peertube: Cleaning up chart

Now a default update strategy will be chosen based on the persistent
storage access mode, as Recreate behaves better for RWO storage.
The webadmin config folder is also created with an init container to
better support non-standard images.
This commit is contained in:
Alexander Olofsson 2022-07-12 14:29:44 +02:00
parent e96c583292
commit 20514d5d2a
No known key found for this signature in database
GPG key ID: D439C9470CB04C73
7 changed files with 81 additions and 21 deletions

View file

@ -5,7 +5,7 @@ description: Free software to take back control of your videos
icon: https://upload.wikimedia.org/wikipedia/commons/2/2b/Logo_de_PeerTube.svg icon: https://upload.wikimedia.org/wikipedia/commons/2/2b/Logo_de_PeerTube.svg
type: application type: application
version: 0.1.0 version: 0.1.1
appVersion: "4.2.2" appVersion: "4.2.2"
maintainers: maintainers:
- name: Alexander Olofsson - name: Alexander Olofsson

24
charts/peertube/README.md Normal file
View file

@ -0,0 +1,24 @@
Peertube
========
[Peertube](https://joinpeertube.org/) is a federated video hosting platform for the open web.
## Prerequisites
- Non-EoL Kubernetes cluster
- Helm 3
- SMTP server available
## Installing
Peertube will require three pieces of data to be installed; A server name, an admin contact email address, and an SMTP server configuration.
For a simple install with an authentication-less SMPT server this could look like;
helm install peertube ananace-charts/peertube --set config.serverName=videos.example.com,config.admin.email=admin@example.com,config.mail.hostname=smtp.example.com
### Live-streaming / RTMP
For the live-streaming functionality to work, you will need to make sure your ingress forwards TCP connections on the RTMP port. (1935 by default)
With that in place, you can enable live-streaming support either with `extraConfig.live.enabled=true` or by having `config.webadminConfig=true` and activating it from inside the system itself.

View file

@ -1,20 +1,21 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }} {{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }} 1. Visit the application at the following URL
{{- range .paths }} {{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.config.serverName }}{{ .path }}
{{- end }}
{{- end }} {{- end }}
{{- else if contains "NodePort" .Values.service.type }} {{- else if contains "NodePort" .Values.service.type }}
1. Get the application URL by running these commands:
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "peertube.fullname" . }}) export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "peertube.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }} {{- else if contains "LoadBalancer" .Values.service.type }}
1. Get the application URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available. NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "peertube.fullname" . }}' You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "peertube.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "peertube.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "peertube.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }} echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }} {{- else if contains "ClusterIP" .Values.service.type }}
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "peertube.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "peertube.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application" echo "Visit http://127.0.0.1:8080 to use your application"

View file

@ -12,10 +12,15 @@ data:
port: 9000 port: 9000
webserver: webserver:
hostname: {{ .Values.config.serverName }} hostname: {{ required "You need to specify a server name" .Values.config.serverName | quote }}
port: 443 port: 443
https: true https: true
webadmin:
configuration:
edition:
allowed: {{ .Values.config.webadminConfig }}
admin: admin:
email: {{ required "You need to specify an admin email" .Values.config.admin.email | quote }} email: {{ required "You need to specify an admin email" .Values.config.admin.email | quote }}

View file

@ -1,3 +1,4 @@
---
apiVersion: apps/v1 apiVersion: apps/v1
kind: Deployment kind: Deployment
metadata: metadata:
@ -21,6 +22,16 @@ spec:
{{- end }} {{- end }}
labels: labels:
{{- include "peertube.selectorLabels" . | nindent 8 }} {{- include "peertube.selectorLabels" . | nindent 8 }}
strategy:
{{- if .Values.strategy }}
{{- toYaml .Values.strategy | nindent 10 }}
{{- else }}
{{- if has "ReadWriteOnce" (.Values.config.persistence.accessModes | default (list "ReadWriteOnce")) }}
type: Recreate
{{- else }}
type: RollingUpdate
{{- end }}
{{- end }}
spec: spec:
{{- with .Values.imagePullSecrets }} {{- with .Values.imagePullSecrets }}
imagePullSecrets: imagePullSecrets:
@ -29,18 +40,27 @@ spec:
serviceAccountName: {{ include "peertube.serviceAccountName" . }} serviceAccountName: {{ include "peertube.serviceAccountName" . }}
securityContext: securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }} {{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if .Values.config.webadminConfig }}
initContainers:
- name: config-ensure
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: busybox
imagePullPolicy: IfNotPresent
command:
- mkdir
- -p
- /data/config/
volumeMounts:
- mountPath: /data
name: data
{{- end }}
containers: containers:
- name: {{ .Chart.Name }} - name: {{ .Chart.Name }}
securityContext: securityContext:
{{- toYaml .Values.securityContext | nindent 12 }} {{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ include "peertube.imageTag" . }}" image: "{{ .Values.image.repository }}:{{ include "peertube.imageTag" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }} imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- sh
- -c
- |
mkdir -p /data/config/
exec node dist/server
ports: ports:
- name: http - name: http
containerPort: 9000 containerPort: 9000
@ -78,10 +98,10 @@ spec:
valueFrom: valueFrom:
secretKeyRef: secretKeyRef:
{{- if .Values.redis.enabled }} {{- if .Values.redis.enabled }}
key: redis-password key: {{ .Values.redis.auth.existingSecretPasswordKey | default "redis-password" }}
name: {{ .Values.redis.auth.existingSecret | default (include "peertube.redis.fullname" .) }} name: {{ .Values.redis.auth.existingSecret | default (include "peertube.redis.fullname" .) }}
{{- else }} {{- else }}
key: {{ .Values.externalRedis.existingSecretKey | default "redis-peassword" }} key: {{ .Values.externalRedis.existingSecretKey | default "redis-password" }}
name: {{ .Values.externalRedis.existingSecret }} name: {{ .Values.externalRedis.existingSecret }}
{{- end }} {{- end }}
{{- end }} {{- end }}

View file

@ -1,3 +1,6 @@
{{- if (and .Values.config.mail.password .Values.config.mail.existingSecret) -}}
{{- fail "Can't specify both direct password as well as existing secret for mail" -}}
{{- end -}}
--- ---
apiVersion: v1 apiVersion: v1
kind: Secret kind: Secret

View file

@ -12,12 +12,19 @@ imagePullSecrets: []
nameOverride: "" nameOverride: ""
fullnameOverride: "" fullnameOverride: ""
# strategy:
# type: RollingUpdate
## Main Peertube configuration ## Main Peertube configuration
## ##
config: config:
## Public server name, will be used to configure both Peertube and the Ingress ## Public server name, will be used to configure both Peertube and the Ingress
## resource if enabled. ## resource if enabled.
serverName: peertube.example.com serverName:
## Should in-application configuration be possible, enabling this will
## use an init-container to create a config folder in your persistent storage.
webadminConfig: true
admin: admin:
email: email:
@ -59,7 +66,7 @@ config:
# prefix: # prefix:
# base_url: # base_url:
## Main persistent store, will be used for uploads, processing, plugins, etc. ## Main persistent storage, will be used for uploads, processing, plugins, etc
persistence: persistence:
enabled: true enabled: true
@ -91,6 +98,7 @@ extraSecret: {}
# PEERTUBE_INSTANCE_TERMS: "These are some very secret terms-of-service" # PEERTUBE_INSTANCE_TERMS: "These are some very secret terms-of-service"
## Self-deployed PostgreSQL database ## Self-deployed PostgreSQL database
## See: https://github.com/bitnami/charts/tree/master/bitnami/postgresql
## ##
postgresql: postgresql:
enabled: true enabled: true
@ -100,7 +108,7 @@ postgresql:
username: peertube username: peertube
# existingSecret: # existingSecret:
secretKeys: {} # secretKeys:
# userPasswordKey: password # userPasswordKey: password
persistence: persistence:
@ -121,6 +129,7 @@ externalPostgresql:
# existingSecretKey: postgres-password # existingSecretKey: postgres-password
## Self-deployed Redis database ## Self-deployed Redis database
## See: https://github.com/bitnami/charts/tree/master/bitnami/redis
## ##
redis: redis:
enabled: true enabled: true
@ -130,10 +139,8 @@ redis:
enabled: true enabled: true
# password: peertube # password: peertube
## Or use existing secret with "redis-password" key
## instead of static password
##
# existingSecret: redis-secret # existingSecret: redis-secret
# existingSecretPasswordKey: redis-password
master: master:
persistence: persistence: