ungleich-public
/
ungleich-k8s
6
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

workadventure/v3: convert to help, add coturn

This commit is contained in:
Nico Schottelius 2021-12-19 13:29:41 +01:00
parent f6460ed64e
commit 72240ba775
17 changed files with 980 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/workadventure/unused/back-claim0-persistentvolumeclaim.yaml Normal file
View File

@ -0,0 +1,11 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ .Release.Name}}-back-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

14
apps/workadventure/unused/maps-claim0-persistentvolumeclaim.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: maps-claim0
name: maps-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

63
apps/workadventure/unused/maps-deployment.yaml Normal file
View File

@ -0,0 +1,63 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
name: {{ .Release.Name }}-maps
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: maps
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: maps
spec:
containers:
- env:
- name: DEBUG_MODE
- name: FRONT_URL
value: http://play.workadventure.localhost
- name: HOST
value: 0.0.0.0
- name: NODE_ENV
value: development
- name: STARTUP_COMMAND_0
value: sudo a2enmod headers
- name: STARTUP_COMMAND_1
value: yarn install
- name: STARTUP_COMMAND_2
value: yarn run dev &
image: thecodingmachine/php:8.1-v4-apache-node12
name: maps
ports:
- containerPort: 80
volumeMounts:
- mountPath: /var/www/html
name: maps-claim0
restartPolicy: Always
volumes:
- name: maps-claim0
persistentVolumeClaim:
claimName: maps-claim0
status: {}
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-maps
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: maps
spec:
type: ClusterIP
ports:
- port: 8080
name: http
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: maps

14
apps/workadventure/unused/uploader-claim0-persistentvolumeclaim.yaml Normal file
View File

@ -0,0 +1,14 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
creationTimestamp: null
labels:
io.kompose.service: uploader-claim0
name: uploader-claim0
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 100Mi
status: {}

40
apps/workadventure/unused/uploader-deployment.yaml Normal file
View File

@ -0,0 +1,40 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
io.kompose.service: uploader
name: uploader
spec:
replicas: 1
selector:
matchLabels:
io.kompose.service: uploader
strategy:
type: Recreate
template:
metadata:
labels:
io.kompose.service: uploader
spec:
containers:
- command:
- yarn
- run
- runprod
env:
- name: DEBUG
value: '*'
- name: STARTUP_COMMAND_1
value: yarn install
image: thecodingmachine/workadventure-uploader:v1.6.4
name: uploader
resources: {}
volumeMounts:
- mountPath: /usr/src/app
name: uploader-claim0
restartPolicy: Always
volumes:
- name: uploader-claim0
persistentVolumeClaim:
claimName: uploader-claim0
status: {}

23
apps/workadventure/v3/.helmignore Normal file
View File

@ -0,0 +1,23 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*.orig
*~
# Various IDEs
.project
.idea/
*.tmproj
.vscode/

9
apps/workadventure/v3/Chart.yaml Normal file
View File

@ -0,0 +1,9 @@
apiVersion: v2
name: ungleich-nextcloud
description: ungleich managed nextcloud
type: application
version: 0.1.0
appVersion: "21.0.7-apache"

24
apps/workadventure/v3/nginx/default.conf Normal file
View File

@ -0,0 +1,24 @@
upstream php-handler {
server localhost:9000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name {{ tpl .Values.fqdn . }};
# Use Mozilla's guidelines for SSL/TLS settings
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
ssl_certificate /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ tpl .Values.fqdn . }}/privkey.pem;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
proxy_pass http://{{ .Release.Name }}-front.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }};
}
}

67
apps/workadventure/v3/templates/back-deployment.yaml Normal file
View File

@ -0,0 +1,67 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: back
name: {{ .Release.Name }}-back
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: back
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: back
spec:
containers:
- command:
- sh
- -c
- "yarn install && yarn run runprod"
env:
- name: ADMIN_API_TOKEN
- name: ALLOW_ARTILLERY
value: "true"
- name: DEBUG
value: '*'
- name: JITSI_ISS
- name: JITSI_URL
- name: MAX_PER_GROUP
value: MAX_PER_GROUP
- name: NODE_ENV
value: development
- name: REDIS_HOST
value: {{ .Release.Name}}-redis
- name: SECRET_JITSI_KEY
- name: SECRET_KEY
value: yourSecretKey
- name: STORE_VARIABLES_FOR_LOCAL_MAPS
value: "true"
- name: TURN_STATIC_AUTH_SECRET
value: SomeStaticAuthSecret
image: thecodingmachine/workadventure-back:v1.6.4
name: back
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-back
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: back
spec:
type: ClusterIP
ports:
- port: 80
name: http
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: back

390
apps/workadventure/v3/templates/coturn.yaml Normal file
View File

@ -0,0 +1,390 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-coturn
spec:
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: coturn
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: coturn
spec:
containers:
- name: coturn
image: coturn/coturn:4.5.2-alpine
ports:
- containerPort: 3478
name: port-3478
- containerPort: 5349
name: port-5349
- containerPort: 49160
name: port-49160
- containerPort: 49161
name: port-49161
- containerPort: 49162
name: port-49162
- containerPort: 49163
name: port-49163
- containerPort: 49164
name: port-49164
- containerPort: 49165
name: port-49165
- containerPort: 49166
name: port-49166
- containerPort: 49167
name: port-49167
- containerPort: 49168
name: port-49168
- containerPort: 49169
name: port-49169
- containerPort: 49170
name: port-49170
- containerPort: 49171
name: port-49171
- containerPort: 49172
name: port-49172
- containerPort: 49173
name: port-49173
- containerPort: 49174
name: port-49174
- containerPort: 49175
name: port-49175
- containerPort: 49176
name: port-49176
- containerPort: 49177
name: port-49177
- containerPort: 49178
name: port-49178
- containerPort: 49179
name: port-49179
- containerPort: 49180
name: port-49180
- containerPort: 49181
name: port-49181
- containerPort: 49182
name: port-49182
- containerPort: 49183
name: port-49183
- containerPort: 49184
name: port-49184
- containerPort: 49185
name: port-49185
- containerPort: 49186
name: port-49186
- containerPort: 49187
name: port-49187
- containerPort: 49188
name: port-49188
- containerPort: 49189
name: port-49189
- containerPort: 49190
name: port-49190
- containerPort: 49191
name: port-49191
- containerPort: 49192
name: port-49192
- containerPort: 49193
name: port-49193
- containerPort: 49194
name: port-49194
- containerPort: 49195
name: port-49195
- containerPort: 49196
name: port-49196
- containerPort: 49197
name: port-49197
- containerPort: 49198
name: port-49198
- containerPort: 49199
name: port-49199
- containerPort: 49200
name: port-49200
---
# for p in 3478 5349 {49160..49200}; do echo " - port: $p"; echo " name: port-$p" ; echo " protocol: TCP"; done
# for p in 3478 5349 {49160..49200}; do echo " - port: $p"; echo " name: port-$p-udp" ; echo " protocol: UDP"; done
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-coturn
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: coturn
spec:
type: ClusterIP
ports:
- port: 3478
name: port-3478
protocol: TCP
- port: 5349
name: port-5349
protocol: TCP
- port: 49160
name: port-49160
protocol: TCP
- port: 49161
name: port-49161
protocol: TCP
- port: 49162
name: port-49162
protocol: TCP
- port: 49163
name: port-49163
protocol: TCP
- port: 49164
name: port-49164
protocol: TCP
- port: 49165
name: port-49165
protocol: TCP
- port: 49166
name: port-49166
protocol: TCP
- port: 49167
name: port-49167
protocol: TCP
- port: 49168
name: port-49168
protocol: TCP
- port: 49169
name: port-49169
protocol: TCP
- port: 49170
name: port-49170
protocol: TCP
- port: 49171
name: port-49171
protocol: TCP
- port: 49172
name: port-49172
protocol: TCP
- port: 49173
name: port-49173
protocol: TCP
- port: 49174
name: port-49174
protocol: TCP
- port: 49175
name: port-49175
protocol: TCP
- port: 49176
name: port-49176
protocol: TCP
- port: 49177
name: port-49177
protocol: TCP
- port: 49178
name: port-49178
protocol: TCP
- port: 49179
name: port-49179
protocol: TCP
- port: 49180
name: port-49180
protocol: TCP
- port: 49181
name: port-49181
protocol: TCP
- port: 49182
name: port-49182
protocol: TCP
- port: 49183
name: port-49183
protocol: TCP
- port: 49184
name: port-49184
protocol: TCP
- port: 49185
name: port-49185
protocol: TCP
- port: 49186
name: port-49186
protocol: TCP
- port: 49187
name: port-49187
protocol: TCP
- port: 49188
name: port-49188
protocol: TCP
- port: 49189
name: port-49189
protocol: TCP
- port: 49190
name: port-49190
protocol: TCP
- port: 49191
name: port-49191
protocol: TCP
- port: 49192
name: port-49192
protocol: TCP
- port: 49193
name: port-49193
protocol: TCP
- port: 49194
name: port-49194
protocol: TCP
- port: 49195
name: port-49195
protocol: TCP
- port: 49196
name: port-49196
protocol: TCP
- port: 49197
name: port-49197
protocol: TCP
- port: 49198
name: port-49198
protocol: TCP
- port: 49199
name: port-49199
protocol: TCP
- port: 49200
name: port-49200
protocol: TCP
- port: 3478
name: port-3478-udp
protocol: UDP
- port: 5349
name: port-5349-udp
protocol: UDP
- port: 49160
name: port-49160-udp
protocol: UDP
- port: 49161
name: port-49161-udp
protocol: UDP
- port: 49162
name: port-49162-udp
protocol: UDP
- port: 49163
name: port-49163-udp
protocol: UDP
- port: 49164
name: port-49164-udp
protocol: UDP
- port: 49165
name: port-49165-udp
protocol: UDP
- port: 49166
name: port-49166-udp
protocol: UDP
- port: 49167
name: port-49167-udp
protocol: UDP
- port: 49168
name: port-49168-udp
protocol: UDP
- port: 49169
name: port-49169-udp
protocol: UDP
- port: 49170
name: port-49170-udp
protocol: UDP
- port: 49171
name: port-49171-udp
protocol: UDP
- port: 49172
name: port-49172-udp
protocol: UDP
- port: 49173
name: port-49173-udp
protocol: UDP
- port: 49174
name: port-49174-udp
protocol: UDP
- port: 49175
name: port-49175-udp
protocol: UDP
- port: 49176
name: port-49176-udp
protocol: UDP
- port: 49177
name: port-49177-udp
protocol: UDP
- port: 49178
name: port-49178-udp
protocol: UDP
- port: 49179
name: port-49179-udp
protocol: UDP
- port: 49180
name: port-49180-udp
protocol: UDP
- port: 49181
name: port-49181-udp
protocol: UDP
- port: 49182
name: port-49182-udp
protocol: UDP
- port: 49183
name: port-49183-udp
protocol: UDP
- port: 49184
name: port-49184-udp
protocol: UDP
- port: 49185
name: port-49185-udp
protocol: UDP
- port: 49186
name: port-49186-udp
protocol: UDP
- port: 49187
name: port-49187-udp
protocol: UDP
- port: 49188
name: port-49188-udp
protocol: UDP
- port: 49189
name: port-49189-udp
protocol: UDP
- port: 49190
name: port-49190-udp
protocol: UDP
- port: 49191
name: port-49191-udp
protocol: UDP
- port: 49192
name: port-49192-udp
protocol: UDP
- port: 49193
name: port-49193-udp
protocol: UDP
- port: 49194
name: port-49194-udp
protocol: UDP
- port: 49195
name: port-49195-udp
protocol: UDP
- port: 49196
name: port-49196-udp
protocol: UDP
- port: 49197
name: port-49197-udp
protocol: UDP
- port: 49198
name: port-49198-udp
protocol: UDP
- port: 49199
name: port-49199-udp
protocol: UDP
- port: 49200
name: port-49200-udp
protocol: UDP
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: coturn
# See https://hub.docker.com/r/coturn/coturn
# tcp ports:
#
# Both tcp/udp:
# 3478 5349
# udp: {49160..49200}
#
# Generate using:
# for p in 3478 5349 {49160..49200}; do echo " - containerPort: $p"; echo " name: port-$p" ; done

82
apps/workadventure/v3/templates/front-deployment.yaml Normal file
View File

@ -0,0 +1,82 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name}}-front
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: front
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: front
spec:
containers:
- env:
# FIXME
- name: DEBUG_MODE
# FIXME
- name: DISABLE_ANONYMOUS
- name: DISABLE_NOTIFICATIONS
# FIXME
- name: HOST
value: 0.0.0.0
# FIXME
- name: ICON_URL
value: http://{{ .Release.Name }}-icon
- name: JITSI_PRIVATE_MODE
- name: JITSI_URL
- name: LIVE_RELOAD
value: "true"
- name: MAX_PER_GROUP
- name: MAX_USERNAME_LENGTH
- name: NODE_ENV
value: development
- name: OPID_LOGIN_SCREEN_PROVIDER
- name: PUSHER_URL
value: http://{{ .Release.Name }}-pusher
- name: SKIP_RENDER_OPTIMIZATIONS
- name: START_ROOM_URL
- name: STUN_SERVER
value: stun:stun.l.google.com:19302
- name: TURN_PASSWORD
- name: TURN_SERVER
value: turn:coturn.workadventure.localhost:3478,turns:coturn.workadventure.localhost:5349
- name: TURN_USER
# FIXME
- name: UPLOADER_URL
value: //uploader.workadventure.localhost
ports:
- containerPort: 8080
securityContext:
runAsUser: 0
image: thecodingmachine/workadventure-front:v1.6.4
name: front
command:
- sh
- -c
- "./templater.sh; yarn install; node /usr/local/bin/enable_apache_mods.js | bash; node /usr/local/bin/startup_commands.js | bash ; /usr/local/bin/apache-expose-envvars.sh; apache2-foreground"
resources: {}
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-front
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: front
spec:
type: ClusterIP
ports:
- port: 8080
name: http
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: front

