From 8e4bf1e1cd53b8545b3fcb13bde9157eba5eebe3 Mon Sep 17 00:00:00 2001 From: Arlan Lloyd Date: Thu, 11 Jul 2024 05:32:10 +0000 Subject: [PATCH] remove unneeded setting --- chart/argotest.yaml | 129 ++ chart/manualtest.yaml | 1694 +++++++++++++++++++++++ chart/templates/scanner/deployment.yaml | 5 - chart/test.yaml | 61 + 4 files changed, 1884 insertions(+), 5 deletions(-) create mode 100644 chart/argotest.yaml create mode 100644 chart/manualtest.yaml create mode 100644 chart/test.yaml diff --git a/chart/argotest.yaml b/chart/argotest.yaml new file mode 100644 index 00000000..4a5f3a33 --- /dev/null +++ b/chart/argotest.yaml @@ -0,0 +1,129 @@ +--- +kind: Namespace +apiVersion: v1 +metadata: + name: kyoo +--- +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kyoo + namespace: argocd +spec: + destination: + namespace: kyoo + server: https://kubernetes.default.svc + project: homelab + source: + path: chart/ + repoURL: https://github.com/acelinkio/Kyoo.git + targetRevision: feature/helmchart + helm: + valuesObject: + kyoo: + address: https://kyoo.acelink.io + meilisearch: + enabled: true + postgresql: + enabled: true + rabbitmq: + enabled: true + extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: bigsecret + type: Opaque + stringData: + kyoo_apikeys: yHXWGsjfjE6sy6UxavqmTUYxgCFYek + tmdb_apikey: "" + MEILI_MASTER_KEY: barkLike8SuperDucks + postgres_user: kyoo_back + postgres_password: watchSomething4me + rabbitmq_user: kyoo_all + rabbitmq_password: youAreAmazing2 + rabbitmq_cookie: mmmGoodCookie + - kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: back-storage + spec: + accessModes: + - "ReadWriteMany" + resources: + requests: + storage: "3Gi" + - kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: media + spec: + accessModes: + - "ReadWriteMany" + resources: + requests: + storage: "3Gi" + - kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: transcoder-storage + spec: + accessModes: + - "ReadWriteMany" + resources: + requests: + storage: "3Gi" +--- +apiVersion: externaldns.k8s.io/v1alpha1 +kind: DNSEndpoint +metadata: + name: kyoo + namespace: kyoo + annotations: + external-dns.custom/type: private +spec: + endpoints: + - dnsName: kyoo.acelink.io + recordType: CNAME + targets: + - intgw.acelink.io + providerSpecific: + - name: external-dns.alpha.kubernetes.io/cloudflare-proxied + value: "false" +--- +apiVersion: gateway.networking.k8s.io/v1 +kind: HTTPRoute +metadata: + name: kyoo + namespace: kyoo +spec: + parentRefs: + - name: internal + namespace: gateway + sectionName: https + - name: external + namespace: gateway + sectionName: https + hostnames: + - "kyoo.acelink.io" + rules: + - matches: + - path: + type: PathPrefix + value: /api + backendRefs: + - name: kyoo-back + port: 5000 + filters: + - type: URLRewrite + urlRewrite: + path: + type: ReplacePrefixMatch + replacePrefixMatch: / + - matches: + - path: + type: PathPrefix + value: / + backendRefs: + - name: kyoo-front + port: 8901 \ No newline at end of file diff --git a/chart/manualtest.yaml b/chart/manualtest.yaml new file mode 100644 index 00000000..19ad5b01 --- /dev/null +++ b/chart/manualtest.yaml @@ -0,0 +1,1694 @@ +--- +# Source: kyoo/charts/postgresql/templates/primary/networkpolicy.yaml +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: kyoo-postgresql + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 + app.kubernetes.io/component: primary +spec: + podSelector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: primary + policyTypes: + - Ingress + - Egress + egress: + - {} + ingress: + - ports: + - port: 5432 +--- +# Source: kyoo/charts/rabbitmq/templates/networkpolicy.yaml +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: kyoo-rabbitmq + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +spec: + podSelector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq + policyTypes: + - Ingress + - Egress + egress: + - {} + ingress: + # Allow inbound connections to RabbitMQ + - ports: + - port: 4369 + - port: 5672 + - port: 5671 + - port: 25672 + - port: 15672 +--- +# Source: kyoo/charts/postgresql/templates/primary/pdb.