steffen/kubedeploy-k3s
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

switch to smb

Browse Source
This commit is contained in:
Steffen Illium
2024-04-04 18:13:30 +02:00
parent a797afc076
commit b996347598
9 changed files with 90 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
apps/paperless/base/ftp.yaml
View File

@ -1,43 +0,0 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: ftp-server
namespace: paperless
spec:
replicas: 1
selector:
matchLabels:
app: ftp-server
template:
metadata:
labels:
app: ftp-server
spec:
containers:
- name: ftp-server-container
image: fauria/vsftpd
ports:
- containerPort: 21
protocol: TCP
name: ftp-server
env:
- name: LOG_STDOUT
value: "true"
- name: FTP_USER
valueFrom:
secretKeyRef:
name: paperless-secret
key: FTP_USER
- name: FTP_PASS
valueFrom:
secretKeyRef:
name: paperless-secret
key: FTP_PASS
volumeMounts:
- mountPath: "/home/vsftpd"
name: shared-ftp-pvc
resources: {}
volumes:
- name: shared-ftp-pvc
persistentVolumeClaim:
claimName: shared-ftp-pvc

2
apps/paperless/base/single-pod-deployment.yaml → apps/paperless/base/paperless.yaml
View File

@ -102,7 +102,7 @@ spec:
readOnly: false readOnly: false
- name: paperless-webserver-consume - name: paperless-webserver-consume
persistentVolumeClaim: persistentVolumeClaim:
claimName: shared-ftp-pvc claimName: shared-smb-pvc
- name: paperless-db-pvc - name: paperless-db-pvc
persistentVolumeClaim: persistentVolumeClaim:
claimName: paperless-db-pvc claimName: paperless-db-pvc

4
apps/paperless/base/shared-ftp-pvc.yaml → apps/paperless/base/shared-smb-pvc.yaml
View File

@ -2,8 +2,8 @@ apiVersion: v1
kind: PersistentVolumeClaim kind: PersistentVolumeClaim
metadata: metadata:
labels: labels:
app: shared-ftp-pvc app: shared-smb-pvc
name: shared-ftp-pvc name: shared-smb-pvc
spec: spec:
storageClassName: longhorn storageClassName: longhorn
accessModes: accessModes:

10
apps/paperless/base/ftp-ingress.yaml → apps/paperless/base/smb-ingress.yaml
View File

@ -1,17 +1,17 @@
apiVersion: traefik.io/v1alpha1 apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP kind: IngressRouteTCP
metadata: metadata:
name: ftp-ingress name: smb-ingress
labels: labels:
expose: "false" expose: "false"
namespace: paperless namespace: paperless
spec: spec:
entryPoints: entryPoints:
- ftp - smb
routes: routes:
- match: HostSNI(`documents-ftp.steffenillium.de`) - match: HostSNI(`documents-smb.steffenillium.de`)
services: services:
- name: ftp-server-service - name: smb-server-service
port: 21 port: 445
tls: {} tls: {}

10
apps/paperless/base/ftp-service.yaml → apps/paperless/base/smb-service.yaml
View File

@ -1,15 +1,15 @@
apiVersion: v1 apiVersion: v1
kind: Service kind: Service
metadata: metadata:
name: ftp-server-service name: smb-server-service
namespace: paperless namespace: paperless
labels: labels:
app: ftp-server-service app: smb-server-service
spec: spec:
type: ClusterIP type: ClusterIP
ports: ports:
- port: 21 - port: 445
protocol: TCP protocol: TCP
targetPort: 21 targetPort: 445
selector: selector:
app: ftp-server app: smb-server

67
apps/paperless/base/smb.yaml Normal file
View File

@ -0,0 +1,67 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: smb-server
name: smb-server
spec:
replicas: 1
selector:
matchLabels:
app: smb-server
strategy:
type: Recreate
template:
metadata:
labels:
app: smb-server
spec:
containers:
- name: smb-server
image: ghcr.io/servercontainers/samba
env:
- name: ACCOUNT_paperless
valueFrom:
secretKeyRef:
name: paperless-secret
key: FTP_PASS
- name: AVAHI_DISABLE
value: "true"
- name: GROUPS_bob
value: users
- name: GROUP_users
value: "100"
- name: SAMBA_CONF_LOG_LEVEL
value: "3"
- name: SAMBA_VOLUME_CONFIG_consume
value: |
[consume]
create mask = 0664
veto files = /*.exe/*.com/*.dll/*.bat/*.vbs/*.tmp/*.mp3/*.wmv/*.wma/
printable = no
public = yes
force group = users
force create mode = 0664
only guest = no
valid users = paperless
comment = ppr consume share
path = /shares/paperless
force directory mode = 2775
directory mask = 2775
writable = yes
- name: UID_bob
value: "1000"
ports:
- containerPort: 445
protocol: TCP
resources: {}
volumeMounts:
- mountPath: /shares/paperless
name: shared-smb-pvc
restartPolicy: Always
volumes:
- name: shared-smb-pvc
persistentVolumeClaim:
claimName: shared-smb-pvc

10
apps/paperless/kustomization.yaml
View File

@ -4,14 +4,14 @@ kind: Kustomization
namespace: paperless namespace: paperless
resources: resources:
- base/ftp-ingress.yaml - base/smb-ingress.yaml
- base/ftp-service.yaml - base/smb-service.yaml
- base/ftp.yaml - base/smb.yaml
- base/paperless-secret-sealed.yaml - base/paperless-secret-sealed.yaml
- base/webserver-ingress.yaml - base/webserver-ingress.yaml
- base/webserver-service.yaml - base/webserver-service.yaml
- base/single-pod-deployment.yaml - base/paperless.yaml
- base/shared-ftp-pvc.yaml - base/shared-smb-pvc.yaml
- base/paperless-namespace.yaml - base/paperless-namespace.yaml
components: components:

6
infrastructure/03-traefik/base/deployment-traefik.yaml
View File

@ -25,7 +25,7 @@ spec:
args: args:
- --global.sendanonymoususage=false - --global.sendanonymoususage=false
- --global.checknewversion=false - --global.checknewversion=false
- --entrypoints.ftp.address=:21/tcp - --entrypoints.smb.address=:445/tcp
- --entrypoints.dns.address=:53/udp - --entrypoints.dns.address=:53/udp
- --entrypoints.metrics.address=:9100/tcp - --entrypoints.metrics.address=:9100/tcp
- --entrypoints.traefik.address=:9000/tcp - --entrypoints.traefik.address=:9000/tcp
@ -69,8 +69,8 @@ spec:
timeoutSeconds: 2 timeoutSeconds: 2
name: traefik name: traefik
ports: ports:
- containerPort: 21 - containerPort: 445
name: ftp name: smb
- containerPort: 53 - containerPort: 53
name: dns name: dns
protocol: UDP protocol: UDP

4
infrastructure/03-traefik/overlay-internal/patches/traefik-service-patch.yaml
View File

@ -8,8 +8,8 @@ spec:
type: LoadBalancer type: LoadBalancer
ports: ports:
- name: ftp - name: smb
port: 21 port: 445
protocol: TCP protocol: TCP
- name: web - name: web
port: 80 port: 80