diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml deleted file mode 100644 index 345b39e..0000000 --- a/.github/workflows/docker-publish.yml +++ /dev/null @@ -1,53 +0,0 @@ -name: Build and Publish Docker image - -on: - push: - branches: ['main'] - -env: - REGISTRY: ghcr.io - # IMAGE_NAME is derived from the repository name - IMAGE_NAME: ${{ github.repository }} - -jobs: - push_to_registry: - name: Push Docker image to GHCR - runs-on: ubuntu-latest - permissions: - # Required to read the repository contents. - contents: read - # Required to push packages (Docker images) to GHCR. - packages: write - - steps: - - name: Check out the repo - uses: actions/checkout@v4 - - - name: Log in to the Github Container registry - uses: docker/login-action@v3 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - # Using v5 for metadata-action - uses: docker/metadata-action@v5 - with: - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - tags: | - # Tag with branch name and short SHA on push to main - type=ref,event=branch,suffix=-{{sha}} - # Tag with 'latest' on push to main (default branch) - type=raw,value=latest,enable={{is_default_branch}} - - - name: Build and push Docker image - uses: docker/build-push-action@v6 - with: - context: . - # Push only when on the main branch (effectively, as the trigger is on: push: branches: [main]) - push: ${{ github.ref == 'refs/heads/main' }} - tags: ${{ steps.meta.outputs.tags }} - # Use labels generated by metadata-action (includes OCI standard labels) - labels: ${{ steps.meta.outputs.labels }} \ No newline at end of file diff --git a/.github/workflows/publish-and-release.yml b/.github/workflows/publish-and-release.yml new file mode 100644 index 0000000..aed6237 --- /dev/null +++ b/.github/workflows/publish-and-release.yml @@ -0,0 +1,131 @@ +name: Publish Image and Release Deployment + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +on: + workflow_dispatch: + push: + branches: ['main'] + pull_request: + branches: ['main'] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + get_version: + name: Determine Version + runs-on: ubuntu-latest + permissions: + checks: write + contents: write + id-token: write + pull-requests: write + security-events: write + statuses: write + outputs: + SemVer: ${{ steps.get-version.outputs.SemVer }} + steps: + + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install GitVersion + uses: gittools/actions/gitversion/setup@v3.2.0 + with: + versionSpec: "6.2.x" + + - name: Determine Version + id: get-version + uses: gittools/actions/gitversion/execute@v3.2.0 + + - name: Output Version + run: | + echo "# Version:" >> $GITHUB_STEP_SUMMARY + echo ${{ steps.get-version.outputs.SemVer }} >> $GITHUB_STEP_SUMMARY + + push_to_registry: + needs: get_version + if: github.ref == 'refs/heads/main' + name: Push Docker image to GHCR + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + + - name: Check out the repo + uses: actions/checkout@v4 + + - name: Log in to the Github Container registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=${{ needs.get_version.outputs.SemVer }} + type=raw,value=latest + + - name: Build and push Docker image + id: build-and-push-image + uses: docker/build-push-action@v6 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + + - name: Output Image Details + if: steps.build-and-push-image.outcome == 'success' + run: | + echo "# Built and pushed the following images:" >> $GITHUB_STEP_SUMMARY + echo "${{ steps.meta.outputs.tags }}" | tr ',' '\n' >> $GITHUB_STEP_SUMMARY + + merge_to_release: + name: Merge to Release + needs: push_to_registry + if: github.ref == 'refs/heads/main' + runs-on: ubuntu-latest + permissions: + contents: write + steps: + + - name: Check Out the Repo + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Merge main Branch Locally + shell: bash + run: | + git config --global user.name "$verse-ci" + git config --global user.email "$ci@verse.app" + git checkout release + git merge -Xtheirs --no-commit origin/main + + - name: Apply Newest Version + shell: bash + run: | + yq -i '.version = "${{ needs.get_version.outputs.SemVer }}"' ./deployment/route96/Chart.yaml + yq -i '.appVersion = "${{ needs.get_version.outputs.SemVer }}"' ./deployment/route96/Chart.yaml + yq -i '.image.tag = "${{ needs.get_version.outputs.SemVer }}"' ./deployment/route96/values.yaml + + - name: Commit and Push to Trigger Release + shell: bash + run: | + git tag ${{ needs.get_version.outputs.SemVer }} + git commit -a -m "Version ${{ needs.get_version.outputs.SemVer }} Release" + git push + git push --tags diff --git a/.gitignore b/.gitignore index f3a364a..2621638 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ target/ data/ -.idea/ \ No newline at end of file +.idea/ + +local/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 194daa8..e916001 100644 --- a/Dockerfile +++ b/Dockerfile @@ -76,4 +76,4 @@ RUN ./bin/route96 --version # Entrypoint runs as root initially to fix permissions, then switches to appuser USER root -ENTRYPOINT ["sh", "-c", "chown -R appuser:appgroup /app/data && exec gosu appuser /app/bin/route96 \"$@\""] \ No newline at end of file +ENTRYPOINT ["sh", "-c", "chown -R appuser:appgroup /app/data && exec gosu appuser /app/bin/route96 \"$@\""] diff --git a/deployment/README.md b/deployment/README.md new file mode 100644 index 0000000..09867e9 --- /dev/null +++ b/deployment/README.md @@ -0,0 +1,10 @@ +# Deployment +Verse utilizes a combination of Helm and ArgoCD to deploy this application to its Kubernetes cluster. Configuration for this deployment pattern requires the following: + 1. The repository has a helm chart, and all required/desired templates, written and stored in its `/deployment/` directory. + 2. An ArgoCD Application has been created that targets this repository's `/deployment/` directory. + +## To Deploy a change + 1. Update the `/deployment/Chart.yaml`'s `AppVersion` file, to contain the tag for the new Docker image. + 2. Merge this update to main. + 3. In ArgoCD, if auto-sync is not enabled for the Application that was created (the one targeting this repo), execute the sync operation for this Application. + 4. You should then see the new version of the application replace the old one, in ArgoCD. This reflects what is happening in the