominatim"
+  tag: "4.4"
+  pullPolicy: "IfNotPresent"
+
+# Single replica for production (can be scaled if needed)
+replicaCount: 1
+
+# Init job enabled in production
+initJob:
+  enabled: true
+  resources:
+    requests:
+      cpu: "4"
+      memory: "8Gi"
+    limits:
+      cpu: "8"
+      memory: "16Gi"
+
+# Production resources
+resources:
+  requests:
+    cpu: "1"
+    memory: "2Gi"
+  limits:
+    cpu: "2"
+    memory: "4Gi"
+
+# Full-size PVCs for production
+persistence:
+  data:
+    enabled: true
+    size: "50Gi"
+  flatnode:
+    enabled: true
+    size: "20Gi"
+
+# Production annotations
+podAnnotations:
+  environment: "production"
+  managed-by: "helm"
--- a/infrastructure/platform/nominatim/nominatim-helm/templates/_helpers.tpl
+++ b/infrastructure/platform/nominatim/nominatim-helm/templates/_helpers.tpl
@@ -0,0 +1,87 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "nominatim.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "nominatim.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "nominatim.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "nominatim.labels" -}}
+helm.sh/chart: {{ include "nominatim.chart" . }}
+{{ include "nominatim.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
+
+{{/*
+Selector labels
+*/}}
+{{- define "nominatim.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "nominatim.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+app.kubernetes.io/component: geocoding
+app.kubernetes.io/part-of: bakery-ia
+{{- end -}}
+
+{{/*
+ConfigMap name
+*/}}
+{{- define "nominatim.configMapName" -}}
+{{- printf "%s-config" (include "nominatim.fullname" .) -}}
+{{- end -}}
+
+{{/*
+Service name
+*/}}
+{{- define "nominatim.serviceName" -}}
+{{- default (printf "%s-service" (include "nominatim.fullname" .)) .Values.service.name -}}
+{{- end -}}
+
+{{/*
+Data PVC name
+*/}}
+{{- define "nominatim.dataPvcName" -}}
+{{- printf "%s-data" (include "nominatim.fullname" .) -}}
+{{- end -}}
+
+{{/*
+Flatnode PVC name
+*/}}
+{{- define "nominatim.flatnodePvcName" -}}
+{{- printf "%s-flatnode" (include "nominatim.fullname" .) -}}
+{{- end -}}
+
+{{/*
+Init job name
+*/}}
+{{- define "nominatim.initJobName" -}}
+{{- printf "%s-init" (include "nominatim.fullname" .) -}}
+{{- end -}}
--- a/infrastructure/platform/nominatim/nominatim-helm/templates/configmap.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/templates/configmap.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "nominatim.configMapName" . }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    {{- include "nominatim.labels" . | nindent 4 }}
+data:
+  NOMINATIM_PBF_URL: {{ .Values.config.pbfUrl | quote }}
+  NOMINATIM_REPLICATION_URL: {{ .Values.config.replicationUrl | quote }}
+  NOMINATIM_IMPORT_STYLE: {{ .Values.config.importStyle | quote }}
+  NOMINATIM_THREADS: {{ .Values.config.threads | quote }}
+  NOMINATIM_FLATNODE_FILE: {{ .Values.config.flatnodeFile | quote }}
--- a/infrastructure/platform/nominatim/nominatim-helm/templates/init-job.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/templates/init-job.yaml
@@ -0,0 +1,80 @@
+{{- if .Values.initJob.enabled }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "nominatim.initJobName" . }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    {{- include "nominatim.labels" . | nindent 4 }}
+    app.kubernetes.io/component: data-init
+spec:
+  ttlSecondsAfterFinished: {{ .Values.initJob.ttlSecondsAfterFinished }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: {{ include "nominatim.initJobName" . }}
+        app.kubernetes.io/component: data-init
+    spec:
+      restartPolicy: OnFailure
+      containers:
+      - name: nominatim-import
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        command:
+        - sh
+        - -c
+        - |
+          set -e
+          echo "Checking if Nominatim database is already initialized..."
+
+          if psql -lqt | cut -d \| -f 1 | grep -qw nominatim; then
+            echo "Nominatim database already exists. Skipping import."
+            exit 0
+          fi
+
+          echo "Downloading Spain OSM data..."
+          wget -O /tmp/spain-latest.osm.pbf "${NOMINATIM_PBF_URL}"
+
+          echo "Importing OSM data into Nominatim (this may take 30-60 minutes)..."
+          nominatim import --osm-file /tmp/spain-latest.osm.pbf
+
+          echo "Building search indices..."
