diff options
author | Christian Pointner <equinox@spreadspace.org> | 2022-07-20 19:54:18 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2022-07-20 19:54:18 +0200 |
commit | b5a95405f7aec03a95abdad0f3b937b367c14c97 (patch) | |
tree | 1324dfd27176b02f237cac90943928c9332ac5e3 | |
parent | add new grafana dashboard for openwrt (diff) |
ele-* playbook refactoring and ele-calypso base install
-rw-r--r-- | dan/ele-calypso.yml | 98 | ||||
-rw-r--r-- | dan/ele-coturn.yml | 4 | ||||
-rw-r--r-- | dan/ele-dione.yml | 15 | ||||
-rw-r--r-- | dan/ele-dolmetsch-raspi.yml | 4 | ||||
-rw-r--r-- | dan/ele-emcplayer.yml | 4 | ||||
-rw-r--r-- | dan/ele-gwhetzner.yml | 4 | ||||
-rw-r--r-- | dan/ele-helene.yml | 95 | ||||
-rw-r--r-- | dan/ele-hpws-maxi.yml | 4 | ||||
-rw-r--r-- | dan/ele-hpws-mini1.yml | 4 | ||||
-rw-r--r-- | dan/ele-jitsi.yml | 4 | ||||
-rw-r--r-- | dan/ele-laptop.yml | 4 | ||||
-rw-r--r-- | dan/ele-lt.yml | 5 | ||||
-rw-r--r-- | dan/ele-media.yml | 4 | ||||
-rw-r--r-- | dan/ele-mon.yml | 4 | ||||
-rw-r--r-- | dan/ele-telesto.yml | 17 | ||||
-rw-r--r-- | dan/ele-thetys.yml | 4 | ||||
-rw-r--r-- | dan/ele-tsdatacop.yml | 4 | ||||
-rw-r--r-- | dan/ele-uhrturm.yml | 4 | ||||
-rw-r--r-- | inventory/group_vars/elevate-festival/vars.yml | 2 | ||||
-rw-r--r-- | inventory/host_vars/ele-calypso.yml | 60 | ||||
-rw-r--r-- | inventory/host_vars/ele-hpws-mini1.yml | 6 | ||||
-rw-r--r-- | inventory/host_vars/ele-tsdatacop.yml | 6 | ||||
-rw-r--r-- | inventory/hosts.ini | 1 | ||||
-rw-r--r-- | roles/streaming/player/defaults/main.yml | 4 | ||||
-rw-r--r-- | roles/streaming/player/tasks/main.yml | 8 | ||||
-rw-r--r-- | roles/streaming/player/templates/pod-spec.yml.j2 | 11 |
26 files changed, 264 insertions, 116 deletions
diff --git a/dan/ele-calypso.yml b/dan/ele-calypso.yml new file mode 100644 index 00000000..c6fe0cfa --- /dev/null +++ b/dan/ele-calypso.yml @@ -0,0 +1,98 @@ +--- +- name: Basic Setup + hosts: ele-calypso + roles: + - role: apt-repo/base + - role: core/base + - role: core/sshd/base + - role: core/zsh + - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-calypso + roles: + - role: apt-repo/spreadspace + - role: streaming/blackmagic/desktopvideo + - role: kubernetes/base + - role: kubernetes/standalone/base + - role: streaming/player + # post_tasks: + # - name: install smstools + # apt: + # name: smstools + # state: present + + # - name: add user for sachet + # user: + # name: sachet + # system: yes + # home: /nonexistent + # create_home: no + # groups: smsd + # append: yes + + # - name: create sachet config directory + # file: + # path: /etc/sachet + # state: directory + + # - name: install sachet config file + # copy: + # dest: /etc/sachet/config.yml + # content: | + # providers: + # smstools: + # outgoing_dir: /var/spool/sms/outgoing + + # receivers: + # - name: equinox + # provider: smstools + # to: + # - '+436644800222' + + # - name: install systemd service unit for sachet + # copy: + # dest: /etc/systemd/system/sachet.service + # content: | + # [Unit] + # Description=Sachet SMS Daemon for Prometheus Alertmanager + + # [Service] + # Restart=on-failure + # User=sachet + # ExecStart=/usr/local/bin/sachet -config /etc/sachet/config.yml + + # # systemd hardening-options + # AmbientCapabilities= + # CapabilityBoundingSet= + # DeviceAllow=/dev/null rw + # DevicePolicy=strict + # LimitMEMLOCK=0 + # LimitNOFILE=8192 + # LockPersonality=true + # MemoryDenyWriteExecute=true + # NoNewPrivileges=true + # PrivateDevices=true + # PrivateTmp=true + # PrivateUsers=true + # ProtectControlGroups=true + # ProtectHome=true + # ProtectKernelModules=true + # ProtectKernelTunables=true + # ProtectSystem=full + # ReadWritePaths=/var/spool/sms/outgoing + # RemoveIPC=true + # RestrictNamespaces=true + # RestrictRealtime=true + # SystemCallArchitectures=native + + # [Install] + # WantedBy=multi-user.target + + # ## TODO: + # ## - configure smstools + # ## - build sachet using this branch: https://github.com/spreadspace/sachet/tree/topic/add-smstools + # ## - copy binary to /usr/local/bin/sachet + # ## - $ systemctl daemon-reload + # ## - $ systemctl enable --now sachet diff --git a/dan/ele-coturn.yml b/dan/ele-coturn.yml index dcb8b417..9438c7b5 100644 --- a/dan/ele-coturn.yml +++ b/dan/ele-coturn.yml @@ -7,6 +7,10 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp + +- name: Payload Setup + hosts: ele-coturn + roles: - role: apt-repo/spreadspace - role: kubernetes/base - role: kubernetes/standalone/base diff --git a/dan/ele-dione.yml b/dan/ele-dione.yml index a6baf4c5..322818ae 100644 --- a/dan/ele-dione.yml +++ b/dan/ele-dione.yml @@ -6,23 +6,18 @@ - role: core/base - role: core/sshd/base - role: core/zsh - - role: core/cpu-microcode - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-dione + roles: - role: core/admin-users - role: apt-repo/spreadspace - role: nginx/base - role: monitoring/prometheus/exporter - role: streaming/blackmagic/desktopvideo post_tasks: - ## this is needed for local rtmp proxy - # - name: install interface config for guest vlan - # copy: - # content: | - # auto {{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }} - # iface {{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }} inet static - # address {{ network_zones.guest.prefix | ipaddr(network_zones.guest.offsets[inventory_hostname]) | ipaddr('address/prefix') }} - # dest: "/etc/network/interfaces.d/{{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }}" - # - name: prepare storage volume for recordings # vars: # storage_volume: diff --git a/dan/ele-dolmetsch-raspi.yml b/dan/ele-dolmetsch-raspi.yml index f75afcf8..f4008892 100644 --- a/dan/ele-dolmetsch-raspi.yml +++ b/dan/ele-dolmetsch-raspi.yml @@ -6,4 +6,8 @@ - role: core/base - role: core/sshd/base - role: core/zsh + +- name: Payload Setup + hosts: "{{ install_hostname }}" + roles: - role: streaming/dolmetsch-raspi diff --git a/dan/ele-emcplayer.yml b/dan/ele-emcplayer.yml index 03058a03..8654c2af 100644 --- a/dan/ele-emcplayer.yml +++ b/dan/ele-emcplayer.yml @@ -8,6 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: "{{ install_hostname }}" + roles: - role: ws/base - role: core/admin-users post_tasks: diff --git a/dan/ele-gwhetzner.yml b/dan/ele-gwhetzner.yml index bcd75bcd..754fae65 100644 --- a/dan/ele-gwhetzner.yml +++ b/dan/ele-gwhetzner.yml @@ -7,6 +7,10 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp + +- name: Payload Setup + hosts: ele-gwhetzner + roles: - role: network/wireguard/base - role: network/wireguard/p2p - role: network/nftables/base diff --git a/dan/ele-helene.yml b/dan/ele-helene.yml index e3913843..fea6a533 100644 --- a/dan/ele-helene.yml +++ b/dan/ele-helene.yml @@ -8,93 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode - - role: apt-repo/spreadspace - - role: nginx/base - - role: monitoring/prometheus/exporter - - role: vm/host/base - - role: vm/host/network - - role: installer/debian/base - - role: installer/openbsd/base - - role: streaming/blackmagic/desktopvideo - - role: kubernetes/base - - role: kubernetes/standalone/base - - role: streaming/player - # post_tasks: - # - name: install smstools - # apt: - # name: smstools - # state: present - # - name: add user for sachet - # user: - # name: sachet - # system: yes - # home: /nonexistent - # create_home: no - # groups: smsd - # append: yes - - # - name: create sachet config directory - # file: - # path: /etc/sachet - # state: directory - - # - name: install sachet config file - # copy: - # dest: /etc/sachet/config.yml - # content: | - # providers: - # smstools: - # outgoing_dir: /var/spool/sms/outgoing - - # receivers: - # - name: equinox - # provider: smstools - # to: - # - '+436644800222' - - # - name: install systemd service unit for sachet - # copy: - # dest: /etc/systemd/system/sachet.service - # content: | - # [Unit] - # Description=Sachet SMS Daemon for Prometheus Alertmanager - - # [Service] - # Restart=on-failure - # User=sachet - # ExecStart=/usr/local/bin/sachet -config /etc/sachet/config.yml - - # # systemd hardening-options - # AmbientCapabilities= - # CapabilityBoundingSet= - # DeviceAllow=/dev/null rw - # DevicePolicy=strict - # LimitMEMLOCK=0 - # LimitNOFILE=8192 - # LockPersonality=true - # MemoryDenyWriteExecute=true - # NoNewPrivileges=true - # PrivateDevices=true - # PrivateTmp=true - # PrivateUsers=true - # ProtectControlGroups=true - # ProtectHome=true - # ProtectKernelModules=true - # ProtectKernelTunables=true - # ProtectSystem=full - # ReadWritePaths=/var/spool/sms/outgoing - # RemoveIPC=true - # RestrictNamespaces=true - # RestrictRealtime=true - # SystemCallArchitectures=native - - # [Install] - # WantedBy=multi-user.target - - # ## TODO: - # ## - configure smstools - # ## - build sachet using this branch: https://github.com/spreadspace/sachet/tree/topic/add-smstools - # ## - copy binary to /usr/local/bin/sachet - # ## - $ systemctl daemon-reload - # ## - $ systemctl enable --now sachet +- name: Payload Setup + hosts: ele-helene + roles: + # - role: apt-repo/spreadspace + # - role: nginx/base + # - role: monitoring/prometheus/exporter diff --git a/dan/ele-hpws-maxi.yml b/dan/ele-hpws-maxi.yml index 70132f90..a5c67366 100644 --- a/dan/ele-hpws-maxi.yml +++ b/dan/ele-hpws-maxi.yml @@ -8,6 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-hpws-maxi + roles: - role: apt-repo/obs-studio - role: apt-repo/spreadspace - role: ws/base diff --git a/dan/ele-hpws-mini1.yml b/dan/ele-hpws-mini1.yml index 8bb1fc72..657ff5d8 100644 --- a/dan/ele-hpws-mini1.yml +++ b/dan/ele-hpws-mini1.yml @@ -8,6 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-hpws-mini1 + roles: - role: apt-repo/obs-studio - role: apt-repo/spreadspace - role: ws/base diff --git a/dan/ele-jitsi.yml b/dan/ele-jitsi.yml index 2e63f558..1ac3ef3f 