From c2dbf342da7d838ccb0510228a3773efd3d29af1 Mon Sep 17 00:00:00 2001 From: WrenIX Date: Fri, 11 Aug 2023 01:44:31 +0200 Subject: [PATCH] chore: cleanup dirty syntax - replace range with toYaml - replace if with with - use quote filter on password (it could contains an ' or ") - remove strange tpl and trim - use default filter - nicer indent - remove invalid checks (if something invalid, the chart install should failed) --- charts/prosody/Chart.yaml | 13 -- charts/prosody/templates/envs-configmap.yaml | 6 +- charts/prosody/templates/envs-secret.yaml | 8 +- charts/prosody/templates/statefulset.yaml | 114 +++++++++--------- charts/prosody/values.yaml | 4 +- templates/common-configmap.yaml | 14 +-- templates/jibri/configmap.yaml | 6 +- templates/jibri/deployment.yaml | 76 ++++++------ templates/jibri/xmpp-secret.yaml | 10 +- templates/jicofo/configmap.yaml | 10 +- templates/jicofo/deployment.yaml | 40 +++---- templates/jicofo/xmpp-secret.yaml | 8 +- templates/jvb/configmap.yaml | 8 +- templates/jvb/deployment.yaml | 120 +++++++++---------- templates/jvb/metrics-prometheus.yaml | 16 +-- templates/jvb/metrics-service.yaml | 4 +- templates/jvb/service.yaml | 16 +-- templates/jvb/xmpp-secret.yaml | 6 +- templates/web/configmap.yaml | 12 +- templates/web/deployment.yaml | 42 +++---- templates/web/service.yaml | 2 +- values.yaml | 21 ++-- 22 files changed, 261 insertions(+), 295 deletions(-) diff --git a/charts/prosody/Chart.yaml b/charts/prosody/Chart.yaml index 01fc87c..baa5b3b 100644 --- a/charts/prosody/Chart.yaml +++ b/charts/prosody/Chart.yaml @@ -2,20 +2,7 @@ apiVersion: v2 name: prosody description: Prosody XMPP server for Jitsi Meet on Kubernetes -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. type: application -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. version: 1.3.6 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. appVersion: stable-8719 diff --git a/charts/prosody/templates/envs-configmap.yaml b/charts/prosody/templates/envs-configmap.yaml index fc3cd0a..feacec9 100644 --- a/charts/prosody/templates/envs-configmap.yaml +++ b/charts/prosody/templates/envs-configmap.yaml @@ -5,8 +5,4 @@ metadata: labels: {{- include "prosody.labels" . | nindent 4 }} data: - {{- range $key, $value := .Values.env }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} - {{- end }} + {{- toYaml .Values.env | nindent 2 }} diff --git a/charts/prosody/templates/envs-secret.yaml b/charts/prosody/templates/envs-secret.yaml index 6c9d059..553bb2a 100644 --- a/charts/prosody/templates/envs-secret.yaml +++ b/charts/prosody/templates/envs-secret.yaml @@ -5,9 +5,5 @@ metadata: labels: {{- include "prosody.labels" . | nindent 4 }} type: Opaque -data: - {{- range $key, $value := .Values.secretEnvs }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | b64enc }} - {{- end }} - {{- end }} +stringData: + {{- toYaml .Values.secretEnvs | nindent 2 }} diff --git a/charts/prosody/templates/statefulset.yaml b/charts/prosody/templates/statefulset.yaml index 56d7ae5..8d4a3e2 100644 --- a/charts/prosody/templates/statefulset.yaml +++ b/charts/prosody/templates/statefulset.yaml @@ -18,20 +18,20 @@ spec: metadata: labels: {{- include "prosody.selectorLabels" . | nindent 8 }} - {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.podLabels }} - {{ $label }}: {{ $value }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} annotations: hash-secret: "{{ toYaml .Values.secretEnvs | sha256sum | trunc 32 }}" hash-configmap: "{{ toYaml .Values.env | sha256sum | trunc 32 }}" - {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.podAnnotations }} - {{ $annotation }}: {{ $value }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.podAnnotations) }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: - {{- with .Values.imagePullSecrets }} + {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} serviceAccountName: {{ include "prosody.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} @@ -39,21 +39,19 @@ spec: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ tpl (default .Chart.AppVersion .Values.image.tag ) . }}" + image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} envFrom: - - configMapRef: - name: {{ include "prosody.fullname" . }} - - secretRef: - name: {{ include "prosody.fullname" . }} - {{- range .Values.extraEnvFrom }} - - {{ tpl (toYaml . ) $ | indent 12 | trim }} - {{- end }} - {{- if .Values.extraEnvs }} + - configMapRef: + name: {{ include "prosody.fullname" . }} + - secretRef: + name: {{ include "prosody.fullname" . }} + {{- with .Values.extraEnvFrom }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{- with .Values.extraEnvs }} env: - {{- range .Values.extraEnvs }} - - {{ tpl (toYaml . ) $ | indent 12 | trim }} - {{- end }} + {{- toYaml . | nindent 12 }} {{- end }} ports: - name: xmpp-c2s @@ -73,58 +71,58 @@ spec: protocol: TCP {{- with .Values.livenessProbe }} livenessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.readinessProbe }} readinessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} volumeMounts: - - name: prosody-data - mountPath: {{ .Values.dataDir }} - {{- with .Values.extraVolumeMounts }} - {{- toYaml . | nindent 10 }} - {{- end }} + - name: prosody-data + mountPath: {{ .Values.dataDir }} + {{- with .Values.extraVolumeMounts }} + {{- toYaml . | nindent 12 }} + {{- end }} volumes: - - name: prosody-data - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: prosody-data - {{- else }} - emptyDir: {} + - name: prosody-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: prosody-data + {{- else }} + emptyDir: {} + {{- end }} + {{- with .Values.extraVolumes }} + {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.extraVolumes }} - {{- toYaml . | nindent 6 }} - {{- end }} - {{- with .Values.nodeSelector }} + {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} + {{- end }} + {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} + {{- end }} + {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} - {{- if or .Values.persistence.enabled .Values.extraVolumeClaimTemplates }} - volumeClaimTemplates: - - metadata: - name: prosody-data - spec: - accessModes: - - ReadWriteOnce - volumeMode: Filesystem - resources: - requests: - storage: {{ .Values.persistence.size }} - {{- with .Values.persistence.storageClassName }} - storageClassName: {{ . | quote }} {{- end }} - {{- with .Values.extraVolumeClaimTemplates }} - {{- toYaml . | nindent 2 }} - {{- end }} + {{- if or .Values.persistence.enabled .Values.extraVolumeClaimTemplates }} + volumeClaimTemplates: + - metadata: + name: prosody-data + spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: {{ .Values.persistence.size }} + {{- with .Values.persistence.storageClassName }} + storageClassName: {{ . | quote }} + {{- end }} + {{- with .Values.extraVolumeClaimTemplates }} + {{- toYaml . | nindent 4 }} + {{- end }} {{- end }} diff --git a/charts/prosody/values.yaml b/charts/prosody/values.yaml index 79b8744..06af9bd 100644 --- a/charts/prosody/values.yaml +++ b/charts/prosody/values.yaml @@ -3,8 +3,10 @@ # Declare variables to be passed into your templates. image: - repository: nginx + repository: jitsi/prosody pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "" imagePullSecrets: [] nameOverride: "" diff --git a/templates/common-configmap.yaml b/templates/common-configmap.yaml index a6e543b..ed759e8 100644 --- a/templates/common-configmap.yaml +++ b/templates/common-configmap.yaml @@ -5,8 +5,8 @@ metadata: labels: {{- include "jitsi-meet.labels" . | nindent 4 }} data: - ENABLE_AUTH: {{ ternary "1" "0" .Values.enableAuth | quote }} - ENABLE_GUESTS: {{ ternary "1" "0" .Values.enableGuests | quote }} + ENABLE_AUTH: {{ .Values.enableAuth | ternary "1" "0" | quote }} + ENABLE_GUESTS: {{ .Values.enableGuests | ternary "1" "0" | quote }} PUBLIC_URL: {{ include "jitsi-meet.publicURL" . }} XMPP_DOMAIN: {{ include "jitsi-meet.xmpp.domain" . }} XMPP_MUC_DOMAIN: {{ .Values.xmpp.mucDomain | default (printf "muc.%s" (include "jitsi-meet.xmpp.domain" .)) }} @@ -33,15 +33,13 @@ data: ENABLE_LIVESTREAMING: "true" {{- end }} {{- end }} - TZ: '{{ .Values.tz }}' - {{- range $key, $value := .Values.extraCommonEnvs }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} - {{- end }} + TZ: {{ .Values.tz | quote }} {{- if .Values.octo.enabled }} ENABLE_OCTO: "1" TESTING_OCTO_PROBABILITY: "1" DEPLOYMENTINFO_REGION: "all" DEPLOYMENTINFO_USERREGION: "all" {{- end }} + {{- with .Values.extraCommonEnvs }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/templates/jibri/configmap.yaml b/templates/jibri/configmap.yaml index 9d768de..7fb878f 100644 --- a/templates/jibri/configmap.yaml +++ b/templates/jibri/configmap.yaml @@ -13,9 +13,7 @@ data: JIBRI_STRIP_DOMAIN_JID: muc DISPLAY: ":0" JIBRI_SINGLE_USE_MODE: {{ .Values.jibri.singleUseMode | default false | quote }} - {{- range $key, $value := .Values.jibri.extraEnvs }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} + {{- with .Values.jibri.extraEnvs }} + {{- toYaml . | nindent 2 }} {{- end }} {{- end }} diff --git a/templates/jibri/deployment.yaml b/templates/jibri/deployment.yaml index 8a731a2..fa48f8e 100644 --- a/templates/jibri/deployment.yaml +++ b/templates/jibri/deployment.yaml @@ -21,20 +21,20 @@ spec: metadata: labels: {{- include "jitsi-meet.jibri.selectorLabels" . | nindent 8 }} - {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.jibri.podLabels }} - {{ $label }}: {{ $value }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.jibri.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} annotations: checksum/config: {{ include (print $.Template.BasePath "/jibri/configmap.yaml") . | sha256sum }} checksum/secret: {{ include (print $.Template.BasePath "/jibri/xmpp-secret.yaml") . | sha256sum }} - {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.jibri.podAnnotations }} - {{ $annotation }}: {{ $value|quote }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.jibri.podAnnotations) }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: - {{- with .Values.imagePullSecrets }} + {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} containers: - name: {{ .Chart.Name }} @@ -50,20 +50,20 @@ spec: containerPort: 2222 {{- with default .Values.jibri.livenessProbe .Values.jibri.livenessProbeOverride }} livenessProbe: - {{- toYaml . | nindent 10 }} + {{- toYaml . | nindent 10 }} {{- end }} {{- with default .Values.jibri.readinessProbe .Values.jibri.readinessProbeOverride }} readinessProbe: - {{- toYaml . | nindent 10 }} + {{- toYaml . | nindent 10 }} {{- end }} envFrom: - - secretRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jibri - - configMapRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common - - configMapRef: - name: {{ include "jitsi-meet.jibri.fullname" . }} + - secretRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jibri + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.jibri.fullname" . }} {{- if (gt (int .Values.jibri.replicaCount) 1) }} # Set Jibri Instance ID based on pod name: @@ -78,30 +78,30 @@ spec: {{- toYaml .Values.jibri.resources | nindent 12 }} volumeMounts: + - name: jibri-data + mountPath: /data + {{- if .Values.jibri.shm.enabled }} + - name: dev-shm + mountPath: /dev/shm + {{- end }} + + volumes: - name: jibri-data - mountPath: /data + {{- if .Values.jibri.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ .Values.jibri.persistence.existingClaim | default (include "jitsi-meet.jibri.fullname" .) }} + {{- else }} + emptyDir: {} + {{- end }} {{- if .Values.jibri.shm.enabled }} - name: dev-shm - mountPath: /dev/shm - {{- end }} - - volumes: - - name: jibri-data - {{- if .Values.jibri.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ .Values.jibri.persistence.existingClaim | default (include "jitsi-meet.jibri.fullname" .) }} - {{- else }} - emptyDir: {} + {{- if .Values.jibri.shm.useHost }} + hostPath: + path: /dev/shm + {{- else }} + emptyDir: + medium: Memory + sizeLimit: {{ .Values.jibri.shm.size | default "256Mi" | quote }} + {{- end }} {{- end }} - {{- if .Values.jibri.shm.enabled }} - - name: dev-shm - {{- if .Values.jibri.shm.useHost }} - hostPath: - path: /dev/shm - {{- else }} - emptyDir: - medium: Memory - sizeLimit: {{ .Values.jibri.shm.size | default "256Mi" | quote }} - {{- end }} - {{- end }} {{- end }} diff --git a/templates/jibri/xmpp-secret.yaml b/templates/jibri/xmpp-secret.yaml index 441908f..7f2fae9 100644 --- a/templates/jibri/xmpp-secret.yaml +++ b/templates/jibri/xmpp-secret.yaml @@ -6,9 +6,9 @@ metadata: labels: {{- include "jitsi-meet.jibri.labels" . | nindent 4 }} type: Opaque -data: - JIBRI_XMPP_USER: '{{ .Values.jibri.xmpp.user | b64enc }}' - JIBRI_XMPP_PASSWORD: '{{ default (randAlphaNum 10) .Values.jibri.xmpp.password | b64enc }}' - JIBRI_RECORDER_USER: '{{ .Values.jibri.recorder.user | b64enc }}' - JIBRI_RECORDER_PASSWORD: '{{ default (randAlphaNum 10) .Values.jibri.recorder.password | b64enc }}' +stringData: + JIBRI_XMPP_USER: {{ .Values.jibri.xmpp.user | quote }} + JIBRI_XMPP_PASSWORD: {{ .Values.jibri.xmpp.password | default (randAlphaNum 10) | quote }} + JIBRI_RECORDER_USER: {{ .Values.jibri.recorder.user | quote }}' + JIBRI_RECORDER_PASSWORD: {{ .Values.jibri.recorder.password | default (randAlphaNum 10) | quote }} {{- end }} diff --git a/templates/jicofo/configmap.yaml b/templates/jicofo/configmap.yaml index 39c9672..4e19d4e 100644 --- a/templates/jicofo/configmap.yaml +++ b/templates/jicofo/configmap.yaml @@ -11,12 +11,10 @@ data: JIBRI_BREWERY_MUC: '{{ .Values.jibri.breweryMuc }}' JIBRI_PENDING_TIMEOUT: '{{ .Values.jibri.timeout }}' {{- end }} - {{- range $key, $value := .Values.jicofo.extraEnvs }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} - {{- end }} {{- if .Values.octo.enabled }} ENABLE_OCTO: "1" OCTO_BRIDGE_SELECTION_STRATEGY: "SplitBridgeSelectionStrategy" - {{- end }} \ No newline at end of file + {{- end }} + {{- with .Values.jicofo.extraEnvs }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/templates/jicofo/deployment.yaml b/templates/jicofo/deployment.yaml index a0f8187..d5b0153 100644 --- a/templates/jicofo/deployment.yaml +++ b/templates/jicofo/deployment.yaml @@ -17,20 +17,20 @@ spec: metadata: labels: {{- include "jitsi-meet.jicofo.selectorLabels" . | nindent 8 }} - {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.jicofo.podLabels }} - {{ $label }}: {{ $value }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.jicofo.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} annotations: checksum/config: {{ include (print $.Template.BasePath "/jicofo/configmap.yaml") . | sha256sum }} checksum/secret: {{ include (print $.Template.BasePath "/jicofo/xmpp-secret.yaml") . | sha256sum }} - {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.jicofo.podAnnotations }} - {{ $annotation }}: {{ $value|quote }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.jicofo.podAnnotations) }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: - {{- with .Values.imagePullSecrets }} + {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} securityContext: {{- toYaml .Values.jicofo.podSecurityContext | nindent 8 }} @@ -41,23 +41,23 @@ spec: image: "{{ .Values.jicofo.image.repository }}:{{ default .Chart.AppVersion .Values.jicofo.image.tag }}" imagePullPolicy: {{ pluck "pullPolicy" .Values.jicofo.image .Values.image | first }} envFrom: - - secretRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jicofo - - configMapRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common - - configMapRef: - name: {{ include "jitsi-meet.jicofo.fullname" . }} + - secretRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jicofo + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.jicofo.fullname" . }} ports: - name: http containerPort: 80 protocol: TCP {{- with .Values.jicofo.livenessProbe }} livenessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.jicofo.readinessProbe }} readinessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.jicofo.resources | nindent 12 }} @@ -66,11 +66,11 @@ spec: nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.jicofo.affinity }} + {{- with .Values.jicofo.affinity }} affinity: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.jicofo.tolerations }} + {{- end }} + {{- with .Values.jicofo.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} diff --git a/templates/jicofo/xmpp-secret.yaml b/templates/jicofo/xmpp-secret.yaml index fbfa41a..7b93acc 100644 --- a/templates/jicofo/xmpp-secret.yaml +++ b/templates/jicofo/xmpp-secret.yaml @@ -5,7 +5,7 @@ metadata: labels: {{- include "jitsi-meet.jicofo.labels" . | nindent 4 }} type: Opaque -data: - JICOFO_AUTH_USER: '{{ b64enc "focus" }}' - JICOFO_AUTH_PASSWORD: '{{ default (randAlphaNum 10) .Values.jicofo.xmpp.password | b64enc }}' - JICOFO_COMPONENT_SECRET: '{{ default (randAlphaNum 10) .Values.jicofo.xmpp.componentSecret | b64enc }}' +stringData: + JICOFO_AUTH_USER: "focus" + JICOFO_AUTH_PASSWORD: {{ .Values.jicofo.xmpp.password | default (randAlphaNum 10) | quote }} + JICOFO_COMPONENT_SECRET: {{ .Values.jicofo.xmpp.componentSecret | default (randAlphaNum 10) | quote }} diff --git a/templates/jvb/configmap.yaml b/templates/jvb/configmap.yaml index 2ebbbdf..298acec 100644 --- a/templates/jvb/configmap.yaml +++ b/templates/jvb/configmap.yaml @@ -10,14 +10,12 @@ data: JVB_STUN_SERVERS: '{{.Values.jvb.stunServers }}' JVB_TCP_HARVESTER_DISABLED: '1' XMPP_SERVER: '{{ include "jitsi-meet.xmpp.server" . }}' - {{- range $key, $value := .Values.jvb.extraEnvs }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} - {{- end }} COLIBRI_REST_ENABLED: 'true' {{- if .Values.octo.enabled }} ENABLE_OCTO: "1" JVB_OCTO_BIND_PORT: "4096" JVB_OCTO_REGION: "all" {{- end }} + {{- with .Values.jvb.extraEnvs }} + {{- toYaml . | nindent 2 }} + {{- end }} diff --git a/templates/jvb/deployment.yaml b/templates/jvb/deployment.yaml index 4650555..aff745c 100644 --- a/templates/jvb/deployment.yaml +++ b/templates/jvb/deployment.yaml @@ -21,9 +21,9 @@ spec: metadata: labels: {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 8 }} - {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.jvb.podLabels }} - {{ $label }}: {{ $value }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.jvb.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} annotations: checksum/config: {{ include (print $.Template.BasePath "/jvb/configmap.yaml") . | sha256sum }} checksum/secret: {{ include (print $.Template.BasePath "/jvb/xmpp-secret.yaml") . | sha256sum }} @@ -31,9 +31,9 @@ spec: prometheus.io/port: "9888" prometheus.io/scrape: "true" {{- end }} - {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.jvb.podAnnotations }} - {{ $annotation }}: {{ $value|quote }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.jvb.podAnnotations) }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: @@ -53,47 +53,47 @@ spec: image: "{{ .Values.jvb.image.repository }}:{{ default .Chart.AppVersion .Values.jvb.image.tag }}" imagePullPolicy: {{ pluck "pullPolicy" .Values.jvb.image .Values.image | first }} envFrom: - - secretRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jvb - - configMapRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common - - configMapRef: - name: {{ include "jitsi-meet.jvb.fullname" . }} + - secretRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-jvb + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.jvb.fullname" . }} env: - {{- if or .Values.jvb.useNodeIP .Values.jvb.publicIPs }} - - name: DOCKER_HOST_ADDRESS - {{- if .Values.jvb.publicIPs }} - value: {{ first .Values.jvb.publicIPs }} - {{- else }} - valueFrom: - fieldRef: - fieldPath: status.hostIP + {{- if or .Values.jvb.useNodeIP .Values.jvb.publicIPs }} + - name: DOCKER_HOST_ADDRESS + {{- if .Values.jvb.publicIPs }} + value: {{ first .Values.jvb.publicIPs }} + {{- else }} + valueFrom: + fieldRef: + fieldPath: status.hostIP + {{- end }} + - name: JVB_ADVERTISE_IPS + {{- if .Values.jvb.publicIPs }} + value: {{ .Values.jvb.publicIPs | join "," }} + {{- else }} + valueFrom: + fieldRef: + fieldPath: status.hostIP + {{- end }} {{- end }} - - name: JVB_ADVERTISE_IPS - {{- if .Values.jvb.publicIPs }} - value: {{ .Values.jvb.publicIPs | join "," }} - {{- else }} - valueFrom: - fieldRef: - fieldPath: status.hostIP + {{- if .Values.websockets.colibri.enabled }} + - name: JVB_WS_SERVER_ID + valueFrom: + fieldRef: + fieldPath: status.podIP + {{- end }} + {{- if .Values.octo.enabled }} + - name: JVB_OCTO_BIND_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.hostIP + - name: JVB_OCTO_PUBLIC_ADDRESS + valueFrom: + fieldRef: + fieldPath: status.podIP {{- end }} - {{- end }} - {{- if .Values.websockets.colibri.enabled }} - - name: JVB_WS_SERVER_ID - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- end }} - {{- if .Values.octo.enabled }} - - name: JVB_OCTO_BIND_ADDRESS - valueFrom: - fieldRef: - fieldPath: status.hostIP - - name: JVB_OCTO_PUBLIC_ADDRESS - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- end }} ports: - name: rtp-udp containerPort: {{ .Values.jvb.UDPPort }} @@ -101,24 +101,24 @@ spec: hostPort: {{ .Values.jvb.UDPPort }} {{- end }} protocol: UDP - {{- if or .Values.websockets.colibri.enabled }} + {{- if or .Values.websockets.colibri.enabled }} - name: colibri-ws-tcp containerPort: 9090 protocol: TCP - {{- end }} + {{- end }} {{- with .Values.jvb.livenessProbe }} livenessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.jvb.readinessProbe }} readinessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.jvb.resources | nindent 12 }} {{- with .Values.jvb.extraVolumeMounts }} volumeMounts: - {{- toYaml . | nindent 10 }} + {{- toYaml . | nindent 10 }} {{- end }} {{- if .Values.jvb.metrics.enabled }} @@ -142,18 +142,18 @@ spec: initialDelaySeconds: 3 periodSeconds: 5 resources: - {{- toYaml .Values.jvb.metrics.resources | nindent 12 }} - {{- end }} + {{- toYaml .Values.jvb.metrics.resources | nindent 12 }} + {{- end }} {{- with .Values.jvb.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- if or .Values.jvb.useHostPort .Values.jvb.affinity }} + {{- if or .Values.jvb.useHostPort .Values.jvb.affinity }} affinity: - {{- if .Values.jvb.affinity }} - {{- toYaml .Values.jvb.affinity | nindent 8 }} - {{- else }} + {{- with .Values.jvb.affinity }} + {{- toYaml . | nindent 8 }} + {{- else }} podAntiAffinity: requiredDuringSchedulingIgnoredDuringExecution: - labelSelector: @@ -163,13 +163,13 @@ spec: values: - jvb topologyKey: "kubernetes.io/hostname" + {{- end }} {{- end }} - {{- end }} - {{- with .Values.jvb.tolerations }} + {{- with .Values.jvb.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.jvb.extraVolumes }} + {{- end }} + {{- with .Values.jvb.extraVolumes }} volumes: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} diff --git a/templates/jvb/metrics-prometheus.yaml b/templates/jvb/metrics-prometheus.yaml index 5c36c2a..1e312e3 100644 --- a/templates/jvb/metrics-prometheus.yaml +++ b/templates/jvb/metrics-prometheus.yaml @@ -1,26 +1,26 @@ -{{- if and (.Values.jvb.metrics.enabled) (.Values.jvb.metrics.serviceMonitor.enabled) }} +{{- if and .Values.jvb.metrics.enabled .Values.jvb.metrics.serviceMonitor.enabled }} apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: name: {{ template "jitsi-meet.jvb.fullname" . }} labels: {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} - {{- range $key, $value := .Values.jvb.metrics.serviceMonitor.selector }} - {{ $key }}: {{ $value | quote }} + {{- with .Values.jvb.metrics.serviceMonitor.selector }} + {{- toYaml . | nindent 4 }} {{- end }} spec: endpoints: - port: tcp-metrics path: /metrics - {{- if .Values.jvb.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.jvb.metrics.serviceMonitor.honorLabels }} + {{- with .Values.jvb.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ . }} {{- end }} - {{- if .Values.jvb.metrics.serviceMonitor.interval }} - interval: {{ .Values.jvb.metrics.serviceMonitor.interval }} + {{- with .Values.jvb.metrics.serviceMonitor.interval }} + interval: {{ . }} {{- end }} selector: matchLabels: - {{- include "jitsi-meet.jvb.labels" . | nindent 6 }} + {{- include "jitsi-meet.jvb.labels" . | nindent 6 }} namespaceSelector: matchNames: - {{ .Release.Namespace }} diff --git a/templates/jvb/metrics-service.yaml b/templates/jvb/metrics-service.yaml index 32a656d..b6e9afe 100644 --- a/templates/jvb/metrics-service.yaml +++ b/templates/jvb/metrics-service.yaml @@ -4,7 +4,7 @@ kind: Service metadata: name: {{ include "jitsi-meet.jvb.fullname" . }}-metrics labels: - {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} + {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} spec: type: ClusterIP ports: @@ -12,5 +12,5 @@ spec: protocol: TCP name: tcp-metrics selector: - {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 4 }} + {{- include "jitsi-meet.jvb.selectorLabels" . | nindent 4 }} {{- end }} diff --git a/templates/jvb/service.yaml b/templates/jvb/service.yaml index 3e0678f..9611d61 100644 --- a/templates/jvb/service.yaml +++ b/templates/jvb/service.yaml @@ -1,12 +1,12 @@ -{{- if or (and (kindIs "invalid" .Values.jvb.service.enabled) (not (or .Values.jvb.useHostPort .Values.jvb.useHostNetwork))) .Values.jvb.service.enabled }} +{{- if and .Values.jvb.service.enabled (not (or .Values.jvb.useHostPort .Values.jvb.useHostNetwork)) }} apiVersion: v1 kind: Service metadata: name: {{ include "jitsi-meet.jvb.fullname" . }} annotations: - {{- range $key, $value := .Values.jvb.service.annotations }} - {{ $key }}: {{ $value | quote }} - {{- end }} + {{- with .Values.jvb.service.annotations }} + {{- toYaml . | nindent 4 }} + {{- end }} labels: {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} spec: @@ -15,15 +15,15 @@ spec: loadBalancerIP: {{ . }} {{- end }} ports: - - port: {{ default 10000 .Values.jvb.UDPPort }} + - port: {{ .Values.jvb.UDPPort | default 10000 }} + protocol: UDP + name: rtp-udp {{- if and .Values.jvb.nodePort (or (eq .Values.jvb.service.type "NodePort") (eq .Values.jvb.service.type "LoadBalancer")) }} nodePort: {{ .Values.jvb.nodePort }} {{- end }} - protocol: UDP - name: rtp-udp {{- with .Values.jvb.service.externalIPs }} externalIPs: - {{ toYaml . | indent 2 | trim }} + {{ toYaml . | nindent 4 }} {{- end }} externalTrafficPolicy: {{ .Values.jvb.service.externalTrafficPolicy }} selector: diff --git a/templates/jvb/xmpp-secret.yaml b/templates/jvb/xmpp-secret.yaml index 4e0a7a4..fd3ce24 100644 --- a/templates/jvb/xmpp-secret.yaml +++ b/templates/jvb/xmpp-secret.yaml @@ -5,6 +5,6 @@ metadata: labels: {{- include "jitsi-meet.jvb.labels" . | nindent 4 }} type: Opaque -data: - JVB_AUTH_USER: '{{ .Values.jvb.xmpp.user | b64enc }}' - JVB_AUTH_PASSWORD: '{{ default (randAlphaNum 10) .Values.jvb.xmpp.password | b64enc }}' +stringData: + JVB_AUTH_USER: {{ .Values.jvb.xmpp.user | quote }} + JVB_AUTH_PASSWORD: {{ .Values.jvb.xmpp.password | default (randAlphaNum 10) | quote }} diff --git a/templates/web/configmap.yaml b/templates/web/configmap.yaml index ccfda6a..f13f9f4 100644 --- a/templates/web/configmap.yaml +++ b/templates/web/configmap.yaml @@ -5,15 +5,13 @@ metadata: labels: {{- include "jitsi-meet.web.labels" . | nindent 4 }} data: - DISABLE_HTTPS: {{ ternary "0" "1" .Values.web.httpsEnabled | quote }} - ENABLE_HTTP_REDIRECT: {{ ternary "1" "0" .Values.web.httpRedirect | quote }} - JICOFO_AUTH_USER: focus + DISABLE_HTTPS: {{ .Values.web.httpsEnabled | ternary "0" "1" | quote }} + ENABLE_HTTP_REDIRECT: {{ .Values.web.httpRedirect | ternary "1" "0" | quote }} + JICOFO_AUTH_USER: "focus" XMPP_BOSH_URL_BASE: 'http://{{ include "jitsi-meet.xmpp.server" . }}:{{ index .Values.prosody.service.ports "bosh-insecure" }}' {{- if .Values.web.resolverIP }} NGINX_RESOLVER: {{ .Values.web.resolverIP }} {{- end }} - {{- range $key, $value := .Values.web.extraEnvs }} - {{- if not (kindIs "invalid" $value) }} - {{ $key }}: {{ tpl $value $ | quote }} - {{- end }} + {{- with .Values.web.extraEnvs }} + {{- toYaml . | nindent 2 }} {{- end }} diff --git a/templates/web/deployment.yaml b/templates/web/deployment.yaml index 2b9c4ae..2ca40a7 100644 --- a/templates/web/deployment.yaml +++ b/templates/web/deployment.yaml @@ -17,19 +17,19 @@ spec: metadata: labels: {{- include "jitsi-meet.web.selectorLabels" . | nindent 8 }} - {{- range $label, $value := mergeOverwrite .Values.global.podLabels .Values.web.podLabels }} - {{ $label }}: {{ $value }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podLabels .Values.web.podLabels) }} + {{- toYaml . | nindent 8 }} + {{- end }} annotations: checksum/config: {{ include (print $.Template.BasePath "/web/configmap.yaml") . | sha256sum }} - {{- range $annotation, $value := mergeOverwrite .Values.global.podAnnotations .Values.web.podAnnotations }} - {{ $annotation }}: {{ $value|quote }} - {{- end }} + {{- with (mergeOverwrite .Values.global.podAnnotations .Values.web.podAnnotations) }} + {{- toYaml . | nindent 8 }} + {{- end }} spec: - {{- with .Values.imagePullSecrets }} + {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} serviceAccountName: {{ include "jitsi-meet.serviceAccountName" . }} securityContext: {{- toYaml .Values.web.podSecurityContext | nindent 8 }} @@ -40,10 +40,10 @@ spec: image: "{{ .Values.web.image.repository }}:{{ default .Chart.AppVersion .Values.web.image.tag }}" imagePullPolicy: {{ pluck "pullPolicy" .Values.web.image .Values.image | first }} envFrom: - - configMapRef: - name: {{ include "jitsi-meet.web.fullname" . }} - - configMapRef: - name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common + - configMapRef: + name: {{ include "jitsi-meet.web.fullname" . }} + - configMapRef: + name: {{ include "call-nested" (list . "prosody" "prosody.fullname") }}-common ports: - name: http containerPort: 80 @@ -53,32 +53,32 @@ spec: protocol: TCP {{- with .Values.web.livenessProbe }} livenessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.web.readinessProbe }} readinessProbe: - {{- toYaml . | nindent 12 }} + {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.web.resources | nindent 12 }} {{- with .Values.web.extraVolumeMounts }} volumeMounts: - {{- toYaml . | nindent 10 }} + {{- toYaml . | nindent 10 }} {{- end }} {{- with .Values.web.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} - {{- with .Values.web.affinity }} + {{- with .Values.web.affinity }} affinity: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.web.tolerations }} + {{- end }} + {{- with .Values.web.tolerations }} tolerations: {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.web.extraVolumes }} + {{- end }} + {{- with .Values.web.extraVolumes }} volumes: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} diff --git a/templates/web/service.yaml b/templates/web/service.yaml index bf890a6..5bce16e 100644 --- a/templates/web/service.yaml +++ b/templates/web/service.yaml @@ -12,7 +12,7 @@ spec: name: http {{- with .Values.web.service.externalIPs }} externalIPs: - {{ toYaml . | indent 2 | trim }} + {{ toYaml . | nindent 4 }} {{- end }} selector: {{- include "jitsi-meet.web.selectorLabels" . | nindent 4 }} diff --git a/values.yaml b/values.yaml index 863a1bb..888a9df 100644 --- a/values.yaml +++ b/values.yaml @@ -369,15 +369,12 @@ prosody: enabled: true server: extraEnvFrom: - - secretRef: - name: '{{ include "prosody.fullname" . }}-jicofo' - - secretRef: - name: '{{ include "prosody.fullname" . }}-jvb' - - configMapRef: - name: '{{ include "prosody.fullname" . }}-common' - ## Uncomment this if you want to use jibri: - # - secretRef: - # name: '{{ include "prosody.fullname" . }}-jibri' - image: - repository: jitsi/prosody - tag: 'stable-8719' + - secretRef: + name: '{{ include "prosody.fullname" . }}-jicofo' + - secretRef: + name: '{{ include "prosody.fullname" . }}-jvb' + - configMapRef: + name: '{{ include "prosody.fullname" . }}-common' + ## Uncomment this if you want to use jibri: + # - secretRef: + # name: '{{ include "prosody.fullname" . }}-jibri' \ No newline at end of file