apps(sharkey): Initial config
parent
6de786bc05
commit
6808fcdfa1
@ -0,0 +1,14 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: discordbot-2b
|
||||
metadata:
|
||||
name: discordbot-2b
|
||||
resources:
|
||||
- app/namespace.yaml
|
||||
- app/sealedsecret.yaml
|
||||
- app/config-sealedsecret.yaml
|
||||
- app/config.yaml
|
||||
- app/volume.yaml
|
||||
- app/stackgres-scripts.yaml
|
||||
- app/stackgres.yaml
|
||||
- app/deploy.yaml
|
@ -0,0 +1,16 @@
|
||||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: sharkey-config-secret
|
||||
namespace: sharkey
|
||||
spec:
|
||||
encryptedData:
|
||||
secret.yaml: AgAYJjYoxcBeqMdf+R5bb/fB7KTSDf/LchotQRJClzU5l9vCJFuJiGh7dhzT5ZLzHM+6gf1cEuI6vCXiHsNTAiTbkpjbKPhlUU3vMNpieuh8HBjTHzeCNJpLl1UIRxBOPZ9fgzp9ROSoaEjMBgSSc7zgTnhr4s7/FNTbCzeuHso6MiHNdtcC9yFeiwDb17Bm1r8Lko88fRWHqKAHeNoLnh1bo316C6H1fLvsQC/MWN+shXxpMnRIjjIAtIgW+8ayvAdYjs0TAhKgWRLD/mjku5toqoK+uOGypVjrkfrrKPtDgWD/VO8SFRLXoJfhen2PAU1dbmrrHBJy/RPJ3cOPTU4cVSeKtwLmj0a2YxjLOldv9zQ1SnRqkCSQUMQf+7/cArWhn632qsuhm/ECzbE7w11T3N9hlyhl8ZebSzSgW87B9Re7syiBh10Wno4uUuzETkQ6/59jrpfLFzdmptYd623RT72kzjg+uHYzw0fp6kzjd0yMi3bbt1c6JaW0y9WPkRQN4ONcIfi3XJ07uulLsj2x6R90a3zea+cCDJdDF24Bqr/MK9Ro5MooHmEMm6C06Lf5GUjirkoktUnosxsEywiYpOgwrfS0ib1OCCw1+qSoStyBW1EGI7tDVrY16R1I1XSjz1CJrl0Zq2ZFHtU8rlYTuIm5JnVq1/lkJZQsO1NP5RE6rhkOS2RqMIjyDNXPyyR4irdodQutkY2ToZb8qFo6NH9oMYtyXVERtes9TwwmjmQtwQdDMBhknMVutUlsHGzawepuucsOYhRyk3bqxhAgE+WXE+4c2fwu7/EIL+rtNSMqTwGvSTgYT63tZhsWC5/NqRtwBMpFhKXxqgN1r2mkperB
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: sharkey-config-secret
|
||||
namespace: sharkey
|
||||
type: Opaque
|
@ -0,0 +1,144 @@
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: sharkey-config
|
||||
namespace: sharkey
|
||||
data:
|
||||
default.yaml: |
|
||||
#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
# Misskey configuration
|
||||
#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
|
||||
|
||||
# ┌─────┐
|
||||
#───┘ URL └─────────────────────────────────────────────────────
|
||||
|
||||
# Final accessible URL seen by a user.
|
||||
url: https://social.funkyfish.cool
|
||||
|
||||
# ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE
|
||||
# URL SETTINGS AFTER THAT!
|
||||
|
||||
# The port that your Misskey server should listen on.
|
||||
port: 3000
|
||||
|
||||
# You can also use UNIX domain socket.
|
||||
# socket: /path/to/misskey.sock
|
||||
# chmodSocket: '777'
|
||||
|
||||
# ┌──────────────────────────┐
|
||||
#───┘ PostgreSQL configuration └────────────────────────────────
|
||||
|
||||
|
||||
dbReplications: false
|
||||
|
||||
# ┌─────────────────────┐
|
||||
#───┘ Redis configuration └─────────────────────────────────────
|
||||
|
||||
redis:
|
||||
host: localhost
|
||||
port: 6379
|
||||
|
||||
# ┌───────────────────────────┐
|
||||
#───┘ MeiliSearch configuration └─────────────────────────────
|
||||
|
||||
#meilisearch:
|
||||
# host: localhost
|
||||
# port: 7700
|
||||
# apiKey: ''
|
||||
# ssl: true
|
||||
# index: ''
|
||||
# scope: global
|
||||
|
||||
# ┌───────────────┐
|
||||
#───┘ ID generation └───────────────────────────────────────────
|
||||
|
||||
# You can select the ID generation method.
|
||||
# You don't usually need to change this setting, but you can
|
||||
# change it according to your preferences.
|
||||
|
||||
# Available methods:
|
||||
# aid ... Short, Millisecond accuracy
|
||||
# aidx ... Millisecond accuracy
|
||||
# meid ... Similar to ObjectID, Millisecond accuracy
|
||||
# ulid ... Millisecond accuracy
|
||||
# objectid ... This is left for backward compatibility
|
||||
|
||||
# ONCE YOU HAVE STARTED THE INSTANCE, DO NOT CHANGE THE
|
||||
# ID SETTINGS AFTER THAT!
|
||||
|
||||
id: 'aidx'
|
||||
|
||||
# ┌─────────────────────┐
|
||||
#───┘ Other configuration └─────────────────────────────────────
|
||||
|
||||
# Whether disable HSTS
|
||||
#disableHsts: true
|
||||
|
||||
# Number of worker processes
|
||||
#clusterLimit: 1
|
||||
|
||||
# Job concurrency per worker
|
||||
#deliverJobConcurrency: 128
|
||||
#inboxJobConcurrency: 16
|
||||
#relashionshipJobConcurrency: 16
|
||||
# What's relashionshipJob?:
|
||||
# Follow, unfollow, block and unblock(ings) while following-imports, etc. or account migrations.
|
||||
|
||||
# Job rate limiter
|
||||
#deliverJobPerSec: 128
|
||||
#inboxJobPerSec: 16
|
||||
#relashionshipJobPerSec: 64
|
||||
|
||||
# Job attempts
|
||||
#deliverJobMaxAttempts: 12
|
||||
#inboxJobMaxAttempts: 8
|
||||
|
||||
# Local address used for outgoing requests
|
||||
#outgoingAddress: 127.0.0.1
|
||||
|
||||
# IP address family used for outgoing request (ipv4, ipv6 or dual)
|
||||
#outgoingAddressFamily: ipv4
|
||||
|
||||
# Proxy for HTTP/HTTPS
|
||||
#proxy: http://127.0.0.1:3128
|
||||
|
||||
proxyBypassHosts:
|
||||
- api.deepl.com
|
||||
- api-free.deepl.com
|
||||
- www.recaptcha.net
|
||||
- hcaptcha.com
|
||||
- challenges.cloudflare.com
|
||||
|
||||
# Proxy for SMTP/SMTPS
|
||||
#proxySmtp: http://127.0.0.1:3128 # use HTTP/1.1 CONNECT
|
||||
#proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4
|
||||
#proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5
|
||||
|
||||
# Media Proxy
|
||||
# Reference Implementation: https://github.com/misskey-dev/media-proxy
|
||||
# * Deliver a common cache between instances
|
||||
# * Perform image compression (on a different server resource than the main process)
|
||||
#mediaProxy: https://example.com/proxy
|
||||
|
||||
# Proxy remote files (default: true)
|
||||
# Proxy remote files by this instance or mediaProxy to prevent remote files from running in remote domains.
|
||||
proxyRemoteFiles: true
|
||||
|
||||
# Movie Thumbnail Generation URL
|
||||
# There is no reference implementation.
|
||||
# For example, Misskey will point to the following URL:
|
||||
# https://example.com/thumbnail.webp?thumbnail=1&url=https%3A%2F%2Fstorage.example.com%2Fpath%2Fto%2Fvideo.mp4
|
||||
#videoThumbnailGenerator: https://example.com
|
||||
|
||||
# Sign to ActivityPub GET request (default: true)
|
||||
signToActivityPubGet: true
|
||||
|
||||
#allowedPrivateNetworks: [
|
||||
# '127.0.0.1/32'
|
||||
#]
|
||||
|
||||
# Upload or download file size limits (bytes)
|
||||
#maxFileSize: 262144000
|
||||
|
||||
# PID File of master process
|
||||
#pidFile: /tmp/misskey.pid
|
@ -0,0 +1,53 @@
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: sharkey
|
||||
namespace: sharkey
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: sharkey
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: sharkey
|
||||
spec:
|
||||
containers:
|
||||
- name: redis
|
||||
image: redis
|
||||
ports:
|