100644 --- a/dan/ele-jitsi.yml +++ b/dan/ele-jitsi.yml @@ -7,6 +7,10 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp + +- name: Payload Setup + hosts: ele-jitsi + roles: - role: apt-repo/spreadspace - role: kubernetes/base - role: kubernetes/standalone/base diff --git a/dan/ele-laptop.yml b/dan/ele-laptop.yml index 097feeec..58b9d9f5 100644 --- a/dan/ele-laptop.yml +++ b/dan/ele-laptop.yml @@ -8,5 +8,9 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-laptop + roles: - role: ws/base - role: core/admin-users diff --git a/dan/ele-lt.yml b/dan/ele-lt.yml index 6749d744..097ee5d1 100644 --- a/dan/ele-lt.yml +++ b/dan/ele-lt.yml @@ -6,6 +6,11 @@ - role: core/base - role: core/sshd/base - role: core/zsh + - role: core/ntp + +- name: Payload Setup + hosts: ele-lt + roles: - role: apt-repo/spreadspace - role: acmetool/base - role: nginx/base diff --git a/dan/ele-media.yml b/dan/ele-media.yml index 65e02c32..c3913273 100644 --- a/dan/ele-media.yml +++ b/dan/ele-media.yml @@ -8,6 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-media + roles: - role: core/admin-users - role: storage/zfs/pools - role: apt-repo/spreadspace diff --git a/dan/ele-mon.yml b/dan/ele-mon.yml index 91498205..08a2d283 100644 --- a/dan/ele-mon.yml +++ b/dan/ele-mon.yml @@ -7,6 +7,10 @@ - role: core/sshd/base - role: core/zsh - role: core/ntp + +- name: Payload Setup + hosts: ele-mon + roles: - role: nginx/base - role: apt-repo/spreadspace - role: monitoring/prometheus/ca diff --git a/dan/ele-telesto.yml b/dan/ele-telesto.yml index 9c49295b..a1e877dd 100644 --- a/dan/ele-telesto.yml +++ b/dan/ele-telesto.yml @@ -6,15 +6,28 @@ - role: core/base - role: core/sshd/base - role: core/zsh - - role: core/cpu-microcode - role: core/ntp + - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-telesto + roles: - role: core/admin-users - role: apt-repo/spreadspace - role: nginx/base - role: monitoring/prometheus/exporter - role: streaming/blackmagic/desktopvideo post_tasks: - - name: install lm-sensors + ## this is needed for local icecast relay + # - name: install interface config for guest vlan + # copy: + # content: | + # auto {{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }} + # iface {{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }} inet static + # address {{ network_zones.guest.prefix | ipaddr(network_zones.guest.offsets[inventory_hostname]) | ipaddr('address/prefix') }} + # dest: "/etc/network/interfaces.d/{{ ansible_default_ipv4.interface }}.{{ network_zones.guest.vlan }}" + + - name: install lm-sensors and i7z apt: name: lm-sensors diff --git a/dan/ele-thetys.yml b/dan/ele-thetys.yml index c11cf01b..46a41b77 100644 --- a/dan/ele-thetys.yml +++ b/dan/ele-thetys.yml @@ -8,6 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-thetys + roles: - role: storage/lvm/groups - role: core/admin-users - role: apt-repo/spreadspace diff --git a/dan/ele-tsdatacop.yml b/dan/ele-tsdatacop.yml index 187dc110..d163d82e 100644 --- a/dan/ele-tsdatacop.yml +++ b/dan/ele-tsdatacop.yml @@ -8,6 +8,10 @@ - role: core/zsh - role: core/ntp - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-tsdatacop + roles: - role: apt-repo/obs-studio - role: apt-repo/spreadspace - role: ws/base diff --git a/dan/ele-uhrturm.yml