Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-12-17 02:25:10 -05:00
Code Issues Packages Projects Releases Wiki Activity

chart: update docs (#1162)

Browse Source
This commit is contained in:
acelinkio 2025-11-18 14:22:53 -08:00 committed by GitHub
commit 536b03b1ef
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
chart/README.md
View File

@ -23,7 +23,7 @@ extraObjects:
stringData: stringData:
postgres_user: kyoo_all postgres_user: kyoo_all
postgres_password: watchSomething4me postgres_password: watchSomething4me
scanner_apikey: scanner-triquarter4u scanner_apikey: triquarter4u
- kind: PersistentVolumeClaim - kind: PersistentVolumeClaim
apiVersion: v1 apiVersion: v1
metadata: metadata:
@ -43,14 +43,8 @@ values.yaml configuration
# specify external hosts for resources # specify external hosts for resources
global: global:
postgres: postgres:
kyoo_api: shared:
host: postgres host: postgres-cluster01.databases
kyoo_auth:
host: postgres
kyoo_transcoder:
host: postgres
kyoo_scanner:
host: postgres
# specify hardware resources # specify hardware resources
transcoder: transcoder:
kyoo_transcoder: kyoo_transcoder:
@ -86,7 +80,7 @@ stringData:
tvdb_pin: "" tvdb_pin: ""
postgres_user: kyoo_all postgres_user: kyoo_all
postgres_password: watchSomething4me postgres_password: watchSomething4me
scanner_apikey: scanner-triquarter4u scanner_apikey: triquarter4u
``` ```
# Additional Notes # Additional Notes
@ -99,7 +93,7 @@ Subcharts are updated frequently and subject to changes. This chart includes su
# v5 Middleware Requirement # v5 Middleware Requirement
Starting with v5, Kyoo leverages middleware for offloading auth from the microservices onto a gateway. For additional reading, please see gateway-api sigs [documentation](https://gateway-api.sigs.k8s.io/geps/gep-1494/). Starting with v5, Kyoo leverages middleware for offloading auth from the microservices onto a gateway. For additional reading, please see gateway-api sigs [documentation](https://gateway-api.sigs.k8s.io/geps/gep-1494/).
This Helm chart provides a few choices as most ingress/gatewayapi controllers do not currently support PhantomToken auth. This Helm chart provides a few options as most ingress/gatewayapi controllers do not currently support ForwardAuth middleware.
## Add TraefikProxy (Default) ## Add TraefikProxy (Default)
By default, this chart will deploy TraefikProxy behind the existing ingress/gateway resources. TraefikProxy hop is added and configured to handle ForwardAuth. This approach offers the most compatibility and requires the least amount of change from the user perspective. By default, this chart will deploy TraefikProxy behind the existing ingress/gateway resources. TraefikProxy hop is added and configured to handle ForwardAuth. This approach offers the most compatibility and requires the least amount of change from the user perspective.
@ -108,6 +102,6 @@ By default, this chart will deploy TraefikProxy behind the existing ingress/gate
Instead of using an additional hop, Traefik can be exposed via LoadBalancer. To do this securely, please be sure to mount and configuring the TLS certificate inside of Traefik. Instead of using an additional hop, Traefik can be exposed via LoadBalancer. To do this securely, please be sure to mount and configuring the TLS certificate inside of Traefik.
## Ingress/GatewayApi (WIP) ## Ingress/GatewayApi (WIP)
Disable the integrated TraefikProxy and adopt a controller that supports PhantomToken auth. This option will offer the most Kubernetes native experience. Disable the integrated TraefikProxy and adopt a controller that supports ForwardAuth middleware. This option will offer the most Kubernetes native experience.
This is a work in progress. One of the challenges is that microserice to microservice communication relies upon this middleware as well. Pointing microservices to Ingress/Gateway service address is not enough since those leverage Layer7 hosts for routing traffic--unless we create a dedicated one that routes all hosts to Kyoo. This is a work in progress. One of the challenges is that microserice to microservice communication relies upon this middleware as well. Pointing microservices to Ingress/Gateway service address is not enough since those leverage Layer7 hosts for routing traffic--unless we create a dedicated one that routes all hosts to Kyoo.