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: kyoo-postgresql + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 + app.kubernetes.io/component: primary +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: primary +--- +# Source: kyoo/charts/rabbitmq/templates/pdb.yaml +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: kyoo-rabbitmq + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +spec: + maxUnavailable: 1 + selector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq +--- +# Source: kyoo/charts/meilisearch/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kyoo-meilisearch + labels: + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + app.kubernetes.io/version: "v1.9.0" + app.kubernetes.io/component: search-engine + app.kubernetes.io/part-of: meilisearch + app.kubernetes.io/managed-by: Helm +--- +# Source: kyoo/charts/postgresql/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kyoo-postgresql + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 +automountServiceAccountToken: false +--- +# Source: kyoo/charts/rabbitmq/templates/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: kyoo-rabbitmq + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +automountServiceAccountToken: false +secrets: + - name: bigsecret +--- +# Source: kyoo/templates/autosync/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: kyoo-autosync + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-autosync + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: autosync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +--- +# Source: kyoo/templates/back/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: kyoo-back + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-back + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: back + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +--- +# Source: kyoo/templates/front/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: kyoo-front + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-front + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: front + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +--- +# Source: kyoo/templates/matcher/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: kyoo-matcher + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-matcher + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: matcher + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +--- +# Source: kyoo/templates/scanner/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: kyoo-scanner + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-scanner + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: scanner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +--- +# Source: kyoo/templates/transcoder/serviceaccount.yaml +apiVersion: v1 +kind: ServiceAccount +automountServiceAccountToken: true +metadata: + name: kyoo-transcoder + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-transcoder + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: transcoder + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +--- +# Source: kyoo/charts/rabbitmq/templates/config-secret.yaml +apiVersion: v1 +kind: Secret +metadata: + name: kyoo-rabbitmq-config + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +type: Opaque +data: + rabbitmq.conf: |- + IyMgVXNlcm5hbWUgYW5kIHBhc3N3b3JkCmRlZmF1bHRfdXNlciA9IGt5b29fYWxsCiMjIENsdXN0ZXJpbmcKIyMKY2x1c3Rlcl9uYW1lID0ga3lvby1yYWJiaXRtcQpjbHVzdGVyX2Zvcm1hdGlvbi5wZWVyX2Rpc2NvdmVyeV9iYWNrZW5kICA9IHJhYmJpdF9wZWVyX2Rpc2NvdmVyeV9rOHMKY2x1c3Rlcl9mb3JtYXRpb24uazhzLmhvc3QgPSBrdWJlcm5ldGVzLmRlZmF1bHQKY2x1c3Rlcl9mb3JtYXRpb24uazhzLmFkZHJlc3NfdHlwZSA9IGhvc3RuYW1lCmNsdXN0ZXJfZm9ybWF0aW9uLms4cy5zZXJ2aWNlX25hbWUgPSBreW9vLXJhYmJpdG1xLWhlYWRsZXNzCmNsdXN0ZXJfZm9ybWF0aW9uLms4cy5ob3N0bmFtZV9zdWZmaXggPSAua3lvby1yYWJiaXRtcS1oZWFkbGVzcy5kZWZhdWx0LnN2Yy5jbHVzdGVyLmxvY2FsCmNsdXN0ZXJfZm9ybWF0aW9uLm5vZGVfY2xlYW51cC5pbnRlcnZhbCA9IDEwCmNsdXN0ZXJfZm9ybWF0aW9uLm5vZGVfY2xlYW51cC5vbmx5X2xvZ193YXJuaW5nID0gdHJ1ZQpjbHVzdGVyX3BhcnRpdGlvbl9oYW5kbGluZyA9IGF1dG9oZWFsCgojIHF1ZXVlIG1hc3RlciBsb2NhdG9yCnF1ZXVlX21hc3Rlcl9sb2NhdG9yID0gbWluLW1hc3RlcnMKIyBlbmFibGUgbG9vcGJhY2sgdXNlcgpsb29wYmFja191c2Vycy5reW9vX2FsbCA9IGZhbHNlCiNkZWZhdWx0X3Zob3N0ID0gZGVmYXVsdC12aG9zdAojZGlza19mcmVlX2xpbWl0LmFic29sdXRlID0gNTBNQgojIyBQcm9tZXRoZXVzIG1ldHJpY3MKIyMKcHJvbWV0aGV1cy50Y3AucG9ydCA9IDk0MTk= +--- +# Source: kyoo/templates/extra-manifests.yaml +apiVersion: v1 +kind: Secret +metadata: + name: bigsecret +stringData: + MEILI_MASTER_KEY: barkLike8SuperDucks + kyoo_apikeys: yHXWGsjfjE6sy6UxavqmTUYxgCFYek + postgres_password: watchSomething4me + postgres_user: kyoo_back + rabbitmq_cookie: mmmGoodCookie + rabbitmq_password: youAreAmazing2 + rabbitmq_user: kyoo_all + tmdb_apikey: "" +type: Opaque +--- +# Source: kyoo/charts/meilisearch/templates/configmap.yaml +apiVersion: v1 +kind: ConfigMap +metadata: + name: kyoo-meilisearch-environment + labels: + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + app.kubernetes.io/version: "v1.9.0" + app.kubernetes.io/component: search-engine + app.kubernetes.io/part-of: meilisearch + app.kubernetes.io/managed-by: Helm +data: + MEILI_ENV: "production" + MEILI_NO_ANALYTICS: "true" +--- +# Source: kyoo/charts/meilisearch/templates/pvc.yaml +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: kyoo-meilisearch + labels: + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + app.kubernetes.io/version: "v1.9.0" + app.kubernetes.io/component: search-engine + app.kubernetes.io/part-of: meilisearch + app.kubernetes.io/managed-by: Helm +spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "3Gi" +--- +# Source: kyoo/templates/extra-manifests.