kube-cascade/peertube/application.yaml

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: peertube-werts
  namespace: argocd
spec:
  destination:
    name: in-cluster
    namespace: peertube-werts
  project: default
  source:
    chart: peertube
    repoURL: https://ananace.gitlab.io/charts
    targetRevision: 0.3.4
    helm:
      values: |
        image:
          repository: chocobozzz/peertube
          pullPolicy: IfNotPresent
          ## Overrides the image tag whose default is the chart appVersion.
          # tag: production-bullseye
        config:
          serverName: tube.werts.us
          ## Generate with somethingl like `openssl rand -hex 32` - will auto-generate if left blank
          secret: 1165b3438b487d6dc52fc9d63ff78ef46a7e568a8daebdafd6f416d899aefbc6
        
          admin:
            email: peertube@strudelline.net
        
          ## Mail transfer setup, need to provide a hostname for SMTP
          mail:
            transport: smtp
            # sendmail:
            hostname: smtp.mailgun.org
            port: 465
            username: peertube@strudelline.net
            fromAddress: peertube@strudelline.net
        
            ## Password can be set either directly or with an existing secret.
            # password:
        
            existingSecret: peertube-smtp
            existingSecretKey: smtp-password
        
          ## Data storage on S3 - will still require persistence even if enabled.
          objectStorage:
            enabled: false
        
            endpoint: https://minio.strudelline.net
            region: syno-cascade-1
            # uploadACL: public-read
            maxUploadPart: 128MB
        
            accessKey: 3MvLDZE2XiK5XlbE
            secretKey: xmA9bJGlcFArtwHStJnqQTyZQjiyR1jv
        
            streaming:
              bucket_name: peertube-streaming
              # prefix:
              base_url: https://minio.strudelline.net/peertube-streaming
        
            videos:
              bucket_name: peertube-videos
              # prefix:
              base_url: https://minio.strudelline.net/peertube-videos
        
          ## Main persistent storage, will be used for uploads, processing, plugins, etc
          persistence:
            enabled: true
        
            size: 1000Gi
            storageClass: nfs
        
        ## Additional configuration to set on the main production.yaml configuration.
        ## See https://github.com/Chocobozzz/PeerTube/blob/develop/config/production.yaml.example
        ##
        extraConfig:
          ## It's recommended to limit this to only your internal cluster network
          trust_proxy:
            - 10.0.0.0/8
            - 172.16.0.0/12
            - 192.168.0.0/24
            - fc00::/7
            # - loopback
        
          instance:
            description: "WerTube"
        
        ## Extra environment variables to set on Peertube
        ##
        extraEnv:
        - name: http_proxy
          value: http://172.16.17.180:4080
        - name: https_proxy
          value: http://172.16.17.180:4080
        - name: HTTP_PROXY
          value: http://172.16.17.180:4080
        - name: HTTPS_PROXY
          value: http://172.16.17.180:4080
          # - name: TZ
          #   value: Europe/Stockholm
        extraSecret: {}
          # PEERTUBE_INSTANCE_TERMS: "These are some very secret terms-of-service"
        
        ## Extra values to set on the pod spec.
        ## Can be used for setting things like host aliases, overhead, custom schedulers, etc
        ##
        extraPodSpec: {}
        
        ## Self-deployed PostgreSQL database
        ## See: https://github.com/bitnami/charts/tree/master/bitnami/postgresql
        ##
        postgresql:
          enabled: false
        
          auth:
            database: peertube
            username: peertube
        
            # existingSecret:
            # secretKeys:
            #   userPasswordKey: password
        
          persistence:
            enabled: true
        
        ## Externally managed PostgreSQL, required if postgresql.enabled=false
        ##
        externalPostgresql:
          host: peertube-db-primary.peertube-werts.svc
          port: 5432
        
          database: peertube-db
          username: peertube-db
          # password:
          # ssl: true
        
          existingSecret: peertube-db-pguser-peertube-db
          existingSecretKey: password
        
        ## Self-deployed Redis database
        ## See: https://github.com/bitnami/charts/tree/master/bitnami/redis
        ##
        redis:
          enabled: true
          architecture: standalone
        
          auth:
            enabled: true
            password: peertube-98fuhaewulfh
        
            # existingSecret: redis-secret
            # existingSecretPasswordKey: redis-password
        
          master:
            kind: Deployment
            persistence:
              enabled: true
        
        ## Externally managed Redis, required if redis.enabled=false
        ##
        externalRedis:
          host:
          # port: 6379
          # db: 0
        
