kubernetes/matrix-media-repo: initial commit
This commit is contained in:
parent
43bb6b8810
commit
90937430f4
GPG Key ID:
E1F4160251DB4C2E
File diff suppressed because one or more lines are too long
|
|
@ -0,0 +1,41 @@
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
name: matrix-media-repo
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
spec:
|
||||||
|
# This does not currently work as there are some weird expectations on
|
||||||
|
# run scripts as running as non-root
|
||||||
|
securityContext:
|
||||||
|
fsGroup: 1000
|
||||||
|
containers:
|
||||||
|
- name: media-repo
|
||||||
|
image: drgrove/matrix-media-repo
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
containerPort: 8000
|
||||||
|
protocol: TCP
|
||||||
|
- name: metrics
|
||||||
|
containerPort: 9000
|
||||||
|
protocol: TCP
|
||||||
|
volumeMounts:
|
||||||
|
- mountPath: /home/user/media/
|
||||||
|
name: ephemeral
|
||||||
|
- mountPath: /home/user/config/media-repo.yaml
|
||||||
|
name: config
|
||||||
|
subPath: config.yaml
|
||||||
|
readOnly: true
|
||||||
|
securityContext:
|
||||||
|
capabilities:
|
||||||
|
drop:
|
||||||
|
- ALL
|
||||||
|
allowPrivilegeEscalation: false
|
||||||
|
# Right now setting this to true is not possible
|
||||||
|
readOnlyRootFilesystem: false
|
||||||
|
volumes:
|
||||||
|
- name: config
|
||||||
|
secret:
|
||||||
|
secretName: mmr-config
|
||||||
|
- name: ephemeral
|
||||||
|
emptyDir: {}
|
||||||
|
|
@ -0,0 +1,15 @@
|
||||||
|
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||||
|
kind: Kustomization
|
||||||
|
labels:
|
||||||
|
- includeSelectors: true
|
||||||
|
pairs:
|
||||||
|
app.kubernetes.io/name: media-repo
|
||||||
|
app.kubernetes.io/part-of: matrix
|
||||||
|
resources:
|
||||||
|
- deployment.yaml
|
||||||
|
- service.yaml
|
||||||
|
generators:
|
||||||
|
- secret-generator.yaml
|
||||||
|
images:
|
||||||
|
- name: turt2live/matrix-media-repo
|
||||||
|
newTag: v1.3.3@sha256:59cf338753598af400919caf332c92dd0e8e6c6e6e5d18270e52552c7c1e3c4b
|
||||||
|
|
@ -0,0 +1,6 @@
|
||||||
|
apiVersion: viaduct.ai/v1
|
||||||
|
kind: ksops
|
||||||
|
metadata:
|
||||||
|
name: telegram-ksops-secrets
|
||||||
|
files:
|
||||||
|
- config-secrets.enc.yaml
|
||||||
|
|
@ -0,0 +1,14 @@
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Service
|
||||||
|
metadata:
|
||||||
|
name: media-repo
|
||||||
|
spec:
|
||||||
|
ports:
|
||||||
|
- name: http
|
||||||
|
protocol: TCP
|
||||||
|
port: 8000
|
||||||
|
targetPort: http
|
||||||
|
- name: metrics
|
||||||
|
protocol: TCP
|
||||||
|
port: 9000
|
||||||
|
targetPort: metrics
|
||||||
Loading…
Reference in New Issue