135 lines
3.5 KiB
YAML
135 lines
3.5 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: recorder
|
|
namespace: owntracks
|
|
labels:
|
|
app: recorder
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: recorder
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: recorder
|
|
spec:
|
|
containers:
|
|
- name: oauth2-proxy
|
|
image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.0
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 8080
|
|
protocol: TCP
|
|
name: http
|
|
env:
|
|
- name: OAUTH2_PROXY_HTTP_ADDRESS
|
|
value: :8080
|
|
- name: OAUTH2_PROXY_REVERSE_PROXY
|
|
value: "true"
|
|
- name: OAUTH2_PROXY_EMAIL_DOMAINS
|
|
value: tobru.ch
|
|
- name: OAUTH2_PROXY_PROVIDER
|
|
value: github
|
|
- name: OAUTH2_PROXY_REDIRECT_URL
|
|
value: https://owntracks.tobru.ch/oauth2/callback
|
|
- name: OAUTH2_PROXY_PROVIDER_DISPLAY_NAME
|
|
value: tbrnt Gitea
|
|
- name: OAUTH2_PROXY_LOGIN_URL
|
|
value: https://git.tbrnt.ch/login/oauth/authorize
|
|
- name: OAUTH2_PROXY_REDEEM_URL
|
|
value: https://git.tbrnt.ch/login/oauth/access_token
|
|
- name: OAUTH2_PROXY_VALIDATE_URL
|
|
value: https://git.tbrnt.ch/api/v1
|
|
- name: OAUTH2_PROXY_SKIP_AUTH_REGEX
|
|
value: ^\/(view|static|utils)\/.*$
|
|
- name: OAUTH2_PROXY_UPSTREAMS
|
|
value: http://127.0.0.1:8083
|
|
envFrom:
|
|
- secretRef:
|
|
name: oauth2-proxy-recorder
|
|
securityContext:
|
|
runAsUser: 9999
|
|
runAsGroup: 9999
|
|
- name: recorder
|
|
env:
|
|
- name: OTR_HOST
|
|
value: mqtt-plain.mosquitto.svc.cluster.local
|
|
- name: OTR_USER
|
|
value: ot-recorder
|
|
- name: OTR_HTTPPREFIX
|
|
value: https://owntracks.tobru.ch
|
|
image: docker.io/owntracks/recorder:0.9.1
|
|
imagePullPolicy: Always
|
|
command:
|
|
- ot-recorder
|
|
- --viewsdir
|
|
- /htdocs/viewsjson
|
|
ports:
|
|
- containerPort: 8083
|
|
protocol: TCP
|
|
name: recorder
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /api/0/monitor
|
|
port: 8083
|
|
initialDelaySeconds: 1
|
|
periodSeconds: 30
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /store
|
|
- name: views
|
|
mountPath: /htdocs/viewsjson
|
|
- name: config
|
|
mountPath: /config
|
|
securityContext:
|
|
runAsUser: 9999
|
|
runAsGroup: 9999
|
|
resources:
|
|
requests:
|
|
memory: 32Mi
|
|
cpu: 100m
|
|
limits:
|
|
memory: 128Mi
|
|
cpu: 300m
|
|
- name: metrics
|
|
env:
|
|
- name: OWNTRACKS_STORAGEDIR
|
|
value: /store
|
|
- name: OWNTRACKS_URL
|
|
value: http://localhost:8083
|
|
- name: SERVER_PORT
|
|
value: "8888"
|
|
image: docker.io/linusgroh/prometheus-owntracks-exporter:latest
|
|
imagePullPolicy: Always
|
|
ports:
|
|
- containerPort: 8888
|
|
protocol: TCP
|
|
name: metrics
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /store
|
|
securityContext:
|
|
runAsUser: 9999
|
|
runAsGroup: 9999
|
|
resources:
|
|
requests:
|
|
memory: 32Mi
|
|
cpu: 100m
|
|
limits:
|
|
memory: 128Mi
|
|
cpu: 300m
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: owntracks-data
|
|
- name: views
|
|
configMap:
|
|
name: views
|
|
- name: config
|
|
secret:
|
|
secretName: recorder
|
|
|