diff options
author | Christian Pointner <equinox@spreadspace.org> | 2021-04-23 22:46:12 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2021-04-23 22:46:12 +0200 |
commit | 476c03d6003f21cbf7fd83f18738ab06c1cf6230 (patch) | |
tree | b5cc7c4d1737b71dc6c29628595398df6bbe4596 | |
parent | sgg-icecast: standalone kubelet (diff) |
icecast2 role and test deployment
-rw-r--r-- | inventory/host_vars/sgg-icecast.yml | 21 | ||||
-rw-r--r-- | roles/streaming/icecast/defaults/main.yml | 24 | ||||
-rw-r--r-- | roles/streaming/icecast/tasks/main.yml | 40 | ||||
-rw-r--r-- | roles/streaming/icecast/templates/icecast.xml.j2 | 71 | ||||
-rw-r--r-- | roles/streaming/icecast/templates/pod-spec.yml.j2 | 31 | ||||
-rw-r--r-- | spreadspace/host_vars/sgg-icecast.yml | 18 | ||||
-rw-r--r-- | spreadspace/sgg-icecast.yml | 12 |
7 files changed, 217 insertions, 0 deletions
diff --git a/inventory/host_vars/sgg-icecast.yml b/inventory/host_vars/sgg-icecast.yml index 3b3b609c..cba33d84 100644 --- a/inventory/host_vars/sgg-icecast.yml +++ b/inventory/host_vars/sgg-icecast.yml @@ -53,3 +53,24 @@ kubernetes_version: 1.21.0 kubernetes_container_runtime: docker kubernetes_standalone_max_pods: 42 kubernetes_standalone_cni_variant: with-portmap + + +icecast_instances: + schlagergarten: + image_version: 2021-04-23.1 + port: 8080 + + source_password: "{{ vault_icecast_secrets['schlagergarten'].source_password }}" + relay_password: "{{ vault_icecast_secrets['schlagergarten'].relay_password }}" + admin: + username: admin + password: "{{ vault_icecast_secrets['schlagergarten'].admin_password }}" + + hostname: stream.schlagergartengloria.at + location: Graz/Austria + contact: info@schlagergartengloria.at + + mountpoints: + '/live.mp3': + username: live + password: "{{ vault_icecast_secrets['schlagergarten'].mountpoint_passwords['live.mp3'] }}" diff --git a/roles/streaming/icecast/defaults/main.yml b/roles/streaming/icecast/defaults/main.yml new file mode 100644 index 00000000..673284fd --- /dev/null +++ b/roles/streaming/icecast/defaults/main.yml @@ -0,0 +1,24 @@ +--- +icecast_base_path: /srv/icecast + +# icecast_instances: +# example: +# image_version: 2021-04-23.1 +# port: 8080 + +# source_password: quite-secret +# relay_password: quite-secret +# admin: +# username: admin +# password: very-secret + +# ## optional +# hostname: stream.example.com +# location: Graz/Austria +# contact: icecast@example.com + +# mountpoints: +# '/test.mp3': +# username: ## optional +# password: secret +# max_listeners: ## optional diff --git a/roles/streaming/icecast/tasks/main.yml b/roles/streaming/icecast/tasks/main.yml new file mode 100644 index 00000000..cbd9f909 --- /dev/null +++ b/roles/streaming/icecast/tasks/main.yml @@ -0,0 +1,40 @@ +--- +- name: create icecast instance directory + loop: "{{ icecast_instances | list }}" + file: + path: "{{ icecast_base_path }}/{{ item }}" + state: directory + +- name: create icecast log directory + loop: "{{ icecast_instances | list }}" + file: + dest: "{{ icecast_base_path }}/{{ item }}/logs" + state: directory + owner: app + group: app + +- name: generate icecast config + loop: "{{ icecast_instances | dict2items }}" + loop_control: + label: "{{ item.key }}" + template: + src: icecast.xml.j2 + dest: "{{ icecast_base_path }}/{{ item.key }}/icecast.xml" + owner: root + group: app + mode: 0640 + +- name: install pod manifest + loop: "{{ icecast_instances | dict2items }}" + loop_control: + label: "{{ item.key }}" + vars: + kubernetes_standalone_pod: + name: "icecast-{{ item.key }}" + spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" + config_hash_items: + - path: "{{ icecast_base_path }}/{{ item.key }}/icecast.xml" + properties: + - checksum + include_role: + name: kubernetes/standalone/pod diff --git a/roles/streaming/icecast/templates/icecast.xml.j2 b/roles/streaming/icecast/templates/icecast.xml.j2 new file mode 100644 index 00000000..3bf0044a --- /dev/null +++ b/roles/streaming/icecast/templates/icecast.xml.j2 @@ -0,0 +1,71 @@ +<icecast> +<!-- ***** global ***** --> + <listen-socket> + <port>8080</port> + </listen-socket> + + <limits> + <threadpool>5</threadpool> + <queue-size>524288</queue-size> + <client-timeout>30</client-timeout> + <header-timeout>15</header-timeout> + <source-timeout>10</source-timeout> + <burst-on-connect>1</burst-on-connect> + <burst-size>32768</burst-size> + </limits> + + <authentication> + <source-password>{{ item.value.source_password }}</source-password> + <relay-password>{{ item.value.relay_password }}</relay-password> + <admin-user>{{ item.value.admin.username }}</admin-user> + <admin-password>{{ item.value.admin.password }}</admin-password> + </authentication> + +{% if 'hostname' in item.value %} + <hostname>{{ item.value.hostname }}</hostname> +{% endif %} +{% if 'location' in item.value %} + <location>{{ item.value.location }}</location> +{% endif %} +{% if 'contact' in item.value %} + <admin>{{ item.value.contact }}</admin> +{% endif %} + + +<!-- ***** mountpoints ***** --> +{% for mountpoint, config in item.value.mountpoints.items() %} + <mount> + <mount-name>{{ mountpoint }}</mount-name> +{% if 'username' in config %} + <username>{{ config.username }}</username> +{% endif %} + <password>{{ config.password }}</password> +{% if 'max_listeners' in config %} + <max-listeners>{{ config.max_listeners }}</max-listeners> +{% endif %} + </mount> + +{% endfor %} + +<!-- ***** aux ***** --> + <fileserve>1</fileserve> + <paths> + <basedir>/usr/share/icecast2</basedir> + <logdir>/srv/logs</logdir> + <webroot>/usr/share/icecast2/web</webroot> + <adminroot>/usr/share/icecast2/admin</adminroot> + <alias source="/" dest="/status.xsl"/> + </paths> + + <logging> + <errorlog>-</errorlog> + <accesslog>access.log</accesslog> + <loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1 Error --> + <logsize>100000</logsize> <!-- Max size of a logfile --> + </logging> + + <security> + <chroot>0</chroot> + </security> +<!-- ***** end ***** --> +</icecast> diff --git a/roles/streaming/icecast/templates/pod-spec.yml.j2 b/roles/streaming/icecast/templates/pod-spec.yml.j2 new file mode 100644 index 00000000..5dc0b086 --- /dev/null +++ b/roles/streaming/icecast/templates/pod-spec.yml.j2 @@ -0,0 +1,31 @@ +securityContext: + allowPrivilegeEscalation: false + runAsUser: 990 + runAsGroup: 990 +containers: +- name: icecast + image: registry.gitlab.com/spreadspace/docker/icecast:{{ item.value.image_version }} + imagePullPolicy: Always + resources: + limits: + memory: "512Mi" + args: + - icecast2 + - -c + - /srv/icecast.xml + volumeMounts: + - name: home + mountPath: /srv/icecast.xml + subPath: icecast.xml + readOnly: true + - name: home + mountPath: /srv/logs + subPath: logs + ports: + - containerPort: 8080 + hostPort: {{ item.value.port }} + +volumes: +- name: home + hostPath: + path: "{{ icecast_base_path }}/{{ item.key }}" diff --git a/spreadspace/host_vars/sgg-icecast.yml b/spreadspace/host_vars/sgg-icecast.yml new file mode 100644 index 00000000..c0e42963 --- /dev/null +++ b/spreadspace/host_vars/sgg-icecast.yml @@ -0,0 +1,18 @@ +$ANSIBLE_VAULT;1.2;AES256;spreadspace +39356439616363336239303163333166353034663966653934623963326433363061646164313031 +3862333763653737313830346237636531363966326336360a646166333832303135353833303831 +33393163633339636334653337346164636663653839306662616463386633396130643062376364 +3565333734323136340a306163663337663863616633613837636364643231353138393661353163 +33306332323030336566376634616663643636663335373033363935613964333166663661656138 +34636336383532646535396135303064653664626564333666623833303930396630633663356136 +39613038373831396662623630636338636164373664656235666362313633306439613631383064 +38613733613861663666666431373234306539666638616564353034396335656434393364613532 +30643032373332646335386566373866366536643866633537353061623866666234643862306464 +38666634653539396336393235343232363664326361386566666466633931373765383463613965 +63333262666230613033326364656235313530363932643461386362363839323035336436313130 +37316138323363613632626338353630643831643332396363333264653631383061396266383530 +32633032613631643530653534653563356539373836353934383062646434383062303162393934 +33383262303137396566656333626131636430656136666664656432646431383838303137346133 +36306465333335316131626165383937313237353461616464333933333837373166336130356539 +33666666646561373735643131656235366336303362633131363436613834376338383362306334 +61316435333265626339363965353836373464613338356137393434663539336164 diff --git a/spreadspace/sgg-icecast.yml b/spreadspace/sgg-icecast.yml new file mode 100644 index 00000000..9a10dd4f --- /dev/null +++ b/spreadspace/sgg-icecast.yml @@ -0,0 +1,12 @@ +--- +- name: Basic Setup + hosts: sgg-icecast + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: streaming/icecast |