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: back-storage +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi +--- +# Source: kyoo/templates/extra-manifests.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: media +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi +--- +# Source: kyoo/templates/extra-manifests.yaml +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: transcoder-storage +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 3Gi +--- +# Source: kyoo/charts/rabbitmq/templates/role.yaml +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: kyoo-rabbitmq-endpoint-reader + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +rules: + - apiGroups: [""] + resources: ["endpoints"] + verbs: ["get"] + - apiGroups: [""] + resources: ["events"] + verbs: ["create"] +--- +# Source: kyoo/charts/rabbitmq/templates/rolebinding.yaml +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: kyoo-rabbitmq-endpoint-reader + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +subjects: + - kind: ServiceAccount + name: kyoo-rabbitmq +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: kyoo-rabbitmq-endpoint-reader +--- +# Source: kyoo/charts/meilisearch/templates/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-meilisearch + labels: + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + app.kubernetes.io/version: "v1.9.0" + app.kubernetes.io/component: search-engine + app.kubernetes.io/part-of: meilisearch + app.kubernetes.io/managed-by: Helm +spec: + type: ClusterIP + ports: + - port: 7700 + targetPort: http + protocol: TCP + name: http + selector: + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/charts/postgresql/templates/primary/svc-headless.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-postgresql-hl + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 + app.kubernetes.io/component: primary + annotations: +spec: + type: ClusterIP + clusterIP: None + # We want all pods in the StatefulSet to have their addresses published for + # the sake of the other Postgresql pods even before they're ready, since they + # have to be able to talk to each other in order to become ready. + publishNotReadyAddresses: true + ports: + - name: tcp-postgresql + port: 5432 + targetPort: tcp-postgresql + selector: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: primary +--- +# Source: kyoo/charts/postgresql/templates/primary/svc.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-postgresql + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 + app.kubernetes.io/component: primary +spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: tcp-postgresql + port: 5432 + targetPort: tcp-postgresql + nodePort: null + selector: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: primary +--- +# Source: kyoo/charts/rabbitmq/templates/svc-headless.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-rabbitmq-headless + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +spec: + clusterIP: None + ports: + - name: epmd + port: 4369 + targetPort: epmd + - name: amqp + port: 5672 + targetPort: amqp + - name: dist + port: 25672 + targetPort: dist + - name: http-stats + port: 15672 + targetPort: stats + selector: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq + publishNotReadyAddresses: true +--- +# Source: kyoo/charts/rabbitmq/templates/svc.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-rabbitmq + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +spec: + type: ClusterIP + sessionAffinity: None + ports: + - name: amqp + port: 5672 + targetPort: amqp + nodePort: null + - name: epmd + port: 4369 + targetPort: epmd + nodePort: null + - name: dist + port: 25672 + targetPort: dist + nodePort: null + - name: http-stats + port: 15672 + targetPort: stats + nodePort: null + selector: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq +--- +# Source: kyoo/templates/autosync/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-autosync + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-autosync + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: autosync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: main + selector: + app.kubernetes.io/name: kyoo-autosync + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/templates/back/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-back + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-back + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: back + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + type: ClusterIP + ports: + - port: 5000 + targetPort: 5000 + protocol: TCP + name: main + selector: + app.kubernetes.io/name: kyoo-back + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/templates/front/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-front + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-front + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: front + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + type: ClusterIP + ports: + - port: 8901 + targetPort: 8901 + protocol: TCP + name: main + selector: + app.kubernetes.io/name: kyoo-front + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/templates/matcher/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-matcher + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-matcher + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: matcher + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: main + selector: + app.kubernetes.io/name: kyoo-matcher + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/templates/scanner/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-scanner + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-scanner + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: scanner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + type: ClusterIP + ports: + - port: 80 + targetPort: http + protocol: TCP + name: main + selector: + app.kubernetes.io/name: kyoo-scanner + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/templates/transcoder/service.yaml +apiVersion: v1 +kind: Service +metadata: + name: kyoo-transcoder + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-transcoder + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: transcoder + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + type: ClusterIP + ports: + - port: 7666 + targetPort: 7666 + protocol: TCP + name: main + selector: + app.kubernetes.io/name: kyoo-transcoder + app.kubernetes.io/instance: kyoo +--- +# Source: kyoo/templates/autosync/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kyoo-autosync + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-autosync + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: autosync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: kyoo-autosync + app.kubernetes.io/instance: kyoo + template: + metadata: + annotations: + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-autosync + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: autosync + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" + spec: + serviceAccountName: kyoo-autosync + containers: + - name: main + image: ghcr.io/zoriya/kyoo_autosync:4.6.0 + imagePullPolicy: IfNotPresent + args: + env: + - name: RABBITMQ_HOST + value: kyoo-rabbitmq + - name: RABBITMQ_PORT + value: "5672" + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + key: rabbitmq_user + name: bigsecret + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + key: rabbitmq_password + name: bigsecret + ports: + - name: main + containerPort: 80 + protocol: TCP +--- +# Source: kyoo/templates/back/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kyoo-back + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-back + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: back + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: kyoo-back + app.kubernetes.io/instance: kyoo + template: + metadata: + annotations: + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-back + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: back + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" + spec: + serviceAccountName: kyoo-back + initContainers: + - name: migrations + image: ghcr.io/zoriya/kyoo_migrations:4.6.0 + imagePullPolicy: IfNotPresent + args: + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: postgres_user + name: bigsecret + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres_password + name: bigsecret + - name: POSTGRES_DB + value: kyoo_back + - name: POSTGRES_SERVER + value: kyoo-postgresql + - name: POSTGRES_PORT + value: "5432" + containers: + - name: main + image: ghcr.io/zoriya/kyoo_back:4.6.0 + imagePullPolicy: IfNotPresent + args: + env: + - name: TRANSCODER_URL + value: http://kyoo-transcoder:7666 + - name: PUBLIC_URL + value: https://kyoo.acelink.io + - name: UNLOGGED_PERMISSIONS + value: overall.read,overall.play + - name: KYOO_APIKEYS + valueFrom: + secretKeyRef: + key: kyoo_apikeys + name: bigsecret + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: postgres_user + name: bigsecret + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres_password + name: bigsecret + - name: POSTGRES_DB + value: kyoo_back + - name: POSTGRES_SERVER + value: kyoo-postgresql + - name: POSTGRES_PORT + value: "5432" + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + key: rabbitmq_user + name: bigsecret + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + key: rabbitmq_password + name: bigsecret + - name: RABBITMQ_HOST + value: kyoo-rabbitmq + - name: RABBITMQ_PORT + value: "5672" + - name: MEILI_HOST + value: "http://kyoo-meilisearch:7700" + - name: MEILI_MASTER_KEY + valueFrom: + secretKeyRef: + key: MEILI_MASTER_KEY + name: bigsecret + ports: + - name: main + containerPort: 5000 + protocol: TCP + volumeMounts: + - mountPath: /data + name: media + subPath: media + - mountPath: /metadata + name: back-storage + volumes: + - name: media + persistentVolumeClaim: + claimName: media + - name: back-storage + persistentVolumeClaim: + claimName: back-storage +--- +# Source: kyoo/templates/front/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kyoo-front + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-front + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: front + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: kyoo-front + app.kubernetes.io/instance: kyoo + template: + metadata: + annotations: + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-front + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: front + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" + spec: + serviceAccountName: kyoo-front + containers: + - name: main + image: ghcr.io/zoriya/kyoo_front:4.6.0 + imagePullPolicy: IfNotPresent + args: + env: + - name: KYOO_URL + value: http://kyoo-back:5000 + ports: + - name: main + containerPort: 8901 + protocol: TCP +--- +# Source: kyoo/templates/matcher/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kyoo-matcher + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-matcher + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: matcher + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: kyoo-matcher + app.kubernetes.io/instance: kyoo + template: + metadata: + annotations: + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-matcher + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: matcher + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" + spec: + serviceAccountName: kyoo-matcher + containers: + - name: main + image: ghcr.io/zoriya/kyoo_scanner:4.6.0 + imagePullPolicy: IfNotPresent + args: + - matcher + env: + - name: KYOO_APIKEYS + valueFrom: + secretKeyRef: + key: kyoo_apikeys + name: bigsecret + - name: KYOO_URL + value: http://kyoo-back:5000 + - name: LIBRARY_LANGUAGES + value: en + - name: THEMOVIEDB_APIKEY + valueFrom: + secretKeyRef: + key: tmdb_apikey + name: bigsecret + - name: RABBITMQ_HOST + value: kyoo-rabbitmq + - name: RABBITMQ_PORT + value: "5672" + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + key: rabbitmq_user + name: bigsecret + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + key: rabbitmq_password + name: bigsecret + ports: + - name: main + containerPort: 80 + protocol: TCP +--- +# Source: kyoo/templates/scanner/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kyoo-scanner + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-scanner + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: scanner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: kyoo-scanner + app.kubernetes.io/instance: kyoo + template: + metadata: + annotations: + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-scanner + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: scanner + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" + spec: + serviceAccountName: kyoo-scanner + containers: + - name: main + image: ghcr.io/zoriya/kyoo_scanner:4.6.0 + imagePullPolicy: IfNotPresent + args: + env: + - name: SCANNER_LIBRARY_ROOT + value: /data + - name: KYOO_APIKEYS + valueFrom: + secretKeyRef: + key: kyoo_apikeys + name: bigsecret + - name: KYOO_URL + value: http://kyoo-back:5000 + - name: LIBRARY_LANGUAGES + value: en + - name: THEMOVIEDB_APIKEY + valueFrom: + secretKeyRef: + key: tmdb_apikey + name: bigsecret + - name: RABBITMQ_HOST + value: kyoo-rabbitmq + - name: RABBITMQ_PORT + value: "5672" + - name: RABBITMQ_DEFAULT_USER + valueFrom: + secretKeyRef: + key: rabbitmq_user + name: bigsecret + - name: RABBITMQ_DEFAULT_PASS + valueFrom: + secretKeyRef: + key: rabbitmq_password + name: bigsecret + ports: + - name: main + containerPort: 80 + protocol: TCP + volumeMounts: + - mountPath: /data + name: media + subPath: media + volumes: + - name: media + persistentVolumeClaim: + claimName: media +--- +# Source: kyoo/templates/transcoder/deployment.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: kyoo-transcoder + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-transcoder + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: transcoder + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: kyoo-transcoder + app.kubernetes.io/instance: kyoo + template: + metadata: + annotations: + labels: + helm.sh/chart: kyoo-0.1.0 + app.kubernetes.io/name: kyoo-transcoder + app.kubernetes.io/instance: kyoo + app.kubernetes.io/component: transcoder + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kyoo + app.kubernetes.io/version: "4.6.0" + spec: + serviceAccountName: kyoo-transcoder + containers: + - name: main + image: ghcr.io/zoriya/kyoo_transcoder:4.6.0 + imagePullPolicy: IfNotPresent + args: + env: + - name: GOCODER_HWACCEL + value: disabled + - name: GOCODER_PRESET + value: fast + - name: GOCODER_CACHE_ROOT + value: /cache + - name: GOCODER_METADATA_ROOT + value: /metadata + - name: GOCODER_PREFIX + value: /video + - name: GOCODER_SAFE_PATH + value: /data + ports: + - name: main + containerPort: 7666 + protocol: TCP + volumeMounts: + - mountPath: /data + name: media + subPath: media + - mountPath: /metadata + name: transcoder-storage + - mountPath: /cache + name: cache + volumes: + - name: media + persistentVolumeClaim: + claimName: media + - name: transcoder-storage + persistentVolumeClaim: + claimName: transcoder-storage + - emptyDir: {} + name: cache +--- +# Source: kyoo/charts/meilisearch/templates/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: kyoo-meilisearch + labels: + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + app.kubernetes.io/version: "v1.9.0" + app.kubernetes.io/component: search-engine + app.kubernetes.io/part-of: meilisearch + app.kubernetes.io/managed-by: Helm +spec: + replicas: 1 + serviceName: kyoo-meilisearch + selector: + matchLabels: + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + template: + metadata: + labels: + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/name: meilisearch + app.kubernetes.io/instance: kyoo + app.kubernetes.io/version: "v1.9.0" + app.kubernetes.io/component: search-engine + app.kubernetes.io/part-of: meilisearch + app.kubernetes.io/managed-by: Helm + annotations: + checksum/config: a223d94e2a4d666aa80b9fbd42d2edf4151fd626716414b411f985771893b74d + spec: + serviceAccountName: kyoo-meilisearch + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + volumes: + - name: tmp + emptyDir: {} + - name: data + persistentVolumeClaim: + claimName: kyoo-meilisearch + + + + containers: + - name: meilisearch + image: "getmeili/meilisearch:v1.9.0" + imagePullPolicy: IfNotPresent + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + volumeMounts: + - name: tmp + mountPath: /tmp + - name: data + mountPath: /meili_data + envFrom: + - configMapRef: + name: kyoo-meilisearch-environment + - secretRef: + name: bigsecret + ports: + - name: http + containerPort: 7700 + protocol: TCP + startupProbe: + httpGet: + path: /health + port: http + periodSeconds: 1 + initialDelaySeconds: 1 + failureThreshold: 60 + livenessProbe: + httpGet: + path: /health + port: http + periodSeconds: 10 + initialDelaySeconds: 0 + readinessProbe: + httpGet: + path: /health + port: http + periodSeconds: 10 + initialDelaySeconds: 0 + resources: + {} +--- +# Source: kyoo/charts/postgresql/templates/primary/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: kyoo-postgresql + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 + app.kubernetes.io/component: primary +spec: + replicas: 1 + serviceName: kyoo-postgresql-hl + updateStrategy: + rollingUpdate: {} + type: RollingUpdate + selector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: primary + template: + metadata: + name: kyoo-postgresql + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 16.3.0 + helm.sh/chart: postgresql-15.5.14 + app.kubernetes.io/component: primary + spec: + serviceAccountName: kyoo-postgresql + + automountServiceAccountToken: false + affinity: + podAffinity: + + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: postgresql + app.kubernetes.io/component: primary + topologyKey: kubernetes.io/hostname + weight: 1 + nodeAffinity: + + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + supplementalGroups: [] + sysctls: [] + hostNetwork: false + hostIPC: false + containers: + - name: postgresql + image: docker.io/bitnami/postgresql:16.3.0-debian-12-r19 + imagePullPolicy: "IfNotPresent" + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: "/bitnami/postgresql" + - name: PGDATA + value: "/bitnami/postgresql/data" + # Authentication + - name: POSTGRES_USER + value: "kyoo_back" + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: bigsecret + key: postgres_password + - name: POSTGRES_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: bigsecret + key: postgres_password + - name: POSTGRES_DATABASE + value: "kyoo_back" + # Replication + # Initdb + # Standby + # LDAP + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + # TLS + - name: POSTGRESQL_ENABLE_TLS + value: "no" + # Audit + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + # Others + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: "error" + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: "pgaudit" + ports: + - name: tcp-postgresql + containerPort: 5432 + livenessProbe: + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "kyoo_back" -d "dbname=kyoo_back" -h 127.0.0.1 -p 5432 + readinessProbe: + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "kyoo_back" -d "dbname=kyoo_back" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + resources: + limits: + cpu: 150m + ephemeral-storage: 1024Mi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + volumeMounts: + - name: empty-dir + mountPath: /tmp + subPath: tmp-dir + - name: empty-dir + mountPath: /opt/bitnami/postgresql/conf + subPath: app-conf-dir + - name: empty-dir + mountPath: /opt/bitnami/postgresql/tmp + subPath: app-tmp-dir + - name: dshm + mountPath: /dev/shm + - name: data + mountPath: /bitnami/postgresql + volumes: + - name: empty-dir + emptyDir: {} + - name: dshm + emptyDir: + medium: Memory + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: data + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "3Gi" +--- +# Source: kyoo/charts/rabbitmq/templates/statefulset.yaml +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: kyoo-rabbitmq + namespace: "default" + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 +spec: + serviceName: kyoo-rabbitmq-headless + podManagementPolicy: OrderedReady + replicas: 1 + updateStrategy: + type: RollingUpdate + selector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq + template: + metadata: + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: rabbitmq + app.kubernetes.io/version: 3.13.3 + helm.sh/chart: rabbitmq-14.4.2 + annotations: + checksum/config: 2419573798a19b5532d4ebf7ab51e6b9a6b5ccd231ccd154995938830b8d4fee + spec: + + serviceAccountName: kyoo-rabbitmq + affinity: + podAffinity: + + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq + topologyKey: kubernetes.io/hostname + weight: 1 + nodeAffinity: + + automountServiceAccountToken: true + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + supplementalGroups: [] + sysctls: [] + terminationGracePeriodSeconds: 120 + enableServiceLinks: true + initContainers: + - name: prepare-plugins-dir + image: docker.io/bitnami/rabbitmq:3.13.3-debian-12-r0 + imagePullPolicy: "IfNotPresent" + resources: + limits: + cpu: 375m + ephemeral-storage: 1024Mi + memory: 384Mi + requests: + cpu: 250m + ephemeral-storage: 50Mi + memory: 256Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + command: + - /bin/bash + args: + - -ec + - | + #!/bin/bash + + . /opt/bitnami/scripts/liblog.sh + + info "Copying plugins dir to empty dir" + # In order to not break the possibility of installing custom plugins, we need + # to make the plugins directory writable, so we need to copy it to an empty dir volume + cp -r --preserve=mode /opt/bitnami/rabbitmq/plugins/ /emptydir/app-plugins-dir + volumeMounts: + - name: empty-dir + mountPath: /emptydir + containers: + - name: rabbitmq + image: docker.io/bitnami/rabbitmq:3.13.3-debian-12-r0 + imagePullPolicy: "IfNotPresent" + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seccompProfile: + type: RuntimeDefault + lifecycle: + preStop: + exec: + command: + - /bin/bash + - -ec + - | + if [[ -f /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh ]]; then + /opt/bitnami/scripts/rabbitmq/nodeshutdown.sh -t "120" -d "false" + else + rabbitmqctl stop_app + fi + env: + - name: BITNAMI_DEBUG + value: "false" + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: RABBITMQ_FORCE_BOOT + value: "no" + - name: RABBITMQ_NODE_NAME + value: "rabbit@$(MY_POD_NAME).kyoo-rabbitmq-headless.