b/dan/ele-uhrturm.yml index afbe781d..ff5f3332 100644 --- a/dan/ele-uhrturm.yml +++ b/dan/ele-uhrturm.yml @@ -7,6 +7,10 @@ - role: core/sshd/base - role: core/zsh - role: core/cpu-microcode + +- name: Payload Setup + hosts: ele-uhrturm + roles: - role: core/admin-users - role: streaming/blackmagic/desktopvideo - role: apt-repo/spreadspace diff --git a/inventory/group_vars/elevate-festival/vars.yml b/inventory/group_vars/elevate-festival/vars.yml index a6ad2e94..2f7efeb4 100644 --- a/inventory/group_vars/elevate-festival/vars.yml +++ b/inventory/group_vars/elevate-festival/vars.yml @@ -67,7 +67,7 @@ network_zones: ele-hpws-mini2: 241 ele-minidan: 242 equinox-t450s: 250 - ele-dione: 253 + ele-telesto: 253 ele-router: 254 wifi: ssid: "elevate Public" diff --git a/inventory/host_vars/ele-calypso.yml b/inventory/host_vars/ele-calypso.yml index d565c6d8..30fed842 100644 --- a/inventory/host_vars/ele-calypso.yml +++ b/inventory/host_vars/ele-calypso.yml @@ -1,15 +1,9 @@ --- +system_lvm_volume_size_root: 4G install: efi: yes disks: - primary: software-raid - raid: - level: 1 - members: - - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720805 - - /dev/disk/by-id/ata-SAMSUNG_HD103UJ_S1PVJDWQ720811 - system_lvm: - size: 20G + primary: /dev/disk/by-id/ata-OCZ-VERTEX2_OCZ-5328NA52AN84G246 network: nameservers: "{{ network_zones.lan.dns }}" @@ -20,3 +14,53 @@ network: gateway: "{{ network_zones.lan.gateway }}" interfaces: - *_network_primary_ + + +apt_repo_components: + - main + - contrib + - non-free ## for microcode updates + +spreadspace_apt_repo_components: + - main + - container + - streaming + +admin_users_host: + - equinox + + +blackmagic_desktopvideo_version: 12.2.2a6 +blackmagic_desktopvideo_include_gui: yes + + +docker_pkg_provider: docker-com + +docker_storage: + type: lvm + vg: "{{ host_name }}" + lv: docker + size: 10G + fs: ext4 + +kubelet_storage: + type: lvm + vg: "{{ host_name }}" + lv: kubelet + size: 5G + fs: ext4 + +kubernetes_version: 1.24.2 +kubernetes_container_runtime: docker +kubernetes_standalone_max_pods: 42 +kubernetes_standalone_cni_variant: with-portmap + +player_inst_name: emc-feed +player_ffmpeg_image_version: bullseye-decklink11.7-2022-06-12.26 +#player_input: [ '-f', 'live_flv', '-rtmp_live', 'live', '-i', "rtmp://{{ network_zones.cc_leslie.prefix | ipaddr(network_zones.cc_leslie.offsets['ele-thetys']) | ipaddr('address') }}/emc-feed/full" ] +player_input: [ '-stream_loop', '-1', '-i', '/srv/videos/Big Buck Bunny 1080p 60fps.mp4' ] +player_output: [ '-ac', '2', '-pix_fmt', 'uyvy422', '-s', '1920x1080' ,'-r', '50','-f', 'decklink', 'DeckLink Duo (2)' ] +player_volume_mounts: + videos: + src: /srv/videos + dest: /srv/videos diff --git a/inventory/host_vars/ele-hpws-mini1.yml b/inventory/host_vars/ele-hpws-mini1.yml index d5b9b51b..7c33506f 100644 --- a/inventory/host_vars/ele-hpws-mini1.yml +++ b/inventory/host_vars/ele-hpws-mini1.yml @@ -37,12 +37,12 @@ install: - "consoleblank=0" network: - nameservers: "{{ network_zones.cc_hmtsaal.dns }}" + nameservers: "{{ network_zones.emc.dns }}" domain: "{{ host_domain }}" primary: &_network_primary_ name: eno1 - address: "{{ network_zones.cc_hmtsaal.prefix | ipaddr(network_zones.cc_hmtsaal.