          # password:
        
          # existingSecret:
          # existingSecretKey: redis-password
        
        ## Default probes, using ping API to avoid excessive echo
        ##
        livenessProbe:
          httpGet:
            path: /api/v1/ping
            port: http
        readinessProbe:
          httpGet:
            path: /api/v1/ping
            port: http
        
        serviceAccount:
          ## Specifies whether a service account should be created
          create: true
          ## Annotations to add to the service account
          annotations: {}
          ## The name of the service account to use.
          ## If not set and create is true, a name is generated using the fullname template
          # name:
        
        podAnnotations: {}
        
        podSecurityContext:
          fsGroup: 999
        
        securityContext:
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 999
          # capabilities:
          #   drop:
          #   - ALL
        
        service:
          type: ClusterIP
          port: 80
          rtmpPort: 1935
        
        ingress:
          enabled: true
          className: istio
          paths:
          - path: /
            pathType: Prefix
          #tls:
          #- hosts:
          #  - tube.werts.us
          #  secretName: wildcard-tls

        resources: {}
          # limits:
          #   cpu: 100m
          #   memory: 128Mi
          # requests:
          #   cpu: 100m
          #   memory: 128Mi
        
        autoscaling:
          enabled: false
          minReplicas: 1
          maxReplicas: 3
          targetCPUUtilizationPercentage: 80
          # targetMemoryUtilizationPercentage: 80
        
        nodeSelector: {}
        
        tolerations: []
        
        affinity: {}

  syncPolicy:
    automated:
      prune: true
      selfHeal: true
    retry:
      backoff:
        duration: 5s
        factor: 2
        maxDuration: 3m0s
      limit: 10
    syncOptions:
    - CreateNamespace=true
add minio to wildcard tls 2023-08-12 05:55:53 +00:00			`apiVersion: argoproj.io/v1alpha1`
			`kind: Application`
			`metadata:`
			`name: peertube-werts`
			`namespace: argocd`
			`spec:`
			`destination:`
			`name: in-cluster`
			`namespace: peertube-werts`
			`project: default`
			`source:`
			`chart: peertube`
			`repoURL: https://ananace.gitlab.io/charts`
			`targetRevision: 0.3.4`
			`helm:`
			`values: \|`
			`image:`
			`repository: chocobozzz/peertube`
			`pullPolicy: IfNotPresent`
			`## Overrides the image tag whose default is the chart appVersion.`
			`# tag: production-bullseye`
			`config:`
			`serverName: tube.werts.us`
			## Generate with somethingl like `openssl rand -hex 32` - will auto-generate if left blank
			`secret: 1165b3438b487d6dc52fc9d63ff78ef46a7e568a8daebdafd6f416d899aefbc6`

			`admin:`
			`email: peertube@strudelline.net`

			`## Mail transfer setup, need to provide a hostname for SMTP`
			`mail:`
			`transport: smtp`
			`# sendmail:`
			`hostname: smtp.mailgun.org`
			`port: 465`
			`username: peertube@strudelline.net`
			`fromAddress: peertube@strudelline.net`

			`## Password can be set either directly or with an existing secret.`
			`# password:`

			`existingSecret: peertube-smtp`
			`existingSecretKey: smtp-password`

			`## Data storage on S3 - will still require persistence even if enabled.`
			`objectStorage:`
update peertube to use nfs for assets 2023-08-15 19:11:46 +00:00			`enabled: false`
add minio to wildcard tls 2023-08-12 05:55:53 +00:00
			`endpoint: https://minio.strudelline.net`
			`region: syno-cascade-1`
			`# uploadACL: public-read`
			`maxUploadPart: 128MB`

			`accessKey: 3MvLDZE2XiK5XlbE`
			`secretKey: xmA9bJGlcFArtwHStJnqQTyZQjiyR1jv`

			`streaming:`
			`bucket_name: peertube-streaming`
			`# prefix:`
			`base_url: https://minio.strudelline.net/peertube-streaming`

			`videos:`
			`bucket_name: peertube-videos`
			`# prefix:`
			`base_url: https://minio.strudelline.net/peertube-videos`

			`## Main persistent storage, will be used for uploads, processing, plugins, etc`
			`persistence:`
			`enabled: true`

update peertube to use nfs for assets 2023-08-15 19:11:46 +00:00			`size: 1000Gi`
			`storageClass: nfs`
add minio to wildcard tls 2023-08-12 05:55:53 +00:00
			`## Additional configuration to set on the main production.yaml configuration.`
			`## See https://github.com/Chocobozzz/PeerTube/blob/develop/config/production.yaml.example`
			`##`
			`extraConfig:`
			`## It's recommended to limit this to only your internal cluster network`
			`trust_proxy:`
			`- 10.0.0.0/8`
			`- 172.16.0.0/12`
			`- 192.168.0.0/24`
			`- fc00::/7`
			`# - loopback`

