diff --git a/.github/workflows/release-charts.yaml b/.github/workflows/release-charts.yaml new file mode 100644 index 0000000..c1ca0fc --- /dev/null +++ b/.github/workflows/release-charts.yaml @@ -0,0 +1,25 @@ +name: Release Charts + +on: + push: + branches: + - main + +jobs: + release: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "$GITHUB_ACTOR" + git config user.email "$GITHUB_ACTOR@users.noreply.github.com" + + - name: Run chart-releaser + uses: helm/chart-releaser-action@v1.1.0 + env: + CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" diff --git a/charts/apps/piped/Chart.yaml b/charts/apps/piped/Chart.yaml index 9aab11a..75d9e08 100644 --- a/charts/apps/piped/Chart.yaml +++ b/charts/apps/piped/Chart.yaml @@ -1,7 +1,14 @@ --- apiVersion: v2 -description: A chart to power Piped running on Kubernetes +description: Piped is an alternative privacy-friendly YouTube frontend which is efficient by design. name: piped +home: https://github.com/TeamPiped/Piped-Kubernetes +sources: + - https://github.com/TeamPiped/Piped + - https://github.com/TeamPiped/Piped-Backend + - https://github.com/TeamPiped/piped-proxy +keywords: + - streaming version: 0.0.1 appVersion: latest maintainers: @@ -11,3 +18,7 @@ dependencies: - name: common repository: https://bjw-s.github.io/helm-charts version: 0.1.0 + - name: postgresql + repository: https://charts.bitnami.com/bitnami + version: 12.2.0 + condition: postgresql.enabled diff --git a/charts/apps/piped/templates/backend/configmap.yaml b/charts/apps/piped/templates/backend/configmap.yaml new file mode 100644 index 0000000..6587535 --- /dev/null +++ b/charts/apps/piped/templates/backend/configmap.yaml @@ -0,0 +1,56 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "backend.names.fullname" . }}-config + {{- with (merge (.Values.backend.labels | default dict) (include "common.labels" $ | fromYaml)) }} + labels: {{- toYaml . | nindent 4 }} + {{- end }} + {{- with (merge (.Values.backend.annotations | default dict) (include "common.annotations" $ | fromYaml)) }} + annotations: {{- toYaml . | nindent 4 }} + {{- end }} +data: + config.properties: | + PORT: {{ .Values.backend.config.PORT | default (8080) }} + HTTP_WORKERS: {{ .Values.backend.config.HTTP_WORKERS | default (2) }} + {{- if .Values.backend.config.HTTP_PROXY }} + HTTP_PROXY: {{ .Values.backend.config.HTTP_PROXY }} + {{ end }} + {{- if .Values.backend.config.PROXY_PART }} + PROXY_PART: {{.Values.backend.config.PROXY_PART }} + {{- else if .Values.ingress.ytproxy.enabled}} + PROXY_PART: {{ index (index .Values.ingress.ytproxy.hosts 0) "host" }} + {{- else }} + {{- fail "PROXY_PART needs to be set in config values or ytproxy ingress must be enabled."}} + {{ end }} + {{- if .Values.backend.config.API_URL }} + API_URL: {{ .Values.backend.config.API_URL }} + {{- else if .Values.ingress.backend.enabled }} + API_URL: {{ index (index .Values.ingress.backend.hosts 0) "host" }} + {{- else }} + {{- fail "API_URL needs to be set in config values or backend ingress must be enabled."}} + {{ end }} + {{- if .Values.backend.config.FRONTEND_URL }} + FRONTEND_URL: {{.Values.backend.config.FRONTEND_URL }} + {{- else if .Values.ingress.main.enabled }} + FRONTEND_URL: {{ index (index .Values.ingress.main.hosts 0) "host" }} + {{- else }} + {{- fail "FRONTEND_URL needs to be set in config values or main ingress must be enabled."