-
Notifications
You must be signed in to change notification settings - Fork 0
Configuration deployment
Alex edited this page Sep 8, 2024
·
3 revisions
This package is intended to be hosted on it's own (sub)domain, but the example should be able to be adjusted to host on same domain as Iceshrimp.Net. The basic setup is to configure the various nodeinfo and /api endpoints to be sent to the iceshrimp upstream and the rest to the akkome-fe.
If running the container, set the environment variable AKKOMACONFIG__SERVER to your api servers address.
example:
docker run -d -e AKKOMACONFIG__SERVER="https://shrimp1.dev.thetransagenda.gay" -p 8080:80 ghcr.io/evolvingpixie/shrimp-akkoma-fe:latest
or for k8s:
env:
- name: AKKOMACONFIG__SERVER
value: "https://shrimp1.dev.thetransagenda.gay"If not running in a container, or builder your own, modify /static/config.json to include "server":"<api server address>".
This is so that the oauth2 login flow functions properly.
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
server_name <domain name>;
ssl_certificate /etc/letsencrypt/live/<domain name>/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/<domain name>/privkey.pem;
location ~* /(api|nodeinfo|\.well-known)/(.*) {
proxy_pass http://127.0.0.1:80; # Akkoma-fe listen address
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host "<iceshrimp dns name>";
proxy_http_version 1.1; # to keep alive
proxy_set_header Connection ""; # to keep alive
}
location / {
proxy_pass http://127.0.0.1:3000; # iceshrimp.net listen address
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
if ($https = '') { return 301 https://$host$request_uri; } # https redirect
}
---
apiVersion: v1
kind: Service
metadata:
name: akkoma-fe
namespace: shrimp
spec:
sessionAffinity: ClientIP
ports:
- port: 80
targetPort: 80
name: akkoma-fe
selector:
app: akkoma-fe
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: akkoma-fe
namespace: shrimp
spec:
selector:
matchLabels:
app: akkoma-fe
replicas: 1
template:
metadata:
labels:
app: akkoma-fe
spec:
affinity:
podAntiAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
- labelSelector:
matchExpressions:
- key: app
operator: In
values:
- akkoma-fe
topologyKey: "kubernetes.io/hostname"
imagePullSecrets:
- name: regcred
containers:
- image: ghcr.io/evolvingpixie/shrimp-akkoma-fe:latest
name: akkoma-fe
imagePullPolicy: Always
ports:
- name: akkoma-fe
containerPort: 80
readinessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 5
livenessProbe:
tcpSocket:
port: 80
initialDelaySeconds: 10
periodSeconds: 30
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: akkoma-fe
namespace: shrimp
annotations:
nginx.ingress.kubernetes.io/upstream-vhost: shrimp1.dev.thetransagenda.gay
spec:
ingressClassName: nginx
rules:
- host: akkoma-shrimp.dev.thetransagenda.gay
http:
paths:
- path: /api
pathType: Prefix
backend:
service:
name: shrimp1
port:
number: 3000
- path: /emoji
pathType: Prefix
backend:
service:
name: shrimp1
port:
number: 3000
- path: /nodeinfo
pathType: Prefix
backend:
service:
name: shrimp1
port:
number: 3000
- path: /oauth
pathType: Prefix
backend:
service:
name: shrimp1
port:
number: 3000
- path: /.well-known
pathType: ImplementationSpecific
backend:
service:
name: shrimp1
port:
number: 3000
- path: /
pathType: Prefix
backend:
service:
name: akkoma-fe
port:
number: 80
tls:
- secretName: transagenda-tls