Compare commits
4 Commits
eef59f33a9
...
ea6ba3b18e
Author | SHA1 | Date |
---|---|---|
Renovate Bot | ea6ba3b18e | |
SeanOMik | d119ac6206 | |
SeanOMik | 1e602ec8e7 | |
SeanOMik | d4e5a254a7 |
|
@ -1,3 +1,4 @@
|
|||
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
|
||||
apiVersion: helm.toolkit.fluxcd.io/v2
|
||||
kind: HelmRelease
|
||||
metadata:
|
||||
|
@ -8,58 +9,68 @@ spec:
|
|||
chart:
|
||||
spec:
|
||||
chart: app-template
|
||||
version: 1.3.x
|
||||
version: 3.4.0
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: bjws-charts
|
||||
namespace: flux-system
|
||||
|
||||
values:
|
||||
image:
|
||||
repository: oci.seedno.de/seednode/nginx
|
||||
tag: latest
|
||||
controllers:
|
||||
main:
|
||||
pod:
|
||||
securityContext:
|
||||
runAsNonRoot: true
|
||||
runAsUser: 65534
|
||||
runAsGroup: 65533
|
||||
fsGroup: 10000
|
||||
fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
args:
|
||||
- -c
|
||||
- /config/nginx.conf
|
||||
containers:
|
||||
main:
|
||||
image:
|
||||
repository: git.${SECRET_NEW_DOMAIN}/seanomik/nginx
|
||||
tag: 1.27.1
|
||||
pullPolicy: Always
|
||||
|
||||
resources:
|
||||
requests:
|
||||
memory: 500Mi
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities: { drop: ["ALL"] }
|
||||
|
||||
service:
|
||||
main:
|
||||
app:
|
||||
controller: main
|
||||
ports:
|
||||
http:
|
||||
port: 6544
|
||||
|
||||
probes:
|
||||
liveness:
|
||||
enabled: false
|
||||
|
||||
ingress:
|
||||
main:
|
||||
enabled: true
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
traefik.ingress.kubernetes.io/router.entrypoints: websecure
|
||||
hosts:
|
||||
- host: &host "cdn.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
tls:
|
||||
- hosts:
|
||||
- *host
|
||||
|
||||
- host: "cdn.${SECRET_NEW_DOMAIN}"
|
||||
paths:
|
||||
- path: /
|
||||
service:
|
||||
identifier: app
|
||||
port: http
|
||||
|
||||
persistence:
|
||||
data:
|
||||
enabled: true
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/cdn/data
|
||||
readOnly: true
|
||||
mountPath: /data
|
||||
config:
|
||||
enabled: true
|
||||
type: configMap
|
||||
name: nginx-cdn-configmap
|
||||
globalMounts:
|
||||
- path: /etc/nginx/nginx.conf
|
||||
subPath: nginx.conf
|
||||
|
||||
resources:
|
||||
requests:
|
||||
cpu: 1m
|
||||
storage:
|
||||
type: hostPath
|
||||
hostPath: /mnt/MainPool/Kubernetes/cdn/data
|
||||
globalMounts:
|
||||
- path: /data
|
||||
|
|
|
@ -26,21 +26,21 @@ spec:
|
|||
# fsGroup: 10000
|
||||
# fsGroupChangePolicy: OnRootMismatch
|
||||
|
||||
initContainers:
|
||||
copy-config:
|
||||
image:
|
||||
repository: alpine
|
||||
tag: 3.20
|
||||
|
||||
command: [ "sh", "-c", "cat /ganymede-config.json && cp -v /ganymede-config.json /data/config.json" ]
|
||||
|
||||
containers:
|
||||
api:
|
||||
image:
|
||||
repository: ghcr.io/zibbp/ganymede
|
||||
tag: 3.0.1
|
||||
|
||||
securityContext:
|
||||
#allowPrivilegeEscalation: false
|
||||
#capabilities: { drop: ["ALL"] }
|
||||
|
||||
env:
|
||||
- name: PUID
|
||||
value: 555
|
||||
- name: PGID