+          nominatim refresh --website --importance
+
+          echo "Nominatim initialization complete!"
+        volumeMounts:
+        - name: nominatim-data
+          mountPath: /var/lib/postgresql
+        - name: nominatim-flatnode
+          mountPath: /nominatim-flatnode
+        env:
+        - name: NOMINATIM_PBF_URL
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_PBF_URL
+        - name: NOMINATIM_IMPORT_STYLE
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_IMPORT_STYLE
+        - name: NOMINATIM_THREADS
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_THREADS
+        - name: NOMINATIM_FLATNODE_FILE
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_FLATNODE_FILE
+        resources:
+          {{- toYaml .Values.initJob.resources | nindent 10 }}
+      volumes:
+      - name: nominatim-data
+        persistentVolumeClaim:
+          claimName: {{ include "nominatim.dataPvcName" . }}
+      - name: nominatim-flatnode
+        persistentVolumeClaim:
+          claimName: {{ include "nominatim.flatnodePvcName" . }}
+{{- end }}
--- a/infrastructure/platform/nominatim/nominatim-helm/templates/pvc.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/templates/pvc.yaml
@@ -0,0 +1,37 @@
+{{- if .Values.persistence.data.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "nominatim.dataPvcName" . }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    {{- include "nominatim.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.data.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.data.size }}
+  {{- if .Values.persistence.data.storageClassName }}
+  storageClassName: {{ .Values.persistence.data.storageClassName }}
+  {{- end }}
+{{- end }}
+---
+{{- if .Values.persistence.flatnode.enabled }}
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: {{ include "nominatim.flatnodePvcName" . }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    {{- include "nominatim.labels" . | nindent 4 }}
+spec:
+  accessModes:
+    - {{ .Values.persistence.flatnode.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.flatnode.size }}
+  {{- if .Values.persistence.flatnode.storageClassName }}
+  storageClassName: {{ .Values.persistence.flatnode.storageClassName }}
+  {{- end }}
+{{- end }}
--- a/infrastructure/platform/nominatim/nominatim-helm/templates/service.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/templates/service.yaml
@@ -0,0 +1,20 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "nominatim.serviceName" . }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    {{- include "nominatim.labels" . | nindent 4 }}
+  {{- with .Values.serviceAnnotations }}
+  annotations:
+    {{- toYaml . | nindent 4 }}
+  {{- end }}
+spec:
+  selector:
+    {{- include "nominatim.selectorLabels" . | nindent 4 }}
+  ports:
+  - port: {{ .Values.service.port }}
+    targetPort: {{ .Values.service.port }}
+    protocol: TCP
+    name: http
+  type: {{ .Values.service.type }}
--- a/infrastructure/platform/nominatim/nominatim-helm/templates/statefulset.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/templates/statefulset.yaml
@@ -0,0 +1,113 @@
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+  name: {{ include "nominatim.fullname" . }}
+  namespace: {{ .Values.global.namespace }}
+  labels:
+    {{- include "nominatim.labels" . | nindent 4 }}
+spec:
+  serviceName: {{ include "nominatim.serviceName" . }}
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      {{- include "nominatim.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{- include "nominatim.selectorLabels" . | nindent 8 }}
+      {{- with .Values.podAnnotations }}
+      annotations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+    spec:
+      {{- with .Values.podSecurityContext }}
+      securityContext:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      containers:
+      - name: nominatim
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        {{- with .Values.securityContext }}
+        securityContext:
+          {{- toYaml . | nindent 10 }}
+        {{- end }}
+        ports:
+        - containerPort: {{ .Values.service.port }}
+          name: http
+        volumeMounts:
+        - name: nominatim-data
+          mountPath: /var/lib/postgresql
+        - name: nominatim-flatnode
+          mountPath: /nominatim-flatnode
+        env:
+        - name: NOMINATIM_PBF_URL
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_PBF_URL
+        - name: NOMINATIM_REPLICATION_URL
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_REPLICATION_URL
+        - name: NOMINATIM_IMPORT_STYLE
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_IMPORT_STYLE
