feat(piped): Move to app-template #7256
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lab-assistant
bot
added
area/kubernetes
--- kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped ExternalSecret: media/piped-db
+++ kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped ExternalSecret: media/piped-db
@@ -1,26 +0,0 @@
----
-apiVersion: external-secrets.io/v1beta1
-kind: ExternalSecret
-metadata:
- labels:
- app.kubernetes.io/name: piped
- kustomize.toolkit.fluxcd.io/name: piped
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: piped-db
- namespace: media
-spec:
- dataFrom:
- - extract:
- key: postgres-pguser-piped
- refreshInterval: 1m
- secretStoreRef:
- kind: ClusterSecretStore
- name: crunchy-pgo-secrets
- target:
- name: piped-db-secret
- template:
- data:
- password: '{{ index . "password" }}'
- user: '{{ index . "user" }}'
- type: Opaque
-
--- kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped HelmRepository: media/piped
+++ kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped HelmRepository: media/piped
@@ -1,15 +0,0 @@
----
-apiVersion: source.toolkit.fluxcd.io/v1
-kind: HelmRepository
-metadata:
- labels:
- app.kubernetes.io/name: piped
- kustomize.toolkit.fluxcd.io/name: piped
- kustomize.toolkit.fluxcd.io/namespace: flux-system
- name: piped
- namespace: media
-spec:
- interval: 30m
- timeout: 3m
- url: https://helm.piped.video
-
--- kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped HelmRelease: media/piped
+++ kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped HelmRelease: media/piped
@@ -8,99 +8,183 @@
kustomize.toolkit.fluxcd.io/namespace: flux-system
name: piped
namespace: media
spec:
chart:
spec:
- chart: piped
+ chart: app-template
interval: 30m
sourceRef:
kind: HelmRepository
- name: piped
- version: 6.0.2
+ name: bjw-s
+ namespace: flux-system
+ version: 3.4.0
interval: 30m
values:
- automountServiceAccountToken: false
- backend:
- annotations:
- configmap.reloader.stakater.com/reload: piped-backend-config
- config:
- API_URL: https://piped-api.bjw-s.dev
- DISABLE_REGISTRATION: true
- HTTP_WORKERS: 4
- PORT: 8080
- PROXY_PART: https://piped-proxy.bjw-s.dev
- database:
- connection_url: jdbc:postgresql://postgres-primary.database.svc.cluster.local:5432/piped
- driver_class: org.postgresql.Driver
- secret:
- name: piped-db-secret
- password: password
- username: user
- podSecurityContext:
- fsGroup: 1000
- fsGroupChangePolicy: Always
- runAsGroup: 1000
- runAsUser: 1000
- resources:
- limits:
- memory: 2000Mi
- requests:
- cpu: 10m
- memory: 500Mi
- frontend:
- args:
- - -c
- - |
- sed -i s/pipedapi.kavin.rocks/$BACKEND_HOSTNAME/g /usr/share/nginx/html/assets/* &&
- sed -i 's/80;/8080;/g' /etc/nginx/conf.d/default.conf &&
- /docker-entrypoint.sh nginx -g 'daemon off;'
- env:
- BACKEND_HOSTNAME: piped-api.bjw-s.dev
- resources:
- limits:
- memory: 256Mi
- requests:
- cpu: 10m
- memory: 32Mi
- service:
- main:
- ports:
- http:
- port: 8080
+ controllers:
+ backend:
+ annotations:
+ secret.reloader.stakater.com/reload: piped-secret
+ containers:
+ app:
+ image:
+ repository: 1337kavin/piped
+ tag: latest@sha256:e9938cdda0745c4986d4add0f255777d3989849b851f290d94a4ab2b21c25384
+ probes:
+ liveness:
+ enabled: true
+ readiness:
+ enabled: true
+ resources:
+ limits:
+ memory: 2000Mi
+ requests:
+ cpu: 10m
+ memory: 500Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
+ pod:
+ securityContext:
+ fsGroup: 1000
+ fsGroupChangePolicy: OnRootMismatch
+ runAsGroup: 1000
+ runAsUser: 1000
+ strategy: RollingUpdate
+ frontend:
+ containers:
+ app:
+ args:
+ - |
+ sed -i s/pipedapi.kavin.rocks/$BACKEND_HOSTNAME/g /usr/share/nginx/html/assets/* &&
+ sed -i 's/80;/8080;/g' /etc/nginx/conf.d/default.conf &&
+ sed -i 's/worker_processes auto;/worker_processes 4;/g' /etc/nginx/nginx.conf &&
+ /docker-entrypoint.sh nginx -g 'daemon off;'
+ command:
+ - /bin/ash
+ - -c
+ env:
+ BACKEND_HOSTNAME: piped-api.bjw-s.dev
+ image:
+ repository: 1337kavin/piped-frontend
+ tag: latest@sha256:52b25c68813c8586acd76b6bddf83da4a509b0d83b5ad27c2bd8358a657080ba
+ probes:
+ liveness:
+ enabled: true
+ readiness:
+ enabled: true
+ resources:
+ limits:
+ memory: 256Mi
+ requests:
+ cpu: 10m
+ memory: 32Mi
+ strategy: RollingUpdate
+ ytproxy:
+ containers:
+ app:
+ command:
+ - /app/piped-proxy
+ image:
+ repository: 1337kavin/piped-proxy
+ tag: latest@sha256:9a0547e412cbb87e0dc8c94a44ea81811541c9d1535b57a9a144901662df94b7
+ probes:
+ liveness:
+ enabled: true
+ readiness:
+ enabled: true
+ resources:
+ limits:
+ memory: 2000Mi
+ requests:
+ cpu: 10m
+ memory: 500Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
+ pod:
+ securityContext:
+ fsGroup: 1000
+ fsGroupChangePolicy: OnRootMismatch
+ runAsGroup: 1000
+ runAsUser: 1000
+ strategy: RollingUpdate
+ defaultPodOptions:
+ automountServiceAccountToken: false
ingress:
backend:
annotations:
external-dns.alpha.kubernetes.io/target: ingress-int.bjw-s.dev
nginx.ingress.kubernetes.io/cors-allow-origin: https://piped.bjw-s.dev,
https://piped-api.bjw-s.dev, https://piped-proxy.bjw-s.dev
nginx.ingress.kubernetes.io/enable-cors: 'true'
+ className: internal-nginx
hosts:
- host: piped-api.bjw-s.dev
paths:
- path: /
- ingressClassName: internal-nginx
- main:
+ service:
+ identifier: backend
+ port: http
+ frontend:
annotations:
external-dns.alpha.kubernetes.io/target: ingress-int.bjw-s.dev
nginx.ingress.kubernetes.io/cors-allow-origin: https://piped.bjw-s.dev,
https://piped-api.bjw-s.dev, https://piped-proxy.bjw-s.dev
nginx.ingress.kubernetes.io/enable-cors: 'true'
+ className: internal-nginx
hosts:
- host: piped.bjw-s.dev
paths:
- path: /
- ingressClassName: internal-nginx
+ service:
+ identifier: frontend
+ port: http
ytproxy:
annotations:
external-dns.alpha.kubernetes.io/target: ingress-int.bjw-s.dev
nginx.ingress.kubernetes.io/cors-allow-origin: https://piped.bjw-s.dev,
https://piped-api.bjw-s.dev, https://piped-proxy.bjw-s.dev
nginx.ingress.kubernetes.io/enable-cors: 'true'
+ className: internal-nginx
hosts:
- host: piped-proxy.bjw-s.dev
paths:
- path: /
- ingressClassName: internal-nginx
- postgresql:
- enabled: false
+ service:
+ identifier: ytproxy
+ port: http
+ persistence:
+ config:
+ advancedMounts:
+ backend:
+ app:
+ - path: /app/config.properties
+ readOnly: true
+ subPath: config.properties
+ name: piped-secret
+ type: secret
+ service:
+ backend:
+ controller: backend
+ ports:
+ http:
+ port: 8080
+ frontend:
+ controller: frontend
+ ports:
+ http:
+ port: 8080
+ ytproxy:
+ controller: ytproxy
+ ports:
+ http:
+ port: 8080
--- kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped ExternalSecret: media/piped
+++ kubernetes/main/apps/media/piped/app Kustomization: flux-system/piped ExternalSecret: media/piped
@@ -0,0 +1,39 @@
+---
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+ labels:
+ app.kubernetes.io/name: piped
+ kustomize.toolkit.fluxcd.io/name: piped
+ kustomize.toolkit.fluxcd.io/namespace: flux-system
+ name: piped
+ namespace: media
+spec:
+ dataFrom:
+ - extract:
+ key: postgres-pguser-piped
+ refreshInterval: 1m
+ secretStoreRef:
+ kind: ClusterSecretStore
+ name: crunchy-pgo-secrets
+ target:
+ name: piped-secret
+ template:
+ data:
+ config.properties: |
+ API_URL: https://piped-api.bjw-s.dev
+ COMPROMISED_PASSWORD_CHECK: true
+ DISABLE_REGISTRATION: true
+ FEED_RETENTION: 30
+ FRONTEND_URL: https://piped.bjw-s.dev
+ HTTP_WORKERS: 4
+ MATRIX_SERVER: https://matrix-client.matrix.org
+ PORT: 8080
+ PROXY_PART: https://piped-proxy.bjw-s.dev
+ SENTRY_DSN:
+ hibernate.connection.driver_class: org.postgresql.Driver
+ hibernate.connection.url: jdbc:postgresql://{{ index . "host" }}:5432/{{ index . "dbname" }}
+ hibernate.connection.username: {{ index . "user" }}
+ hibernate.connection.password: {{ index . "password" }}
+ type: Opaque
+ |
--- HelmRelease: media/piped ConfigMap: media/piped-backend-config
+++ HelmRelease: media/piped ConfigMap: media/piped-backend-config
@@ -1,18 +0,0 @@
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: piped-backend-config
- labels:
- app.kubernetes.io/instance: piped
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: piped
- annotations:
- configmap.reloader.stakater.com/reload: piped-backend-config
-data:
- config.properties: "PORT: 8080\nHTTP_WORKERS: 4\nPROXY_PART: https://piped-proxy.bjw-s.dev\n\
- API_URL: https://piped-api.bjw-s.dev\nFRONTEND_URL: piped.bjw-s.dev\nCOMPROMISED_PASSWORD_CHECK:\
- \ true\nDISABLE_REGISTRATION: true\nFEED_RETENTION: 30\nhibernate.connection.url:\
- \ jdbc:postgresql://postgres-primary.database.svc.cluster.local:5432/piped\nhibernate.connection.username:\
- \ \nhibernate.connection.password: \nSENTRY_DSN:\nMATRIX_SERVER: https://matrix-client.matrix.org\n"
-
--- HelmRelease: media/piped Service: media/piped-backend
+++ HelmRelease: media/piped Service: media/piped-backend
@@ -3,18 +3,20 @@
kind: Service
metadata:
name: piped-backend
labels:
app.kubernetes.io/instance: piped
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: piped-backend
+ app.kubernetes.io/name: piped
+ app.kubernetes.io/service: piped-backend
spec:
type: ClusterIP
ports:
- port: 8080
- targetPort: http
+ targetPort: 8080
protocol: TCP
name: http
selector:
- app.kubernetes.io/name: piped-backend
+ app.kubernetes.io/component: backend
app.kubernetes.io/instance: piped
+ app.kubernetes.io/name: piped
--- HelmRelease: media/piped Service: media/piped-frontend
+++ HelmRelease: media/piped Service: media/piped-frontend
@@ -3,18 +3,20 @@
kind: Service
metadata:
name: piped-frontend
labels:
app.kubernetes.io/instance: piped
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: piped-frontend
+ app.kubernetes.io/name: piped
+ app.kubernetes.io/service: piped-frontend
spec:
type: ClusterIP
ports:
- port: 8080
- targetPort: http
+ targetPort: 8080
protocol: TCP
name: http
selector:
- app.kubernetes.io/name: piped-frontend
+ app.kubernetes.io/component: frontend
app.kubernetes.io/instance: piped
+ app.kubernetes.io/name: piped
--- HelmRelease: media/piped Service: media/piped-ytproxy
+++ HelmRelease: media/piped Service: media/piped-ytproxy
@@ -3,18 +3,20 @@
kind: Service
metadata:
name: piped-ytproxy
labels:
app.kubernetes.io/instance: piped
app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: piped-ytproxy
+ app.kubernetes.io/name: piped
+ app.kubernetes.io/service: piped-ytproxy
spec:
type: ClusterIP
ports:
- port: 8080
- targetPort: http
+ targetPort: 8080
protocol: TCP
name: http
selector:
- app.kubernetes.io/name: piped-ytproxy
+ app.kubernetes.io/component: ytproxy
app.kubernetes.io/instance: piped
+ app.kubernetes.io/name: piped
--- HelmRelease: media/piped Deployment: media/piped-backend
+++ HelmRelease: media/piped Deployment: media/piped-backend
@@ -1,80 +1,81 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: piped-backend
labels:
+ app.kubernetes.io/component: backend
app.kubernetes.io/instance: piped
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: piped
annotations:
- configmap.reloader.stakater.com/reload: piped-backend-config
+ secret.reloader.stakater.com/reload: piped-secret
spec:
- revisionHistoryLimit: null
- replicas: null
+ revisionHistoryLimit: 3
+ replicas: 1
strategy:
- type: Recreate
+ type: RollingUpdate
selector:
matchLabels:
- app.kubernetes.io/name: piped-backend
+ app.kubernetes.io/component: backend
+ app.kubernetes.io/name: piped
app.kubernetes.io/instance: piped
template:
metadata:
labels:
- app.kubernetes.io/name: piped-backend
+ app.kubernetes.io/component: backend
app.kubernetes.io/instance: piped
+ app.kubernetes.io/name: piped
spec:
+ enableServiceLinks: false
serviceAccountName: default
automountServiceAccountToken: false
securityContext:
fsGroup: 1000
- fsGroupChangePolicy: Always
+ fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsUser: 1000
+ hostIPC: false
+ hostNetwork: false
+ hostPID: false
dnsPolicy: ClusterFirst
- enableServiceLinks: null
containers:
- - name: piped-backend
- image: 1337kavin/piped:latest
- imagePullPolicy: IfNotPresent
+ - image: 1337kavin/piped:latest@sha256:e9938cdda0745c4986d4add0f255777d3989849b851f290d94a4ab2b21c25384
+ livenessProbe:
+ failureThreshold: 3
+ initialDelaySeconds: 0
+ periodSeconds: 10
+ tcpSocket:
+ port: 8080
+ timeoutSeconds: 1
+ name: app
+ readinessProbe:
+ failureThreshold: 3
+ initialDelaySeconds: 0
+ periodSeconds: 10
+ tcpSocket:
+ port: 8080
+ timeoutSeconds: 1
resources:
limits:
memory: 2000Mi
requests:
cpu: 10m
memory: 500Mi
- ports:
- - name: http
- containerPort: 8080
- protocol: TCP
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
volumeMounts:
- - name: config-volume
- mountPath: /app/config.properties
+ - mountPath: /app/config.properties
+ name: config
+ readOnly: true
subPath: config.properties
- readOnly: true
- livenessProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 3
- timeoutSeconds: 1
- periodSeconds: 10
- readinessProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 3
- timeoutSeconds: 1
- periodSeconds: 10
- startupProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 30
- timeoutSeconds: 1
- periodSeconds: 5
volumes:
- - name: config-volume
- configMap:
- name: piped-backend-config
+ - name: config
+ secret:
+ secretName: piped-secret
--- HelmRelease: media/piped Deployment: media/piped-frontend
+++ HelmRelease: media/piped Deployment: media/piped-frontend
@@ -1,75 +1,70 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: piped-frontend
labels:
+ app.kubernetes.io/component: frontend
app.kubernetes.io/instance: piped
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: piped
spec:
- revisionHistoryLimit: null
- replicas: null
+ revisionHistoryLimit: 3
+ replicas: 1
strategy:
- type: Recreate
+ type: RollingUpdate
selector:
matchLabels:
- app.kubernetes.io/name: piped-frontend
+ app.kubernetes.io/component: frontend
+ app.kubernetes.io/name: piped
app.kubernetes.io/instance: piped
template:
metadata:
labels:
- app.kubernetes.io/name: piped-frontend
+ app.kubernetes.io/component: frontend
app.kubernetes.io/instance: piped
+ app.kubernetes.io/name: piped
spec:
+ enableServiceLinks: false
serviceAccountName: default
automountServiceAccountToken: false
+ hostIPC: false
+ hostNetwork: false
+ hostPID: false
dnsPolicy: ClusterFirst
- enableServiceLinks: null
containers:
- - name: piped-frontend
- image: 1337kavin/piped-frontend:latest
- imagePullPolicy: IfNotPresent
+ - args:
+ - |
+ sed -i s/pipedapi.kavin.rocks/$BACKEND_HOSTNAME/g /usr/share/nginx/html/assets/* &&
+ sed -i 's/80;/8080;/g' /etc/nginx/conf.d/default.conf &&
+ sed -i 's/worker_processes auto;/worker_processes 4;/g' /etc/nginx/nginx.conf &&
+ /docker-entrypoint.sh nginx -g 'daemon off;'
+ command:
+ - /bin/ash
+ - -c
+ env:
+ - name: BACKEND_HOSTNAME
+ value: piped-api.bjw-s.dev
+ image: 1337kavin/piped-frontend:latest@sha256:52b25c68813c8586acd76b6bddf83da4a509b0d83b5ad27c2bd8358a657080ba
+ livenessProbe:
+ failureThreshold: 3
+ initialDelaySeconds: 0
+ periodSeconds: 10
+ tcpSocket:
+ port: 8080
+ timeoutSeconds: 1
+ name: app
+ readinessProbe:
+ failureThreshold: 3
+ initialDelaySeconds: 0
+ periodSeconds: 10
+ tcpSocket:
+ port: 8080
+ timeoutSeconds: 1
resources:
limits:
memory: 256Mi
requests:
cpu: 10m
memory: 32Mi
- command:
- - /bin/ash
- args:
- - -c
- - |
- sed -i s/pipedapi.kavin.rocks/$BACKEND_HOSTNAME/g /usr/share/nginx/html/assets/* &&
- sed -i 's/80;/8080;/g' /etc/nginx/conf.d/default.conf &&
- /docker-entrypoint.sh nginx -g 'daemon off;'
- env:
- - name: BACKEND_HOSTNAME
- value: piped-api.bjw-s.dev
- livenessProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 3
- timeoutSeconds: 1
- periodSeconds: 10
- readinessProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 3
- timeoutSeconds: 1
- periodSeconds: 10
- startupProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 30
- timeoutSeconds: 1
- periodSeconds: 5
- ports:
- - name: http
- containerPort: 8080
- protocol: TCP
--- HelmRelease: media/piped Deployment: media/piped-ytproxy
+++ HelmRelease: media/piped Deployment: media/piped-ytproxy
@@ -1,60 +1,72 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: piped-ytproxy
labels:
+ app.kubernetes.io/component: ytproxy
app.kubernetes.io/instance: piped
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: piped
spec:
- revisionHistoryLimit: null
- replicas: null
+ revisionHistoryLimit: 3
+ replicas: 1
strategy:
- type: Recreate
+ type: RollingUpdate
selector:
matchLabels:
- app.kubernetes.io/name: piped-ytproxy
+ app.kubernetes.io/component: ytproxy
+ app.kubernetes.io/name: piped
app.kubernetes.io/instance: piped
template:
metadata:
labels:
- app.kubernetes.io/name: piped-ytproxy
+ app.kubernetes.io/component: ytproxy
app.kubernetes.io/instance: piped
+ app.kubernetes.io/name: piped
spec:
+ enableServiceLinks: false
serviceAccountName: default
automountServiceAccountToken: false
+ securityContext:
+ fsGroup: 1000
+ fsGroupChangePolicy: OnRootMismatch
+ runAsGroup: 1000
+ runAsUser: 1000
+ hostIPC: false
+ hostNetwork: false
+ hostPID: false
dnsPolicy: ClusterFirst
- enableServiceLinks: null
containers:
- - name: piped-ytproxy
- image: 1337kavin/piped-proxy:latest
- imagePullPolicy: IfNotPresent
- command:
+ - command:
- /app/piped-proxy
+ image: 1337kavin/piped-proxy:latest@sha256:9a0547e412cbb87e0dc8c94a44ea81811541c9d1535b57a9a144901662df94b7
livenessProbe:
+ failureThreshold: 3
+ initialDelaySeconds: 0
+ periodSeconds: 10
tcpSocket:
port: 8080
+ timeoutSeconds: 1
+ name: app
+ readinessProbe:
+ failureThreshold: 3
initialDelaySeconds: 0
- failureThreshold: 3
- timeoutSeconds: 1
periodSeconds: 10
- readinessProbe:
tcpSocket:
port: 8080
- initialDelaySeconds: 0
- failureThreshold: 3
timeoutSeconds: 1
- periodSeconds: 10
- startupProbe:
- tcpSocket:
- port: 8080
- initialDelaySeconds: 0
- failureThreshold: 30
- timeoutSeconds: 1
- periodSeconds: 5
- ports:
- - name: http
- containerPort: 8080
- protocol: TCP
+ resources:
+ limits:
+ memory: 2000Mi
+ requests:
+ cpu: 10m
+ memory: 500Mi
+ securityContext:
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop:
+ - ALL
+ seccompProfile:
+ type: RuntimeDefault
--- HelmRelease: media/piped Ingress: media/piped
+++ HelmRelease: media/piped Ingress: media/piped
@@ -1,28 +0,0 @@
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
- name: piped
- labels:
- app.kubernetes.io/instance: piped
- app.kubernetes.io/managed-by: Helm
- app.kubernetes.io/name: piped
- annotations:
- external-dns.alpha.kubernetes.io/target: ingress-int.bjw-s.dev
- nginx.ingress.kubernetes.io/cors-allow-origin: https://piped.bjw-s.dev, https://piped-api.bjw-s.dev,
- https://piped-proxy.bjw-s.dev
- nginx.ingress.kubernetes.io/enable-cors: 'true'
-spec:
- ingressClassName: internal-nginx
- rules:
- - host: piped.bjw-s.dev
- http:
- paths:
- - path: /
- pathType: Prefix
- backend:
- service:
- name: piped-frontend
- port:
- number: 8080
-
--- HelmRelease: media/piped Ingress: media/piped-frontend
+++ HelmRelease: media/piped Ingress: media/piped-frontend
@@ -0,0 +1,28 @@
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: piped-frontend
+ labels:
+ app.kubernetes.io/instance: piped
+ app.kubernetes.io/managed-by: Helm
+ app.kubernetes.io/name: piped
+ annotations:
+ external-dns.alpha.kubernetes.io/target: ingress-int.bjw-s.dev
+ nginx.ingress.kubernetes.io/cors-allow-origin: https://piped.bjw-s.dev, https://piped-api.bjw-s.dev,
+ https://piped-proxy.bjw-s.dev
+ nginx.ingress.kubernetes.io/enable-cors: 'true'
+spec:
+ ingressClassName: internal-nginx
+ rules:
+ - host: piped.bjw-s.dev
+ http:
+ paths:
+ - path: /
+ pathType: Prefix
+ backend:
+ service:
+ name: piped-frontend
+ port:
+ number: 8080
+ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.