|
||||
value: 555
|
||||
- name: TZ
|
||||
value: "America/New_York" # Set to your timezone
|
||||
- name: DB_HOST
|
||||
|
@ -124,6 +124,10 @@ spec:
|
|||
repository: nginxinc/nginx-unprivileged
|
||||
tag: 1.27.1-alpine
|
||||
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities: { drop: ["ALL"] }
|
||||
|
||||
service:
|
||||
app:
|
||||
controller: main
|
||||
|
@ -155,7 +159,7 @@ spec:
|
|||
service:
|
||||
identifier: app
|
||||
port: api
|
||||
- path: /vods
|
||||
- path: /data/videos
|
||||
service:
|
||||
identifier: app
|
||||
port: nginx
|
||||
|
@ -168,18 +172,18 @@ spec:
|
|||
storageClass: mainpool-hostpath
|
||||
accessMode: ReadWriteOnce
|
||||
globalMounts:
|
||||
- path: /vods
|
||||
- path: /data/videos
|
||||
|
||||
ganymede-data:
|
||||
type: persistentVolumeClaim
|
||||
size: 5Gi
|
||||
size: 15Gi
|
||||
retain: true
|
||||
storageClass: mainpool-hostpath
|
||||
accessMode: ReadWriteOnce
|
||||
advancedMounts:
|
||||
main: # controller name
|
||||
api: # container name
|
||||
- path: /data
|
||||
- path: /data/temp
|
||||
|
||||
ganymede-logs:
|
||||
type: persistentVolumeClaim
|
||||
|
@ -190,7 +194,7 @@ spec:
|
|||
advancedMounts:
|
||||
main: # controller name
|
||||
api: # container name
|
||||
- path: /logs
|
||||
- path: /data/logs
|
||||
|
||||
nginx-conf:
|
||||
name: ganymede-nginx-conf
|
||||
|
@ -199,17 +203,8 @@ spec:
|
|||
advancedMounts:
|
||||
main: # controller name
|
||||
nginx: # container name
|
||||
- subPath: nginx.conf
|
||||
path: /etc/nginx/nginx.conf
|
||||
|
||||
ganymede-temp-conf:
|
||||
type: emptyDir
|
||||
advancedMounts:
|
||||
main: # controller name
|
||||
api: # container name
|
||||
- path: /data
|
||||
copy-config: # container name
|
||||
- path: /data
|
||||
- path: /etc/nginx/nginx.conf
|
||||
subPath: nginx.conf
|
||||
|
||||
ganymede-conf:
|
||||
name: ganymede-conf
|
||||
|
@ -217,6 +212,7 @@ spec:
|
|||
defaultMode: 0777
|
||||
advancedMounts:
|
||||
main: # controller name
|
||||
copy-config: # container name
|
||||
- subPath: config.json
|
||||
path: /ganymede-config.json
|
||||
api: # container name
|
||||
- path: /data/config/config.json
|
||||
subPath: config.json
|
||||
|
||||
|
|
|
@ -26,16 +26,16 @@ data:
|
|||
|
||||
server {
|
||||
listen 8080;
|
||||
root /vods;
|
||||
root /data/videos;
|
||||
|
||||
add_header 'Access-Control-Allow-Origin' '*' always;
|
||||
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
|
||||
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
|
||||
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
|
||||
|
||||
location ^~ /vods {
|
||||
location ^~ /data/videos {
|
||||
autoindex on;
|
||||
alias /vods;
|
||||
alias /data/videos;
|
||||
|
||||
location ~* \.(ico|css|js|gif|jpeg|jpg|png|svg|webp)$ {
|
||||
expires 30d;
|
||||
|
|
|
@ -8,7 +8,7 @@ spec:
|
|||
chart:
|
||||
spec:
|
||||
chart: traefik
|
||||
version: '30.1.0'
|
||||
version: '31.1.0'
|
||||
sourceRef:
|
||||
kind: HelmRepository
|
||||
name: traefik-charts
|
||||
|
|
Loading…
Reference in New Issue