+        - name: NOMINATIM_THREADS
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_THREADS
+        - name: NOMINATIM_FLATNODE_FILE
+          valueFrom:
+            configMapKeyRef:
+              name: {{ include "nominatim.configMapName" . }}
+              key: NOMINATIM_FLATNODE_FILE
+        {{- range $key, $value := .Values.env }}
+        - name: {{ $key }}
+          value: {{ $value | quote }}
+        {{- end }}
+        resources:
+          {{- toYaml .Values.resources | nindent 10 }}
+        {{- if .Values.probes.liveness.enabled }}
+        livenessProbe:
+          httpGet:
+            path: {{ .Values.probes.liveness.path }}
+            port: {{ .Values.probes.liveness.port }}
+          initialDelaySeconds: {{ .Values.probes.liveness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.probes.liveness.periodSeconds }}
+          timeoutSeconds: {{ .Values.probes.liveness.timeoutSeconds }}
+          failureThreshold: {{ .Values.probes.liveness.failureThreshold }}
+        {{- end }}
+        {{- if .Values.probes.readiness.enabled }}
+        readinessProbe:
+          httpGet:
+            path: {{ .Values.probes.readiness.path }}
+            port: {{ .Values.probes.readiness.port }}
+          initialDelaySeconds: {{ .Values.probes.readiness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.probes.readiness.periodSeconds }}
+          timeoutSeconds: {{ .Values.probes.readiness.timeoutSeconds }}
+          failureThreshold: {{ .Values.probes.readiness.failureThreshold }}
+        {{- end }}
+      volumes:
+      - name: nominatim-data
+        persistentVolumeClaim:
+          claimName: {{ include "nominatim.dataPvcName" . }}
+      - name: nominatim-flatnode
+        persistentVolumeClaim:
+          claimName: {{ include "nominatim.flatnodePvcName" . }}
+      {{- with .Values.nodeSelector }}
+      nodeSelector:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.affinity }}
+      affinity:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
+      {{- with .Values.tolerations }}
+      tolerations:
+        {{- toYaml . | nindent 8 }}
+      {{- end }}
--- a/infrastructure/platform/nominatim/nominatim-helm/values.yaml
+++ b/infrastructure/platform/nominatim/nominatim-helm/values.yaml
@@ -0,0 +1,113 @@
+# Default values for Nominatim geocoding service
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+# Global settings
+global:
+  namespace: "bakery-ia"
+
+# Nominatim image configuration
+image:
+  repository: "mediagis/nominatim"
+  tag: "4.4"
+  pullPolicy: "IfNotPresent"
+
+# StatefulSet configuration
+replicaCount: 1
+
+# Nominatim configuration
+config:
+  # Spain OSM data source
+  pbfUrl: "http://download.geofabrik.de/europe/spain-latest.osm.pbf"
+  # Updates replication source
+  replicationUrl: "https://download.geofabrik.de/europe/spain-updates"
+  # Import style (address for geocoding-focused usage)
+  importStyle: "address"
+  # Number of threads for indexing
+  threads: "4"
+  # Flatnode file path
+  flatnodeFile: "/nominatim-flatnode/flatnode.bin"
+
+# Service configuration
+service:
+  type: "ClusterIP"
+  port: 8080
+  name: "nominatim-service"
+
+# Resource limits and requests for main service
+resources:
+  requests:
+    cpu: "1"
+    memory: "2Gi"
+  limits:
+    cpu: "2"
+    memory: "4Gi"
+
+# Init job resource limits (higher for initial import)
+initJob:
+  enabled: true
+  resources:
+    requests:
+      cpu: "4"
+      memory: "8Gi"
+    limits:
+      cpu: "8"
+      memory: "16Gi"
+  # Time to keep job after completion (86400 = 1 day)
+  ttlSecondsAfterFinished: 86400
+
+# Persistent Volume Claims
+persistence:
+  data:
+    enabled: true
+    size: "50Gi"
+    accessMode: "ReadWriteOnce"
+    # storageClassName: "" # Use default storage class
+  flatnode:
+    enabled: true
+    size: "20Gi"
+    accessMode: "ReadWriteOnce"
+    # storageClassName: "" # Use default storage class
+
+# Health probes configuration
+probes:
+  liveness:
+    enabled: true
+    path: "/status"
+    port: 8080
+    initialDelaySeconds: 120
+    periodSeconds: 30
+    timeoutSeconds: 10
+    failureThreshold: 3
+  readiness:
+    enabled: true
+    path: "/status"
+    port: 8080
+    initialDelaySeconds: 60
+    periodSeconds: 10
+    timeoutSeconds: 5
+    failureThreshold: 5
+
+# Additional environment variables
+env: {}
+
+# Node selector
+nodeSelector: {}
+
+# Tolerations
+tolerations: []
+
+# Affinity
+affinity: {}
+
+# Pod annotations
+podAnnotations: {}
+
+# Service annotations
+serviceAnnotations: {}
+
+# Pod security context
+podSecurityContext: {}
+
+# Container security context
+securityContext: {}