diff --git a/cluster/apps/invidious/invidious-db.yml b/cluster/apps/invidious/invidious-db.yml index 7a78ec0..ba3e543 100644 --- a/cluster/apps/invidious/invidious-db.yml +++ b/cluster/apps/invidious/invidious-db.yml @@ -14,32 +14,51 @@ spec: labels: app: invidious-db spec: - initContainers: - - name: init-cleanup - image: busybox - command: ["rm", "-rf", "/var/lib/postgresql/data/lost+found"] - volumeMounts: - - name: postgres-data - mountPath: /var/lib/postgresql/data containers: - name: postgres image: postgres:14 - env: - - name: POSTGRES_DB - value: invidious - - name: POSTGRES_USER - value: kemal - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: invidious-postgres-secret - key: password + env: + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: invidious-db-secrets + key: postgres-db + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: invidious-db-secrets + key: postgres-user + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: invidious-db-secrets + key: postgres-password ports: - containerPort: 5432 volumeMounts: - name: postgres-data mountPath: /var/lib/postgresql/data + livenessProbe: + exec: + command: + - pg_isready + - -U + - kemal + - -d + - invidious + initialDelaySeconds: 30 + periodSeconds: 10 + readinessProbe: + exec: + command: + - pg_isready + - -U + - kemal + - -d + - invidious + initialDelaySeconds: 5 + periodSeconds: 10 volumes: - name: postgres-data persistentVolumeClaim: - claimName: longhorn-invidious-config + claimName: longhorn-invidious-config \ No newline at end of file diff --git a/cluster/apps/invidious/invidious-helper.yml b/cluster/apps/invidious/invidious-helper.yml index 13117b3..c788e15 100644 --- a/cluster/apps/invidious/invidious-helper.yml +++ b/cluster/apps/invidious/invidious-helper.yml @@ -2,29 +2,40 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: inv-sig-helper + name: companion namespace: default spec: replicas: 1 selector: matchLabels: - app: inv-sig-helper + app: companion template: metadata: labels: - app: inv-sig-helper + app: companion spec: containers: - - name: inv-sig-helper - image: quay.io/invidious/inv-sig-helper:master-9073c15 - args: ["--tcp", "0.0.0.0:12999"] + - name: companion + image: quay.io/invidious/invidious-companion:latest env: - - name: RUST_LOG - value: "info" + - name: SERVER_SECRET_KEY + valueFrom: + secretKeyRef: + name: companion-secrets + key: server-secret-key ports: - - containerPort: 12999 + - containerPort: 8282 securityContext: readOnlyRootFilesystem: true capabilities: drop: - ALL + allowPrivilegeEscalation: false + volumeMounts: + - name: companion-cache + mountPath: /var/tmp/youtubei.js + subPath: youtubei.js + volumes: + - name: companion-cache + persistentVolumeClaim: + claimName: longhorn-invidious-cache \ No newline at end of file diff --git a/cluster/apps/invidious/invidious-pvc.yml b/cluster/apps/invidious/invidious-pvc.yml index 45b9d87..eb35fef 100644 --- a/cluster/apps/invidious/invidious-pvc.yml +++ b/cluster/apps/invidious/invidious-pvc.yml @@ -11,3 +11,17 @@ spec: resources: requests: storage: 1Gi + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: longhorn-invidious-cache + namespace: default +spec: + accessModes: + - ReadWriteMany + storageClassName: longhorn + resources: + requests: + storage: 1Gi diff --git a/cluster/apps/invidious/invidious-svc.yml b/cluster/apps/invidious/invidious-svc.yml index 8eef5b1..b14ea83 100644 --- a/cluster/apps/invidious/invidious-svc.yml +++ b/cluster/apps/invidious/invidious-svc.yml @@ -1,44 +1,29 @@ ---- apiVersion: v1 kind: Service metadata: - name: invidious-db-service - namespace: default + name: invidious-db + namespace: invidious spec: selector: app: invidious-db ports: - - protocol: TCP - port: 5432 - targetPort: 5432 + - protocol: TCP + port: 5432 + targetPort: 5432 --- apiVersion: v1 kind: Service metadata: - name: invidious + name: companion namespace: default spec: selector: - app: invidious + app: companion ports: - - protocol: TCP - port: 3000 - targetPort: 3000 - ---- -apiVersion: v1 -kind: Service -metadata: - name: inv-sig-helper - namespace: default -spec: - selector: - app: inv-sig-helper - ports: - - protocol: TCP - port: 12999 - targetPort: 12999 + - protocol: TCP + port: 8282 + targetPort: 8282 --- apiVersion: v1 diff --git a/cluster/apps/invidious/invidious.yml b/cluster/apps/invidious/invidious.yml index 80549a9..d9df1dd 100644 --- a/cluster/apps/invidious/invidious.yml +++ b/cluster/apps/invidious/invidious.yml @@ -14,70 +14,49 @@ spec: labels: app: invidious spec: - initContainers: - - name: wait-for-db - image: busybox - command: - - sh - - -c - - | - until nc -z -v -w30 invidious-db-service 5432; do - echo "Waiting for database to be ready..." - sleep 2 - done - - name: wait-for-helper - image: busybox - command: - - sh - - -c - - | - until nc -z -v -w30 inv-sig-helper 12999; do - echo "Waiting for helper to be ready..." - sleep 2 - done containers: - - name: invidious-server - image: quay.io/invidious/invidious:2025.04.04-0c07e9d + - name: invidious + image: quay.io/invidious/invidious:master + env: + - name: INVIDIOUS_CONFIG + value: | + db: + dbname: $(POSTGRES_DB) + user: $(POSTGRES_USER) + password: $(POSTGRES_PASSWORD) + host: invidious-db + port: 5432 + check_tables: true + invidious_companion: + - private_url: "http://companion:8282" + public_url: "http://localhost:8282" + invidious_companion_key: $(COMPANION_KEY) + hmac_key: $(HMAC_KEY) + envFrom: + - secretRef: + name: invidious-db-secrets + - secretRef: + name: invidious-app-secrets ports: - containerPort: 3000 - env: - - name: hmac_key - valueFrom: - secretKeyRef: - name: invidious-hmac-key - key: key - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: invidious-postgres-secret - key: password - - name: VISITOR_DATA - valueFrom: - secretKeyRef: - name: invidious-secret - key: visitor-data - - name: PO_TOKEN - valueFrom: - secretKeyRef: - name: invidious-secret - key: po-token - - name: INVIDIOUS_CONFIG - valueFrom: - configMapKeyRef: - name: invidious-config - key: config.yml - - name: INVIDIOUS_PORT - value: "3000" - command: ["/bin/sh", "/scripts/start.sh"] + livenessProbe: + httpGet: + path: /api/v1/trending + port: 3000 + initialDelaySeconds: 30 + periodSeconds: 30 + timeoutSeconds: 5 + failureThreshold: 2 + resources: + limits: + memory: "1Gi" + cpu: "1" + requests: + memory: "512Mi" + cpu: "500m" volumeMounts: - - name: config-volume - mountPath: /etc/invidious - - name: scripts-volume - mountPath: /scripts + - name: logging + mountPath: /var/log/invidious volumes: - - name: config-volume - emptyDir: {} - - name: scripts-volume - configMap: - name: invidious-startup-script - defaultMode: 0777 + - name: logging + emptyDir: {} \ No newline at end of file