Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-05-24 02:02:36 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add helm chart (#560)

Browse Source
This commit is contained in:
Zoe Roux 2024-09-30 12:15:19 +02:00 committed by GitHub
commit 1a28103e7b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
25 changed files with 1695 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -6,3 +6,5 @@
log.html
output.xml
report.html
chart/charts
chart/Chart.lock

23
chart/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

38
chart/Chart.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: v2
name: kyoo
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.0.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "4.7.0"
dependencies:
- condition: meilisearch.enabled
name: meilisearch
repository: https://meilisearch.github.io/meilisearch-kubernetes
version: 0.10.1
- condition: postgresql.enabled
name: postgresql
repository: https://charts.bitnami.com/bitnami
version: 15.5.34
- condition: rabbitmq.enabled
name: rabbitmq
repository: https://charts.bitnami.com/bitnami
version: 15.0.0

87
chart/README.md Normal file
View File

@ -0,0 +1,87 @@
# helm chart
# Recomendations
This helm chart includes subcharts for Meilisearch, Postgres, and RabbitMQ. Those resources should be managed outside of this Helm release.
## Postgres
Kyoo consists of multiple microservices. Best practice is for each microservice to use its own database. Kyoo workloads support best practices or sharing a single postgres database. Please see the `POSTGRES_SCHEMA` setting for additional information.
Strongly recomended to use a Kubernetes operator for managing Postgres.
## Storage
Kyoo currently uses storage volumes for media, backend-storage, and transcoder-storage. Media content tends to consume a large amount of space and Kubernetes storage interfaces tend to replicate across nodes. Consider hosting the data outside of Kubernetes or assigning one node to handle storage.
Storage for backend and transcoder will eventually be moved into a datastore application.
# Quickstart
Below provides an example for deploying Kyoo and its dependencies. This is a minimalist setup that is not intended for longterm use. This approach uses a single Postgres instance and initializes mutliple databases.
```sh
helm upgrade kyoo . --install --values myvalues.yaml
```
`myvaules.yaml` content
```yaml
kyoo:
address: https://kyoo.mydomain.com
meilisearch:
enabled: true
postgresql:
enabled: true
rabbitmq:
enabled: true
extraObjects:
- apiVersion: v1
kind: Secret
metadata:
name: bigsecret
type: Opaque
stringData:
#KYOO
# The following value should be set to a random sequence of characters.
# You MUST change it when installing kyoo (for security)
# You can input multiple api keys separated by a ,
kyoo_apikeys: yHXWGsjfjE6sy6UxavqmTUYxgCFYek
# Keep those empty to use kyoo's default api key. You can also specify a custom API key if you want.
# go to https://www.themoviedb.org/settings/api and copy the api key (not the read access token, the api key)
tmdb_apikey: ""
tvdb_apikey: ""
tvdb_pin: ""
#RESOURCES
# meilisearch does not allow mapping their key in yet.
MEILI_MASTER_KEY: barkLike8SuperDucks
postgres_user: kyoo_all
postgres_password: watchSomething4me
rabbitmq_user: kyoo_all
rabbitmq_password: youAreAmazing2
rabbitmq_cookie: mmmGoodCookie
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: back-storage
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "3Gi"
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: media
spec:
accessModes:
- "ReadOnlyMany"
resources:
requests:
storage: "3Gi"
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: transcoder-storage
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "3Gi"
```

72
chart/templates/_common.tpl Normal file
View File

@ -0,0 +1,72 @@
{{/*
Expand the name of the chart.
*/}}
{{- define "kyoo.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "kyoo.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "kyoo.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create Kyoo app version
*/}}
{{- define "kyoo.defaultTag" -}}
{{- default .Chart.AppVersion .Values.global.image.tag }}
{{- end -}}
{{/*
Return valid version label
*/}}
{{- define "kyoo.versionLabelValue" -}}
{{ regexReplaceAll "[^-A-Za-z0-9_.]" (include "kyoo.defaultTag" .) "-" | trunc 63 | trimAll "-" | trimAll "_" | trimAll "." | quote }}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "kyoo.labels" -}}
helm.sh/chart: {{ include "kyoo.chart" .context }}
{{ include "kyoo.selectorLabels" (dict "context" .context "component" .component "name" .name) }}
app.kubernetes.io/managed-by: {{ .context.Release.Service }}
app.kubernetes.io/part-of: kyoo
app.kubernetes.io/version: {{ include "kyoo.versionLabelValue" .context }}
{{- with .context.Values.global.additionalLabels }}
{{ toYaml . }}
{{- end }}
{{- end }}
{{/*
Selector labels
*/}}
{{- define "kyoo.selectorLabels" -}}
{{- if .name -}}
app.kubernetes.io/name: {{ include "kyoo.name" .context }}-{{ .name }}
{{ end -}}
app.kubernetes.io/instance: {{ .context.Release.Name }}
{{- if .component }}
app.kubernetes.io/component: {{ .component }}
{{- end }}
{{- end }}

