alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
Alex Lebens
2024-05-22 12:49:28 -05:00
commit 35b77bb0df
219 changed files with 9997 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
clusters/cl01tl/applications/kyoo/Chart.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: v2
name: kyoo
version: 1.0.0
description: A Helm chart for deploying Kyoo
keywords:
- kyoo
- media
sources:
- https://github.com/zoriya/Kyoo
- https://github.com/rabbitmq/rabbitmq-server
- https://github.com/bitnami/charts/tree/main/bitnami/rabbitmq
- https://github.com/meilisearch/meilisearch
- https://github.com/meilisearch/meilisearch-kubernetes/tree/main/charts/meilisearch
- https://github.com/alexlebens/helm-charts/charts/postgres-cluster
maintainers:
- name: alexlebens
dependencies:
- name: app-template
repository: https://bjw-s.github.io/helm-charts/
version: 3.1.0
- name: rabbitmq
version: 14.1.4
repository: https://charts.bitnami.com/bitnami
- name: meilisearch
version: 0.7.0
repository: https://meilisearch.github.io/meilisearch-kubernetes
- name: postgres-cluster
alias: postgres-16-cluster
version: 3.0.0
repository: http://alexlebens.github.io/helm-charts
icon: https://raw.githubusercontent.com/zoriya/Kyoo/master/icons/icon-256x256.png
appVersion: v4.5.0

183
clusters/cl01tl/applications/kyoo/templates/external-secret.yaml Normal file
View File

@@ -0,0 +1,183 @@
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: kyoo-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: key
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/authentication
metadataPolicy: None
property: key
- secretKey: kyoo
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/authentication
metadataPolicy: None
property: kyoo
- secretKey: tmdb
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/authentication
metadataPolicy: None
property: tmdb
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: kyoo-api-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-api-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: kyoo
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/api
metadataPolicy: None
property: kyoo
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: kyoo-oidc-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-oidc-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: auth
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: client
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/kyoo
metadataPolicy: None
property: client
- secretKey: secret
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /authentik/oidc/kyoo
metadataPolicy: None
property: secret
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: kyoo-rabbitmq-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-rabbitmq-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: rabbitmq
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: password
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/rabbitmq
metadataPolicy: None
property: password
- secretKey: erlang
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/rabbitmq
metadataPolicy: None
property: erlang
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: kyoo-meilisearch-master-key-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-meilisearch-master-key-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: meilisearch
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: MEILI_MASTER_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /kyoo/meilisearch
metadataPolicy: None
property: MEILI_MASTER_KEY
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: kyoo-postgresql-16-cluster-backup-secret
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-postgresql-16-cluster-backup-secret
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: database
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
secretStoreRef:
kind: ClusterSecretStore
name: vault
data:
- secretKey: ACCESS_KEY_ID
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /aws/keys/cl01tl-kyoo-postgresql
metadataPolicy: None
property: access_key
- secretKey: ACCESS_SECRET_KEY
remoteRef:
conversionStrategy: Default
decodingStrategy: None
key: /aws/keys/cl01tl-kyoo-postgresql
metadataPolicy: None
property: secret_key

32
clusters/cl01tl/applications/kyoo/templates/ingress-route.yaml Normal file
View File

@@ -0,0 +1,32 @@
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: kyoo
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
entryPoints:
- websecure
routes:
- kind: Rule
match: Host(`kyoo.alexlebens.net`)
priority: 10
services:
- kind: Service
name: kyoo-front
port: 8901
- kind: Rule
match: Host(`kyoo.alexlebens.net`) && PathPrefix(`/api/`)
middlewares:
- name: kyoo-strip-prefix
namespace: {{ .Release.Namespace }}
priority: 15
services:
- kind: Service
name: kyoo-back
port: 5000

15
clusters/cl01tl/applications/kyoo/templates/middleware.yaml Normal file
View File

@@ -0,0 +1,15 @@
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: kyoo-strip-prefix
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-strip-prefix
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: auth
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
stripPrefix:
prefixes:
- /api/

229
clusters/cl01tl/applications/kyoo/templates/persistent-volume-claim.yaml Normal file
View File

