feat: files to os-system (#259)
This commit is contained in:
lovehunter9
494
apps/files/config/cluster/deploy/files_deploy.yaml
Normal file
494
apps/files/config/cluster/deploy/files_deploy.yaml
Normal file
@@ -0,0 +1,494 @@
|
||||
|
||||
{{- $namespace := printf "%s" "os-system" -}}
|
||||
{{- $files_secret := (lookup "v1" "Secret" $namespace "files-secrets") -}}
|
||||
{{- $password := "" -}}
|
||||
{{ if $files_secret -}}
|
||||
{{ $password = (index $files_secret "data" "password") }}
|
||||
{{ else -}}
|
||||
{{ $password = randAlphaNum 16 | b64enc }}
|
||||
{{- end -}}
|
||||
|
||||
{{- $files_redis_password := "" -}}
|
||||
{{ if $files_secret -}}
|
||||
{{ $files_redis_password = (index $files_secret "data" "redis_password") }}
|
||||
{{ else -}}
|
||||
{{ $files_redis_password = randAlphaNum 16 | b64enc }}
|
||||
{{- end -}}
|
||||
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: files-deployment
|
||||
namespace: os-system
|
||||
labels:
|
||||
app: files
|
||||
applications.app.bytetrade.io/name: files
|
||||
applications.app.bytetrade.io/owner: os-system
|
||||
applications.app.bytetrade.io/author: bytetrade.io
|
||||
annotations:
|
||||
applications.app.bytetrade.io/icon: https://file.bttcdn.com/appstore/files/icon.png
|
||||
applications.app.bytetrade.io/title: Files
|
||||
applications.app.bytetrade.io/version: '0.0.1'
|
||||
applications.app.bytetrade.io/entrances: '[{"name":"files", "host":"files-service", "port":80,"title":"Files"}]'
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app: files
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: files
|
||||
spec:
|
||||
serviceAccount: os-internal
|
||||
serviceAccountName: os-internal
|
||||
containers:
|
||||
- name: gateway
|
||||
image: beclab/appdata-gateway:0.1.14
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- containerPort: 8080
|
||||
env:
|
||||
- name: FILES_SERVER_TAG
|
||||
value: 'beclab/files-server:v0.2.28'
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
# - name: OS_SYSTEM_SERVER
|
||||
# value: system-server.os-system
|
||||
|
||||
- name: files
|
||||
image: beclab/files-server:v0.2.28
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- name: fb-data
|
||||
mountPath: /appdata
|
||||
- name: userspace-dir
|
||||
mountPath: /data
|
||||
# mountPath: /data/Home
|
||||
# - name: userspace-app-dir
|
||||
# mountPath: /data/Application
|
||||
# - name: watch-dir
|
||||
# mountPath: /data/Home/Documents
|
||||
- name: upload-appdata
|
||||
mountPath: /appcache/
|
||||
ports:
|
||||
- containerPort: 8110
|
||||
env:
|
||||
- name: ES_ENABLED
|
||||
value: 'False'
|
||||
- name: WATCHER_ENABLED
|
||||
value: 'False'
|
||||
- name: KNOWLEDGE_BASE_ENABLED
|
||||
value: 'False'
|
||||
# - name: BFL_NAME
|
||||
# value: 'os-system'
|
||||
- name: FB_DATABASE
|
||||
value: /appdata/database/filebrowser.db
|
||||
- name: FB_CONFIG
|
||||
value: /appdata/config/settings.json
|
||||
- name: FB_ROOT
|
||||
value: /data
|
||||
# - name: ZINC_USER
|
||||
# value: zincuser-files-os-system
|
||||
# - name: ZINC_PASSWORD
|
||||
# value: {{ $password | b64dec }}
|
||||
# - name: ZINC_HOST
|
||||
# value: zinc-server-svc.os-system
|
||||
# - name: ZINC_PORT
|
||||
# value: "80"
|
||||
# - name: ZINC_INDEX
|
||||
# value: os-system_zinc-files
|
||||
- name: WATCH_DIR
|
||||
value: /data/Home/Documents
|
||||
- name: PATH_PREFIX
|
||||
value: /data/Home
|
||||
- name: REDIS_HOST
|
||||
value: redis-cluster-proxy.os-system
|
||||
- name: REDIS_PORT
|
||||
value: '6379'
|
||||
- name: REDIS_USERNAME
|
||||
value: ''
|
||||
- name: REDIS_PASSWORD
|
||||
value: {{ $files_redis_password | b64dec }}
|
||||
- name: REDIS_USE_SSL
|
||||
value: 'false'
|
||||
# use redis db 0 for redis cache
|
||||
- name: REDIS_DB
|
||||
value: '0'
|
||||
- name: POD_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.name
|
||||
- name: NAMESPACE
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: metadata.namespace
|
||||
- name: CONTAINER_NAME
|
||||
value: files
|
||||
# - name: NOTIFY_SERVER
|
||||
# value: fsnotify-svc.os-system:5079
|
||||
command:
|
||||
- /filebrowser
|
||||
- --noauth
|
||||
- name: nginx
|
||||
image: 'beclab/nginx-lua:n0.0.4'
|
||||
ports:
|
||||
- containerPort: 80
|
||||
protocol: TCP
|
||||
volumeMounts:
|
||||
- name: files-nginx-config
|
||||
mountPath: /etc/nginx/conf.d/default.conf
|
||||
subPath: default.conf
|
||||
terminationMessagePath: /dev/termination-log
|
||||
terminationMessagePolicy: File
|
||||
imagePullPolicy: IfNotPresent
|
||||
|
||||
volumes:
|
||||
- name: userspace-dir
|
||||
hostPath:
|
||||
type: Directory
|
||||
path: /terminus/rootfs/userspace
|
||||
- name: fb-data
|
||||
hostPath:
|
||||
type: DirectoryOrCreate
|
||||
path: /terminus/userdata/Cache/files
|
||||
- name: upload-appdata
|
||||
hostPath:
|
||||
path: /terminus/userdata/Cache
|
||||
type: DirectoryOrCreate
|
||||
- name: files-nginx-config
|
||||
configMap:
|
||||
name: files-nginx-config
|
||||
items:
|
||||
- key: default.conf
|
||||
path: default.conf
|
||||
defaultMode: 420
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: files-service
|
||||
namespace: os-system
|
||||
spec:
|
||||
selector:
|
||||
app: files
|
||||
type: ClusterIP
|
||||
ports:
|
||||
- protocol: TCP
|
||||
name: files
|
||||
port: 80
|
||||
targetPort: 80
|
||||
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: DaemonSet
|
||||
metadata:
|
||||
name: appdata-backend
|
||||
namespace: os-system
|
||||
labels:
|
||||
app: appdata-backend
|
||||
annotations:
|
||||
velero.io/exclude-from-backup: "true"
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: appdata-backend
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: appdata-backend
|
||||
spec:
|
||||
containers:
|
||||
- name: files
|
||||
image: beclab/files-server:v0.2.28
|
||||
imagePullPolicy: IfNotPresent
|
||||
volumeMounts:
|
||||
- name: fb-data
|
||||
mountPath: /appdata
|
||||
- name: user-appdata-dir
|
||||
mountPath: /data/AppData
|
||||
ports:
|
||||
- containerPort: 8110
|
||||
env:
|
||||
- name: FB_DATABASE
|
||||
value: /appdata/database/filebrowser.db
|
||||
- name: FB_CONFIG
|
||||
value: /appdata/config/settings.json
|
||||
- name: FB_ROOT
|
||||
value: /data
|
||||
- name: NODE_NAME
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: spec.nodeName
|
||||
command:
|
||||
- /filebrowser
|
||||
- --noauth
|
||||
volumes:
|
||||
- name: user-appdata-dir
|
||||
hostPath:
|
||||
type: Directory
|
||||
path: /terminus/userdata/Cache
|
||||
- name: fb-data
|
||||
hostPath:
|
||||
type: DirectoryOrCreate
|
||||
path: /terminus/userdata/Cache/files-appdata
|
||||
nodeSelector:
|
||||
app: appdata-backend
|
||||
affinity:
|
||||
nodeAffinity:
|
||||
requiredDuringSchedulingIgnoredDuringExecution:
|
||||
nodeSelectorTerms:
|
||||
- matchExpressions:
|
||||
- key: app
|
||||
operator: In
|
||||
values:
|
||||
- appdata-backend
|
||||
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: files-secrets
|
||||
namespace: os-system
|
||||
type: Opaque
|
||||
data:
|
||||
password: {{ $password }}
|
||||
redis_password: {{ $files_redis_password }}
|
||||
|
||||
---
|
||||
apiVersion: apr.bytetrade.io/v1alpha1
|
||||
kind: MiddlewareRequest
|
||||
metadata:
|
||||
name: files-redis
|
||||
namespace: os-system
|
||||
spec:
|
||||
app: files
|
||||
appNamespace: os-system
|