114
chart/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,114 @@
{{/*
Create kyoo ingress name
*/}}
{{- define "kyoo.ingress.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) "ingress" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create kyoo autosync name
*/}}
{{- define "kyoo.autosync.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) .Values.autosync.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the autosync service account to use
*/}}
{{- define "kyoo.autosync.serviceAccountName" -}}
{{- if .Values.autosync.serviceAccount.create -}}
{{ default (include "kyoo.autosync.fullname" .) .Values.autosync.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.autosync.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create kyoo back name
*/}}
{{- define "kyoo.back.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) .Values.back.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the back service account to use
*/}}
{{- define "kyoo.back.serviceAccountName" -}}
{{- if .Values.back.serviceAccount.create -}}
{{ default (include "kyoo.back.fullname" .) .Values.back.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.back.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create kyoo front name
*/}}
{{- define "kyoo.front.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) .Values.front.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the front service account to use
*/}}
{{- define "kyoo.front.serviceAccountName" -}}
{{- if .Values.front.serviceAccount.create -}}
{{ default (include "kyoo.front.fullname" .) .Values.front.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.front.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create kyoo matcher name
*/}}
{{- define "kyoo.matcher.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) .Values.matcher.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the matcher service account to use
*/}}
{{- define "kyoo.matcher.serviceAccountName" -}}
{{- if .Values.matcher.serviceAccount.create -}}
{{ default (include "kyoo.matcher.fullname" .) .Values.matcher.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.matcher.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create kyoo scanner name
*/}}
{{- define "kyoo.scanner.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) .Values.scanner.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the scanner service account to use
*/}}
{{- define "kyoo.scanner.serviceAccountName" -}}
{{- if .Values.scanner.serviceAccount.create -}}
{{ default (include "kyoo.scanner.fullname" .) .Values.scanner.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.scanner.serviceAccount.name }}
{{- end -}}
{{- end -}}
{{/*
Create kyoo transcoder name
*/}}
{{- define "kyoo.transcoder.fullname" -}}
{{- printf "%s-%s" (include "kyoo.fullname" .) .Values.transcoder.name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create the name of the transcoder service account to use
*/}}
{{- define "kyoo.transcoder.serviceAccountName" -}}
{{- if .Values.transcoder.serviceAccount.create -}}
{{ default (include "kyoo.transcoder.fullname" .) .Values.transcoder.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.transcoder.serviceAccount.name }}
{{- end -}}
{{- end -}}

97
chart/templates/autosync/deployment.yaml Normal file
View File

@ -0,0 +1,97 @@
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.autosync.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.autosync.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.autosync.name "name" .Values.autosync.name) | nindent 4 }}
spec:
replicas: {{ .Values.autosync.replicaCount }}
selector:
matchLabels:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.autosync.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.autosync.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.autosync.name "name" .Values.autosync.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.autosync.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.autosync.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kyoo.autosync.serviceAccountName" . }}
containers:
- name: main
image: {{ .Values.autosync.kyoo_autosync.image.repository | default (printf "%s/kyoo_autosync" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.autosync.kyoo_autosync.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.autosync.kyoo_autosync.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: RABBITMQ_HOST
value: {{ .Values.global.rabbitmq.host }}
- name: RABBITMQ_PORT
value: "{{ .Values.global.rabbitmq.port }}"
- name: RABBITMQ_DEFAULT_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_autosync.userKey }}
name: {{ .Values.global.rabbitmq.kyoo_autosync.existingSecret }}
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_autosync.passwordKey }}
name: {{ .Values.global.rabbitmq.kyoo_autosync.existingSecret }}
{{- with (concat .Values.global.extraEnv .Values.autosync.kyoo_autosync.extraEnv) }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.autosync.kyoo_autosync.livenessProbe }}
livenessProbe:
{{- toYaml .Values.autosync.kyoo_autosync.livenessProbe | nindent 12 }}
{{- end }}
{{- with .Values.autosync.kyoo_autosync.readinessProbe }}
readinessProbe:
{{- toYaml .Values.autosync.kyoo_autosync.readinessProbe | nindent 12 }}
{{- end }}
{{- with .Values.autosync.kyoo_autosync.resources }}
resources:
{{- toYaml .Values.autosync.kyoo_autosync.resources | nindent 12 }}
{{- end }}
{{- with .Values.autosync.kyoo_autosync.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.autosync.kyoo_autosync.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.autosync.kyoo_autosync.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.autosync.extraInitContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.autosync.extraVolumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}

13
chart/templates/autosync/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.autosync.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.autosync.serviceAccount.automount }}
metadata:
name: {{ include "kyoo.autosync.serviceAccountName" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.autosync.name "name" .Values.autosync.name) | nindent 4 }}
{{- with .Values.autosync.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

195
chart/templates/back/deployment.yaml Normal file
View File

@ -0,0 +1,195 @@
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.back.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.back.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.back.name "name" .Values.back.name) | nindent 4 }}
spec:
replicas: {{ .Values.back.replicaCount }}
selector:
matchLabels:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.back.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.back.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.back.name "name" .Values.back.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.back.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.back.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kyoo.back.serviceAccountName" . }}
initContainers:
- name: migrations
image: {{ .Values.back.kyoo_migrations.image.repository | default (printf "%s/kyoo_migrations" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.back.kyoo_migrations.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.back.kyoo_migrations.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.userKey }}
name: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.existingSecret }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.passwordKey }}
name: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.existingSecret }}
- name: POSTGRES_DB
value: {{ .Values.global.postgres.kyoo_back.database }}
- name: POSTGRES_SERVER
value: {{ .Values.global.postgres.kyoo_back.host }}
- name: POSTGRES_PORT
value: "{{ .Values.global.postgres.kyoo_back.port }}"
{{- with .Values.back.extraInitContainers }}
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
containers:
- name: main
image: {{ .Values.back.kyoo_back.image.repository | default (printf "%s/kyoo_back" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.back.kyoo_back.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.back.kyoo_back.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: TRANSCODER_URL
value: http://{{ include "kyoo.transcoder.fullname" . }}:7666
- name: PUBLIC_URL
value: {{ .Values.kyoo.address }}
- name: REQUIRE_ACCOUNT_VERIFICATION
value: "{{ .Values.kyoo.requireAccountVerification }}"
- name: DEFAULT_PERMISSIONS
value: {{ .Values.kyoo.defaultPermissions }}
- name: UNLOGGED_PERMISSIONS
value: "{{ .Values.kyoo.unloggedPermissions }}"
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.apikey.apikeyKey }}
name: {{ .Values.kyoo.apikey.existingSecret }}
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.postgres.kyoo_back.kyoo_back.userKey }}
name: {{ .Values.global.postgres.kyoo_back.kyoo_back.existingSecret }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: {{ .Values.global.postgres.kyoo_back.kyoo_back.passwordKey }}
name: {{ .Values.global.postgres.kyoo_back.kyoo_back.existingSecret }}
- name: POSTGRES_DB
value: {{ .Values.global.postgres.kyoo_back.database }}
- name: POSTGRES_SERVER
value: {{ .Values.global.postgres.kyoo_back.host }}
- name: POSTGRES_PORT
value: "{{ .Values.global.postgres.kyoo_back.port }}"
- name: RABBITMQ_DEFAULT_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_back.userKey }}
name: {{ .Values.global.rabbitmq.kyoo_back.existingSecret }}
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_back.passwordKey }}
name: {{ .Values.global.rabbitmq.kyoo_back.existingSecret }}
- name: RABBITMQ_HOST
value: {{ .Values.global.rabbitmq.host }}
- name: RABBITMQ_PORT
value: "{{ .Values.global.rabbitmq.port }}"
- name: MEILI_HOST
value: "{{ .Values.global.meilisearch.proto }}://{{ .Values.global.meilisearch.host }}:{{ .Values.global.meilisearch.port }}"
- name: MEILI_MASTER_KEY
valueFrom:
secretKeyRef:
key: {{ .Values.global.meilisearch.kyoo_back.masterkeyKey }}
name: {{ .Values.global.meilisearch.kyoo_back.existingSecret }}
{{- if .Values.kyoo.oidc.enabled }}
- name: OIDC_SERVICE_NAME
value: {{ .Values.kyoo.oidc.name }}
- name: OIDC_SERVICE_LOGO
value: {{ .Values.kyoo.oidc.logo }}
- name: OIDC_SERVICE_CLIENTID
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.oidc.clientIdKey }}
name: {{ .Values.kyoo.oidc.existingSecret }}
- name: OIDC_SERVICE_SECRET
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.oidc.clientSecretKey }}
name: {{ .Values.kyoo.oidc.existingSecret }}
- name: OIDC_SERVICE_AUTHORIZATION
value: {{ .Values.kyoo.oidc.authorizationAddress }}
- name: OIDC_SERVICE_TOKEN
value: {{ .Values.kyoo.oidc.tokenAddress }}
- name: OIDC_SERVICE_PROFILE
value: {{ .Values.kyoo.oidc.profileAddress }}
- name: OIDC_SERVICE_SCOPE
value: {{ .Values.kyoo.oidc.scope }}
- name: OIDC_SERVICE_AUTHMETHOD
value: {{ .Values.kyoo.oidc.authMethod }}
{{- end }}
{{- with (concat .Values.global.extraEnv .Values.back.kyoo_back.extraEnv) }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: main
containerPort: 5000
protocol: TCP
{{- with .Values.back.kyoo_back.livenessProbe }}
livenessProbe:
{{- toYaml .Values.back.kyoo_back.livenessProbe | nindent 12 }}
{{- end }}
{{- with .Values.back.kyoo_back.readinessProbe }}
readinessProbe:
{{- toYaml .Values.back.kyoo_back.readinessProbe | nindent 12 }}
{{- end }}
{{- with .Values.back.kyoo_back.resources }}
resources:
{{- toYaml .Values.back.kyoo_back.resources | nindent 12 }}
{{- end }}
{{- with .Values.back.kyoo_back.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- with .Values.back.kyoo_back.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.back.kyoo_back.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.back.kyoo_back.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
volumes:
{{- with .Values.back.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.back.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}

24
chart/templates/back/service.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
{{- if .Values.back.service.annotations }}
annotations:
{{- range $key, $value := .Values.back.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.back.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.back.name "name" .Values.back.name) | nindent 4 }}
{{- with .Values.back.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.back.service.type }}
ports:
- port: 5000
targetPort: 5000
protocol: TCP
name: main
selector:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.back.name) | nindent 4 }}

