Home Explore Help
Register Sign In
jhb2345
/
server
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

nextcloud real IPs (but not locally)

Josh Bicking 1 year ago
parent
7d0e39661a
commit
34f822e12a
5 changed files with 82 additions and 1 deletions
Split View Show Diff Stats
  1. 14 0
      lidarr-pvc.yaml
  2. 56 0
      lidarr.yaml
  3. 4 0
      nextcloud/values.yaml
  4. 1 0
      plex.yaml
  5. 7 1
      traefik-helmchartconfig.yaml

+ 14 - 0
lidarr-pvc.yaml
View File 

@@ -0,0 +1,14 @@
 
+apiVersion: v1
 
+kind: PersistentVolumeClaim
 
+metadata:
 
+  name: lidarr-pvc
 
+  namespace: plex
 
+  labels:
 
+    app: lidarr
 
+spec:
 
+  storageClassName: ceph-block
 
+  accessModes:
 
+    - ReadWriteOnce
 
+  resources:
 
+    requests:
 
+      storage: 10Gi

+ 56 - 0
lidarr.yaml
View File 

@@ -0,0 +1,56 @@
 
+---
 
+apiVersion: apps/v1
 
+kind: Deployment
 
+metadata:
 
+  name: lidarr
 
+  namespace: plex
 
+spec:
 
+  selector:
 
+    matchLabels:
 
+      app: lidarr
 
+  replicas: 1
 
+  template:
 
+    metadata:
 
+      labels:
 
+        app: lidarr
 
+    spec:
 
+      containers:
 
+      - name: lidarr
 
+        image: lscr.io/linuxserver/lidarr:develop-1.1.3.2982-ls75
 
+        ports:
 
+        - containerPort: 8686
 
+          name: http-web-svc
 
+        env:
 
+        - name: TZ
 
+          value: America/New_York
 
+        - name: PUID
 
+          value: "1000"
 
+        - name: PGID
 
+          value: "1000"
 
+        volumeMounts:
 
+        - mountPath: "/plex"
 
+          name: plex
 
+        - mountPath: "/config"
 
+          name: config
 
+      volumes:
 
+      - name: plex
 
+        persistentVolumeClaim:
 
+          claimName: plex-pvc
 
+      - name: config
 
+        persistentVolumeClaim:
 
+          claimName: lidarr-pvc
 
+---
 
+apiVersion: v1
 
+kind: Service
 
+metadata:
 
+  name: lidarr-service
 
+  namespace: plex
 
+spec:
 
+  selector:
 
+    app: lidarr
 
+  type: ClusterIP
 
+  ports:
 
+  - name: lidarr-web-port
 
+    protocol: TCP
 
+    port: 8686
 
+    targetPort: http-web-svc

+ 4 - 0
nextcloud/values.yaml
View File 

@@ -170,6 +170,10 @@ nextcloud:
 
         secretKeyRef:
 
           name: redis-client-secret
 
           key: REDIS_HOST_PASSWORD
 
+    # This will only set apache's RemoteIPTrustedProxy, not
 
+    # RemoteIPInternalProxy. Local IPs will not be passed through.
 
+    - name: TRUSTED_PROXIES
 
+      value: "10.42.0.0/16,127.0.0.1"
 
 
   # Extra init containers that runs before pods start.
 
   extraInitContainers: []

+ 1 - 0
plex.yaml
View File 

@@ -62,6 +62,7 @@ spec:
 
       - name: media
 
         persistentVolumeClaim:
 
           claimName: plex-pvc
 
+          readOnly: true
 
       - name: tmpfs
 
         emptyDir:
 
           medium: Memory

+ 7 - 1
traefik-helmchartconfig.yaml
View File 

@@ -48,4 +48,10 @@ spec:
 
 
     # Fix for acme.json file being changed to 660 from 600
 
     podSecurityContext:
 
-      fsGroup: null
 
+      fsGroup: null
 
+
 
+    service:
 
+      # type: ClusterIP
 
+      spec:
 
+        externalTrafficPolicy: Local
 
+    hostNetwork: true