peertube: Cleaning up chart

Now a default update strategy will be chosen based on the persistent
storage access mode, as Recreate behaves better for RWO storage.
The webadmin config folder is also created with an init container to
better support non-standard images.
This commit is contained in:
Alexander Olofsson 2022-07-12 14:29:44 +02:00
parent e96c583292
commit 20514d5d2a
No known key found for this signature in database
GPG key ID: D439C9470CB04C73
7 changed files with 81 additions and 21 deletions

View file

@ -5,7 +5,7 @@ description: Free software to take back control of your videos
icon: https://upload.wikimedia.org/wikipedia/commons/2/2b/Logo_de_PeerTube.svg
type: application
version: 0.1.0
version: 0.1.1
appVersion: "4.2.2"
maintainers:
- name: Alexander Olofsson

24
charts/peertube/README.md Normal file
View file

@ -0,0 +1,24 @@
Peertube
========
[Peertube](https://joinpeertube.org/) is a federated video hosting platform for the open web.
## Prerequisites
- Non-EoL Kubernetes cluster
- Helm 3
- SMTP server available
## Installing
Peertube will require three pieces of data to be installed; A server name, an admin contact email address, and an SMTP server configuration.
For a simple install with an authentication-less SMPT server this could look like;
helm install peertube ananace-charts/peertube --set config.serverName=videos.example.com,config.admin.email=admin@example.com,config.mail.hostname=smtp.example.com
### Live-streaming / RTMP
For the live-streaming functionality to work, you will need to make sure your ingress forwards TCP connections on the RTMP port. (1935 by default)
With that in place, you can enable live-streaming support either with `extraConfig.live.enabled=true` or by having `config.webadminConfig=true` and activating it from inside the system itself.

View file

@ -1,20 +1,21 @@
1. Get the application URL by running these commands:
{{- if .Values.ingress.enabled }}
{{- range $host := .Values.ingress.hosts }}
1. Visit the application at the following URL
{{- range .paths }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }}
{{- end }}
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.config.serverName }}{{ .path }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
1. Get the application URL by running these commands:
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "peertube.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
echo http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
1. Get the application URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "peertube.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "peertube.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
echo http://$SERVICE_IP:{{ .Values.service.port }}
{{- else if contains "ClusterIP" .Values.service.type }}
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "peertube.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}")
echo "Visit http://127.0.0.1:8080 to use your application"

View file

@ -12,10 +12,15 @@ data:
port: 9000
webserver:
hostname: {{ .Values.config.serverName }}
hostname: {{ required "You need to specify a server name" .Values.config.serverName | quote }}
port: 443
https: true
webadmin:
configuration:
edition:
allowed: {{ .Values.config.webadminConfig }}
admin:
email: {{ required "You need to specify an admin email" .Values.config.admin.email | quote }}

View file

@ -1,3 +1,4 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
@ -21,6 +22,16 @@ spec:
{{- end }}
labels:
{{- include "peertube.selectorLabels" . | nindent 8 }}
strategy:
{{- if .Values.strategy }}
{{- toYaml .Values.strategy | nindent 10 }}
{{- else }}
{{- if has "ReadWriteOnce" (.Values.config.persistence.accessModes | default (list "ReadWriteOnce")) }}
type: Recreate
{{- else }}
type: RollingUpdate
{{- end }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
@ -29,18 +40,27 @@ spec:
serviceAccountName: {{ include "peertube.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
{{- if .Values.config.webadminConfig }}
initContainers:
- name: config-ensure
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: busybox
imagePullPolicy: IfNotPresent
command:
- mkdir
- -p
- /data/config/
volumeMounts:
- mountPath: /data
name: data
{{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ include "peertube.imageTag" . }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- sh
- -c
- |
mkdir -p /data/config/
exec node dist/server
ports:
- name: http
containerPort: 9000
@ -78,10 +98,10 @@ spec:
valueFrom:
secretKeyRef:
{{- if .Values.redis.enabled }}
key: redis-password
key: {{ .Values.redis.auth.existingSecretPasswordKey | default "redis-password" }}
name: {{ .Values.redis.auth.existingSecret | default (include "peertube.redis.fullname" .) }}
{{- else }}
key: {{ .Values.externalRedis.existingSecretKey | default "redis-peassword" }}
key: {{ .Values.externalRedis.existingSecretKey | default "redis-password" }}
name: {{ .Values.externalRedis.existingSecret }}
{{- end }}
{{- end }}

View file

@ -1,3 +1,6 @@
{{- if (and .Values.config.mail.password .Values.config.mail.existingSecret) -}}
{{- fail "Can't specify both direct password as well as existing secret for mail" -}}
{{- end -}}
---
apiVersion: v1
kind: Secret

View file

@ -12,12 +12,19 @@ imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
# strategy:
# type: RollingUpdate
## Main Peertube configuration
##
config:
## Public server name, will be used to configure both Peertube and the Ingress
## resource if enabled.
serverName: peertube.example.com
serverName:
## Should in-application configuration be possible, enabling this will
## use an init-container to create a config folder in your persistent storage.
webadminConfig: true
admin:
email:
@ -59,7 +66,7 @@ config:
# prefix:
# base_url:
## Main persistent store, will be used for uploads, processing, plugins, etc.
## Main persistent storage, will be used for uploads, processing, plugins, etc
persistence:
enabled: true
@ -91,6 +98,7 @@ extraSecret: {}
# PEERTUBE_INSTANCE_TERMS: "These are some very secret terms-of-service"
## Self-deployed PostgreSQL database
## See: https://github.com/bitnami/charts/tree/master/bitnami/postgresql
##
postgresql:
enabled: true
@ -100,7 +108,7 @@ postgresql:
username: peertube
# existingSecret:
secretKeys: {}
# secretKeys:
# userPasswordKey: password
persistence:
@ -121,6 +129,7 @@ externalPostgresql:
# existingSecretKey: postgres-password
## Self-deployed Redis database
## See: https://github.com/bitnami/charts/tree/master/bitnami/redis
##
redis:
enabled: true
@ -130,10 +139,8 @@ redis:
enabled: true
# password: peertube
## Or use existing secret with "redis-password" key
## instead of static password
##
# existingSecret: redis-secret
# existingSecretPasswordKey: redis-password
master:
persistence: