diff --git a/charts/incubator/restreamer/Chart.yaml b/charts/incubator/restreamer/Chart.yaml index 7b774c2b3ba..8e60b33c78a 100644 --- a/charts/incubator/restreamer/Chart.yaml +++ b/charts/incubator/restreamer/Chart.yaml @@ -1,33 +1,35 @@ -annotations: - truecharts.org/SCALE-support: "true" - truecharts.org/catagories: | - - Network-Other - - MediaApp-Video - - Productivity apiVersion: v2 +kubeVersion: ">=1.16.0-0" +name: restreamer +version: 0.1.0 appVersion: "latest" -dependencies: - - name: common - repository: https://library-charts.truecharts.org - version: 10.5.10 +description: "Allows smart free video streaming in real time." +type: application deprecated: false -description: "Datarhei/Restreamer allows smart free video streaming in real time. Stream H.264 video of IP cameras live to your website. Pump your live video to YouTube-Live, Ustream, Twitch, Livestream.com or any other streaming-solutions e.g. Wowza-Streaming-Engine. Our Chart-Image is easy to install and runs on Linux, MacOS and Windows. Datarhei/Restreamer can be perfectly combined with single-board computers like Raspberry Pi and Odroid." -home: https://truecharts.org/docs/charts/incubator/restreamer +home: https://truecharts.org/docs/charts/stable/restreamer icon: https://truecharts.org/img/hotlink-ok/chart-icons/restreamer.png keywords: - restreamer - Network-Other - MediaApp-Video - Productivity -kubeVersion: ">=1.16.0-0" +sources: + - https://github.com/truecharts/charts/tree/master/charts/stable/restreamer + - https://datarhei.github.io/restreamer/ + - https://hub.docker.com/r/datarhei/restreamer +dependencies: + - name: common + repository: https://library-charts.truecharts.org + version: 10.5.10 + # condition: maintainers: - email: info@truecharts.org name: TrueCharts url: https://truecharts.org -name: restreamer -sources: - - https://github.com/truecharts/charts/tree/master/charts/incubator/restreamer - - https://datarhei.github.io/restreamer/ - - https://hub.docker.com/r/datarhei/restreamer -type: application -version: 0.0.24 +annotations: + truecharts.org/catagories: | + - Network-Other + - MediaApp-Video + - Productivity + truecharts.org/SCALE-support: "true" + truecharts.org/grade: U diff --git a/charts/incubator/restreamer/docs/installation.md b/charts/incubator/restreamer/docs/installation.md new file mode 100644 index 00000000000..99d6a2354cf --- /dev/null +++ b/charts/incubator/restreamer/docs/installation.md @@ -0,0 +1,10 @@ +# Installation Guide + +## Credentials + +- Set `CORE API AUTH USERNAME` to a username for the backend. +- Set `CORE API AUTH PASSWORD` to a _secured_ password for the backend. + +## Notes + +- Due to a huge overhaul of the upstream project it would not be wised to rewrite basic docs here for v2.x. Please use the official guide/docs [here](https://docs.datarhei.com/restreamer/getting-started/quick-start#1.-install-and-start). diff --git a/charts/incubator/restreamer/questions.yaml b/charts/incubator/restreamer/questions.yaml index 7e26e1da1ea..1a56caed687 100644 --- a/charts/incubator/restreamer/questions.yaml +++ b/charts/incubator/restreamer/questions.yaml @@ -4,6 +4,19 @@ portals: # Include{portalLink} questions: # Include{global} + - variable: imageSelector + group: Container Image + label: Select Image + schema: + type: string + default: image + enum: + - value: image + description: Default Image + - value: cudaImage + description: CUDA + - value: vaapiImage + description: VAAPI # Include{controller} # Include{controllerDeployment} # Include{replicas} @@ -12,30 +25,572 @@ questions: # Include{recreate} # Include{controllerExpert} # Include{controllerExpertExtraArgs} - - variable: env - group: "Container Configuration" - label: "Image Environment" + - variable: restreamer + group: Container Configuration + label: Restreamer Configuration schema: additional_attrs: true type: dict attrs: - - variable: RS_USERNAME - label: "RS_USERNAME" - description: "Backend login username" + - variable: general + label: General schema: - type: string - default: "admin" - - variable: RS_PASSWORD - label: "RS_PASSWORD" - description: "Backend login password" + additional_attrs: true + type: dict + attrs: + - variable: hostname + label: Hostname + description: Set to the domain name of the host this instance is running on. + schema: + type: string + default: "" + - variable: host_auto + label: Host Auto + description: Enable detection of public IP addresses. + schema: + type: boolean + default: true + - variable: tls_enable + label: TLS Enable + description: Set to true to enable TLS support. + schema: + type: boolean + default: false + - variable: origins + label: Origins + description: List of allowed CORS origins. Will be used for / and /memfs. + schema: + type: list + default: [] + items: + - variable: origin + label: Origin + schema: + type: string + default: "" + required: true + - variable: mimetype_file + label: Mime Types File + description: Path to file with MIME type definitions. + schema: + type: string + required: true + default: mime.types + - variable: api + label: API schema: - type: string - default: "Password" + additional_attrs: true + type: dict + attrs: + - variable: api_auth_username + label: API Auth Username + description: Username for auth + schema: + type: string + default: "" + required: true + - variable: api_auth_password + label: API Auth Password + description: Password for auth. + schema: + type: string + default: "" + private: true + required: true + - variable: api_read_only + label: API Read Only + description: Allow only ready only access to the API + schema: + type: boolean + default: false + - variable: api_access_http_allow + label: API Access HTTP Allow + description: List of IP ranges in CIDR notation + schema: + type: list + default: [] + items: + - variable: ipRangeAllow + label: IP Range to Allow + schema: + type: string + default: "" + required: true + - variable: api_access_http_block + label: API Access HTTP Block + description: List of IP ranges in CIDR notation + schema: + type: list + default: [] + items: + - variable: ipRangeBlock + label: IP Range to Block + schema: + type: string + default: "" + required: true + - variable: api_access_https_allow + label: API Access HTTPS Allow + description: List of IP ranges in CIDR notation + schema: + type: list + default: [] + items: + - variable: ipRangeAllow + label: IP Range to Allow + schema: + type: string + default: "" + required: true + - variable: api_access_https_block + label: API Access HTTPS Block + description: List of IP ranges in CIDR notation + schema: + type: list + default: [] + items: + - variable: ipRangeBlock + label: IP Range to Block + schema: + type: string + default: "" + required: true + - variable: api_auth_enable + label: API Auth Enable + description: Set to false to disable auth for all clients. + schema: + type: boolean + default: true + - variable: api_auth_disable_localhost + label: API Auth Disable Localhost + description: Set to true to disable auth for clients from localhost. + schema: + type: boolean + default: false + - variable: api_auth0_enable + label: API Auth0 Enable + description: Enable Auth0. + schema: + type: boolean + default: false + - variable: api_auth0_tenants + label: API Auth0 Tenants + description: List of base64 encoded Auth0 tenant JSON objects. + schema: + type: list + default: [] + items: + - variable: tenant + label: Tenant + schema: + type: string + default: "" + required: true + - variable: storage_disk + label: Storage Disk + schema: + additional_attrs: true + type: dict + attrs: + - variable: disk_max_size_mb + label: Storage Disk Max Size MByte + description: Max allowed megabytes for Disk Dir (0 for Unlimited) + schema: + type: int + default: 0 + - variable: cache_enable + label: Storage Disk Cache Enable + description: Enable cache for files Storage Disk + schema: + type: boolean + default: true + - variable: cache_max_size_mb + label: Storage Disk Cache Max Size MByte + description: Max allowed cache size. (0 for Unlimited) + schema: + type: int + default: 0 + - variable: cache_ttl + label: Storage Disk Cache TTL Seconds + description: Seconds to keep files in cache. + schema: + type: int + default: 300 + - variable: cache_max_file_size_mb + label: Storage Disk Max File Size MBytes + description: Max. file size to put in cache. (0 for Unlimited) + schema: + type: int + default: 0 + - variable: cache_types + label: Cache Types + description: List of file extensions to cache + schema: + type: list + default: [] + items: + - variable: type + label: Type + schema: + type: string + default: "" + required: true + - variable: log_max_lines + label: Log Max Lines + schema: + type: int + default: 10000 + - variable: storage_mem + label: Storage memory + schema: + additional_attrs: true + type: dict + attrs: + - variable: storage_mem_auth_enable + label: Storage Memory Auth Enable + description: Enable basic auth for PUT,POST, and DELETE on /memfs. + schema: + type: boolean + default: true + - variable: storage_mem_auth_username + label: Storage Memory Auth Username + description: Username for Basic-Auth of /memfs. Required if auth is enabled. + schema: + type: string + default: "" + required: true + show_if: [[storage_mem_auth_enable, "=", true]] + - variable: storage_mem_auth_password + label: Storage Memory Auth Password + description: Password for Basic-Auth of /memfs. Required if auth is enabled. + schema: + type: string + default: "" + private: true + required: true + show_if: [[storage_mem_auth_enable, "=", true]] + - variable: storage_mem_max_size_mb + label: Storage Memory Max Size MBytes + description: Max. allowed megabytes for /memfs. (0 for Unlimited) + schema: + type: int + default: 0 + - variable: storage_mem_purge + label: Storage Memory Purge + description: Set to true to remove the oldest entries if the /memfs is full. + schema: + type: boolean + default: false + - variable: rtmp + label: RTMP + schema: + additional_attrs: true + type: dict + attrs: + - variable: rtmp_enable + label: RTMP Enable + description: Enable RTMP server. + schema: + type: boolean + default: false + - variable: rtmps_enable + label: RTMPS Enable + description: Enable RTMP over TLS (Requires TLS to be enabled) + schema: + type: boolean + default: false + - variable: rtmp_token + label: RTMP Token + description: RTMP token for publishing and playing. The token is the value of the URL query parameter token. + schema: + type: string + default: "" + private: true + - variable: rtmp_app + label: RTMP App + description: RTMP app for publishing. + schema: + type: string + default: "/" + - variable: ffmpeg + label: FFMPEG + schema: + additional_attrs: true + type: dict + attrs: + - variable: ffmpeg_binary + label: FFMPEG Binary + description: Path to FFmpeg binary. + schema: + type: string + default: ffmpeg + required: true + - variable: ffmpeg_max_processes + label: FFMPEG Max Processes + description: Max. allowed simultaneously running FFmpeg instances. (0 for unlimited.) + schema: + type: string + default: ffmpeg + - variable: ffmpeg_access_input_allow + label: FFMPEG Access Input Allow + description: List of pattern for allowed input URI + schema: + type: list + default: [] + items: + - variable: allowInput + label: Allow Input + schema: + type: string + default: "" + required: true + - variable: ffmpeg_access_input_block + label: FFMPEG Access Input Block + description: List of pattern for blocked input URI + schema: + type: list + default: [] + items: + - variable: blockInput + label: Block Input + schema: + type: string + default: "" + required: true + - variable: ffmpeg_access_output_allow + label: FFMPEG Access Output Allow + description: List of pattern for allowed output URI + schema: + type: list + default: [] + items: + - variable: allowOutput + label: Allow Output + schema: + type: string + default: "" + required: true + - variable: ffmpeg_access_output_block + label: FFMPEG Access Output Block + description: List of pattern for blocked output URI + schema: + type: list + default: [] + items: + - variable: blockOutput + label: Block Output + schema: + type: string + default: "" + required: true + - variable: ffmpeg_log_max_lines + label: FFMPEG Log Max Lines + schema: + type: int + default: 50 + - variable: ffmpeg_log_max_history + label: FFMPEG Log Max History + schema: + type: int + default: 3 + - variable: playout + label: Playout + schema: + additional_attrs: true + type: dict + attrs: + - variable: playout_enable + label: Playout Enable + description: Enable playout API where available + schema: + type: boolean + default: false + - variable: playout_min_port + label: Playout Min Port + description: Min. port a playout server per input can run on. + schema: + type: int + default: 0 + - variable: playout_max_port + label: Playout Max Port + description: Max. port a playout server per input can run on. + schema: + type: int + default: 0 + - variable: logs + label: Logs + schema: + additional_attrs: true + type: dict + attrs: + - variable: log_level + label: Log Level + schema: + type: string + default: "" + enum: + - value: info + description: info + - value: silent + description: silent + - value: warn + description: warn + - value: error + description: error + - value: debug + description: debug + - variable: log_topics + label: Log Topics + description: List of topics to log + schema: + type: list + default: [] + items: + - variable: topic + label: Topic + schema: + type: string + default: "" + required: true + - variable: log_max_lines + label: Log Max Lines + schema: + type: int + default: 10000 + - variable: debug + label: Debug + schema: + additional_attrs: true + type: dict + attrs: + - variable: debug_profiling + label: Debug Profiling + description: Set to true to enable profiling endpoint on /profiling. + schema: + type: boolean + default: false + - variable: debug_force_gc + label: Debug Force GC + description: Number of seconds between forcing GC to return memory to the OS. + schema: + type: boolean + default: false + - variable: metrics + label: Metrics + schema: + additional_attrs: true + type: dict + attrs: + - variable: metrics_enable + label: Metrics Enable + description: Enable collecting historic metrics data. + schema: + type: boolean + default: false + - variable: metrics_prometheus_enable + label: Prometheus Metrics Enable + description: Enable prometheus endpoint /metrics. + schema: + type: boolean + default: false + - variable: metrics_range_seconds + label: Metrics Range Seconds + description: Seconds to keep history metric data. + schema: + type: int + default: 300 + - variable: metrics_interval_seconds + label: Metrics Interval Seconds + description: Interval for collecting metrics. + schema: + type: int + default: 2 + - variable: sessions + label: Sessions + schema: + additional_attrs: true + type: dict + attrs: + - variable: sessions_enable + label: Sessions Enable + description: Enable HLS statistics for /memfs. + schema: + type: boolean + default: false + - variable: sessions_ip_ignore_list + label: Session IP Ignore List + description: List of IP ranges in CIDR notation + schema: + type: list + default: [] + items: + - variable: ignoreIP + label: Ignore IP + schema: + type: string + default: "" + required: true + - variable: sessions_timeout_sec + label: Session Timeout Seconds + description: Timeout of a session in seconds. + schema: + type: int + default: 30 + - variable: sessions_persist + label: Sessions Persist + description: Whether to persist the session history + schema: + type: boolean + default: false + - variable: sessions_max_bitrate + label: Session Max Bitrate + description: Max. allowed outgoing bitrate in mbit/s. (0 for unlimited.) + schema: + type: int + default: 0 + - variable: sessions_max_sessions + label: Max Session + description: Max. allowed number of simultaneous sessions. (0 for unlimited.) + schema: + type: int + default: 0 + - variable: router + label: Router + schema: + additional_attrs: true + type: dict + attrs: + - variable: router_blocked_prefixes + label: Blocked Prefixes + description: List of path prefixes that can't be routed. + schema: + type: list + default: [] + items: + - variable: blockedPrefix + label: Blocked Prefix + schema: + type: string + default: "" + required: true + - variable: router_routes + label: Routes + description: "List of route mappings of the form [from]:[to], e.g." + schema: + type: list + default: [] + items: + - variable: route + label: Route + schema: + type: string + default: "" + required: true # Include{containerConfig} # Include{serviceRoot} - variable: main - label: "Main Service" - description: "The Primary service on which the healthcheck runs, often the webUI" + label: Main Service + description: The Primary service on which the healthcheck runs, often the webUI schema: additional_attrs: true type: dict @@ -43,33 +598,158 @@ questions: # Include{serviceSelectorSimple} # Include{serviceSelectorExtras} - variable: main - label: "Main Service Port Configuration" + label: Main Service Port Configuration schema: additional_attrs: true type: dict attrs: - variable: port - label: "Port" - description: "This port exposes the container port on the service" + label: Port + description: This port exposes the container port on the service schema: type: int default: 8080 required: true # Include{advancedPortTCP} - variable: targetPort - label: "Target Port" - description: "The internal(!) port on the container the Application runs on" + label: Target Port + description: The internal(!) port on the container the Application runs on schema: type: int default: 8080 + - variable: https + label: HTTPS Service + description: The HTTPS service + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorSimple} +# Include{serviceSelectorExtras} + - variable: https + label: HTTPS Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 8081 + required: true +# Include{advancedPortTCP} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 8081 + - variable: rtmp + label: RTmP Service + description: The RTmP service for live streaming + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorSimple} +# Include{serviceSelectorExtras} + - variable: rtmp + label: RTMP Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 1935 + required: true +# Include{advancedPortTCP} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 1935 + - variable: rtmps + label: RTMP Secure Service + description: The RTMP service for live streaming + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorSimple} +# Include{serviceSelectorExtras} + - variable: rtmps + label: RTSP Secure Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 1936 + required: true +# Include{advancedPortTCP} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 1936 + - variable: srt + label: SRT Data Service + description: The SRT service for data + schema: + additional_attrs: true + type: dict + attrs: +# Include{serviceSelectorSimple} +# Include{serviceSelectorExtras} + - variable: srt + label: SRT Service Port Configuration + schema: + additional_attrs: true + type: dict + attrs: + - variable: port + label: Port + description: This port exposes the container port on the service + schema: + type: int + default: 6000 + required: true +# Include{advancedPortTCP} + - variable: targetPort + label: Target Port + description: The internal(!) port on the container the Application runs on + schema: + type: int + default: 6000 # Include{serviceExpertRoot} default: false # Include{serviceExpert} # Include{serviceList} # Include{persistenceRoot} - - variable: datapath - label: "datapath Storage" - description: "Main data path" + - variable: config + label: App Config Storage + description: Stores the Application Configuration. + schema: + additional_attrs: true + type: dict + attrs: +# Include{persistenceBasic} +# Include{persistenceAdvanced} + - variable: data + label: App Data Storage + description: Stores the Application Data. schema: additional_attrs: true type: dict @@ -79,7 +759,17 @@ questions: # Include{persistenceList} # Include{ingressRoot} - variable: main - label: "Main Ingress" + label: Main Ingress + schema: + additional_attrs: true + type: dict + attrs: +# Include{ingressDefault} +# Include{ingressTLS} +# Include{ingressTraefik} +# Include{ingressExpert} + - variable: https + label: HTTPS Ingress schema: additional_attrs: true type: dict @@ -92,42 +782,42 @@ questions: # Include{security} # Include{securityContextAdvancedRoot} - variable: privileged - label: "Privileged mode" + label: Privileged mode schema: type: boolean default: false - variable: readOnlyRootFilesystem - label: "ReadOnly Root Filesystem" + label: ReadOnly Root Filesystem schema: type: boolean default: false - variable: allowPrivilegeEscalation - label: "Allow Privilege Escalation" + label: Allow Privilege Escalation schema: type: boolean default: false - variable: runAsNonRoot - label: "runAsNonRoot" + label: runAsNonRoot schema: type: boolean default: false # Include{securityContextAdvanced} # Include{podSecurityContextRoot} - variable: runAsUser - label: "runAsUser" - description: "The UserID of the user running the application" + label: runAsUser + description: The UserID of the user running the application schema: type: int default: 0 - variable: runAsGroup - label: "runAsGroup" - description: The groupID this App of the user running the application" + label: runAsGroup + description: The groupID this App of the user running the application schema: type: int default: 0 - variable: fsGroup - label: "fsGroup" - description: "The group that should own ALL storage." + label: fsGroup + description: The group that should own ALL storage. schema: type: int default: 568 diff --git a/charts/incubator/restreamer/templates/_config.tpl b/charts/incubator/restreamer/templates/_config.tpl new file mode 100644 index 00000000000..c3d24e1a3e1 --- /dev/null +++ b/charts/incubator/restreamer/templates/_config.tpl @@ -0,0 +1,167 @@ +{{/* Define the configmap */}} +{{- define "restreamer.configmap" -}} + +{{- $configName := printf "%s-restreamer-configmap" (include "tc.common.names.fullname" .) }} + +--- +{{/* This configmap are loaded on both main authentik container and worker */}} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ $configName }} + labels: {{- include "tc.common.labels" . | nindent 4 }} +data: + {{/* Paths */}} + CORE_DB_DIR: "/core/config" + CORE_STORAGE_DISK_DIR: "/core/data" + {{/* Ports */}} + CORE_TLS_ENABLE: {{ .Values.restreamer.general.tls_enable | quote }} + CORE_ADDRESS: {{ .Values.service.main.ports.main.port | quote }} + CORE_TLS_ADDRESS: {{ .Values.service.https.ports.https.port | quote }} + CORE_RTMP_ADDRESS: {{ .Values.service.rtmp.ports.rtmp.port | quote }} + CORE_RTMP_ADDRESS_TLS: {{ .Values.service.rtmps.ports.rtmps.port | quote }} + CORE_SRT_ADDRESS: {{ .Values.service.srt.ports.srt.port | quote }} + {{/* General */}} + {{- with .Values.restreamer.general.hostname }} + CORE_HOST_NAME: {{ . }} + {{- end }} + CORE_HOST_AUTO: {{ .Values.restreamer.general.host_auto | quote }} + {{- with .Values.restreamer.general.origins }} + CORE_STORAGE_COCORE_ORIGINS: {{ join "," . }} + {{- else }} + CORE_STORAGE_COCORE_ORIGINS: '*' + {{- end }} + {{- with .Values.restreamer.general.mimetypes_file }} + CORE_STORAGE_MIMETYPES_FILE: {{ . }} + {{- end }} + {{/* Logs */}} + {{- with .Values.restreamer.logs.log_level }} + CORE_LOG_LEVEL: {{ . }} + {{- end }} + {{- with .Values.restreamer.logs.log_topics }} + CORE_LOG_TOPICS: {{ join "," . }} + {{- end }} + {{- if or .Values.restreamer.logs.log_max_lines (eq (int .Values.restreamer.logs.log_max_lines) 0) }} + CORE_LOG_MAXLINES: {{ .Values.restreamer.logs.log_max_lines | quote }} + {{- end }} + {{/* API */}} + CORE_API_READ_ONLY: {{ .Values.restreamer.api.api_read_only | quote }} + {{- with .Values.restreamer.api.api_access_http_allow }} + CORE_API_ACCESS_HTTP_ALLOW: {{ join "," . }} + {{- end }} + {{- with .Values.restreamer.api.api_access_http_block }} + CORE_API_ACCESS_HTTP_BLOCK: {{ join "," . }} + {{- end }} + {{- with .Values.restreamer.api.api_access_http_allow }} + CORE_API_ACCESS_HTTPS_ALLOW: {{ join "," . }} + {{- end }} + {{- with .Values.restreamer.api.api_access_https_block }} + CORE_API_ACCESS_HTTPS_BLOCK: {{ join "," . }} + {{- end }} + CORE_API_AUTH_ENABLE: {{ .Values.restreamer.api.api_auth_enable | quote }} + CORE_API_AUTH_DISABLE_LOCALHOST: {{ .Values.restreamer.api.api_auth_disable_localhost | quote }} + CORE_API_AUTH_AUTH0_ENABLE: {{ .Values.restreamer.api.api_auth0_enable | quote }} + {{- with .Values.restreamer.api.api_auth0_tenants }} + CORE_API_AUTH_AUTH0_TENANTS: {{ join "," . }} + {{- end }} + {{/* Storage Disk */}} + {{- if or .Values.restreamer.storage_disk.disk_max_size_mb (eq (int .Values.restreamer.storage_disk.disk_max_size_mb) 0) }} + CORE_STORAGE_DISK_MAXSIZEMBYTES: {{ .Values.restreamer.storage_disk.disk_max_size_mb | quote }} + {{- end }} + CORE_STORAGE_DISK_CACHE_ENABLE: {{ .Values.restreamer.storage_disk.cache_enable | quote }} + {{- if or .Values.restreamer.storage_disk.cache_max_size_mb (eq (int .Values.restreamer.storage_disk.cache_max_size_mb) 0) }} + CORE_STORAGE_DISK_CACHE_MAXSIZEMBYTES: {{ .Values.restreamer.storage_disk.cache_max_size_mb | quote }} + {{- end }} + {{- if or .Values.restreamer.storage_disk.cache_ttl (eq (int .Values.restreamer.storage_disk.cache_ttl) 0) }} + CORE_STORAGE_DISK_CACHE_TTLSECONDS: {{ .Values.restreamer.storage_disk.cache_ttl | quote }} + {{- end }} + {{- if or .Values.restreamer.storage_disk.cache_max_file_size_mb (eq (int .Values.restreamer.storage_disk.cache_max_file_size_mb) 0) }} + CORE_STORAGE_DISK_CACHE_MAXFILESIZEMBYTES: {{ .Values.restreamer.storage_disk.cache_max_file_size_mb | quote }} + {{- end }} + {{- with .Values.restreamer.storage_disk.cache_types }} + CORE_STORAGE_DISK_CACHE_TYPES: {{ join " " . }} + {{- end }} + {{/* Storage Mem */}} + CORE_STORAGE_MEMORY_AUTH_ENABLE: {{ .Values.restreamer.storage_mem.storage_mem_auth_enable | quote }} + {{- if or .Values.restreamer.storage_mem.storage_mem_max_size_mb (eq (int .Values.restreamer.storage_mem.storage_mem_max_size_mb) 0) }} + CORE_STORAGE_MEMORY_MAXSIZEMBYTES: {{ .Values.restreamer.storage_mem.storage_mem_max_size_mb | quote }} + {{- end }} + CORE_STORAGE_MEMORY_PURGE: {{ .Values.restreamer.storage_mem.storage_mem_purge | quote }} + {{/* RTMP */}} + CORE_RTMP_ENABLE: {{ .Values.restreamer.rtmp.rtmp_enable | quote }} + CORE_RTMP_ENABLE_TLS: {{ .Values.restreamer.rtmp.rtmps_enable | quote }} + {{- with .Values.restreamer.rtmp.rtmp_app }} + CORE_RTMP_APP: {{ . | quote }} + {{- end }} + {{/* FFMPEG */}} + {{- with .Values.restreamer.ffmpeg.ffmpeg_binary }} + CORE_FFMPEG_BINARY: {{ . }} + {{- end }} + {{- if or .Values.restreamer.ffmpeg.ffmpeg_max_processes (eq (int .Values.restreamer.ffmpeg.ffmpeg_max_processes) 0) }} + CORE_FFMPEG_MAXPROCESSES: {{ .Values.restreamer.ffmpeg.ffmpeg_max_processes | quote }} + {{- end }} + {{- with .Values.restreamer.ffmpeg.ffmpeg_access_input_allow }} + CORE_FFMPEG_ACCESS_INPUT_ALLOW: {{ . }} + {{- end }} + {{- with .Values.restreamer.ffmpeg.ffmpeg_access_input_block }} + CORE_FFMPEG_ACCESS_INPUT_BLOCK: {{ . }} + {{- end }} + {{- with .Values.restreamer.ffmpeg.ffmpeg_access_output_allow }} + CORE_FFMPEG_ACCESS_OUTPUT_ALLOW: {{ . }} + {{- end }} + {{- with .Values.restreamer.ffmpeg.ffmpeg_access_output_block }} + CORE_FFMPEG_ACCESS_OUTPUT_BLOCK: {{ . }} + {{- end }} + {{- if or .Values.restreamer.ffmpeg.ffmpeg_log_max_lines (eq (int .Values.restreamer.ffmpeg.ffmpeg_log_max_lines) 0) }} + CORE_FFMPEG_LOG_MAXLINES: {{ .Values.restreamer.ffmpeg.ffmpeg_log_max_lines | quote }} + {{- end }} + {{- if or .Values.restreamer.ffmpeg.ffmpeg_log_max_history (eq (int .Values.restreamer.ffmpeg.ffmpeg_log_max_history) 0) }} + CORE_FFMPEG_LOG_MAXHISTORY: {{ .Values.restreamer.ffmpeg.ffmpeg_log_max_history | quote }} + {{- end }} + {{/* Playout */}} + CORE_PLAYOUT_ENABLE: {{ .Values.restreamer.playout.playout_enable | quote }} + {{- if or .Values.restreamer.playout.playout_min_port (eq (int .Values.restreamer.playout.playout_min_port) 0) }} + CORE_PLAYOUT_MINPORT: {{ .Values.restreamer.playout.playout_min_port | quote }} + {{- end }} + {{- if or .Values.restreamer.playout.playout_max_port (eq (int .Values.restreamer.playout.playout_max_port) 0) }} + CORE_PLAYOUT_MAXPORT: {{ .Values.restreamer.playout.playout_max_port | quote }} + {{- end }} + {{/* Debug */}} + CORE_DEBUG_PROFILING: {{ .Values.restreamer.debug.debug_profiling | quote }} + {{- if or .Values.restreamer.debug.debug_force_gc (eq (int .Values.restreamer.debug.debug_force_gc) 0) }} + CORE_DEBUG_FORCEGC: {{ .Values.restreamer.debug.debug_force_gc | quote }} + {{- end }} + {{/* Metrics */}} + CORE_METRICS_ENABLE: {{ .Values.restreamer.metrics.metrics_enable | quote }} + CORE_METRICS_ENABLE_PROMETHEUS: {{ .Values.restreamer.metrics.metrics_prometheus_enable | quote }} + {{- if or .Values.restreamer.metrics.metrics_range_seconds (eq (int .Values.restreamer.metrics.metrics_range_seconds) 0) }} + CORE_METRICS_RANGE_SECONDS: {{ .Values.restreamer.metrics.metrics_range_seconds | quote }} + {{- end }} + {{- if or .Values.restreamer.metrics.metrics_interval_seconds (eq (int .Values.restreamer.metrics.metrics_interval_seconds) 0) }} + CORE_METRICS_INTERVAL_SECONDS: {{ .Values.restreamer.metrics.metrics_interval_seconds | quote }} + {{- end }} + {{/* Sessions */}} + CORE_SESSIONS_ENABLE: {{ .Values.restreamer.sessions.sessions_enable | quote }} + {{- with .Values.restreamer.sessions.sessions_ip_ignore_list }} + CORE_SESSIONS_IP_IGNORELIST: {{ join "," . }} + {{- end }} + {{- if or .Values.restreamer.sessions.sessions_timeout_sec (eq (int .Values.restreamer.sessions.sessions_timeout_sec) 0) }} + CORE_SESSIONS_SESSION_TIMEOUT_SEC: {{ .Values.restreamer.sessions.sessions_timeout_sec | quote }} + {{- end }} + CORE_SESSIONS_PERSIST: {{ .Values.restreamer.sessions.sessions_persist | quote }} + {{- if or .Values.restreamer.sessions.sessions_max_bitrate (eq (int .Values.restreamer.sessions.sessions_max_bitrate) 0) }} + CORE_SESSIONS_MAXBITRATE_MBIT: {{ .Values.restreamer.sessions.sessions_max_bitrate | quote }} + {{- end }} + {{- if or .Values.restreamer.sessions.sessions_max_sessions (eq (int .Values.restreamer.sessions.sessions_max_sessions) 0) }} + CORE_SESSIONS_MAXSESSIONS: {{ .Values.restreamer.sessions.sessions_max_sessions | quote }} + {{- end }} + {{/* Router */}} + {{- with .Values.restreamer.router.router_blocked_prefixes }} + CORE_ROUTER_BLOCKED_PREFIXES: {{ join "," . }} + {{- else }} + CORE_ROUTER_BLOCKED_PREFIXES: "/api" + {{- end }} + {{- with .Values.restreamer.router.router_routes }} + CORE_ROUTER_ROUTES: {{ join " " . }} + {{- end }} +{{- end -}} diff --git a/charts/incubator/restreamer/templates/_secret.tpl b/charts/incubator/restreamer/templates/_secret.tpl new file mode 100644 index 00000000000..929d79d4cd3 --- /dev/null +++ b/charts/incubator/restreamer/templates/_secret.tpl @@ -0,0 +1,34 @@ +{{/* Define the secrets */}} +{{- define "restreamer.secrets" -}} + +{{- $secretName := printf "%s-restreamer-secret" (include "tc.common.names.fullname" .) }} + +--- + +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ $secretName }} +data: + {{- with (lookup "v1" "Secret" .Release.Namespace $secretName) }} + CORE_API_AUTH_JWT_SECRET: {{ index .data "CORE_API_AUTH_JWT_SECRET" }} + {{- else }} + CORE_API_AUTH_JWT_SECRET: {{ randAlphaNum 32 | b64enc }} + {{- end }} + {{- with .Values.restreamer.api.api_auth_username }} + CORE_API_AUTH_USERNAME: {{ . | b64enc }} + {{- end }} + {{- with .Values.restreamer.api.api_auth_password }} + CORE_API_AUTH_PASSWORD: {{ .| b64enc }} + {{- end }} + {{- with .Values.restreamer.storage_mem.storage_mem_auth_username }} + CORE_STORAGE_MEMORY_AUTH_USERNAME: {{ . | b64enc }} + {{- end }} + {{- with .Values.restreamer.storage_mem.storage_mem_auth_password }} + CORE_STORAGE_MEMORY_AUTH_PASSWORD: {{ . | b64enc }} + {{- end }} + {{- with .Values.restreamer.rtmp.rtmp_token }} + CORE_RTMP_TOKEN: {{ . | b64enc }} + {{- end }} +{{- end -}} diff --git a/charts/incubator/restreamer/templates/common.yaml b/charts/incubator/restreamer/templates/common.yaml index cbf66c20818..9dffc1d09b6 100644 --- a/charts/incubator/restreamer/templates/common.yaml +++ b/charts/incubator/restreamer/templates/common.yaml @@ -1,2 +1,16 @@ +{{- include "tc.common.loader.init" . }} + +{{/* Render secrets for restreamer */}} +{{- include "restreamer.secrets" . }} + +{{/* Render configmap for restreamer */}} +{{- include "restreamer.configmap" . }} + +{{- if .Values.restreamer.metrics.prometheus_enabled -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" "true" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/path" "/metrics" -}} +{{- $_ := set .Values.podAnnotations "prometheus.io/scrape" (.Values.service.main.ports.main.port | quote) -}} +{{- end -}} + {{/* Render the templates */}} -{{ include "tc.common.loader.all" . }} +{{ include "tc.common.loader.apply" . }} diff --git a/charts/incubator/restreamer/values.yaml