||||
middleware: redis
|
||||
redis:
|
||||
password:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: files_redis_password
|
||||
name: files-secrets
|
||||
namespace: files-redis
|
||||
|
||||
---
|
||||
kind: ConfigMap
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: files-nginx-config
|
||||
namespace: os-system
|
||||
annotations:
|
||||
kubesphere.io/creator: bytetrade.io
|
||||
data:
|
||||
default.conf: |-
|
||||
server {
|
||||
listen 80 default_server;
|
||||
|
||||
|
||||
# gzip on;
|
||||
# gzip_min_length 1000;
|
||||
# gzip_types text/plain text/xml application/javascript text/css;
|
||||
|
||||
# Gzip Settings
|
||||
gzip on;
|
||||
gzip_disable "msie6";
|
||||
gzip_min_length 1k;
|
||||
gzip_buffers 16 64k;
|
||||
gzip_http_version 1.1;
|
||||
gzip_comp_level 6;
|
||||
gzip_types *;
|
||||
client_max_body_size 2000M;
|
||||
root /app;
|
||||
|
||||
# normal routes
|
||||
# serve given url and default to index.html if not found
|
||||
# e.g. /, /user and /foo/bar will return index.html
|
||||
location / {
|
||||
try_files $uri $uri/index.html /index.html;
|
||||
add_header Cache-Control "private,no-cache";
|
||||
add_header Last-Modified "Oct, 03 Jan 2022 13:46:41 GMT";
|
||||
expires 0;
|
||||
}
|
||||
|
||||
# location /bfl/ {
|
||||
# add_header 'Access-Control-Allow-Headers' 'x-api-nonce,x-api-ts,x-api-ver,x-api-source';
|
||||
# proxy_pass http://bfl;
|
||||
# proxy_set_header Host $host;
|
||||
# proxy_set_header X-real-ip $remote_addr;
|
||||
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
|
||||
# add_header X-Frame-Options SAMEORIGIN;
|
||||
# }
|
||||
|
||||
location /api/resources/AppData {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
|
||||
location /api/raw/AppData {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
|
||||
location /provider {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
|
||||
location /api {
|
||||
proxy_pass http://127.0.0.1:8080;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /upload {
|
||||
proxy_pass http://127.0.0.1:40030;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /videos {
|
||||
proxy_pass http://127.0.0.1:9090;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 600s;
|
||||
client_max_body_size 4000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 750s;
|
||||
proxy_read_timeout 600s;
|
||||
proxy_send_timeout 600s;
|
||||
}
|
||||
|
||||
location /seahub/ {
|
||||
proxy_pass http://seafile/;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
|
||||
location /seafhttp/ {
|
||||
proxy_pass http://seafile:8082/;
|
||||
# rewrite ^/server(.*)$ $1 break;
|
||||
|
||||
# Add original-request-related headers
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Host $host;
|
||||
|
||||
add_header Accept-Ranges bytes;
|
||||
|
||||
client_body_timeout 60s;
|
||||
client_max_body_size 2000M;
|
||||
proxy_request_buffering off;
|
||||
keepalive_timeout 75s;
|
||||
proxy_read_timeout 60s;
|
||||
proxy_send_timeout 60s;
|
||||
}
|
||||
# files
|
||||
# for all routes matching a dot, check for files and return 404 if not found
|
||||
# e.g. /file.js returns a 404 if not found
|
||||
# location ~ \.(?!html) {
|
||||
# add_header Cache-Control "public, max-age=2678400";
|
||||
# try_files $uri =404;
|
||||
# }
|
||||
|
||||
# Set cache for static resources
|
||||
location ~ ^/(assets|js|css|fonts|img)/.*.(js|css|png|jpg|svg|woff|woff2)$
|
||||
{
|
||||
add_header Cache-Control "public, max-age=2678400";
|
||||
}
|
||||
|
||||
location ~ ^/resources/Home/Pictures/(.*.(png|jpg|svg|gif|jpeg))$
|
||||
{
|
||||
alias /data/Pictures/$1;
|
||||
autoindex off;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user