From eedec4b226b310d5a08a869fc8efa9061c0de50a Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Fri, 2 Mar 2018 18:21:54 +0100
Subject: added improvised onion service site

---
 contrib/k8s-emc/onion-hack/stream-site-deploy.yml | 93 +++++++++++++++++++++++
 1 file changed, 93 insertions(+)
 create mode 100644 contrib/k8s-emc/onion-hack/stream-site-deploy.yml

(limited to 'contrib/k8s-emc/onion-hack/stream-site-deploy.yml')

diff --git a/contrib/k8s-emc/onion-hack/stream-site-deploy.yml b/contrib/k8s-emc/onion-hack/stream-site-deploy.yml
new file mode 100644
index 0000000..8ae9b14
--- /dev/null
+++ b/contrib/k8s-emc/onion-hack/stream-site-deploy.yml
@@ -0,0 +1,93 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  namespace: emc
+  name: stream-site-public-onion
+  labels:
+    app: nginx
+    type: stream-site
+    stream: public-onion
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: nginx
+      type: stream-site
+      stream: public-onion
+  strategy:
+    type: Recreate
+  revisionHistoryLimit: 5
+  template:
+    metadata:
+      labels:
+        app: nginx
+        type: stream-site
+        stream: public-onion
+    spec:
+      nodeName: emc-00
+      securityContext:
+        runAsUser: 998
+        fsGroup: 998
+      initContainers:
+      - name: prepare-onion
+        image: busybox
+        command: ['sh', '-c', 'mkdir /srv/onion_service && cp /secrets/onion_service/* /srv/onion_service && chown -R 998:998 /var/lib/tor /srv/onion_service && chmod 0750 /var/lib/tor && chmod 0700 /srv/onion_service']
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+        - name: home
+          mountPath: /srv
+        - name: onion-lib
+          mountPath: /var/lib/tor
+        - name: onion-service
+          mountPath: /secrets/onion_service/
+      containers:
+      - name: nginx
+        image: spreadspace/nginx-streaming:4
+        imagePullPolicy: Always
+        args:
+        - nginx
+        - -c
+        - /srv/config/nginx.conf
+        - -g
+        - "daemon off;"
+        volumeMounts:
+        - name: home
+          mountPath: /srv
+        - name: nginx-lib
+          mountPath: /var/lib/nginx
+        - name: config
+          mountPath: /srv/config
+        - name: www
+          mountPath: /srv/www
+      - name: onion-service
+        image: spreadspace/onion-service:master-23
+        imagePullPolicy: Always
+        args: [ '/usr/bin/tor', '-f', '/srv/config/torrc', '--RunAsDaemon', '0' ]
+        volumeMounts:
+        - name: home
+          mountPath: /srv
+        - name: onion-lib
+          mountPath: /var/lib/tor
+        - name: config
+          mountPath: /srv/config
+      volumes:
+      - name: home
+        emptyDir:
+          medium: Memory
+      - name: onion-lib
+        emptyDir:
+          medium: Memory
+      - name: nginx-lib
+        emptyDir:
+          medium: Memory
+      - name: config
+        configMap:
+          name: stream-site-public-onion
+      - name: www
+        hostPath:
+          type: Directory
+          path: /srv/www/emc18
+      - name: onion-service
+        secret:
+          secretName: stream-site-public-onion
-- 
cgit v1.2.3