13
chart/templates/back/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.back.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.back.serviceAccount.automount }}
metadata:
name: {{ include "kyoo.back.serviceAccountName" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.back.name "name" .Values.back.name) | nindent 4 }}
{{- with .Values.back.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

8
chart/templates/extra-manifests.yaml Normal file
View File

@ -0,0 +1,8 @@
{{ range .Values.extraObjects }}
---
{{ if typeIs "string" . }}
{{- tpl . $ }}
{{- else }}
{{- tpl (toYaml .) $ }}
{{- end }}
{{ end }}

89
chart/templates/front/deployment.yaml Normal file
View File

@ -0,0 +1,89 @@
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.front.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.front.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.front.name "name" .Values.front.name) | nindent 4 }}
spec:
replicas: {{ .Values.front.replicaCount }}
selector:
matchLabels:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.front.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.front.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.front.name "name" .Values.front.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.front.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.front.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kyoo.front.serviceAccountName" . }}
containers:
- name: main
image: {{ .Values.front.kyoo_front.image.repository | default (printf "%s/kyoo_front" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.front.kyoo_front.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.front.kyoo_front.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: KYOO_URL
value: http://{{ include "kyoo.back.fullname" . }}:5000
{{- with (concat .Values.global.extraEnv .Values.front.kyoo_front.extraEnv) }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: main
containerPort: 8901
protocol: TCP
{{- with .Values.front.kyoo_front.livenessProbe }}
livenessProbe:
{{- toYaml .Values.front.kyoo_front.livenessProbe | nindent 12 }}
{{- end }}
{{- with .Values.front.kyoo_front.readinessProbe }}
readinessProbe:
{{- toYaml .Values.front.kyoo_front.readinessProbe | nindent 12 }}
{{- end }}
{{- with .Values.front.kyoo_front.resources }}
resources:
{{- toYaml .Values.front.kyoo_front.resources | nindent 12 }}
{{- end }}
{{- with .Values.front.kyoo_front.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.front.kyoo_front.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.front.kyoo_front.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.front.extraInitContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.front.extraVolumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}

24
chart/templates/front/service.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
{{- if .Values.front.service.annotations }}
annotations:
{{- range $key, $value := .Values.front.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.front.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.front.name "name" .Values.front.name) | nindent 4 }}
{{- with .Values.front.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.front.service.type }}
ports:
- port: 8901
targetPort: 8901
protocol: TCP
name: main
selector:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.front.name) | nindent 4 }}

13
chart/templates/front/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.front.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.front.serviceAccount.automount }}
metadata:
name: {{ include "kyoo.front.serviceAccountName" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.front.name "name" .Values.front.name) | nindent 4 }}
{{- with .Values.front.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

43
chart/templates/ingress.yaml Normal file
View File

@ -0,0 +1,43 @@
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ include "kyoo.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" "ingress" "name" "ingress") | nindent 4 }}
annotations:
{{- range $key, $value := .Values.ingress.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- range $key, $value := .Values.ingress.extraAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
{{- if .Values.ingress.ingressClassName }}
ingressClassName: {{ .Values.ingress.ingressClassName }}
{{- end }}
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: "/"
pathType: Prefix
backend:
service:
name: {{ include "kyoo.front.fullname" . }}
port:
number: 8901
- path: "/api"
pathType: Prefix
backend:
service:
name: {{ include "kyoo.back.fullname" . }}
port:
number: 5000
{{- if .Values.ingress.tls }}
tls:
- hosts:
- {{ .Values.ingress.host }}
secretName: {{ .Values.ingress.tlsSecret }}
{{- end }}
{{- end }}

