add minio to wildcard tls
This commit is contained in:
parent
f64aba9d12
commit
f4050481ce
253
peertube/application.yaml
Normal file
253
peertube/application.yaml
Normal file
|
@ -0,0 +1,253 @@
|
|||
apiVersion: argoproj.io/v1alpha1
|
||||
kind: Application
|
||||
metadata:
|
||||
name: peertube-werts
|
||||
namespace: argocd
|
||||
spec:
|
||||
destination:
|
||||
name: in-cluster
|
||||
namespace: peertube-werts
|
||||
project: default
|
||||
source:
|
||||
chart: peertube
|
||||
repoURL: https://ananace.gitlab.io/charts
|
||||
targetRevision: 0.3.4
|
||||
helm:
|
||||
values: |
|
||||
image:
|
||||
repository: chocobozzz/peertube
|
||||
pullPolicy: IfNotPresent
|
||||
## Overrides the image tag whose default is the chart appVersion.
|
||||
# tag: production-bullseye
|
||||
config:
|
||||
serverName: tube.werts.us
|
||||
## Generate with somethingl like `openssl rand -hex 32` - will auto-generate if left blank
|
||||
secret: 1165b3438b487d6dc52fc9d63ff78ef46a7e568a8daebdafd6f416d899aefbc6
|
||||
|
||||
admin:
|
||||
email: peertube@strudelline.net
|
||||
|
||||
## Mail transfer setup, need to provide a hostname for SMTP
|
||||
mail:
|
||||
transport: smtp
|
||||
# sendmail:
|
||||
hostname: smtp.mailgun.org
|
||||
port: 465
|
||||
username: peertube@strudelline.net
|
||||
fromAddress: peertube@strudelline.net
|
||||
|
||||
## Password can be set either directly or with an existing secret.
|
||||
# password:
|
||||
|
||||
existingSecret: peertube-smtp
|
||||
existingSecretKey: smtp-password
|
||||
|
||||
## Data storage on S3 - will still require persistence even if enabled.
|
||||
objectStorage:
|
||||
enabled: true
|
||||
|
||||
endpoint: https://minio.strudelline.net
|
||||
region: syno-cascade-1
|
||||
# uploadACL: public-read
|
||||
maxUploadPart: 128MB
|
||||
|
||||
accessKey: 3MvLDZE2XiK5XlbE
|
||||
secretKey: xmA9bJGlcFArtwHStJnqQTyZQjiyR1jv
|
||||
|
||||
streaming:
|
||||
bucket_name: peertube-streaming
|
||||
# prefix:
|
||||
base_url: https://minio.strudelline.net/peertube-streaming
|
||||
|
||||
videos:
|
||||
bucket_name: peertube-videos
|
||||
# prefix:
|
||||
base_url: https://minio.strudelline.net/peertube-videos
|
||||
|
||||
## Main persistent storage, will be used for uploads, processing, plugins, etc
|
||||
persistence:
|
||||
enabled: true
|
||||
|
||||
size: 16Gi
|
||||
storageClass: local-path
|
||||
|
||||
## Additional configuration to set on the main production.yaml configuration.
|
||||
## See https://github.com/Chocobozzz/PeerTube/blob/develop/config/production.yaml.example
|
||||
##
|
||||
extraConfig:
|
||||
## It's recommended to limit this to only your internal cluster network
|
||||
trust_proxy:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/12
|
||||
- 192.168.0.0/24
|
||||
- fc00::/7
|
||||
# - loopback
|
||||
|
||||
instance:
|
||||
description: "WerTube"
|
||||
|
||||
## Extra environment variables to set on Peertube
|
||||
##
|
||||
extraEnv:
|
||||
- name: http_proxy
|
||||
value: http://172.16.17.180:4080
|
||||
- name: https_proxy
|
||||
value: http://172.16.17.180:4080
|
||||
- name: HTTP_PROXY
|
||||
value: http://172.16.17.180:4080
|
||||
- name: HTTPS_PROXY
|
||||
value: http://172.16.17.180:4080
|
||||
# - name: TZ
|
||||
# value: Europe/Stockholm
|
||||
extraSecret: {}
|
||||
# PEERTUBE_INSTANCE_TERMS: "These are some very secret terms-of-service"
|
||||
|
||||
## Extra values to set on the pod spec.
|
||||
## Can be used for setting things like host aliases, overhead, custom schedulers, etc
|
||||
##
|
||||
extraPodSpec: {}
|
||||
|
||||
## Self-deployed PostgreSQL database
|
||||
## See: https://github.com/bitnami/charts/tree/master/bitnami/postgresql
|
||||
##
|
||||
postgresql:
|
||||
enabled: false
|
||||
|
||||
auth:
|
||||
database: peertube
|
||||
username: peertube
|
||||
|
||||
# existingSecret:
|
||||
# secretKeys:
|
||||
# userPasswordKey: password
|
||||
|
||||
persistence:
|
||||
enabled: true
|
||||
|
||||
## Externally managed PostgreSQL, required if postgresql.enabled=false
|
||||
##
|
||||
externalPostgresql:
|
||||
host: peertube-db-primary.peertube-werts.svc
|
||||
port: 5432
|
||||
|
||||
database: peertube-db
|
||||
username: peertube-db
|
||||
# password:
|
||||
# ssl: true
|
||||
|
||||
existingSecret: peertube-db-pguser-peertube-db
|
||||
existingSecretKey: password
|
||||
|
||||
## Self-deployed Redis database
|
||||
## See: https://github.com/bitnami/charts/tree/master/bitnami/redis
|
||||
##
|
||||
redis:
|
||||
enabled: true
|
||||
architecture: standalone
|
||||
|
||||
auth:
|
||||
enabled: true
|
||||
password: peertube-98fuhaewulfh
|
||||
|
||||
# existingSecret: redis-secret
|
||||
# existingSecretPasswordKey: redis-password
|
||||
|
||||
master:
|
||||
kind: Deployment
|
||||
persistence:
|
||||
enabled: true
|
||||
|
||||
## Externally managed Redis, required if redis.enabled=false
|
||||
##
|
||||
externalRedis:
|
||||
host:
|
||||
# port: 6379
|
||||
# db: 0
|
||||
|
||||
# password:
|
||||
|
||||
# existingSecret:
|
||||
# existingSecretKey: redis-password
|
||||
|
||||
## Default probes, using ping API to avoid excessive echo
|
||||
##
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /api/v1/ping
|
||||
port: http
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /api/v1/ping
|
||||
port: http
|
||||
|
||||
serviceAccount:
|
||||
## Specifies whether a service account should be created
|
||||
create: true
|
||||
## Annotations to add to the service account
|
||||
annotations: {}
|
||||
## The name of the service account to use.
|
||||
## If not set and create is true, a name is generated using the fullname template
|
||||
# name:
|
||||
|
||||
podAnnotations: {}
|
||||
|
||||
podSecurityContext:
|
||||
fsGroup: 999
|
||||
|
||||
securityContext:
|
||||
readOnlyRootFilesystem: true
|
||||
runAsNonRoot: true
|
||||
runAsUser: 999
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
|
||||
service:
|
||||
type: ClusterIP
|
||||
port: 80
|
||||
rtmpPort: 1935
|
||||
|
||||
ingress:
|
||||
enabled: true
|
||||
className: istio
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
#tls:
|
||||
#- hosts:
|
||||
# - tube.werts.us
|
||||
# secretName: wildcard-tls
|
||||
|
||||
resources: {}
|
||||
# limits:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
# requests:
|
||||
# cpu: 100m
|
||||
# memory: 128Mi
|
||||
|
||||
autoscaling:
|
||||
enabled: false
|
||||
minReplicas: 1
|
||||
maxReplicas: 3
|
||||
targetCPUUtilizationPercentage: 80
|
||||
# targetMemoryUtilizationPercentage: 80
|
||||
|
||||
nodeSelector: {}
|
||||
|
||||
tolerations: []
|
||||
|
||||
affinity: {}
|
||||
|
||||
syncPolicy:
|
||||
automated:
|
||||
prune: true
|
||||
selfHeal: true
|
||||
retry:
|
||||
backoff:
|
||||
duration: 5s
|
||||
factor: 2
|
||||
maxDuration: 3m0s
|
||||
limit: 10
|
||||
syncOptions:
|
||||
- CreateNamespace=true
|
|
@ -13,6 +13,7 @@ spec:
|
|||
- '*.strudelline.net'
|
||||
- '*.notes.strudelline.net'
|
||||
- '*.notes.werts.us'
|
||||
- '*.minio.strudelline.net'
|
||||
- notes.werts.us
|
||||
- notes.strudelline.net
|
||||
- werts.us
|
||||
|
|
Loading…
Reference in New Issue
Block a user