b/charts/incubator/restreamer/values.yaml index e09ce394d7a..bfdc81229e5 100644 --- a/charts/incubator/restreamer/values.yaml +++ b/charts/incubator/restreamer/values.yaml @@ -1,27 +1,163 @@ -env: - RS_PASSWORD: Password - RS_USERNAME: admin image: - pullPolicy: IfNotPresent repository: tccr.io/truecharts/restreamer - tag: latest@sha256:21f235d53ba6df104a570569d158a33123262c7b76a8c0c1fab08cd347616d4e -persistence: - datapath: - enabled: true - mountPath: /restreamer/db + pullPolicy: IfNotPresent + tag: 2.1.0@sha256:f5074958201e8e165f9b1c77071cdb8b711ba81965a8283bae133e6f76a827b7 + +cudaImage: + repository: tccr.io/truecharts/restreamer-cuda + pullPolicy: IfNotPresent + tag: 2.1.0@sha256:a727f7a834c6f1330a3dc73a79c843d81125540acd2a7c72eddcd4cedeafb18f + +vaapiImage: + repository: tccr.io/truecharts/restreamer-vaapi + pullPolicy: IfNotPresent + tag: 2.1.0@sha256:7029aee53094de60f0871795e2645b3328c807ba317ae2cd4b6e9dbfcab4d4b4 + +imageSelector: "image" + podSecurityContext: runAsGroup: 0 runAsUser: 0 + securityContext: readOnlyRootFilesystem: false runAsNonRoot: false + +envFrom: + - secretRef: + name: '{{ include "tc.common.names.fullname" . }}-restreamer-secret' + - configMapRef: + name: '{{ include "tc.common.names.fullname" . }}-restreamer-configmap' + +restreamer: + general: + hostname: "" + host_auto: true + origins: [] + mimetypes_file: "mime.types" + tls_enable: false + api: + api_auth_username: admin + api_auth_password: password + api_read_only: false + api_access_http_allow: [] + api_access_http_block: [] + api_access_https_allow: [] + api_access_https_block: [] + api_auth_enable: true + api_auth_disable_localhost: false + api_auth0_enable: false + api_auth0_tenants: "" + storage_disk: + disk_max_size_mb: 0 + cache_enable: true + cache_max_size_mb: 0 + cache_ttl: 300 + cache_max_file_size_mb: 1 + cache_types: [] + storage_mem: + storage_mem_auth_enable: true + storage_mem_auth_username: "" + storage_mem_auth_password: "" + storage_mem_max_size_mb: 0 + storage_mem_purge: false + rtmp: + rtmp_enable: false + rtmps_enable: false + rtmp_app: "/" + rtmp_token: "" + ffmpeg: + ffmpeg_binary: ffmpeg + ffmpeg_max_processes: 0 + ffmpeg_access_input_allow: [] + ffmpeg_access_input_block: [] + ffmpeg_access_output_allow: [] + ffmpeg_access_output_block: [] + ffmpeg_log_max_lines: 50 + ffmpeg_log_max_history: 3 + playout: + playout_enable: false + playout_min_port: 0 + playout_max_port: 0 + logs: + log_level: info + log_topics: [] + log_max_lines: 1000 + debug: + debug_profiling: false + debug_force_gc: 0 + metrics: + metrics_enable: false + metrics_prometheus_enable: false + metrics_range_seconds: 300 + metrics_interval_seconds: 2 + sessions: + sessions_enable: false + sessions_ip_ignore_list: [] + sessions_timeout_sec: 30 + sessions_persist: false + sessions_max_bitrate: 0 + sessions_max_sessions: 0 + router: + router_blocked_prefixes: [] + router_routes: [] + +probes: + liveness: + path: "/health" + readiness: + path: "/health" + startup: + path: "/health" + service: main: ports: main: port: 8080 + protocol: HTTP + https: + enabled: true + ports: + https: + enabled: true + protocol: HTTPS + port: 8081 + rtmp: + enabled: true + ports: + rtmp: + enabled: true protocol: TCP - targetPort: 8080 + port: 1935 + rtmps: + enabled: true + ports: + rtmps: + enabled: true + protocol: TCP + port: 1936 + srt: + enabled: true + ports: + srt: + enabled: true + protocol: UDP + port: 6000 + +ingress: + https: + autoLink: true + +persistence: + # CORE_DB_DIR + config: + enabled: true + mountPath: /core/config + # CORE_STORAGE_DISK_DIR + data: + enabled: true + mountPath: /core/data portal: enabled: true diff --git a/cspell.config.yaml b/cspell.config.yaml index 8248ec680d5..7aa4d5f3069 100644 --- a/cspell.config.yaml +++ b/cspell.config.yaml @@ -34,6 +34,7 @@ words: - containo - crossplay - csgo + - cuda - daemonset - dbcreds - dbengine @@ -43,12 +44,13 @@ words: - dockerized - duplicati - dynmap - - emby - ebgp + - emby - entrypoints - eptgmk - fireshare - flushtables + - forcegc - fullname - geoip - geoipupdate @@ -58,6 +60,7 @@ words: - gunicorn - healthcheck - healthchecks + - healthz - hexo - honeybadger - hostpath @@ -105,13 +108,16 @@ words: - mariadbcreds - mattwebbio - maxmind + - mbit - mediafiles + - memfs - meshroom - metallb - middlewares - middlewaretcps - mikrotik - milicpu + - mimetypes - minecraft - minio - modelstore @@ -137,6 +143,7 @@ words: - pihole - plainhost - plaxt + - playout - plex - preconfigured - prefs @@ -165,6 +172,9 @@ words: - reneg - replacementurlhere - resolv + - restreamer + - rtmp + - rtmps - sabnzbd - schouten - selfsigned @@ -207,6 +217,7 @@ words: - unet - unifi - userspace + - vaapi - valheim - vaultwarden - vdev