}} + {{ end }} + COMPROMISED_PASSWORD_CHECK: {{ .Values.backend.config.COMPROMISED_PASSWORD_CHECK | default true }} + DISABLE_REGISTRATION: {{ .Values.backend.config.DISABLE_REGISTRATION | default false }} + FEED_RETENTION: {{ .Values.backend.config.DISABLE_REGISTRATION | int | default 30 }} + {{- if .Values.backend.config.database }} + hibernate.connection.url: {{.Values.backend.config.database.connection_url }} + hibernate.connection.driver_class: {{.Values.backend.config.database.driver_class }} + hibernate.dialect: {{.Values.backend.config.database.dialect }} + hibernate.connection.username: {{.Values.backend.config.database.username }} + hibernate.connection.password: {{.Values.backend.config.database.password }} + {{- else if .Values.postgresql.enabled }} + hibernate.connection.url: jdbc:postgresql://piped-postgresql/{{ .Values.postgresql.auth.database}} + hibernate.connection.driver_class: org.postgresql.Driver + hibernate.dialect: org.hibernate.dialect.PostgreSQLDialect + hibernate.connection.username: {{.Values.postgresql.auth.username }} + hibernate.connection.password: {{.Values.postgresql.auth.password }} + {{ end }} + SENTRY_DSN: diff --git a/charts/apps/piped/templates/backend/lib/_container.tpl b/charts/apps/piped/templates/backend/lib/_container.tpl index ad3d78c..1c3317e 100644 --- a/charts/apps/piped/templates/backend/lib/_container.tpl +++ b/charts/apps/piped/templates/backend/lib/_container.tpl @@ -16,7 +16,7 @@ {{- if kindIs "string" . }} - {{ . }} {{- else }} - {{ toYaml . | nindent 4 }} + {{- toYaml . | nindent 4 }} {{- end }} {{- end }} {{- with .Values.backend.securityContext }} @@ -48,7 +48,11 @@ name: {{ include "backend.names.fullname" . }} {{- end }} {{- end }} - {{- include "backend.controller.probes" . | trim | nindent 2 }} ports: {{- include "backend.controller.ports" . | trim | nindent 4 }} + {{- with (include "backend.controller.volumeMounts" . | trim) }} + volumeMounts: + {{- nindent 4 . }} + {{- end }} + {{- include "backend.controller.probes" . | trim | nindent 2 }} {{- end -}} \ No newline at end of file diff --git a/charts/apps/piped/templates/backend/lib/_volumemounts.tpl b/charts/apps/piped/templates/backend/lib/_volumemounts.tpl new file mode 100644 index 0000000..a2db5fc --- /dev/null +++ b/charts/apps/piped/templates/backend/lib/_volumemounts.tpl @@ -0,0 +1,60 @@ +{{/* Volumes included by the controller */}} +{{- define "backend.controller.volumeMounts" -}} + {{- range $persistenceIndex, $persistenceItem := .Values.persistence }} + {{- if $persistenceItem.enabled -}} + {{- if kindIs "slice" $persistenceItem.subPath -}} + {{- if $persistenceItem.mountPath -}} + {{- fail (printf "Cannot use persistence.mountPath with a subPath list (%s)" $persistenceIndex) }} + {{- end -}} + {{- range $subPathIndex, $subPathItem := $persistenceItem.subPath }} +- name: {{ $persistenceIndex }} + subPath: {{ required "subPaths as a list of maps require a path field" $subPathItem.path }} + mountPath: {{ required "subPaths as a list of maps require an explicit mountPath field" $subPathItem.mountPath }} + {{- with $subPathItem.readOnly }} + readOnly: {{ . }} + {{- end }} + {{- with $subPathItem.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} + {{- end -}} + {{- else -}} + {{/* Set the default mountPath to / */}} + {{- $mountPath := (printf "/%v" $persistenceIndex) -}} + {{- if eq "hostPath" (default "pvc" $persistenceItem.type) -}} + {{- $mountPath = $persistenceItem.hostPath -}} + {{- end -}} + {{/* Use the specified mountPath if provided */}} + {{- with $persistenceItem.mountPath -}} + {{- $mountPath = . -}} + {{- end }} + {{- if ne $mountPath "-" }} +- name: {{ $persistenceIndex }} + mountPath: {{ $mountPath }} + {{- with $persistenceItem.subPath }} + subPath: {{ . }} + {{- end }} + {{- with $persistenceItem.readOnly }} + readOnly: {{ . }} + {{- end }} + {{- with $persistenceItem.mountPropagation }} + mountPropagation: {{ . }} + {{- end }} + {{- end }} + {{- end -}} + {{- end -}} + {{- end }} + + {{- if eq .Values.controller.type "statefulset" }} + {{- range $index, $vct := .Values.volumeClaimTemplates }} +- mountPath: {{ $vct.mountPath }} + name: {{ $vct.name }} + {{- if $vct.subPath }} + subPath: {{ $vct.subPath }} + {{- end }} + {{- end }} + {{- end }} +- name: config-volume + mountPath: /app/config.properties + subPath: config.properties + readOnly: true +{{- end -}} \ No newline at end of file diff --git a/charts/apps/piped/templates/backend/lib/_volumes.tpl b/charts/apps/piped/templates/backend/lib/_volumes.tpl index e6993ce..51bbf2e 100644 --- a/charts/apps/piped/templates/backend/lib/_volumes.tpl +++ b/charts/apps/piped/templates/backend/lib/_volumes.tpl @@ -65,4 +65,7 @@ Volumes included by the controller. {{- end }} {{- end }} {{- end }} +- name: config-volume + configMap: + name: {{ include "backend.names.fullname" . }}-config {{- end }} \ No newline at end of file diff --git a/charts/apps/piped/values.yaml b/charts/apps/piped/values.yaml index 3017c5b..30f2a46 100644 --- a/charts/apps/piped/values.yaml +++ b/charts/apps/piped/values.yaml @@ -78,6 +78,37 @@ backend: - -jar - /app/piped.jar +# command: "/bin/sh" +# args: +# - -c +# - sleep infinity + + # If the hostnames are not set for backend, proxy and API, they will be automatically fetched from their ingresses. + config: + #PORT: 8080 + # HTTP_WORKERS: 2 + #PROXY_PART: https://PROXY_HOSTNAME + # Outgoing HTTP Proxy - eg: 127.0.0.1:8118 + #HTTP_PROXY: 127.0.0.1:8118 + # Captcha Parameters + #CAPTCHA_BASE_URL: https://api.capmonster.cloud/ + #CAPTCHA_API_KEY: INSERT_HERE + #API_URL: https://BACKEND_HOSTNAME + #FRONTEND_URL: https://FRONTEND_HOSTNAME + # Enable haveibeenpwned compromised password API + COMPROMISED_PASSWORD_CHECK: true + # Disable Registration + DISABLE_REGISTRATION: false + # Feed Retention Time in Days + FEED_RETENTION: 30 + #database: + # connection_url: jdbc:postgresql://postgres:5432/piped + # driver_class: org.postgresql.Driver + # dialect: org.hibernate.dialect.PostgreSQLDialect + # username: piped + # password: changeme + + image: # -- image repository repository: 1337kavin/piped @@ -87,8 +118,6 @@ backend: # -- image pull policy pullPolicy: IfNotPresent - - ytproxy: enabled: true service: @@ -115,36 +144,45 @@ ytproxy: # -- image pull policy pullPolicy: IfNotPresent - ingress: main: - enabled: false + enabled: true primary: false hosts: - - host: piped.example.com + - host: piped.video paths: - path: "/" tls: [] backend: - enabled: false + enabled: true + ingressClassName: nginx primary: false hosts: - - host: pipedapi.example.com + - host: pipedapi.piped.video paths: - path: "/" tls: [] ytproxy: - enabled: false + enabled: true + ingressClassName: nginx primary: false hosts: - - host: ytproxy.chart-foo.local + - host: ytproxy.piped.video paths: - path: "/" tls: [] - +# See options from https://artifacthub.io/packages/helm/bitnami/postgresql#parameters +postgresql: + enabled: true + image: + tag: 11.19.0-debian-11-r4 + auth: + database: piped + username: piped + password: changemepiped # -- Probe configuration # -- [[ref]](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/) @@ -154,7 +192,7 @@ probes: # @default -- See below liveness: # -- Enable the liveness probe - enabled: true + enabled: false # -- Set this to `true` if you wish to specify your own livenessProbe custom: false # -- The spec field contains the values for the default livenessProbe. @@ -170,7 +208,7 @@ probes: # @default -- See below readiness: # -- Enable the readiness probe - enabled: true + enabled: false # -- Set this to `true` if you wish to specify your own readinessProbe custom: false # -- The spec field contains the values for the default readinessProbe. @@ -186,7 +224,7 @@ probes: # @default -- See below startup: # -- Enable the startup probe - enabled: true + enabled: false # -- Set this to `true` if you wish to specify your own startupProbe custom: false # -- The spec field contains the values for the default startupProbe.