From 08afef422c39bca0f08d1d1c1c5e2d3a1435c7b9 Mon Sep 17 00:00:00 2001
From: Elam Monnot <elam.monnot@ip-192-168-0-21>
Date: Thu, 30 Mar 2023 10:47:17 +0200
Subject: [PATCH] feat: add peertube repo part1

---
 roles/peertube/files/values.yaml | 139 +++++++++++++++++++++++++++++++
 roles/peertube/tasks/main.yml    |   6 ++
 2 files changed, 145 insertions(+)
 create mode 100644 roles/peertube/files/values.yaml

diff --git a/roles/peertube/files/values.yaml b/roles/peertube/files/values.yaml
new file mode 100644
index 0000000..21cbbc3
--- /dev/null
+++ b/roles/peertube/files/values.yaml
@@ -0,0 +1,139 @@
+replicaCount: 1
+image:
+  repository: chocobozzz/peertube
+  pullPolicy: IfNotPresent
+  tag: "v5.0.1-bullseye"
+
+imagePullSecrets: []
+nameOverride: ""
+fullnameOverride: ""
+
+serviceAccount:
+  create: false
+  annotations: {}
+  name: ""
+podAnnotations: {}
+podSecurityContext: {}
+securityContext: {}
+
+service:
+  type: ClusterIP
+  port: 9000
+  nginxPort: 9001
+
+## default config for postgresql should work, but feel free to modify it if required.
+# must stay consistent with peertube configuration, otherwise peertube will crash
+postgresql:
+  enabled: true
+  primary:
+    persistence:
+      enabled: true
+      existingClaim: "pvc-postgres"
+  global:
+    postgresql:
+      auth:
+        postgrePassword: "admin"
+        username: "user"
+        password: "user"
+        database: "peertube"
+
+## the main list of variables tha will be applied in the peertube container
+# any error or misconfiguration will make peertube crash.
+peertube:
+  env:
+    dbUser: user # must be consistent with postgresql configuration
+    dbPasswd: user # must be consistent with postgresql configuration
+    dbSsl: false # disabled by default WARNING: ssl connection feature not tested, use at your own risk
+    dbHostname: peertube-postgresql # must be consistent with postgresql configuration
+    webHostname: peertube # must be changed to your local setup
+    secret: b2753b0f37444974de0e81f04815e6a889fcf8960bd203a01b624d8fa8a37683
+    smtpHostname: peertube-mail # must be consistent with mail configuration
+    smtpPort: 587 # must be consistent with mail configuration
+    smtpFrom: noreply@lan.lan # not configured by default, add something meaningfull if you want
+    smtpTls: false # disabled by default WARNING: tls connection feature not tested, use at your own risk
+    smtpDisableStartTls: false # unless crashes related to tls/ssl, this should be unchanged
+    adminEmail: root@localhost.lan # use this if you want peopleto be able to reach you 
+    redisHostname: peertube-redis-master # must be consistent with redis configuration
+    redisAuth: peertube # must be consistent with redis configuration
+  app:
+    userCanRegister: true # control if people can register by themselves
+    rootPasswd: rootroot # CHANGE THIS! the default admin username is 'root' this variable define the password
+## the next section configure at wich quality videos will be transcoded 
+    transcoding360: true
+    transcoding480: true
+    transcoding720: true
+    transcoding1080: false
+    transcoding2160: false
+
+## the configuration of the postfix server called 'mail' here 
+# change these settings if you know what you are doing
+mail:
+  enbled: true
+  config:
+    general:
+      ALLOWED_SENDER_DOMAINS: # should be the same as your web domain
+      DKIM_AUTOGENERATE: "yes"
+    opendkim:
+      RequireSafeKeys: "no"
+    postfix:
+       smtp_tls_security_level: "secure" # works by default, any other tls level is untested
+  persistence:
+    enabled: false
+  service:
+    port: 587
+
+## the configuration of the redis server
+redis:
+  master:
+    persistence:
+      enabled: true
+      existingClaim: "pvc-redis"
+  replica:
+    persistence:
+      enabled: true
+      existingClaim: "pvc-redis"
+  auth:
+    enbled: true
+    password: "peertube"
+
+## ingress configuration is very specific this part must be configured or else you'll get 503 or 404 errors
+ingress:
+  enabled: false
+  className: ""
+  annotations: 
+    kubernetes.io/ingress.class: nginx
+    nginx.ingress.kubernetes.io/proxy-body-size: 4G # this caps the size of imported videos, if set low this might prevent you from uploading videos
+    # kubernetes.io/tls-acme: "true"
+  hosts:
+    - host: # your domain here
+      paths:
+        - path: /
+          pathType: ImplementationSpecific
+  tls: 
+  #  - secretName: chart-example-tls
+    - hosts:
+      -  # your domain here
+
+resources: {}
+autoscaling:
+  enabled: true
+  minimumReplicas: 3
+  maximumReplicas: 20
+  targetCPUUtilizationPercentage: 90
+  targetMemoryUtilizationPercentage: 75
+  windowSeconds: 120
+  minCPUPercentage: 20
+  minMemoryPercentage: 30
+
+## this section should be configured to match your needs and available ressources
+persistence:
+  enabled: true
+  reclaimPolicy: Retain
+  redisVolumeStorage: 1Gi
+  peertubeVolumeStorage: 5Gi
+  postgresqlVolumeStorage: 1Gi
+  accessMode: ReadWriteOnce 
+
+nodeSelector: {}
+tolerations: []
+affinity: {}
diff --git a/roles/peertube/tasks/main.yml b/roles/peertube/tasks/main.yml
index 0ac906e..63d606a 100644
--- a/roles/peertube/tasks/main.yml
+++ b/roles/peertube/tasks/main.yml
@@ -4,3 +4,9 @@
 
   - name: installation de k3s...
     shell: curl -sfL https://get.k3s.io | sh -s - --docker
+
+  - name: clonage du dépot peertube...
+    git:
+      repo: https://github.com/Elam-Monnot/Peertube-helm.git
+      dest: /root/tools/
+      clone: yes