blob: 65b97e96c40b742a337f93a2c38be76be92ddbda (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
|
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: {{ namespace }}
name: sfive-{{ worker.name }}
labels:
app: sfive
worker: {{ worker.name }}
spec:
replicas: 1
selector:
matchLabels:
app: sfive
worker: {{ worker.name }}
strategy:
type: Recreate
revisionHistoryLimit: 5
template:
metadata:
labels:
app: sfive
worker: {{ worker.name }}
{% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %}
spreadspace.org/onion-service: {{ worker.flags['stream-onion'] }}
{% endif %}
spec:
nodeName: {{ worker.name }}
serviceAccountName: sfive
securityContext:
runAsUser: 998
fsGroup: 998
hostNetwork: true
dnsPolicy: ClusterFirstWithHostNet
containers:
{% if worker.flags.sfive == 'proxy' %}
- name: proxy
image: spreadspace/sfive:{{ desc.globals.deployment.parameter.sfive_image_version }}
imagePullPolicy: Always
args:
- s5proxy
- -config
- /srv/config/proxy.json
volumeMounts:
- name: home
mountPath: /srv
- name: proxy-config
mountPath: /srv/config
{% if 'stream-onion' in worker.flags %}
- name: proxy-onion
image: spreadspace/sfive:{{ desc.globals.deployment.parameter.sfive_image_version }}
imagePullPolicy: Always
args:
- s5proxy
- -config
- /srv/config/proxy-onion.json
volumeMounts:
- name: home
mountPath: /srv
- name: proxy-config
mountPath: /srv/config
- name: onion-service
image: spreadspace/onion-service:{{ desc.globals.deployment.parameter.onion_service_image_version }}
imagePullPolicy: Always
env:
- name: ONION_HOST
value: "127.0.0.1"
- name: ONION_PORT
value: "8001"
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
volumeMounts:
- name: onion-lib
mountPath: /var/lib/tor
- name: proxy-config
mountPath: /srv/config
{% endif %}
{% endif %}
- name: hub
image: spreadspace/sfive:{{ desc.globals.deployment.parameter.sfive_image_version }}
imagePullPolicy: Always
args:
- sfive-hub
- -db
- /srv/data/db.bolt
- -start-pipe-server=false
- -start-web-server=false
- -start-pipegram-server
- -pipegram
- /srv/hub.sock
volumeMounts:
- name: home
mountPath: /srv
- name: hub-data
mountPath: /srv/data
volumes:
- name: home
emptyDir:
medium: Memory
{% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %}
- name: onion-lib
emptyDir:
medium: Memory
{% endif %}
- name: proxy-config
configMap:
name: sfive-{{ worker.name }}
- name: hub-data
hostPath:
type: DirectoryOrCreate
path: /var/lib/sfive/{{ desc.globals.name }}
|