134 lines
3.9 KiB
YAML
134 lines
3.9 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: archivebox
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: archivebox
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: archivebox
|
|
spec:
|
|
containers:
|
|
- name: oauth2-proxy
|
|
image: quay.io/oauth2-proxy/oauth2-proxy:v7.6.0
|
|
imagePullPolicy: IfNotPresent
|
|
ports:
|
|
- containerPort: 8000
|
|
protocol: TCP
|
|
name: http
|
|
env:
|
|
- name: OAUTH2_PROXY_HTTP_ADDRESS
|
|
value: :8000
|
|
- name: OAUTH2_PROXY_REVERSE_PROXY
|
|
value: "true"
|
|
- name: OAUTH2_PROXY_EMAIL_DOMAINS
|
|
value: tobru.ch
|
|
- name: OAUTH2_PROXY_PROVIDER
|
|
value: oidc
|
|
- name: OAUTH2_PROXY_REDIRECT_URL
|
|
value: https://archivebox.tobru.ch/oauth2/callback
|
|
- name: OAUTH2_PROXY_PROVIDER_DISPLAY_NAME
|
|
value: tbrnt ID
|
|
- name: OAUTH2_PROXY_OIDC_ISSUER_URL
|
|
value: https://id.tobru.ch/auth/v1
|
|
- name: OAUTH2_PROXY_CODE_CHALLENGE_METHOD
|
|
value: S256
|
|
- name: OAUTH2_PROXY_UPSTREAMS
|
|
value: http://127.0.0.1:8080
|
|
- name: OAUTH2_PROXY_SKIP_PROVIDER_BUTTON
|
|
value: "true"
|
|
envFrom:
|
|
- secretRef:
|
|
name: oauth2-proxy-frontend
|
|
resources: {}
|
|
- name: archivebox
|
|
args:
|
|
- server
|
|
- --quick-init
|
|
- "0.0.0.0:8080"
|
|
image: docker.io/archivebox/archivebox:0.7.2
|
|
env:
|
|
- name: PUBLIC_INDEX
|
|
value: "True"
|
|
- name: SAVE_ARCHIVE_DOT_ORG
|
|
value: "False"
|
|
- name: SEARCH_BACKEND_ENGINE
|
|
value: sonic
|
|
- name: SEARCH_BACKEND_HOST_NAME
|
|
value: localhost
|
|
- name: SEARCH_BACKEND_PASSWORD
|
|
value: ItDoesNtM4tt3rrITsLOCAL
|
|
- name: SAVE_MEDIA
|
|
value: "False"
|
|
- name: REVERSE_PROXY_USER_HEADER
|
|
value: X-Forwarded-Email
|
|
- name: REVERSE_PROXY_WHITELIST
|
|
value: "10.42.0.0/16,2001:cafe:42:0::/56,5.75.253.12/32,2a01:4f8:1c17:f190::1/128"
|
|
ports:
|
|
- containerPort: 8080
|
|
protocol: TCP
|
|
name: http
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
volumeMounts:
|
|
- mountPath: /data
|
|
name: archivebox
|
|
- name: scheduler
|
|
args:
|
|
- schedule
|
|
- --foreground
|
|
- --update
|
|
- --every=day
|
|
image: docker.io/archivebox/archivebox:0.7.2
|
|
env:
|
|
- name: TIMEOUT
|
|
value: "120"
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
volumeMounts:
|
|
- mountPath: /data
|
|
name: archivebox
|
|
- name: search
|
|
image: docker.io/valeriansaliou/sonic:v1.4.8
|
|
env:
|
|
- name: SEARCH_BACKEND_PASSWORD
|
|
value: ItDoesNtM4tt3rrITsLOCAL
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 128Mi
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
volumeMounts:
|
|
- mountPath: /var/lib/sonic/store
|
|
subPath: sonic
|
|
name: archivebox
|
|
- mountPath: /etc/sonic.cfg
|
|
subPath: sonic.cfg
|
|
name: sonic-config
|
|
restartPolicy: Always
|
|
volumes:
|
|
- name: archivebox
|
|
persistentVolumeClaim:
|
|
claimName: archivebox
|
|
- name: sonic-config
|
|
configMap:
|
|
name: sonic-config
|