Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-11-21 14:03:21 -05:00
Code Issues Packages Projects Releases Wiki Activity

add in scanner & extra apikey support

Browse Source
This commit is contained in:
Arlan Lloyd 2025-11-03 01:18:50 +00:00 committed by Zoe Roux
parent cd65632527
commit eb31c0d8e6
No known key found for this signature in database
4 changed files with 47 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
chart/README.md
View File

@ -23,6 +23,7 @@ extraObjects:
stringData: stringData:
postgres_user: kyoo_all postgres_user: kyoo_all
postgres_password: watchSomething4me postgres_password: watchSomething4me
scanner_apikey: triquarter4u
- kind: PersistentVolumeClaim - kind: PersistentVolumeClaim
apiVersion: v1 apiVersion: v1
metadata: metadata:
@ -48,6 +49,8 @@ global:
host: postgres host: postgres
kyoo_transcoder: kyoo_transcoder:
host: postgres host: postgres
kyoo_scanner:
host: postgres
# specify hardware resources # specify hardware resources
transcoder: transcoder:
kyoo_transcoder: kyoo_transcoder:
@ -83,6 +86,7 @@ stringData:
tvdb_pin: "" tvdb_pin: ""
postgres_user: kyoo_all postgres_user: kyoo_all
postgres_password: watchSomething4me postgres_password: watchSomething4me
scanner_apikey: triquarter4u
``` ```
# Additional Notes # Additional Notes

24
chart/templates/auth/deployment.yaml
View File

@ -53,15 +53,31 @@ spec:
{{- end }} {{- end }}
env: env:
- name: EXTRA_CLAIMS - name: EXTRA_CLAIMS
value: {{ .Values.kyoo.extraClaims | quote }} value: {{ .Values.kyoo.auth.extraClaims | quote }}
- name: FIRST_USER_CLAIMS - name: FIRST_USER_CLAIMS
value: {{ .Values.kyoo.firstUserClaims | quote }} value: {{ .Values.kyoo.auth.firstUserClaims | quote }}
- name: GUEST_CLAIMS - name: GUEST_CLAIMS
value: {{ .Values.kyoo.guestClaims | quote }} value: {{ .Values.kyoo.auth.guestClaims | quote }}
- name: PROTECTED_CLAIMS - name: PROTECTED_CLAIMS
value: {{ .Values.kyoo.protectedClaims | quote }} value: {{ .Values.kyoo.auth.protectedClaims | quote }}
- name: PUBLIC_URL - name: PUBLIC_URL
value: {{ .Values.kyoo.address | quote }} value: {{ .Values.kyoo.address | quote }}
- name: KEIBI_APIKEY_SCANNER
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.auth.apikeys.scanner.apikeyKey }}
name: {{ .Values.kyoo.auth.apikeys.scanner.existingSecret }}
- name: KEIBI_APIKEY_SCANNER_CLAIMS
value: {{ .Values.kyoo.auth.apikeys.scanner.claims | quote}}
{{- range $index, $entry := .Values.kyoo.auth.apikeys.extra }}
- name: KEIBI_APIKEY_{{ $entry.name | upper }}
valueFrom:
secretKeyRef:
key: {{ $entry.apikeyKey }}
name: {{ $entry.existingSecret }}
- name: KEIBI_APIKEY_{{ $entry.name | upper }}_CLAIMS
value: {{ $entry.claims | quote }}
{{- end }}
- name: PGUSER - name: PGUSER
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

5
chart/templates/scanner/deployment.yaml
View File

@ -62,6 +62,11 @@ spec:
value: "http://{{ include "kyoo.auth.fullname" . }}:4568/.well-known/jwks.json" value: "http://{{ include "kyoo.auth.fullname" . }}:4568/.well-known/jwks.json"
- name: JWT_ISSUER - name: JWT_ISSUER
value: {{ .Values.kyoo.address | quote }} value: {{ .Values.kyoo.address | quote }}
- name: KYOO_APIKEY
valueFrom:
secretKeyRef:
key: {{ .Values.kyoo.auth.apikeys.scanner.apikeyKey }}
name: {{ .Values.kyoo.auth.apikeys.scanner.existingSecret }}
- name: THEMOVIEDB_API_ACCESS_TOKEN - name: THEMOVIEDB_API_ACCESS_TOKEN
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:

23
chart/values.yaml
View File

@ -83,11 +83,24 @@ kyoo:
# defaults to traefikproxy service unless specified otherwise # defaults to traefikproxy service unless specified otherwise
middlewareRootURL: ~ middlewareRootURL: ~
# new auth settings # auth settings
extraClaims: '{"permissions": ["core.read"], "verified": false}' auth:
firstUserClaims: '{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "scanner.trigger"], "verified": true}' firstUserClaims: '{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "scanner.trigger"], "verified": true}'
guestClaims: '{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "scanner.trigger"], "verified": true}' guestClaims: '{"permissions": ["users.read", "users.write", "apikeys.read", "apikeys.write", "users.delete", "core.read", "core.write", "scanner.trigger"], "verified": true}'
protectedClaims: "permissions,verified" extraClaims: '{"permissions": ["core.read"], "verified": false}'
protectedClaims: "permissions,verified"
apikeys:
scanner:
existingSecret: bigsecret
apikeyKey: scanner_apikey
claims: '{"permissions": ["core.write"]}'
# create additional apikeys
extra: []
# - name: example
# existingSecret: bigsecret
# apikeyKey: example_apikey
# claims: '{"permissions": ["core.read"]}'
# A pattern (regex) to ignore video files. # A pattern (regex) to ignore video files.
libraryIgnorePattern: ".*/[dD]ownloads?/.*" libraryIgnorePattern: ".*/[dD]ownloads?/.*"