121
chart/templates/matcher/deployment.yaml Normal file
View File

@ -0,0 +1,121 @@
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.matcher.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.matcher.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.matcher.name "name" .Values.matcher.name) | nindent 4 }}
spec:
replicas: {{ .Values.matcher.replicaCount }}
selector:
matchLabels:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.matcher.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.matcher.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.matcher.name "name" .Values.matcher.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.matcher.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.matcher.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kyoo.matcher.serviceAccountName" . }}
containers:
- name: main
image: {{ .Values.matcher.kyoo_matcher.image.repository | default (printf "%s/kyoo_matcher" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.matcher.kyoo_matcher.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.matcher.kyoo_matcher.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.apikey.apikeyKey }}
name: {{ .Values.kyoo.apikey.existingSecret }}
- name: KYOO_URL
value: http://{{ include "kyoo.back.fullname" . }}:5000
- name: LIBRARY_LANGUAGES
value: {{ .Values.kyoo.languages }}
- name: THEMOVIEDB_APIKEY
valueFrom:
secretKeyRef:
key: {{ .Values.contentdatabase.tmdb.apikeyKey }}
name: {{ .Values.contentdatabase.tmdb.existingSecret }}
- name: TVDB_APIKEY
valueFrom:
secretKeyRef:
key: {{ .Values.contentdatabase.tvdb.apikeyKey }}
name: {{ .Values.contentdatabase.tvdb.existingSecret }}
- name: TVDB_PIN
valueFrom:
secretKeyRef:
key: {{ .Values.contentdatabase.tvdb.pinKey }}
name: {{ .Values.contentdatabase.tvdb.existingSecret }}
- name: RABBITMQ_HOST
value: {{ .Values.global.rabbitmq.host }}
- name: RABBITMQ_PORT
value: "{{ .Values.global.rabbitmq.port }}"
- name: RABBITMQ_DEFAULT_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_matcher.userKey }}
name: {{ .Values.global.rabbitmq.kyoo_matcher.existingSecret }}
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_matcher.passwordKey }}
name: {{ .Values.global.rabbitmq.kyoo_matcher.existingSecret }}
{{- with (concat .Values.global.extraEnv .Values.matcher.kyoo_matcher.extraEnv) }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.matcher.kyoo_matcher.livenessProbe }}
livenessProbe:
{{- toYaml .Values.matcher.kyoo_matcher.livenessProbe | nindent 12 }}
{{- end }}
{{- with .Values.matcher.kyoo_matcher.readinessProbe }}
readinessProbe:
{{- toYaml .Values.matcher.kyoo_matcher.readinessProbe | nindent 12 }}
{{- end }}
{{- with .Values.matcher.kyoo_matcher.resources }}
resources:
{{- toYaml .Values.matcher.kyoo_matcher.resources | nindent 12 }}
{{- end }}
{{- with .Values.matcher.kyoo_matcher.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.matcher.kyoo_matcher.extraVolumeMounts }}
volumeMounts:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.matcher.kyoo_matcher.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.matcher.extraInitContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
{{- with .Values.matcher.extraVolumes }}
volumes:
{{- toYaml . | nindent 8 }}
{{- end }}

13
chart/templates/matcher/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.matcher.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.matcher.serviceAccount.automount }}
metadata:
name: {{ include "kyoo.matcher.serviceAccountName" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.matcher.name "name" .Values.matcher.name) | nindent 4 }}
{{- with .Values.matcher.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

116
chart/templates/scanner/deployment.yaml Normal file
View File

@ -0,0 +1,116 @@
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.scanner.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.scanner.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.scanner.name "name" .Values.scanner.name) | nindent 4 }}
spec:
replicas: {{ .Values.scanner.replicaCount }}
selector:
matchLabels:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.scanner.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.scanner.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.scanner.name "name" .Values.scanner.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.scanner.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.scanner.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kyoo.scanner.serviceAccountName" . }}
containers:
- name: main
image: {{ .Values.scanner.kyoo_scanner.image.repository | default (printf "%s/kyoo_scanner" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.scanner.kyoo_scanner.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.scanner.kyoo_scanner.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: SCANNER_LIBRARY_ROOT
value: /data
- name: LIBRARY_IGNORE_PATTERN
value: "{{ .Values.kyoo.libraryIgnorePattern }}"
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.apikey.apikeyKey }}
name: {{ .Values.kyoo.apikey.existingSecret }}
- name: KYOO_URL
value: http://{{ include "kyoo.back.fullname" . }}:5000
- name: LIBRARY_LANGUAGES
value: {{ .Values.kyoo.languages }}
- name: RABBITMQ_HOST
value: {{ .Values.global.rabbitmq.host }}
- name: RABBITMQ_PORT
value: "{{ .Values.global.rabbitmq.port }}"
- name: RABBITMQ_DEFAULT_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_scanner.userKey }}
name: {{ .Values.global.rabbitmq.kyoo_scanner.existingSecret }}
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
key: {{ .Values.global.rabbitmq.kyoo_scanner.passwordKey }}
name: {{ .Values.global.rabbitmq.kyoo_scanner.existingSecret }}
{{- with (concat .Values.global.extraEnv .Values.scanner.kyoo_scanner.extraEnv) }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.scanner.kyoo_scanner.livenessProbe }}
livenessProbe:
{{- toYaml .Values.scanner.kyoo_scanner.livenessProbe | nindent 12 }}
{{- end }}
{{- with .Values.scanner.kyoo_scanner.readinessProbe }}
readinessProbe:
{{- toYaml .Values.scanner.kyoo_scanner.readinessProbe | nindent 12 }}
{{- end }}
{{- with .Values.scanner.kyoo_scanner.resources }}
resources:
{{- toYaml .Values.scanner.kyoo_scanner.resources | nindent 12 }}
{{- end }}
{{- with .Values.scanner.kyoo_scanner.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- with .Values.media.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.scanner.kyoo_scanner.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.scanner.kyoo_scanner.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.scanner.extraInitContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.media.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.scanner.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}

13
chart/templates/scanner/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.scanner.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.scanner.serviceAccount.automount }}
metadata:
name: {{ include "kyoo.scanner.serviceAccountName" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.scanner.name "name" .Values.scanner.name) | nindent 4 }}
{{- with .Values.scanner.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

129
chart/templates/transcoder/deployment.yaml Normal file
View File

@ -0,0 +1,129 @@
apiVersion: apps/v1
kind: Deployment
metadata:
{{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.transcoder.deploymentAnnotations) }}
annotations:
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.transcoder.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.transcoder.name "name" .Values.transcoder.name) | nindent 4 }}
spec:
replicas: {{ .Values.transcoder.replicaCount }}
selector:
matchLabels:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.transcoder.name) | nindent 6 }}
template:
metadata:
annotations:
{{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.transcoder.podAnnotations) }}
{{- range $key, $value := . }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.transcoder.name "name" .Values.transcoder.name) | nindent 8 }}
{{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.transcoder.podLabels) }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.transcoder.imagePullSecrets | default .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.global.securityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "kyoo.transcoder.serviceAccountName" . }}
containers:
- name: main
image: {{ .Values.transcoder.kyoo_transcoder.image.repository | default (printf "%s/kyoo_transcoder" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.transcoder.kyoo_transcoder.image.tag }}
imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }}
args:
{{- with .Values.transcoder.kyoo_transcoder.extraArgs }}
{{- toYaml . | nindent 12 }}
{{- end }}
env:
- name: GOCODER_HWACCEL
value: {{ .Values.kyoo.transcoderAcceleration }}
- name: GOCODER_PRESET
value: {{ .Values.kyoo.transcoderPreset }}
- name: GOCODER_CACHE_ROOT
value: /cache
- name: GOCODER_METADATA_ROOT
value: /metadata
- name: GOCODER_PREFIX
value: /video
- name: GOCODER_SAFE_PATH
value: /data
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
key: {{ .Values.global.postgres.kyoo_transcoder.kyoo_transcoder.userKey }}
name: {{ .Values.global.postgres.kyoo_transcoder.kyoo_transcoder.existingSecret }}
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
key: {{ .Values.global.postgres.kyoo_transcoder.kyoo_transcoder.passwordKey }}
name: {{ .Values.global.postgres.kyoo_transcoder.kyoo_transcoder.existingSecret }}
- name: POSTGRES_DB
value: {{ .Values.global.postgres.kyoo_transcoder.database }}
- name: POSTGRES_SERVER
value: {{ .Values.global.postgres.kyoo_transcoder.host }}
- name: POSTGRES_PORT
value: "{{ .Values.global.postgres.kyoo_transcoder.port }}"
- name: POSTGRES_SCHEMA
value: "{{ .Values.global.postgres.kyoo_transcoder.schema }}"
{{- with (concat .Values.global.extraEnv .Values.transcoder.kyoo_transcoder.extraEnv) }}
{{- toYaml . | nindent 12 }}
{{- end }}
ports:
- name: main
containerPort: 7666
protocol: TCP
{{- with .Values.transcoder.kyoo_transcoder.livenessProbe }}
livenessProbe:
{{- toYaml .Values.transcoder.kyoo_transcoder.livenessProbe | nindent 12 }}
{{- end }}
{{- with .Values.transcoder.kyoo_transcoder.readinessProbe }}
readinessProbe:
{{- toYaml .Values.transcoder.kyoo_transcoder.readinessProbe | nindent 12 }}
{{- end }}
{{- with .Values.transcoder.kyoo_transcoder.resources }}
resources:
{{- toYaml .Values.transcoder.kyoo_transcoder.resources | nindent 12 }}
{{- end }}
{{- with .Values.transcoder.kyoo_transcoder.containerSecurityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
{{- with .Values.media.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.transcoder.kyoo_transcoder.volumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.transcoder.kyoo_transcoder.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.transcoder.kyoo_transcoder.extraContainers }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .Values.transcoder.extraInitContainers }}
initContainers:
{{- tpl (toYaml .) $ | nindent 6 }}
{{- end }}
volumes:
{{- with .Values.media.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.transcoder.volumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.transcoder.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}

24
chart/templates/transcoder/service.yaml Normal file
View File

@ -0,0 +1,24 @@
apiVersion: v1
kind: Service
metadata:
{{- if .Values.transcoder.service.annotations }}
annotations:
{{- range $key, $value := .Values.transcoder.service.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- end }}
name: {{ include "kyoo.transcoder.fullname" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.transcoder.name "name" .Values.transcoder.name) | nindent 4 }}
{{- with .Values.transcoder.service.labels }}
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
type: {{ .Values.transcoder.service.type }}
ports:
- port: 7666
targetPort: 7666
protocol: TCP
name: main
selector:
{{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.transcoder.name) | nindent 4 }}

13
chart/templates/transcoder/serviceaccount.yaml Normal file
View File

@ -0,0 +1,13 @@
{{- if .Values.transcoder.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
automountServiceAccountToken: {{ .Values.transcoder.serviceAccount.automount }}
metadata:
name: {{ include "kyoo.transcoder.serviceAccountName" . }}
labels:
{{- include "kyoo.labels" (dict "context" . "component" .Values.transcoder.name "name" .Values.transcoder.name) | nindent 4 }}
{{- with .Values.transcoder.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

410
chart/values.yaml Normal file
View File

@ -0,0 +1,410 @@
# Default values for kyoo.
global:
image:
repositoryBase: "ghcr.io/zoriya"
tag: ""
imagePullPolicy: IfNotPresent
imagePullSecrets: []
deploymentAnnotations: {}
podAnnotations: {}
podLabels: {}
extraEnv: []
meilisearch:
proto: http
host: kyoo-meilisearch
port: 7700
#infra is only used by subchart deployment
infra:
# DOES NOT SUPPORT SPECIFYING KEY. MUST BE NAMED `MEILI_MASTER_KEY`
existingSecret: bigsecret
kyoo_back:
masterkeyKey: MEILI_MASTER_KEY
existingSecret: bigsecret
postgres:
#infra is only used by subchart deployment
infra:
# subchart does not accept this global value in one place
# if updating be sure to also update postgresql.auth.username
user: kyoo_all
passwordKey: postgres_password
existingSecret: bigsecret
kyoo_back:
host: kyoo-postgresql
port: 5432
database: kyoo_back
kyoo_migrations:
userKey: postgres_user
passwordKey: postgres_password
existingSecret: bigsecret
kyoo_back:
userKey: postgres_user
passwordKey: postgres_password
existingSecret: bigsecret
kyoo_transcoder:
host: kyoo-postgresql
port: 5432
database: kyoo_transcoder
# POSTGRES_SCHEMA disabled means application will not create the schema
# and will instead use the user's search path
schema: disabled
kyoo_transcoder:
userKey: postgres_user
passwordKey: postgres_password
existingSecret: bigsecret
rabbitmq:
host: kyoo-rabbitmq
port: 5672
# vhost is not used yet
# vhost: ""
#infra is only used by subchart deployment
infra:
# user must be manually aligned via rabbitmq.auth.user
passwordKey: rabbitmq_password
keyErlangCookie: rabbitmq_cookie
existingSecret: bigsecret
kyoo_autosync:
userKey: rabbitmq_user
passwordKey: rabbitmq_password
existingSecret: bigsecret
kyoo_back:
userKey: rabbitmq_user
passwordKey: rabbitmq_password
existingSecret: bigsecret
kyoo_matcher:
userKey: rabbitmq_user
passwordKey: rabbitmq_password
existingSecret: bigsecret
kyoo_scanner:
userKey: rabbitmq_user
passwordKey: rabbitmq_password
existingSecret: bigsecret
kyoo:
address: "https://kyoo.mydomain.com"
requireAccountVerification: true
defaultPermissions: "overall.read,overall.play"
unloggedPermissions: ""
libraryIgnorePattern: ".*/[dD]ownloads?/.*"
languages: "en"
# hardware acceleration profile (valid values: disabled, vaapi, qsv, nvidia)
transcoderAcceleration: disabled
# the preset used during transcode. faster means worst quality, you can probably use a slower preset with hwaccels
# warning: using vaapi hwaccel disable presets (they are not supported).
transcoderPreset: fast
apikey:
existingSecret: bigsecret
apikeyKey: kyoo_apikeys
oidc:
enabled: false
existingSecret: bigsecret
clientIdKey: clientId
clientSecretKey: clientSecret
name: YourPrettyName
logo: https://url-of-your-logo.com
authorizationAddress: https://url-of-the-authorization-endpoint-of-the-oidc-service.com/auth
tokenAddress: https://url-of-the-token-endpoint-of-the-oidc-service.com/token
profileAddress: https://url-of-the-profile-endpoint-of-the-oidc-service.com/userinfo
scope: "email openid profile"
authMethod: ClientSecretBasic
media:
volumes:
- name: media
persistentVolumeClaim:
claimName: media
# mounts should always be mounted to /data
volumeMounts:
- mountPath: /data
name: media
subPath: media
contentdatabase:
# TheMovieDB
tmdb:
apikeyKey: tmdb_apikey
existingSecret: bigsecret
# TVDatabase
tvdb:
apikeyKey: tvdb_apikey
pinKey: tvdb_pin
existingSecret: bigsecret
ingress:
enabled: false
ingressClassName: ~
annotations: {}
extraAnnotations: {}
host: kyoo.mydomain.com
tls: false
tlsSecret: ~
autosync:
name: autosync
kyoo_autosync:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
extraArgs: []
extraEnv: []
image:
repository: ~
tag: ~
replicaCount: 1
podLabels: {}
deploymentAnnotations: {}
podAnnotations: {}
imagePullSecrets: []
serviceAccount:
create: true
automount: true
annotations: {}
name: ~
extraContainers: []
extraInitContainers: []
extraVolumes: []
back:
name: back
kyoo_migrations:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
extraArgs: []
extraEnv: []
image:
repository: ~
tag: ~
kyoo_back:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
extraArgs: []
extraEnv: []
image:
repository: ~
tag: ~
volumeMounts:
- mountPath: /metadata
name: back-storage
volumes:
- name: back-storage
persistentVolumeClaim:
claimName: back-storage
replicaCount: 1
podLabels: {}
deploymentAnnotations: {}
podAnnotations: {}
imagePullSecrets: []
service:
annotations: {}
labels: {}
type: ClusterIP
serviceAccount:
create: true
automount: true
annotations: {}
name: ~
extraContainers: []
extraInitContainers: []
extraVolumes: []
front:
name: front
kyoo_front:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
extraArgs: []
extraEnv: []
image:
repository: ~
tag: ~
replicaCount: 1
podLabels: {}
deploymentAnnotations: {}
podAnnotations: {}
imagePullSecrets: []
service:
annotations: {}
labels: {}
type: ClusterIP
serviceAccount:
create: true
automount: true
annotations: {}
name: ~
extraContainers: []
extraInitContainers: []
extraVolumes: []
matcher:
name: matcher
kyoo_matcher:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
# workaround until dedicated image is created
extraArgs:
- matcher
extraEnv: []
image:
# workaround until dedicated image is created
repository: ghcr.io/zoriya/kyoo_scanner
tag: ~
# matcher does not support multiple replicas
replicaCount: 1
podLabels: {}
deploymentAnnotations: {}
podAnnotations: {}
imagePullSecrets: []
serviceAccount:
create: true
automount: true
annotations: {}
name: ~
extraContainers: []
extraInitContainers: []
extraVolumes: []
scanner:
name: scanner
kyoo_scanner:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
extraArgs: []
extraEnv: []
image:
repository: ~
tag: ~
# scanner does not support multiple replicas
replicaCount: 1
podLabels: {}
deploymentAnnotations: {}
podAnnotations: {}
imagePullSecrets: []
serviceAccount:
create: true
automount: true
annotations: {}
name: ~
extraContainers: []
extraInitContainers: []
extraVolumes: []
transcoder:
name: transcoder
kyoo_transcoder:
livenessProbe: {}
readinessProbe: {}
resources: {}
containerSecurityContext: {}
extraVolumeMounts: []
extraArgs: []
extraEnv: []
image:
repository: ~
tag: ~
volumeMounts:
- mountPath: /metadata
name: transcoder-storage
- mountPath: /cache
name: cache
volumes:
- name: transcoder-storage
persistentVolumeClaim:
claimName: transcoder-storage
- name: cache
emptyDir: {}
replicaCount: 1
podLabels: {}
deploymentAnnotations: {}
podAnnotations: {}
imagePullSecrets: []
service:
annotations: {}
labels: {}
type: ClusterIP
serviceAccount:
create: true
automount: true
annotations: {}
name: ~
extraContainers: []
extraInitContainers: []
extraVolumes: []
# subchart settings
meilisearch:
enabled: false
environment:
MEILI_ENV: production
auth:
# DOES NOT SUPPORT SPECIFYING KEY. MUST BE NAMED `MEILI_MASTER_KEY`
existingMasterKeySecret: "{{ .Values.global.meilisearch.infra.existingSecret }}"
persistence:
enabled: true
size: 3Gi
# subchart settings
postgresql:
enabled: false
auth:
# username is unable to reference global value
username: kyoo_all
existingSecret: "{{ .Values.global.postgres.infra.existingSecret }}"
secretKeys:
# set the postgres user password to the same as our user
adminPasswordKey: "{{ .Values.global.postgres.infra.passwordKey }}"
userPasswordKey: "{{ .Values.global.postgres.infra.passwordKey }}"
primary:
# create databases, schemas, and set search_path
initdb:
scripts:
# kyoo_back still requires public schema
# https://github.com/zoriya/Kyoo/issues/536
kyoo_back.sql: |
CREATE DATABASE {{ .Values.global.postgres.kyoo_back.database }} WITH OWNER {{ .Values.global.postgres.infra.user }};
\connect {{ .Values.global.postgres.kyoo_back.database }};
CREATE SCHEMA IF NOT EXISTS data AUTHORIZATION {{ .Values.global.postgres.infra.user }};
kyoo_transcoder.sql: |
CREATE DATABASE {{ .Values.global.postgres.kyoo_transcoder.database }} WITH OWNER {{ .Values.global.postgres.infra.user }};
\connect {{ .Values.global.postgres.kyoo_transcoder.database }};
REVOKE ALL ON SCHEMA public FROM PUBLIC;
CREATE SCHEMA IF NOT EXISTS data AUTHORIZATION {{ .Values.global.postgres.infra.user }};
user.sql: |
ALTER ROLE {{ .Values.global.postgres.infra.user }}
IN DATABASE {{ .Values.global.postgres.kyoo_back.database }} SET search_path TO "$user", public;
ALTER ROLE {{ .Values.global.postgres.infra.user }}
IN DATABASE {{ .Values.global.postgres.kyoo_transcoder.database }} SET search_path TO "$user", data;
persistence:
size: 3Gi
# subchart settings
rabbitmq:
enabled: false
auth:
# this will not read from a secret. just manually make the same
username: kyoo_all
existingPasswordSecret: "{{ .Values.global.rabbitmq.infra.existingSecret }}"
existingSecretPasswordKey: "{{ .Values.global.rabbitmq.infra.passwordKey }}"
existingErlangSecret: "{{ .Values.global.rabbitmq.infra.existingSecret }}"
existingSecretErlangKey: "{{ .Values.global.rabbitmq.infra.keyErlangCookie }}"
# create extraObjects
# create secret bigsecret
# create pvc for each object
extraObjects: []

1
shell.nix
View File

@ -36,6 +36,7 @@ in
postgresql_15
pgformatter
biome
kubernetes-helm
go-migrate
];