||||
- containerPort: 6379
|
||||
name: redis
|
||||
protocol: TCP
|
||||
- image: ghcr.io/transfem-org/sharkey:stable
|
||||
name: sharkey
|
||||
volumeMounts:
|
||||
- name: config-secret
|
||||
mountPath: "/sharkey/.config"
|
||||
readOnly: true
|
||||
- name: config
|
||||
mountPath: "/sharkey/.config"
|
||||
readOnly: true
|
||||
- name: sharkey-files
|
||||
mountPath: "/sharkey/files"
|
||||
env:
|
||||
- name: example
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: example-secret
|
||||
key: example
|
||||
volumes:
|
||||
- name: config-secret
|
||||
secret:
|
||||
secretName: sharkey-config-secret
|
||||
optional: false
|
||||
- name: config
|
||||
configMap:
|
||||
name: sharkey-config
|
||||
items:
|
||||
- key: "default.yml"
|
||||
path: "default.yml"
|
||||
- name: sharkey-files
|
||||
persistentVolumeClaim:
|
||||
claimName: sharkey-files
|
@ -0,0 +1,6 @@
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: sharkey
|
||||
labels:
|
||||
name: sharkey
|
@ -0,0 +1,16 @@
|
||||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: sharkey-secret
|
||||
namespace: sharkey
|
||||
spec:
|
||||
encryptedData:
|
||||
create-user.sql: AgCLEUD8N2UkaLu/HCu0XG6cOXqdhy2TUGohMwknLVEli0U91Ez3U6XIME6EPxbD/+yfCId41M/fqE1TIDh9mFEYcv0nlgzjKeBjkAiDXPTTsavWhJk1zWqv7+/PRFM6mmHTJY3N5DxHh4YwTPcWXuQMxu1UpOgwgdZM+VvVL5SlMVmk7YaPzskyhny/IqV2iQkHw05Jgc6qeIm1GmvfsXUYDigIckyNKzmKrroKUZRMUo9b/gsFAdUR00+AUaUIXr332GZh/bUWPn80Y2BOEp0O9fu4WsrRRv/I3B5u0Z0MlNpWiADN3AEUu0lHwIHBtad69yCX30ryuFoj0jOUT3EXhn5/uSVRn0BI3mdxmgCkJwOEf74ZJvGP/OCPl9B3weg3z4YejDH8+5g3cLqGS1JBkcbppD9G8XQOsjnKHHNM22aareCUxy4b2Sh3vBf21tASq5DFXpj+uV8VZKVSFhX2a4m7NFyUj/1mKUNS9D0PxQrnOj7AoWlDnWw2+W6t/eA77QJqIrS2fxEKWsZZTgh/9v28S77VEASKhacVq+bmL2jU1vHZUfltG1YAAjE59yJaST0zjowY0PTQB0YyuluGA4PnbLYF4fHxr1jhN2J5hj3UvIriEeASJA/pB6CcmJ+yootg/fobfJLBzEXvHDhIhos+9icsJsr36NanQv9a6b20qm8AjPta9VJ6NcgCkFumjQUgb/U5MAIEVtPpM6GMTytZFyabwX8ATy7174CcQeL6eA+H9lzfIrQ4VOSES6c=
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: sharkey-secret
|
||||
namespace: sharkey
|
||||
type: Opaque
|
@ -0,0 +1,27 @@
|
||||
apiVersion: stackgres.io/v1
|
||||
kind: SGScript
|
||||
metadata:
|
||||
namespace: sharkey
|
||||
name: cluster-scripts
|
||||
spec:
|
||||
continueOnError: true
|
||||
scripts:
|
||||
- name: create-user
|
||||
retryOnError: true
|
||||
version: 1
|
||||
scriptFrom:
|
||||
secretKeyRef:
|
||||
name: sharkey-secret
|
||||
key: create-user.sql
|
||||
- name: create-db
|
||||
version: 1
|
||||
script: |
|
||||
CREATE DATABASE sharkey;
|
||||
- name: grant-permissions
|
||||
retryOnError: true
|
||||
version: 1
|
||||
script: |
|
||||
GRANT ALL ON DATABASE sharkey TO sharkey;
|
||||
ALTER DATABASE sharkey OWNER TO sharkey;
|
||||
GRANT USAGE, CREATE ON SCHEMA public TO sharkey;
|
||||
|
@ -0,0 +1,17 @@
|
||||
apiVersion: stackgres.io/v1
|
||||
kind: SGCluster
|
||||
metadata:
|
||||
namespace: sharkey
|
||||
name: cluster
|
||||
spec:
|
||||
postgres:
|
||||
version: '16'
|
||||
instances: 2
|
||||
pods:
|
||||
persistentVolume:
|
||||
size: '2Gi'
|
||||
storageClass: ebs-ssd
|
||||
prometheusAutobind: true
|
||||
managedSql:
|
||||
scripts:
|
||||
- sgScript: cluster-scripts
|
@ -0,0 +1,23 @@
|
||||
apiVersion: v1
|
||||
kind: PersistentVolume
|
||||
metadata:
|
||||
name: sharkey-files
|
||||
namespace: sharkey
|
||||
spec:
|
||||
capacity:
|
||||
storage: 10Gi
|
||||
storageClassName: "ebs-hdd"
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
claimRef:
|
||||
name: sharkey-files-pvc
|
||||
namespace: sharkey
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: sharkey-files-pvc
|
||||
namespace: sharkey
|
||||
spec:
|
||||
storageClassName: "ebs-hdd"
|
||||
volumeName: sharkey-files
|
Loading…
Reference in New Issue