@@ -0,0 +1,229 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-anime-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-anime-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-anime-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-anime-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-anime-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-anime-movies-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-documentaries-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-documentaries-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-documentaries-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-documentary-shows-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-documentary-shows-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-documentary-shows-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-movies-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-movies-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-movies-4k-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-movies-classics-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-classics-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-movies-classics-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-movies-foreign-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-foreign-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-movies-foreign-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-stand-up-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-stand-up-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-stand-up-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-tv-shows-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-tv-shows-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-tv-shows-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: kyoo-tv-shows-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-tv-shows-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
volumeName: kyoo-tv-shows-4k-nfs-storage
storageClassName: nfs-client
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi

295
clusters/cl01tl/applications/kyoo/templates/persistent-volume.yaml Normal file
View File

@@ -0,0 +1,295 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-anime-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-anime-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Anime
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-anime-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-anime-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/Anime Movies"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-documentaries-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-documentaries-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Documentaries
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-documentary-shows-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-documentary-shows-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/Documentary Shows"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-movies-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: /volume2/Storage/Movies
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-movies-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/Movies 4K"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-movies-classics-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-classics-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/Movies Classics"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-movies-foreign-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-movies-foreign-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/Movies Foreign"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-stand-up-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-stand-up-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/Stand Up"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-tv-shows-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-tv-shows-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/TV Shows"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: kyoo-tv-shows-4k-nfs-storage
namespace: {{ .Release.Namespace }}
labels:
app.kubernetes.io/name: kyoo-tv-shows-4k-nfs-storage
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
app.kubernetes.io/component: storage
app.kubernetes.io/part-of: {{ .Release.Name }}
spec:
persistentVolumeReclaimPolicy: Retain
storageClassName: nfs-client
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
nfs:
path: "/volume2/Storage/TV Shows 4K"
server: synologybond.alexlebens.net
mountOptions:
- vers=4
- minorversion=1
- noac

590
clusters/cl01tl/applications/kyoo/values.yaml Normal file
View File

@@ -0,0 +1,590 @@
app-template:
controllers:
autosync:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/zoriya/kyoo_autosync
tag: "4.5.0"
pullPolicy: IfNotPresent
env:
- name: RABBITMQ_HOST
value: kyoo-rabbitmq
- name: RABBITMQ_DEFAULT_USER
value: kyoo
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
name: kyoo-rabbitmq-secret
key: password
resources:
limits:
cpu: 100m
memory: 512Mi
requests:
cpu: 10m
memory: 128Mi
back:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
initContainers:
migrations:
image:
repository: ghcr.io/zoriya/kyoo_migrations
tag: "4.5.0"
pullPolicy: IfNotPresent
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: password
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: dbname
- name: POSTGRES_SERVER
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: host
- name: POSTGRES_PORT
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: port
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 10m
memory: 256Mi
containers:
main:
image:
repository: ghcr.io/zoriya/kyoo_back
tag: "4.5.0"
pullPolicy: IfNotPresent
env:
- name: REQUIRE_ACCOUNT_VERIFICATION
value: "false"
- name: UNLOGGED_PERMISSIONS
value: overall.read
- name: DEFAULT_PERMISSIONS
value: overall.read,overall.play
- name: AUTHENTICATION_SECRET
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: key
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: kyoo
- name: THEMOVIEDB_APIKEY
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: tmdb
- name: PUBLIC_URL
value: https://kyoo.alexlebens.net
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: password
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: dbname
- name: POSTGRES_SERVER
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: host
- name: POSTGRES_PORT
valueFrom:
secretKeyRef:
name: kyoo-postgresql-16-cluster-app
key: port
- name: OIDC_SERVICE_NAME
value: Authentik
- name: OIDC_SERVICE_LOGO
value: https://avatars.githubusercontent.com/u/82976448?s=200&v=4
- name: OIDC_SERVICE_AUTHORIZATION
value: https://authentik.alexlebens.net/application/o/authorize/
- name: OIDC_SERVICE_TOKEN
value: https://authentik.alexlebens.net/application/o/token/
- name: OIDC_SERVICE_PROFILE
value: https://authentik.alexlebens.net/application/o/userinfo/
- name: OIDC_SERVICE_SCOPE
value: "openid profile email"
- name: OIDC_SERVICE_CLIENTID
valueFrom:
secretKeyRef:
name: kyoo-oidc-secret
key: client
- name: OIDC_SERVICE_SECRET
valueFrom:
secretKeyRef:
name: kyoo-oidc-secret
key: secret
- name: TRANSCODER_URL
value: http://kyoo-transcoder.kyoo:7666
- name: MEILI_HOST
value: http://kyoo-meilisearch.kyoo:7700
- name: MEILI_MASTER_KEY
valueFrom:
secretKeyRef:
name: kyoo-meilisearch-master-key-secret
key: MEILI_MASTER_KEY
- name: RABBITMQ_HOST
value: kyoo-rabbitmq
- name: RABBITMQ_DEFAULT_USER
value: kyoo
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
name: kyoo-rabbitmq-secret
key: password
resources:
limits:
cpu: 5000m
memory: 5Gi
requests:
cpu: 100m
memory: 256Mi
front:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/zoriya/kyoo_front
tag: "4.5.0"
pullPolicy: IfNotPresent
env:
- name: KYOO_URL
value: http://kyoo-back.kyoo:5000
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: kyoo
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 256Mi
matcher:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/zoriya/kyoo_scanner
tag: "4.5.0"
pullPolicy: IfNotPresent
args:
- matcher
env:
- name: KYOO_URL
value: http://kyoo-back.kyoo:5000
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: kyoo
- name: THEMOVIEDB_APIKEY
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: tmdb
- name: LIBRARY_LANGUAGES
value: en
- name: LIBRARY_IGNORE_PATTERN
value: .*/[dD]ownloads?/.*
- name: RABBITMQ_HOST
value: kyoo-rabbitmq
- name: RABBITMQ_DEFAULT_USER
value: kyoo
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
name: kyoo-rabbitmq-secret
key: password
resources:
limits:
cpu: 5000m
memory: 2Gi
requests:
cpu: 100m
memory: 256Mi
scanner:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/zoriya/kyoo_scanner
tag: "4.5.0"
pullPolicy: IfNotPresent
env:
- name: KYOO_URL
value: http://kyoo-back.kyoo:5000
- name: KYOO_APIKEYS
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: kyoo
- name: THEMOVIEDB_APIKEY
valueFrom:
secretKeyRef:
name: kyoo-key-secret
key: tmdb
- name: LIBRARY_LANGUAGES
value: en
- name: LIBRARY_IGNORE_PATTERN
value: .*/[dD]ownloads?/.*
- name: RABBITMQ_HOST
value: kyoo-rabbitmq
- name: RABBITMQ_DEFAULT_USER
value: kyoo
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
name: kyoo-rabbitmq-secret
key: password
resources:
limits:
cpu: 5000m
memory: 2Gi
requests:
cpu: 100m
memory: 256Mi
transcoder:
type: deployment
replicas: 1
strategy: Recreate
revisionHistoryLimit: 3
containers:
main:
image:
repository: ghcr.io/zoriya/kyoo_transcoder
tag: "4.5.0"
pullPolicy: IfNotPresent
env:
- name: GOCODER_HWACCEL
value: qsv
- name: GOCODER_QSV_RENDERER
value: /dev/dri/renderD128
- name: GOCODER_PRESET
value: fast
- name: GOCODER_METADATA_ROOT
value: /metadata
- name: GOCODER_CACHE_ROOT
value: /cache
resources:
limits:
cpu: 5000m
memory: 4Gi
gpu.intel.com/i915: 1
requests:
cpu: 100m
memory: 512Mi
gpu.intel.com/i915: 1
serviceAccount:
create: true
service:
back:
controller: back
ports:
http:
port: 5000
targetPort: 5000
protocol: HTTP
front:
controller: front
ports:
http:
port: 8901
targetPort: 8901
protocol: HTTP
transcoder:
controller: transcoder
ports:
http:
port: 7666
targetPort: 7666
protocol: HTTP
persistence:
back:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 50Gi
retain: true
advancedMounts:
back:
main:
- path: /metadata
readOnly: false
metadata:
storageClass: ceph-block
accessMode: ReadWriteOnce
size: 10Gi
retain: true
advancedMounts:
transcoder:
main:
- path: /metadata
readOnly: false
cache:
type: emptyDir
advancedMounts:
transcoder:
main:
- path: /cache
readOnly: false
anime:
existingClaim: kyoo-anime-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Anime"
readOnly: true
matcher:
main:
- path: "/video/Anime"
readOnly: true
transcoder:
main:
- path: "/video/Anime"
readOnly: true
anime-movies:
existingClaim: kyoo-anime-movies-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Anime Movies"
readOnly: true
matcher:
main:
- path: "/video/Anime Movies"
readOnly: true
transcoder:
main:
- path: "/video/Anime Movies"
readOnly: true
documentaries:
existingClaim: kyoo-documentaries-nfs-storage
advancedMounts:
scanner:
main:
- path: /video/Documentaries
readOnly: true
matcher:
main:
- path: /video/Documentaries
readOnly: true
transcoder:
main:
- path: /video/Documentaries
readOnly: true
documentary-shows:
existingClaim: kyoo-documentary-shows-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Documentary Shows"
readOnly: true
matcher:
main:
- path: "/video/Documentary Shows"
readOnly: true
transcoder:
main:
- path: "/video/Documentary Shows"
readOnly: true
movies:
existingClaim: kyoo-movies-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Movies"
readOnly: true
matcher:
main:
- path: "/video/Movies"
readOnly: true
transcoder:
main:
- path: "/video/Movies"
readOnly: true
movies-4k:
existingClaim: kyoo-movies-4k-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Movies 4K"
readOnly: true
matcher:
main:
- path: "/video/Movies 4K"
readOnly: true
transcoder:
main:
- path: "/video/Movies 4K"
readOnly: true
movies-classics:
existingClaim: kyoo-movies-classics-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Movies Classics"
readOnly: true
matcher:
main:
- path: "/video/Movies Classics"
readOnly: true
transcoder:
main:
- path: "/video/Movies Classics"
readOnly: true
movies-foreign:
existingClaim: kyoo-movies-foreign-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Movies Foreign"
readOnly: true
matcher:
main:
- path: "/video/Movies Foreign"
readOnly: true
transcoder:
main:
- path: "/video/Movies Foreign"
readOnly: true
stand-up:
existingClaim: kyoo-stand-up-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/Stand Up"
readOnly: true
matcher:
main:
- path: "/video/Stand Up"
readOnly: true
transcoder:
main:
- path: "/video/Stand Up"
readOnly: true
tv-shows:
existingClaim: kyoo-tv-shows-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/TV Shows"
readOnly: true
matcher:
main:
- path: "/video/TV Shows"
readOnly: true
transcoder:
main:
- path: "/video/TV Shows"
readOnly: true
tv-shows-4k:
existingClaim: kyoo-tv-shows-4k-nfs-storage
advancedMounts:
scanner:
main:
- path: "/video/TV Shows 4K"
readOnly: true
matcher:
main:
- path: "/video/TV Shows 4K"
readOnly: true
transcoder:
main:
- path: "/video/TV Shows 4K"
readOnly: true
rabbitmq:
auth:
username: kyoo
existingPasswordSecret: kyoo-rabbitmq-secret
existingSecretPasswordKey: password
existingErlangSecret: kyoo-rabbitmq-secret
existingSecretErlangKey: erlang
extraConfiguration: |-
default_vhost = /
default_permissions.configure = .*
default_permissions.read = .*
default_permissions.write = .*
meilisearch:
environment:
MEILI_NO_ANALYTICS: true
MEILI_ENV: production
auth:
existingMasterKeySecret: kyoo-meilisearch-master-key-secret
service:
type: ClusterIP
port: 7700
persistence:
enabled: true
storageClass: ceph-block
size: 10Gi
resources:
limits:
cpu: 200m
memory: 2Gi
requests:
cpu: 10m
memory: 128Mi
serviceMonitor:
enabled: true
postgres-16-cluster:
mode: standalone
cluster:
walStorage:
storageClass: local-path
storage:
storageClass: local-path
monitoring:
enabled: true
backup:
enabled: true
endpointURL: https://s3.us-east-2.amazonaws.com
destinationPath: s3://cl01tl-postgresql-backups/kyoo
endpointCredentials: kyoo-postgresql-16-cluster-backup-secret
backupIndex: 1
retentionPolicy: 14d