convert jitsi deployment to kustomize
continuous-integration/drone/push Build is failing
Details
continuous-integration/drone/push Build is failing
Details
This commit is contained in:
parent
79075f3330
commit
d4362d230c
|
@ -0,0 +1,22 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: jitsi
|
||||
name: jitsi
|
||||
namespace: jitsi
|
||||
spec:
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: web
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
value: "https://meet.tobru.ch"
|
||||
- name: prosody
|
||||
env:
|
||||
- name: PUBLIC_URL
|
||||
value: "https://meet.tobru.ch"
|
|
@ -1,154 +0,0 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: jitsi
|
||||
name: jitsi
|
||||
namespace: jitsi
|
||||
spec:
|
||||
replicas: 1
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
k8s-app: jitsi
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
k8s-app: jitsi
|
||||
spec:
|
||||
containers:
|
||||
- name: jicofo
|
||||
image: jitsi/jicofo:stable-6173
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JICOFO_COMPONENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_COMPONENT_SECRET
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Zurich
|
||||
- name: JVB_BREWERY_MUC
|
||||
value: jvbbrewery
|
||||
- name: PUBLIC_URL
|
||||
value: https://meet.tobru.ch
|
||||
- name: prosody
|
||||
image: jitsi/prosody:stable-6173
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JICOFO_COMPONENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_COMPONENT_SECRET
|
||||
- name: JVB_AUTH_USER
|
||||
value: jvb
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: TZ
|
||||
value: Europe/Zurich
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: PUBLIC_URL
|
||||
value: https://meet.tobru.ch
|
||||
- name: web
|
||||
image: jitsi/web:stable-6173
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: XMPP_BOSH_URL_BASE
|
||||
value: http://127.0.0.1:5280
|
||||
- name: XMPP_MUC_DOMAIN
|
||||
value: muc.meet.jitsi
|
||||
- name: TZ
|
||||
value: Europe/Zurich
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: PUBLIC_URL
|
||||
value: https://meet.tobru.ch
|
||||
- name: jvb
|
||||
image: jitsi/jvb:stable-6173
|
||||
imagePullPolicy: IfNotPresent
|
||||
env:
|
||||
- name: XMPP_SERVER
|
||||
value: localhost
|
||||
- name: DOCKER_HOST_ADDRESS
|
||||
value: localhost
|
||||
- name: XMPP_DOMAIN
|
||||
value: meet.jitsi
|
||||
- name: XMPP_AUTH_DOMAIN
|
||||
value: auth.meet.jitsi
|
||||
- name: XMPP_INTERNAL_MUC_DOMAIN
|
||||
value: internal-muc.meet.jitsi
|
||||
- name: JVB_STUN_SERVERS
|
||||
value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302
|
||||
- name: JICOFO_AUTH_USER
|
||||
value: focus
|
||||
- name: JVB_TCP_HARVESTER_DISABLED
|
||||
value: "true"
|
||||
- name: JVB_AUTH_USER
|
||||
value: jvb
|
||||
- name: JVB_PORT
|
||||
value: "30300"
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-config
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: JVB_BREWERY_MUC
|
||||
value: jvbbrewery
|
||||
- name: TZ
|
||||
value: Europe/Zurich
|
||||
- name: PUBLIC_URL
|
||||
value: https://meet.tobru.ch
|
||||
serviceAccountName: jitsi
|
|
@ -0,0 +1,9 @@
|
|||
namespace: jitsi
|
||||
bases:
|
||||
- https://github.com/jitsi-contrib/kubernetes/doc/kustomize
|
||||
|
||||
resources:
|
||||
- 041-ingress.yaml
|
||||
|
||||
patchesStrategicMerge:
|
||||
- 010-deployment.yaml
|
|
@ -1,57 +0,0 @@
|
|||
---
|
||||
apiVersion: policy/v1beta1
|
||||
kind: PodSecurityPolicy
|
||||
metadata:
|
||||
name: jitsi-privileged
|
||||
spec:
|
||||
allowPrivilegeEscalation: true
|
||||
fsGroup:
|
||||
rule: RunAsAny
|
||||
hostIPC: false
|
||||
hostNetwork: true
|
||||
hostPID: true
|
||||
hostPorts:
|
||||
- max: 65535
|
||||
min: 0
|
||||
privileged: true
|
||||
runAsUser:
|
||||
rule: RunAsAny
|
||||
seLinux:
|
||||
rule: RunAsAny
|
||||
supplementalGroups:
|
||||
rule: RunAsAny
|
||||
volumes:
|
||||
- configMap
|
||||
- downwardAPI
|
||||
- emptyDir
|
||||
- persistentVolumeClaim
|
||||
- projected
|
||||
- secret
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: jitsi-privileged
|
||||
namespace: jitsi
|
||||
rules:
|
||||
- apiGroups:
|
||||
- policy
|
||||
resources:
|
||||
- podsecuritypolicies
|
||||
resourceNames:
|
||||
- jitsi-privileged
|
||||
verbs:
|
||||
- use
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: jitsi-privileged
|
||||
namespace: jitsi
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: jitsi-privileged
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: jitsi
|
|
@ -1,35 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
service: jvb
|
||||
name: jvb-udp
|
||||
namespace: jitsi
|
||||
spec:
|
||||
type: NodePort
|
||||
externalTrafficPolicy: Cluster
|
||||
ports:
|
||||
- port: 30300
|
||||
protocol: UDP
|
||||
targetPort: 30300
|
||||
nodePort: 30300
|
||||
selector:
|
||||
k8s-app: jitsi
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
service: web
|
||||
name: web
|
||||
namespace: jitsi
|
||||
spec:
|
||||
ports:
|
||||
- name: "http"
|
||||
port: 80
|
||||
targetPort: 80
|
||||
- name: "https"
|
||||
port: 443
|
||||
targetPort: 443
|
||||
selector:
|
||||
k8s-app: jitsi
|
|
@ -1,5 +0,0 @@
|
|||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: jitsi
|
||||
namespace: jitsi
|
Reference in New Issue