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ network_zones.cc_hmtsaal.gateway }}" + address: "{{ network_zones.emc.prefix | ipaddr(network_zones.emc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ network_zones.emc.gateway }}" interfaces: - *_network_primary_ - name: eno1.18 diff --git a/inventory/host_vars/ele-tsdatacop.yml b/inventory/host_vars/ele-tsdatacop.yml index 76c8e705..3aa24e8a 100644 --- a/inventory/host_vars/ele-tsdatacop.yml +++ b/inventory/host_vars/ele-tsdatacop.yml @@ -37,12 +37,12 @@ install: - "consoleblank=0" network: - nameservers: "{{ network_zones.cc_hmtsaal.dns }}" + nameservers: "{{ network_zones.emc.dns }}" domain: "{{ host_domain }}" primary: &_network_primary_ name: eno1 - address: "{{ network_zones.cc_hmtsaal.prefix | ipaddr(network_zones.cc_hmtsaal.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" - gateway: "{{ network_zones.cc_hmtsaal.gateway }}" + address: "{{ network_zones.emc.prefix | ipaddr(network_zones.emc.offsets[inventory_hostname]) | ipaddr('address/prefix') }}" + gateway: "{{ network_zones.emc.gateway }}" interfaces: - *_network_primary_ - name: enp6s0f0 diff --git a/inventory/hosts.ini b/inventory/hosts.ini index 62fbe653..424dfdbc 100644 --- a/inventory/hosts.ini +++ b/inventory/hosts.ini @@ -533,6 +533,7 @@ sk-cloudio ele-media ele-thetys ele-helene +ele-calypso ele-coturn ele-jitsi s2-thetys diff --git a/roles/streaming/player/defaults/main.yml b/roles/streaming/player/defaults/main.yml index 280aa2ea..eb7a0406 100644 --- a/roles/streaming/player/defaults/main.yml +++ b/roles/streaming/player/defaults/main.yml @@ -3,3 +3,7 @@ # player_ffmpeg_image_version: bullseye-decklink11.7-2022-06-12.26 # player_input: [ '-f', 'live_flv', '-rtmp_live', 'live', '-i', 'rtmp://192.0.2.1/feed/full' ] # player_output: [ '-pix_fmt', 'uyvy422', '-s', '1920x1080', '-filter:v', 'fps=fps=25', '-top', '1', '-flags:v', '+ilme+ildct', '-f', 'decklink', 'DeckLink SDI' ] +player_volume_mounts: {} +# videos: +# src: /srv/videos +# dest: /srv/videos diff --git a/roles/streaming/player/tasks/main.yml b/roles/streaming/player/tasks/main.yml index 68e8ec2f..c55b31c4 100644 --- a/roles/streaming/player/tasks/main.yml +++ b/roles/streaming/player/tasks/main.yml @@ -1,4 +1,12 @@ --- +- name: create directories for extra volume mounts + loop: "{{ player_volume_mounts | dict2items }}" + loop_control: + label: "{{ item.key }} ({{ item.value.src }})" + file: + path: "{{ item.value.src }}" + state: directory + - name: install pod manifest vars: kubernetes_standalone_pod: diff --git a/roles/streaming/player/templates/pod-spec.yml.j2 b/roles/streaming/player/templates/pod-spec.yml.j2 index 46175a41..8cd6c355 100644 --- a/roles/streaming/player/templates/pod-spec.yml.j2 +++ b/roles/streaming/player/templates/pod-spec.yml.j2 @@ -29,6 +29,11 @@ containers: subPath: blackmagic mountPath: /usr/lib/blackmagic readOnly: true +{% for name, mount in player_volume_mounts.items() %} + - name: {{ name }} + mountPath: {{ mount.dest }} + readOnly: true +{% endfor %} volumes: - name: decklink-device @@ -38,3 +43,9 @@ volumes: hostPath: type: Directory path: /usr/lib/ +{% for name, mount in player_volume_mounts.items() %} +- name: {{ name }} + hostPath: + type: Directory + path: {{ mount.src }} +{% endfor %} |