			`instance:`
			`description: "WerTube"`

			`## Extra environment variables to set on Peertube`
			`##`
			`extraEnv:`
			`- name: http_proxy`
			`value: http://172.16.17.180:4080`
			`- name: https_proxy`
			`value: http://172.16.17.180:4080`
			`- name: HTTP_PROXY`
			`value: http://172.16.17.180:4080`
			`- name: HTTPS_PROXY`
			`value: http://172.16.17.180:4080`
			`# - name: TZ`
			`# value: Europe/Stockholm`
			`extraSecret: {}`
			`# PEERTUBE_INSTANCE_TERMS: "These are some very secret terms-of-service"`

			`## Extra values to set on the pod spec.`
			`## Can be used for setting things like host aliases, overhead, custom schedulers, etc`
			`##`
			`extraPodSpec: {}`

			`## Self-deployed PostgreSQL database`
			`## See: https://github.com/bitnami/charts/tree/master/bitnami/postgresql`
			`##`
			`postgresql:`
			`enabled: false`

			`auth:`
			`database: peertube`
			`username: peertube`

			`# existingSecret:`
			`# secretKeys:`
			`# userPasswordKey: password`

			`persistence:`
			`enabled: true`

			`## Externally managed PostgreSQL, required if postgresql.enabled=false`
			`##`
			`externalPostgresql:`
			`host: peertube-db-primary.peertube-werts.svc`
			`port: 5432`

			`database: peertube-db`
			`username: peertube-db`
			`# password:`
			`# ssl: true`

			`existingSecret: peertube-db-pguser-peertube-db`
			`existingSecretKey: password`

			`## Self-deployed Redis database`
			`## See: https://github.com/bitnami/charts/tree/master/bitnami/redis`
			`##`
			`redis:`
			`enabled: true`
			`architecture: standalone`

			`auth:`
			`enabled: true`
			`password: peertube-98fuhaewulfh`

			`# existingSecret: redis-secret`
			`# existingSecretPasswordKey: redis-password`

			`master:`
			`kind: Deployment`
			`persistence:`
			`enabled: true`

			`## Externally managed Redis, required if redis.enabled=false`
			`##`
			`externalRedis:`
			`host:`
			`# port: 6379`
			`# db: 0`

			`# password:`

			`# existingSecret:`
			`# existingSecretKey: redis-password`

			`## Default probes, using ping API to avoid excessive echo`
			`##`
			`livenessProbe:`
			`httpGet:`
			`path: /api/v1/ping`
			`port: http`
			`readinessProbe:`
			`httpGet:`
			`path: /api/v1/ping`
			`port: http`

			`serviceAccount:`
			`## Specifies whether a service account should be created`
			`create: true`
			`## Annotations to add to the service account`
			`annotations: {}`
			`## The name of the service account to use.`
			`## If not set and create is true, a name is generated using the fullname template`
			`# name:`

			`podAnnotations: {}`

			`podSecurityContext:`
			`fsGroup: 999`

			`securityContext:`
			`readOnlyRootFilesystem: true`
			`runAsNonRoot: true`
			`runAsUser: 999`
			`# capabilities:`
			`# drop:`
			`# - ALL`

			`service:`
			`type: ClusterIP`
			`port: 80`
			`rtmpPort: 1935`

			`ingress:`
			`enabled: true`
			`className: istio`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`#tls:`
			`#- hosts:`
			`# - tube.werts.us`
			`# secretName: wildcard-tls`

			`resources: {}`
			`# limits:`
			`# cpu: 100m`
			`# memory: 128Mi`
			`# requests:`
			`# cpu: 100m`
			`# memory: 128Mi`

			`autoscaling:`
			`enabled: false`
			`minReplicas: 1`
			`maxReplicas: 3`
			`targetCPUUtilizationPercentage: 80`
			`# targetMemoryUtilizationPercentage: 80`

			`nodeSelector: {}`

			`tolerations: []`

			`affinity: {}`

			`syncPolicy:`
			`automated:`
			`prune: true`
			`selfHeal: true`
			`retry:`
			`backoff:`
			`duration: 5s`
			`factor: 2`
			`maxDuration: 3m0s`
			`limit: 10`
			`syncOptions:`
			`- CreateNamespace=true`