diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml index b546683..0c5e9db 100644 --- a/.gitea/workflows/deploy.yaml +++ b/.gitea/workflows/deploy.yaml @@ -4,31 +4,12 @@ on: push: branches: - main + paths: + - "k8s/**" jobs: - check-changes: - runs-on: ubuntu-latest - outputs: - changes: ${{ steps.filter.outputs.k8s }} - helm: ${{ steps.filter.outputs.helm }} - steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - with: - fetch-depth: 0 - - uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1 - id: filter - with: - filters: | - k8s: - - 'k8s/**' - helm: - - 'values/**' - - 'helmfile.yaml' - deploy: runs-on: ubuntu-latest - needs: check-changes - if: ${{ needs.check-changes.outputs.changes == 'true' || needs.check-changes.outputs.helm == 'true' }} steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: https://gitea.t000-n.de/t.behrendt/k_deploy_workflows/.gitea/actions/extract-namespace-from-repo-name@c373c34c836716e663e2d6379e686997bfd7746c # 0.0.6 @@ -56,6 +37,16 @@ jobs: "restic_rest_password": "${{ secrets.RESTIC_REST_PASSWORD }}", "gotify_token": "${{ secrets.GOTIFY_TOKEN }}" } + - name: Set photoprism admin password + uses: azure/k8s-create-secret@6e0ba8047235646753f2a3a3b359b4d0006ff218 # v5.0.1 + with: + namespace: ${{ steps.namespace.outputs.namespace }} + secret-name: prism-credentials + secret-type: generic + data: | + { + "admin_password": "${{ secrets.PHOTOPRISM_ADMIN_PASSWORD }}" + } - name: Deploy uses: azure/k8s-deploy@c8cfec839dc09896b3b8cc40cd13d04792680771 # v5.1.0 with: @@ -63,7 +54,3 @@ jobs: manifests: "k8s/" strategy: basic namespace: ${{ steps.namespace.outputs.namespace }} - - name: Deploy helm - uses: helmfile/helmfile-action@d9fefe29b0d07e9ab187ecfe1d63eff91e0a070c # v2.4.1 - with: - helmfile-args: apply diff --git a/.gitea/workflows/validate.yaml b/.gitea/workflows/validate.yaml index 36f9adc..dbc9fdf 100644 --- a/.gitea/workflows/validate.yaml +++ b/.gitea/workflows/validate.yaml @@ -28,7 +28,3 @@ jobs: namespace: ${{ steps.namespace.outputs.namespace }} lintType: dryrun manifests: "k8s/" - - name: Validate Helm - uses: helmfile/helmfile-action@d9fefe29b0d07e9ab187ecfe1d63eff91e0a070c # v2.4.1 - with: - helmfile-args: diff diff --git a/README.md b/README.md index 64d5f1d..49686fc 100644 --- a/README.md +++ b/README.md @@ -1,17 +1,9 @@ -Template DoDos: +# Kubernetes Deployment for Photoprism -- Add KUBECONFIG secret to your repo -- Place your k8s files in ./k8s/ -- Replace \ with the name of the service -- Replace \ with the URL of the service -- Replace \ with the authentication method used -- Replace \ with the namespace where the service is deployed in .github/workflows/deploy.yaml -- Provide a screenshot of the service in action in ./screenshot.png +Photoprism is a modern photo management service. -# Kubernetes Deployment for \ +Deployed to: https://photos.t00n.de -Deployed to: \ - -Authentication: \ +Authentication: Admin password ![Screenshot](screenshot.png) diff --git a/k8s/10_namespace.yaml b/k8s/10_namespace.yaml index badbdd5..9db2fde 100644 --- a/k8s/10_namespace.yaml +++ b/k8s/10_namespace.yaml @@ -1,4 +1,4 @@ apiVersion: v1 kind: Namespace metadata: - name: + name: photoprism diff --git a/k8s/21_deployment_photoprism.yaml b/k8s/21_deployment_photoprism.yaml new file mode 100644 index 0000000..35e1e4a --- /dev/null +++ b/k8s/21_deployment_photoprism.yaml @@ -0,0 +1,110 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: photoprism + name: photoprism +spec: + selector: + matchLabels: + app: photoprism + strategy: + type: Recreate + template: + metadata: + labels: + app: photoprism + spec: + nodeSelector: + kubernetes.io/hostname: k3sh0 + containers: + - name: photoprism + image: photoprism/photoprism:latest + imagePullPolicy: Always + resources: + limits: + cpu: "750m" + memory: "4096Mi" + requests: + cpu: "125m" + memory: "512Mi" + ports: + - containerPort: 2342 + env: + - name: PHOTOPRISM_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + name: prism-credentials + key: admin_password + - name: PHOTOPRISM_SITE_URL + value: "https://photos.t00n.de" + - name: PHOTOPRISM_ORIGINALS_LIMIT + value: "5000" + - name: PHOTOPRISM_HTTP_COMPRESSION + value: gzip + - name: PHOTOPRISM_LOG_LEVEL + value: error + - name: PHOTOPRISM_PUBLIC + value: "false" + - name: PHOTOPRISM_READONLY + value: "false" + - name: PHOTOPRISM_EXPERIMENTAL + value: "false" + - name: PHOTOPRISM_DISABLE_CHOWN + value: "false" + - name: PHOTOPRISM_DISABLE_WEBDAV + value: "true" + - name: PHOTOPRISM_DISABLE_SETTINGS + value: "true" + - name: PHOTOPRISM_DISABLE_TENSORFLOW + value: "false" + - name: PHOTOPRISM_DISABLE_FACES + value: "false" + - name: PHOTOPRISM_DISABLE_CLASSIFICATION + value: "false" + - name: PHOTOPRISM_DISABLE_RAW + value: "false" + - name: PHOTOPRISM_RAW_PRESETS + value: "false" + - name: PHOTOPRISM_JPEG_QUALITY + value: "85" + - name: PHOTOPRISM_DETECT_NSFW + value: "true" + - name: PHOTOPRISM_UPLOAD_NSFW + value: "true" + #- name: PHOTOPRISM_FFMPEG_ENCODER + # value: "intel" + #- name: PHOTOPRISM_INIT + # value: "intel tensorflow" + - name: PHOTOPRISM_SITE_CAPTION + value: "" + - name: PHOTOPRISM_SITE_DESCRIPTION + value: "" + - name: PHOTOPRISM_SITE_AUTHOR + value: "" + - name: PHOTOPRISM_UID + value: "1000" + - name: PHOTOPRISM_GID + value: "1000" + volumeMounts: + - mountPath: /photoprism/originals + name: originals + - mountPath: /photoprism/storage + name: storage + - name: redis + image: redis:6-alpine + resources: + limits: + cpu: "500m" + memory: "1024Mi" + requests: + cpu: "125m" + memory: "265Mi" + volumes: + - name: originals + hostPath: + path: /mnt/longhorn1/svc/photoprism/main/photoprism/originals + type: Directory + - name: storage + hostPath: + path: /mnt/longhorn1/svc/photoprism/main/photoprism/storage + type: Directory diff --git a/k8s/22_service_photoprism.yaml b/k8s/22_service_photoprism.yaml new file mode 100644 index 0000000..4aea67a --- /dev/null +++ b/k8s/22_service_photoprism.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: Service +metadata: + namespace: photoprism + name: photoprism +spec: + selector: + app: photoprism + ports: + - port: 2342 + targetPort: 2342 diff --git a/k8s/23_ingress_photoprism.yaml b/k8s/23_ingress_photoprism.yaml new file mode 100644 index 0000000..728c360 --- /dev/null +++ b/k8s/23_ingress_photoprism.yaml @@ -0,0 +1,18 @@ +apiVersion: traefik.containo.us/v1alpha1 +kind: IngressRoute +metadata: + namespace: photoprism + name: ingressroute +spec: + entryPoints: + - websecure + routes: + - kind: Rule + match: Host(`photos.t00n.de`) + middlewares: + - name: localipfilter + namespace: kube-system + services: + - kind: Service + name: photoprism + port: 2342 diff --git a/renovate.json b/renovate.json index 7591449..cf84705 100644 --- a/renovate.json +++ b/renovate.json @@ -1,13 +1,10 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "local>t.behrendt/renovate-configs:common", "local>t.behrendt/renovate-configs:k8s", "local>t.behrendt/renovate-configs:action" ], "kubernetes": { - "managerFilePatterns": [ - "/^k8s/.*\\.yaml$/" - ] + "managerFilePatterns": ["/^k8s/.*\\.yaml$/"] } } diff --git a/screenshot.png b/screenshot.png new file mode 100644 index 0000000..e7a0864 Binary files /dev/null and b/screenshot.png differ