38
apps/workadventure/v3/templates/icon-deployment.yaml Normal file
View File

@ -0,0 +1,38 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
name: {{ .Release.Name }}-icon
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: icon
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: icon
spec:
containers:
- image: matthiasluedtke/iconserver:v3.13.0
name: icon
ports:
- containerPort: 80
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-icon
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: icon
spec:
type: ClusterIP
ports:
- port: 80
name: http
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: icon

77
apps/workadventure/v3/templates/nginx.yaml Normal file
View File

@ -0,0 +1,77 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-nginx
spec:
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: nginx
replicas: 1
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: nginx
spec:
containers:
- name: nginx
image: ungleich/ungleich-certbot:0.3.2
ports:
- containerPort: 443
name: https
- containerPort: 80
name: http
env:
- name: DOMAIN
value: "{{ tpl .Values.fqdn . }}"
- name: EMAIL
value: "{{ .Values.email }}"
- name: NGINX
value: "yes"
{{ if eq .Values.letsencryptStaging "no" }}
- name: STAGING
value: "no"
{{ end }}
volumeMounts:
- name: nginx-config
mountPath: "/etc/nginx/conf.d/"
- name: etcletsencrypt
mountPath: "/etc/letsencrypt"
volumes:
- name: etcletsencrypt
persistentVolumeClaim:
claimName: {{ .Release.Name }}-letsencrypt-certs
- name: nginx-config
configMap:
name: {{ .Release.Name }}-nginx-config
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}
labels:
app: {{ .Release.Name }}
spec:
type: ClusterIP
ports:
- port: 80
name: http
- port: 443
name: https
selector:
app: {{ .Release.Name }}-workadventure
---
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: {{ .Release.Name }}-letsencrypt-certs
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: {{ .Values.storage.letsencrypt.size }}
storageClassName: {{ .Values.storage.letsencrypt.storageClass }}

7
apps/workadventure/v3/templates/nginxconf.yaml Normal file
View File

@ -0,0 +1,7 @@
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-nginx-config
data:
{{ tpl (.Files.Glob "nginx/*").AsConfig . | indent 2 }}

69
apps/workadventure/v3/templates/pusher-deployment.yaml Normal file
View File

@ -0,0 +1,69 @@
apiVersion: apps/v1
kind: Deployment
metadata:
annotations:
labels:
io.kompose.service: pusher
name: pusher
spec:
replicas: 1
selector:
matchLabels:
io.kompose.service: pusher
strategy:
type: Recreate
template:
metadata:
labels:
io.kompose.service: pusher
spec:
containers:
- command:
- yarn
- run
- runprod
env:
- name: ADMIN_API_TOKEN
- name: API_URL
value: back:50051
- name: DEBUG
value: socket:*
- name: DISABLE_ANONYMOUS
- name: FRONT_URL
value: http://play.workadventure.localhost
- name: JITSI_ISS
- name: JITSI_URL
- name: OPID_CLIENT_ID
- name: OPID_CLIENT_ISSUER
- name: OPID_CLIENT_REDIRECT_URL
- name: OPID_CLIENT_SECRET
- name: OPID_PROFILE_SCREEN_PROVIDER
- name: SECRET_JITSI_KEY
- name: SECRET_KEY
value: yourSecretKey
- name: STARTUP_COMMAND_1
value: yarn install
- name: STARTUP_COMMAND_2
value: while [ ! -f /usr/src/app/src/Messages/generated/messages_pb.js ]; do sleep 1; done
image: thecodingmachine/workadventure-pusher:v1.6.4
name: pusher
ports:
- containerPort: 8080
resources: {}
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-pusher
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: pusher
spec:
type: ClusterIP
ports:
- port: 8080
name: http
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: pusher

36
apps/workadventure/v3/templates/redis-deployment.yaml Normal file
View File

@ -0,0 +1,36 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-redis
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: redis
strategy: {}
template:
metadata:
labels:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: redis
spec:
containers:
- image: redis:6.2.6-alpine
name: redis
ports:
- containerPort: 6379
restartPolicy: Always
status: {}
---
apiVersion: v1
kind: Service
metadata:
name: {{ .Release.Name }}-redis
spec:
ports:
- port: 6379
protocol: TCP
selector:
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/component: redis

16
apps/workadventure/v3/values.yaml Normal file
View File

@ -0,0 +1,16 @@
clusterDomain: c2.k8s.ooo
email: technik@ungleich.ch
letsencryptStaging: "yes"
fqdn: "{{ .Release.Name }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }}"
storage:
data:
size: 20Gi
storageClass: rook-ceph-block-hdd
db:
size: 1Gi
storageClass: rook-ceph-block-ssd
letsencrypt:
size: 50Mi
storageClass: rook-ceph-block-hdd