cluster. \ No newline at end of file diff --git a/deployment/route96/.helmignore b/deployment/route96/.helmignore new file mode 100644 index 0000000..0e8a0eb --- /dev/null +++ b/deployment/route96/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/deployment/route96/Chart.lock b/deployment/route96/Chart.lock new file mode 100644 index 0000000..e69de29 diff --git a/deployment/route96/Chart.yaml b/deployment/route96/Chart.yaml new file mode 100644 index 0000000..f062b35 --- /dev/null +++ b/deployment/route96/Chart.yaml @@ -0,0 +1,16 @@ +apiVersion: v2 +name: route96 +description: The Helm chart for deploying the Blossom media server from Verse's route96 repository. + +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 1.0.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "1.0.0" diff --git a/deployment/route96/templates/config.yaml b/deployment/route96/templates/config.yaml new file mode 100644 index 0000000..8da0483 --- /dev/null +++ b/deployment/route96/templates/config.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: blossom-config + namespace: blossom +data: + config: | + listen: "REPLACED_BY_ENV" + database: "REPLACED_BY_ENV" + filesystem: + storage_dir: "REPLACED_BY_ENV" + max_upload_bytes: 0 + public_url: "REPLACED_BY_ENV" + nip29_relay: + url: "REPLACED_BY_ENV" + private_key: "REPLACED_BY_ENV" + cache_expiration: 0 diff --git a/deployment/route96/templates/deployment.yaml b/deployment/route96/templates/deployment.yaml new file mode 100644 index 0000000..29f6ef9 --- /dev/null +++ b/deployment/route96/templates/deployment.yaml @@ -0,0 +1,91 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: blossom-deployment + namespace: blossom + labels: + app.kubernetes.io/name: blossom + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm +spec: + replicas: { { .Values.replicaCount } } + selector: + matchLabels: + app.kubernetes.io/name: blossom + template: + metadata: + labels: + app.kubernetes.io/name: blossom + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm + spec: + containers: + - name: my-container + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: { { .Values.image.pullPolicy | default "Always" } } + env: + - name: APP__LISTEN + value: 0.0.0.0:8000 + - name: APP__FILESYSTEM__STORAGE_DIR + value: /app/data + - name: APP__MAX_UPLOAD_BYTES + value: "5000000000" + - name: APP__PUBLIC_URL + value: http://localhost:8000 + - name: APP__NIP29_RELAY__URL + value: wss://communities.nos.social + - name: APP__NIP29_RELAY__CACHE_EXPIRATION + value: "300" + - name: APP__NIP29_RELAY__PRIVATE_KEY + valueFrom: + secretKeyRef: + name: "blossom-secret" + key: app_nip29_relay_private_key + - name: APP__DATABASE + valueFrom: + secretKeyRef: + name: "blossom-secret" + key: database_connection_string + resources: + requests: + memory: "512Mi" + cpu: "1" + limits: + memory: "1028Mi" + cpu: "2" + livenessProbe: + httpGet: + path: /health + port: 8000 + initialDelaySeconds: 30 + timeoutSeconds: 5 + readinessProbe: + httpGet: + path: /health + port: 8000 + initialDelaySeconds: 5 + timeoutSeconds: 3 + ports: + - containerPort: 8000 + protocol: TCP + volumeMounts: + - name: blossom-config + mountPath: /app/config.yaml + subPath: config + - name: blossom-storage + mountPath: /app/data + - name: database-cacert + mountPath: /app/ca.pem + volumes: + - name: blossom-config + configMap: + name: blossom-config + - name: blossom-storage + persistentVolumeClaim: + claimName: blossom-pvc + - name: database-cacert + secret: + secretName: blossom-secret + items: + - key: database_cacert + path: ca.pem diff --git a/deployment/route96/templates/hpa.yaml b/deployment/route96/templates/hpa.yaml new file mode 100644 index 0000000..b21a672 --- /dev/null +++ b/deployment/route96/templates/hpa.yaml @@ -0,0 +1,27 @@ +apiVersion: autoscaling/v2 +kind: HorizontalPodAutoscaler +metadata: + name: blossom-hpa + namespace: blossom + labels: + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm +spec: + scaleTargetRef: + apiVersion: apps/v1 + kind: Deployment + name: blossom-deployment + minReplicas: { { .Values.autoscaling.minReplicas | default 1 } } + maxReplicas: { { .Values.autoscaling.maxReplicas | default 10 } } + metrics: + - type: Resource + resource: + name: cpu + target: + type: Utilization + averageUtilization: + { + { + .Values.autoscaling.targetCPUUtilizationPercentage | default 80, + }, + } diff --git a/deployment/route96/templates/ingress.yaml b/deployment/route96/templates/ingress.yaml new file mode 100644 index 0000000..1f0a8bf --- /dev/null +++ b/deployment/route96/templates/ingress.yaml @@ -0,0 +1,24 @@ +{{- if .Values.ingress.enabled -}} +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: blossom-ingress + namespace: blossom + annotations: + kubernetes.io/ingress.class: {{ .Values.ingress.className }} + labels: + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm +spec: + rules: + - host: {{ .Values.ingress.host }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: blossom-service + port: + number: 80 +{{- end -}} \ No newline at end of file diff --git a/deployment/route96/templates/pdb.yaml b/deployment/route96/templates/pdb.yaml new file mode 100644 index 0000000..90081d2 --- /dev/null +++ b/deployment/route96/templates/pdb.yaml @@ -0,0 +1,13 @@ +apiVersion: policy/v1 +kind: PodDisruptionBudget +metadata: + name: blossom-pdb + namespace: blossom + labels: + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm +spec: + minAvailable: { { .Values.pdb.minAvailable | default 1 } } + selector: + matchLabels: + app.kubernetes.io/name: blossom diff --git a/deployment/route96/templates/pvc.yaml b/deployment/route96/templates/pvc.yaml new file mode 100644 index 0000000..9dbbbce --- /dev/null +++ b/deployment/route96/templates/pvc.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: blossom-pvc + namespace: blossom + labels: + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: { { .Values.persistence.size | default "1Gi" } } diff --git a/deployment/route96/templates/sealed-secret.yaml b/deployment/route96/templates/sealed-secret.yaml new file mode 100644 index 0000000..2b778af --- /dev/null +++ b/deployment/route96/templates/sealed-secret.yaml @@ -0,0 +1,15 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + name: blossom-secret + namespace: blossom +spec: + encryptedData: + app_nip29_relay_private_key: AgBRSuOFpZs8CkrfTan7BRC2wAMW3u8Gb+dXcRhEDqmw3u2Ri5a4mHAW0ylSAv2EZdjfk/ukKO5nQevhLpbF/K5iPQqbdwc7BPIlLlOR1/uqOIBLV3R9ql4/fSLpCmcO9wVQwH3VKPkRQ/a9V8YCy1JEqPM7gHZn6DhxX0hggWn2jhfIm5duaVwOqZyzxDyqFGLiM31q9PS93r+ws0BDdKotd36q7Mdwa672NB/kdp5lEF/RKqbfygSuwvuNhgtXUxquccPYByyqYyxROLL4Q6IPQfDEcLuaiO9QGXoNda3/0DwsEvfg1W267NXVkcYAT9UISoCk3qKGUT1YLO3eLOc1AQopyyVobuKvNlBgT1jGyg0sonam+GD9mz6eA0vUvaC8ERV43ylXGQuBKKrtwJZ9dLGi1Ib2VACIQseU9fsptcQxdnUQ19uKJ59Zh+e1u66vrQbTVuHFpkfexlnsUSYPT43IwuoCoA2FGFIKj4SEloGM3DRO2QRdedkk9uUh8jdJN8ZtBpYcXJKf4Nn9n8hlOwXtT1afJofhhKe/b3LF9V0zOJwa9roRz3bWNSBjxNRrRgswESRbsienjre9Q+Kfw0dP0/yEyi8XwlFFxyuvW+qZtX7oPtD4SK/W7DhlQ/OtIgMAkmc9I1OXJkpJgA11smIki0vQmiD12DaydnYI4qt1ByVfa+EVUEoSUgUbgHvYWSbd9kZfLIu+Yo5HqpFDVQrGJsFZcUhnydh0Wu6URaZV15zh9MOhehxU10zVwEYx/i9xK0C+cEVgR9NnT274 + database_cacert: AgAJbl1fOd85+r4zJh/3M72QLer8mdaMlP+TwH2jwHEkq7H3/adCfWWkl+zsqHflF1JFrr3hl1JjGMIWgkWeVUAKIVpQ8TvxEw8eNn0yI9QyV8K/q9DowLVqTyESYCATN/TebGX8iq5bjM4kz3IWyj0cN1QaLA5QSNHCaY9Kz6xQNyr5JBE9zsWCzGPH0G5Ft720dmE9V9xsSuaIQV650vAj8lI3ZBlm1zxk0yHuokMr6FvkcRXcgJV6QAHzPaNp8eM0H7ViNlhYuzZnnyHjfeXmCnWo+lVdEVRqyR5TXlmTJNVpzwQ1aMKGzv9/pAe3YwjgBGKYzfyDXywRkUrJ/j3G7OjTff+y6ulbG6duskZe/KdIlmT5zfzIe1AnWBqLoeHalsSOA9CV20TUdx8RfS8nJydVkPOpM7SCdYF4ykVci9/YsMg1Z42WHvc4dcCnGqtEHTR2eAZC7qi7zDiemr/7lkD1DFIrdqBrG4CJCOhYZ1MUiEyJxjY3aJIpJJFj0XJoLMm9I7d1stAtXzgiRqCYLUBnV0bf3LG9aI5k/PMltmCGG8XCT4acYaeayCwWZfx8H4sKxBGokvYLczgDXU9mV35U1WnI3zSs0PJAsiqwZ/mSSz7Cc31RjsBy8/rCKg62ixh1MYgCSjGgrtwH7BfoHh2Z5367PcuUmN3IgotIAM6FPEwmzTDIQXCxlwQp2Np4f7Aeez95hlLgAbDfO0xPzHE8rjHDcvkPNlGNTGNWnBqyLZRRd4n7sKcS+dFhx62EiUwy4JiohVC4Gg2RhdkcpqzsK1Xc6PajWhXKzbmd5JRc5MWYIdZBhTvwOS9B+wSz2MwMTQtDucOJZFadREcVQKBqs6Ml2GiaoT03CxwV0C3ur38rDo/QdtLmq3/7vVm5+eWx1G593GimS+XisgYdQUIuq+oP5LJcT38W9DGiP48FtdFXcxk4lmOg7MVJf27KxBuveyzBEUtE67K38oaJOOPT4GTPJ8azzmFv9y29X+CjBAroCZBSYvS2kp2XPMlwm9UfSw2QwdfIam3VKw4iqmhonmupU0sHBvet/iSRNETDrGv420RN165u2g25e93sz2BVDw+rY7aVobC9o3/xqEtgqg/JCueUMHIsEBx6tZlQ3wzHchXASYJuGl0SGL6V5n1navAM1kD1gZPfCa/FNiMaDz/wNVgPor7UzzBeU/dXJ1n+lcciOECFG34l7aME7Ml674Ib7Q8Ed2UHazCkLAYFRomSkgQb0FuY5KHmhKC7/cH0+PgTIkjCryGh6djaB8FL+H52ZUNSTfFsO3ugTUR7gTLzU46MN/fkPuY4N2UH359th3QuSeZOey4xeLkGj/6Tmb4pR9FjNr+TeGWOzCo7fayVhiLznNuUzJKN/tTYLUp2uh75Py19NXVKxfGbvWzgR+lfsfFCa66x/pFXGa6U03B1G69GY2DYJPzQ6HiOgOZZCjnSWK/ia/d2YUNbntAK9cElPPYC5U4t07hVtZbSJQpA3yhp55HxBz2z1sHy1VDqXSKJcrCAa1TXs/4b98PUYAS391I45zTGvv5QpVVWt9KyrIEF4vTHsE6Kpuw861fSQosn34KfwcMQpycqG1ro3GZOvQOJNq/+MBoM9HYF0iDNO9TOpNyP1LyuXZ+67+s2GWf5+ZN8LowVm/+hKrR9L+6xqQnTnCT2G1kCYrxiXXwDv28Q1hFYA32HXW/ddKkeFLgGgNLrSi+JPAVqFiBhfOL8xFU4r56r8nB0bXoeDnoFYbYrsu+rpxIzC5/IaCnae4Fe+m5GsLjq/87NdH1mjZqFabkCrYDuxpwsNk0EBbvY/a/lbUJDMkKUpsg7QaMCLfkd1KzUPh4f1GH/6mPhccAuXD8sMd5c4kd60j5A2OuWQDtbgxXUdr4IR+rbikAjBo5Y8puGrevHaqV3PWcD68gpwtwQwmhSIx+jjo9aeO9D2L+xcDOWunq/g9wYx5xWg+BnAICX83cWumijAE10qLIOY2YJE1hZi/OpuZhPd5rT7lweYp5oXKPYSU4yefSHMiJavFe7tGC1VkhEj6HqjFht4VQi4FnrIrjVqDxPTzGFcJGuJatNYUafYO5O6nWWJTdyQA5yfJEwoIocz3xrjzJDfTWA0i8yYDld5wef0J9Z4UZQMlHDOuBw8mcA7IaPmYicyrzaxZ8Nw92NTRkJ/C6hKVqG89WtmlSVaaq+QW7hEiAphBgQXacj7za6vlryOIIumtrqpN8zfMa0+ZH1kFtHKyb8t8F7OMr6ylZPFL1vLUshRemKH0chJIRDpVj41yn5M5vWlFnn/Rt59dBdAPj/PAfVn5/eC/WfMng+goRdgiOux9WF687IgdOi5mDCR65pOC1HQXRsBbuAVuIuiG4O5YQPkmk1CtWnjv/59wfob7hn/uQ+NNODZCddNLCOzUzVumU6vdPDOzx7DCg/zh4sRnwXfbtHvLD6vroUpw9AvCSrGGdfCBvZfCp+kRkD7pGHYlaW3dLAcZrbkfe68jVMO2Z0NJOAY5NLzyDlLrABdtr2kTC7pVey/dwWr62babLEPD4G2nEqmRNzpy+fD2KTZNu67iAU1t+vtGP86LOIG0D7NOf4vmxUsvqoPco3qOQqhABf+j7nSlocGV9gckd8M5VCLmOb3UkYcqbofWeYKizkqekUfRN7dUrMS3x7saS9xGzvrZ+5+k1gGkvVnonafMXC9tEopKRnxIuKpMUa8RXgxdhgdeuVCBydQ/6doc9PxeOyzLPiqxg= + database_connection_string: AgBbW8Zs/TllwgOvGEV2X08JnD0bVhax98OOlOfAuOlaQWU2faTlDrabVPk8bUvTxIHCZtc2i7Xx7q3396QnQpCq6ytai7rAsSKY4tb5cFikIjle3FFj5aMD1ph41mEKmopYMWDGrwQj0D2M+y34Et/lzA3/xvmUDTOpzB5+ecxjius4136V8fDDBUyJkSfjL1FW9iZtgk4wPxJhDlw66BDv/naL/gwGMVcFulhsx9RNuzITl5C/cKi5dXZ1AvpB6xUkZUygG9pBrx6xuNNK2T0AjTT0ls5jaPX1yQ7UJwb7NpSwpTDreW+zQs3cFd3tSKZ+Rn6HL2CHgxNrlf80Jrvi8ynd08szNU9uAOZL5raSECFPfnjEBGdCCTg+qrYSZQYvdpaJfKxnp1nWtQNVnOKcv+UehWDFnfFA0ZO+WnQz5auY8stZEaOGTk/XaipvgqjTjnFqOZcnq3Y7bUTtHTN7uvJ/eo9auRHF+6kaxL59H12iyh3vwQMTz5soiNaYVJlFjUHKeHFG+Yc0GbTBPGHauIyN2c9ftNearGgE1XKFqZePZB1JmyN0h8QBVw2HFrX9i73K6VXwbhGTTA/wraKfzbjZqaj6r4lsw0WlQNi7OrZX0Aoi5RO2qi9U6JgHnZF+jQbifVWSzfm5LfNb1hrtSsFfKnhNmGCY9TjxfoIWC8+C2mMHKYpNgW/SzQgd36o+mnVLaiaNvV6+d5oXL8dTZgkwxWfy18AEPd9rGZZ0YnaF/0mz7QfDwtnT6K9MtjmHR65PTjijzquLdz7CPkQr3T1ort38Qt/o+VBuXSo3gmy26hB1+Sa1vcAGU9I3GF9ujd0BG47hC9BWDzcdfsfxlpHSq316w5PM57ldgng4qsU/KtbdINlaQyHoVQ5ylP4vec0v7zYVgg4VVwxaIhzlNnY2K0RL28vsugKFIlmfhCBt02/gBFSFYoQZ + template: + metadata: + name: blossom-secret + namespace: blossom + type: Opaque diff --git a/deployment/route96/templates/service.yaml b/deployment/route96/templates/service.yaml new file mode 100644 index 0000000..c9eb5b7 --- /dev/null +++ b/deployment/route96/templates/service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + name: blossom-service + namespace: blossom + labels: + app.kubernetes.io/part-of: blossom + app.kubernetes.io/managed-by: Helm +spec: + selector: + app.kubernetes.io/name: blossom + ports: + - protocol: TCP + port: 80 + targetPort: 8000 + type: ClusterIP diff --git a/deployment/route96/values.yaml b/deployment/route96/values.yaml new file mode 100644 index 0000000..c2b7f13 --- /dev/null +++ b/deployment/route96/values.yaml @@ -0,0 +1,26 @@ +replicaCount: 1 + +image: + repository: ghcr.io/verse-pbc/route96 + tag: latest + pullPolicy: Always + +pdb: + minAvailable: 1 + +autoscaling: + minReplicas: 1 + maxReplicas: 1 + targetCPUUtilizationPercentage: 80 + +persistence: + size: "10Gi" + +service: + type: ClusterIP + port: 80 + +ingress: + enabled: false + className: "nginx" + host: "blossom.plur.app" diff --git a/docker-compose.yml b/docker-compose.yml index 1695d28..c1a8a17 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -37,7 +37,6 @@ services: APP__PUBLIC_URL: http://localhost:8000 # Nested values with double underscores APP__NIP29_RELAY__URL: ws://host.docker.internal:8080 - # Test key (pubkey: 385c3a6ec0b9d57a4330dbd6284989be5bd00e41c535f9ca39b6ae7c521b81cd) - replace if needed APP__NIP29_RELAY__PRIVATE_KEY: 6b911fd37cdf5c81d4c0adb1ab7fa822ed253ab0ad9aa18d77257c88b29b718e RUST_LOG: debug ports: