|
| 1 | +[PeerTube](https://joinpeertube.org/) is a Free and Open Source social media networking platform based on [ActivityPub](https://www.w3.org/TR/activitypub/). |
| 2 | + |
| 3 | +We are mostly stable for running PeerTube on Kubernetes. Check out our [PeerTube Argo CD ApplicationSet](https://github.com/small-hack/argocd-apps/tree/main/peertube/small-hack): |
| 4 | + |
| 5 | +<a href="../../assets/images/screenshots/peertube_screenshot.png"> |
| 6 | +<img src="../../assets/images/screenshots/peertube_screenshot.png" alt="screenshot of the peertube applicationset in Argo CD's web interface using the tree mode view. the main peertube app has 6 child apps: peertube-valkey, peertube-app-set with child peertube-web-app, peertube-external-secrets-appset with child peertube-external-secrets, peertube-postgres-app-set with child peertube-postgres-cluster, peertube-s3-provider-app-set with child peertube-seaweedfs, and peertube-s3-pvc-appset with child peertube-s3-pvc."> |
| 7 | +</a> |
| 8 | + |
| 9 | +This is the networking view in Argo CD: |
| 10 | + |
| 11 | +<a href="../../assets/images/screenshots/peertube_networking_screenshot.png"> |
| 12 | +<img src="../../assets/images/screenshots/peertube_networking_screenshot.png" alt="screenshot of the peertube applicationset in Argo CD's web interface using the networking tree mode view. it shows the flow of cloud to ip address to peertube-web-app ingress to two services peertube-web-app-streaming and peertube-web-app-web which each go to their respective pods. There's also additional services and pods outside of that flow. pods masotdon-web-app-media and masotdon-web-app-sidekiq have no children. 2 elastic search services have the same elastic search pod child. and then there's an additional 3 matching elastic search service and pod pairs"> |
| 13 | +</a> |
| 14 | + |
| 15 | +## Required Init Values |
| 16 | + |
| 17 | +To use the default `smol-k8s-lab` Argo CD Application, you'll need to provide one time init values for: |
| 18 | + |
| 19 | +- `admin_user` |
| 20 | +- `admin_email` |
| 21 | +- `smtp_user` |
| 22 | +- `smtp_host` |
| 23 | +- `smtp_port` |
| 24 | + |
| 25 | +## Required ApplicationSet Values |
| 26 | + |
| 27 | +And you'll also need to provide the following values to be templated for your personal installation: |
| 28 | + |
| 29 | +- `hostname` - the hostname for your web interface |
| 30 | + |
| 31 | +## Required Sensitive Values |
| 32 | + |
| 33 | +If you'd like to setup SMTP, we need a bit more sensitive data. This includes your SMTP password, S3 backup credentials, and restic repo password. |
| 34 | + |
| 35 | +You have two options. You can: |
| 36 | + |
| 37 | +- respond to a one-time prompt for these credentials (one-time _per cluster_) |
| 38 | +- export an environment variable |
| 39 | + |
| 40 | +### Environment Variables |
| 41 | + |
| 42 | +You can export the following env vars and we'll use them for your sensitive data: |
| 43 | + |
| 44 | +- `PEERTUBE_SMTP_PASSWORD` |
| 45 | +- `PEERTUBE_S3_BACKUP_ACCESS_ID` |
| 46 | +- `PEERTUBE_S3_BACKUP_SECRET_KEY` |
| 47 | +- `PEERTUBE_RESTIC_REPO_PASSWORD` |
| 48 | + |
| 49 | + |
| 50 | +# Example Config |
| 51 | + |
| 52 | +```yaml |
| 53 | +apps: |
| 54 | + peertube: |
| 55 | + description: | |
| 56 | + [link=https://joinpeertube.org/]PeerTube[/link] is an open source self hosted video hosting platform, similar to YouTube. |
| 57 | +
|
| 58 | + smol-k8s-lab supports initializing peertube, by setting up your hostname, SMTP credentials, admin credentials, valkey credentials, postgresql credentials, and an admin user credentials. We pass all credentials as Secrets in the namespace and optionally save them to Bitwarden. |
| 59 | +
|
| 60 | + smol-k8s-lab also creates a local s3 endpoint and as well as S3 bucket and credentials if you enable set peertube.argo.secret_keys.s3_provider to "minio" or "seaweedfs". Both seaweedfs and minio require you to specify a remote s3 endpoint, bucket, region, and accessID/secretKey so that we can make sure you have remote backups. |
| 61 | +
|
| 62 | + To provide sensitive values via environment variables to smol-k8s-lab use: |
| 63 | + - PEERTUBE_SMTP_PASSWORD |
| 64 | + - PEERTUBE_S3_BACKUP_ACCESS_ID |
| 65 | + - PEERTUBE_S3_BACKUP_SECRET_KEY |
| 66 | + - PEERTUBE_RESTIC_REPO_PASSWORD |
| 67 | + - PEERTUBE_ADMIN_PASSWORD |
| 68 | + enabled: false |
| 69 | + init: |
| 70 | + enabled: true |
| 71 | + restore: |
| 72 | + enabled: false |
| 73 | + cnpg_restore: true |
| 74 | + restic_snapshot_ids: |
| 75 | + # seaweedfs_master: latest |
| 76 | + seaweedfs_volume: latest |
| 77 | + seaweedfs_filer: latest |
| 78 | + peertube_data: latest |
| 79 | + values: |
| 80 | + # admin user |
| 81 | + admin_user: "peeradmin" |
| 82 | + # admin user's email |
| 83 | + admin_email: "" |
| 84 | + # mail server to send verification and notification emails |
| 85 | + smtp_host: "change-me-to-enable.mail" |
| 86 | + # mail user for smtp host |
| 87 | + smtp_user: "change me to enable mail" |
| 88 | + # mail user for smtp host |
| 89 | + smtp_port: "change me to enable mail" |
| 90 | + smtp_password: |
| 91 | + value_from: |
| 92 | + env: PEERTUBE_SMTP_PASSWORD |
| 93 | + backups: |
| 94 | + # cronjob syntax schedule to run peertube pvc backups |
| 95 | + pvc_schedule: 10 0 * * * |
| 96 | + # cronjob syntax (with SECONDS field) for peertube postgres backups |
| 97 | + # must happen at least 10 minutes before pvc backups, to avoid corruption |
| 98 | + # due to missing files. This is because the backup shows as completed before |
| 99 | + # it actually is |
| 100 | + postgres_schedule: 0 0 0 * * * |
| 101 | + s3: |
| 102 | + # these are for pushing remote backups of your local s3 storage, for speed and cost optimization |
| 103 | + endpoint: "" |
| 104 | + bucket: "" |
| 105 | + region: "" |
| 106 | + secret_access_key: |
| 107 | + value_from: |
| 108 | + env: PEERTUBE_S3_BACKUP_SECRET_KEY |
| 109 | + access_key_id: |
| 110 | + value_from: |
| 111 | + env: PEERTUBE_S3_BACKUP_ACCESS_ID |
| 112 | + restic_repo_password: |
| 113 | + value_from: |
| 114 | + env: PEERTUBE_RESTIC_REPO_PASSWORD |
| 115 | + argo: |
| 116 | + # secrets keys to make available to Argo CD ApplicationSets |
| 117 | + secret_keys: |
| 118 | + # you can delete these if you're not using tolerations/affinity |
| 119 | + toleration_key: "" |
| 120 | + toleration_operator: "" |
| 121 | + toleration_value: "" |
| 122 | + toleration_effect: "" |
| 123 | + # these are for node affinity, delete if not in use |
| 124 | + affinity_key: "" |
| 125 | + affinity_value: "" |
| 126 | + # admin email for your peertube instance |
| 127 | + admin_email: "" |
| 128 | + # hostname that users go to in the browser |
| 129 | + hostname: "" |
| 130 | + # set the local s3 provider for peertube's public data in one bucket |
| 131 | + # and private database backups in another. can be minio or seaweedfs |
| 132 | + s3_provider: seaweedfs |
| 133 | + # how large the backing pvc's capacity should be for minio or seaweedfs |
| 134 | + s3_pvc_capacity: 120Gi |
| 135 | + # main local s3 endpoint for postgresql backups, backed up constantly |
| 136 | + s3_endpoint: "" |
| 137 | + # region for s3 endpoint and buckets |
| 138 | + s3_region: eu-west-1 |
| 139 | + # s3 bucket for storing orig videos (cannot be path based, must be dns) |
| 140 | + s3_orig_video_bucket: "" |
| 141 | + # s3 bucket for storing web videos (cannot be path based, must be dns) |
| 142 | + s3_web_video_bucket: "" |
| 143 | + # s3 bucket for storing streaming playlists (cannot be path based, must be dns) |
| 144 | + s3_streaming_bucket: "" |
| 145 | + # s3 bucket for storing user exports (cannot be path based, must be dns) |
| 146 | + s3_user_exports_bucket: "" |
| 147 | + # enable persistence for valkey - recommended |
| 148 | + valkey_pvc_enabled: 'true' |
| 149 | + # size of valkey pvc storage |
| 150 | + valkey_storage: 3Gi |
| 151 | + valkey_storage_class: local-path |
| 152 | + valkey_access_mode: ReadWriteOnce |
| 153 | + # enable a pvc for peertube |
| 154 | + data_pvc_enabled: "true" |
| 155 | + # size of the pvc for peertube |
| 156 | + data_storage: "10Gi" |
| 157 | + # access mode for the peertube storage |
| 158 | + data_access_mode: "ReadWriteOnce" |
| 159 | + # git repo to install the Argo CD app from |
| 160 | + repo: https://github.com/small-hack/argocd-apps |
| 161 | + # path in the argo repo to point to. Trailing slash very important! |
| 162 | + # you can also use peertube/app_of_apps_with_tolerations/ if you have a |
| 163 | + # special peertube node you want to apply affinity and tolerations for |
| 164 | + path: peertube/app_of_apps/ |
| 165 | + # either the branch or tag to point at in the argo repo above |
| 166 | + revision: main |
| 167 | + # kubernetes cluster to install the k8s app into, defaults to Argo CD default |
| 168 | + cluster: https://kubernetes.default.svc |
| 169 | + # namespace to install the k8s app in |
| 170 | + namespace: peertube |
| 171 | + # recurse directories in the git repo |
| 172 | + directory_recursion: false |
| 173 | + # source repos for Argo CD App Project (in addition to argo.repo) |
| 174 | + project: |
| 175 | + name: peertube |
| 176 | + # depending on if you use seaweedfs or minio, you can remove the other source repo |
| 177 | + source_repos: |
| 178 | + - registry-1.docker.io |
| 179 | + - https://small-hack.github.io/cloudnative-pg-cluster-chart |
| 180 | + - https://operator.min.io/ |
| 181 | + - https://seaweedfs.github.io/seaweedfs/helm |
| 182 | + - https://small-hack.github.io/peertube-helm-chart |
| 183 | + destination: |
| 184 | + # automatically includes the app's namespace and argocd's namespace |
| 185 | + namespaces: [] |
| 186 | +``` |
0 commit comments