$(MY_POD_NAMESPACE).svc.cluster.local" + - name: RABBITMQ_MNESIA_DIR + value: "/opt/bitnami/rabbitmq/.rabbitmq/mnesia/$(RABBITMQ_NODE_NAME)" + - name: RABBITMQ_LDAP_ENABLE + value: "no" + - name: RABBITMQ_LOGS + value: "-" + - name: RABBITMQ_ULIMIT_NOFILES + value: "65535" + - name: RABBITMQ_USE_LONGNAME + value: "true" + - name: RABBITMQ_ERL_COOKIE + valueFrom: + secretKeyRef: + name: bigsecret + key: rabbitmq_cookie + - name: RABBITMQ_LOAD_DEFINITIONS + value: "no" + - name: RABBITMQ_DEFINITIONS_FILE + value: "/app/load_definition.json" + - name: RABBITMQ_SECURE_PASSWORD + value: "yes" + - name: RABBITMQ_USERNAME + value: "kyoo_all" + - name: RABBITMQ_PASSWORD + valueFrom: + secretKeyRef: + name: bigsecret + key: rabbitmq_password + - name: RABBITMQ_PLUGINS + value: "rabbitmq_management, rabbitmq_peer_discovery_k8s, rabbitmq_auth_backend_ldap" + envFrom: + ports: + - name: amqp + containerPort: 5672 + - name: dist + containerPort: 25672 + - name: stats + containerPort: 15672 + - name: epmd + containerPort: 4369 + - name: metrics + containerPort: 9419 + livenessProbe: + failureThreshold: 6 + initialDelaySeconds: 120 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 20 + exec: + command: + - sh + - -ec + - curl -f --user kyoo_all:$RABBITMQ_PASSWORD 127.0.0.1:15672/api/health/checks/virtual-hosts + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 30 + successThreshold: 1 + timeoutSeconds: 20 + exec: + command: + - sh + - -ec + - curl -f --user kyoo_all:$RABBITMQ_PASSWORD 127.0.0.1:15672/api/health/checks/local-alarms + resources: + limits: + cpu: 375m + ephemeral-storage: 1024Mi + memory: 384Mi + requests: + cpu: 250m + ephemeral-storage: 50Mi + memory: 256Mi + volumeMounts: + - name: configuration + mountPath: /bitnami/rabbitmq/conf + - name: empty-dir + mountPath: /tmp + subPath: tmp-dir + - name: empty-dir + mountPath: /opt/bitnami/rabbitmq/etc/rabbitmq + subPath: app-conf-dir + - name: empty-dir + mountPath: /opt/bitnami/rabbitmq/var/lib/rabbitmq + subPath: app-tmp-dir + - name: empty-dir + mountPath: /opt/bitnami/rabbitmq/.rabbitmq/ + subPath: app-erlang-cookie + - name: empty-dir + mountPath: /opt/bitnami/rabbitmq/var/log/rabbitmq + subPath: app-logs-dir + - name: empty-dir + mountPath: /opt/bitnami/rabbitmq/plugins + subPath: app-plugins-dir + - name: data + mountPath: /opt/bitnami/rabbitmq/.rabbitmq/mnesia + volumes: + - name: empty-dir + emptyDir: {} + - name: configuration + projected: + sources: + - secret: + name: kyoo-rabbitmq-config + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: data + labels: + app.kubernetes.io/instance: kyoo + app.kubernetes.io/name: rabbitmq + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "8Gi" +--- +# Source: kyoo/charts/meilisearch/templates/tests/test-connection.yaml +apiVersion: v1 +kind: Pod +metadata: + name: kyoo-meilisearch-test-connection + labels: + app.kubernetes.io/name: meilisearch + helm.sh/chart: meilisearch-0.8.0 + app.kubernetes.io/instance: kyoo + app.kubernetes.io/managed-by: Helm + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: wget + image: busybox + command: ['wget'] + args: ['kyoo-meilisearch:7700'] + restartPolicy: Never diff --git a/chart/templates/scanner/deployment.yaml b/chart/templates/scanner/deployment.yaml index 9f4bef3d..6f7a5b19 100644 --- a/chart/templates/scanner/deployment.yaml +++ b/chart/templates/scanner/deployment.yaml @@ -58,11 +58,6 @@ spec: value: http://{{ include "kyoo.back.fullname" . }}:5000 - name: LIBRARY_LANGUAGES value: {{ .Values.kyoo.languages }} - - name: THEMOVIEDB_APIKEY - valueFrom: - secretKeyRef: - key: {{ .Values.contentdatabase.provider.tmdb.apikeyKey }} - name: {{ .Values.contentdatabase.provider.tmdb.existingSecret }} - name: RABBITMQ_HOST value: {{ .Values.global.rabbitmq.host }} - name: RABBITMQ_PORT diff --git a/chart/test.yaml b/chart/test.yaml new file mode 100644 index 00000000..1604cf4c --- /dev/null +++ b/chart/test.yaml @@ -0,0 +1,61 @@ +kyoo: + address: https://kyoo.acelink.io +meilisearch: + enabled: true +postgresql: + enabled: true +rabbitmq: + enabled: true +extraObjects: + - apiVersion: v1 + kind: Secret + metadata: + name: bigsecret + type: Opaque + stringData: + #KYOO + # The following value should be set to a random sequence of characters. + # You MUST change it when installing kyoo (for security) + # You can input multiple api keys separated by a , + kyoo_apikeys: yHXWGsjfjE6sy6UxavqmTUYxgCFYek + # Keep those empty to use kyoo's default api key. You can also specify a custom API key if you want. + # go to https://www.themoviedb.org/settings/api and copy the api key (not the read access token, the api key) + tmdb_apikey: "" + #RESOURCES + # meilisearch does not allow mapping their key in yet. + MEILI_MASTER_KEY: barkLike8SuperDucks + postgres_user: kyoo_back + postgres_password: watchSomething4me + rabbitmq_user: kyoo_all + rabbitmq_password: youAreAmazing2 + rabbitmq_cookie: mmmGoodCookie + - kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: back-storage + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "3Gi" + - kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: media + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "3Gi" + - kind: PersistentVolumeClaim + apiVersion: v1 + metadata: + name: transcoder-storage + spec: + accessModes: + - "ReadWriteOnce" + resources: + requests: + storage: "3Gi" \ No newline at end of file