michael_dileo/Keybard-Vagabond-Demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

redaction (#1)

Browse Source 
Add the redacted source file for demo purposes

Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1
Co-authored-by: Michael DiLeo <michael_dileo@proton.me>
Co-committed-by: Michael DiLeo <michael_dileo@proton.me>
This commit was merged in pull request #1.
This commit is contained in:
Michael DiLeo
2025-12-24 13:40:47 +00:00
committed by michael_dileo
parent 612235d52b
commit 7327d77dcd
333 changed files with 39286 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

150
manifests/applications/pixelfed/deployment-worker.yaml Normal file
View File

@@ -0,0 +1,150 @@
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: pixelfed-worker
namespace: pixelfed-application
labels:
app: pixelfed
component: worker
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 1
selector:
matchLabels:
app: pixelfed
component: worker
template:
metadata:
labels:
app: pixelfed
component: worker
spec:
securityContext:
runAsUser: 1000 # pixelfed user in Docker image
runAsGroup: 1000
fsGroup: 1000
runAsNonRoot: true
imagePullSecrets:
- name: harbor-pull-secret
initContainers:
- name: setup-env
image: <YOUR_REGISTRY_URL>/library/pixelfed-worker:v0.12.6
imagePullPolicy: Always
command: ["/bin/sh", "-c"]
args:
- |
set -e
echo "Worker init: Waiting for .env file to be available..."
# Simple wait for .env file to exist (shared via PVC)
while [ ! -f /var/www/pixelfed/.env ]; do
echo "Waiting for .env file to be created..."
sleep 5
done
echo "Worker init: .env file found, creating storage link..."
cd /var/www/pixelfed
php artisan storage:link
echo "Worker init: Storage link created, ready to start worker processes"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
volumeMounts:
- name: pixelfed-env-writable
mountPath: /var/www/pixelfed/.env
subPath: .env
- name: app-storage
mountPath: /var/www/pixelfed/storage
- name: cache-storage
mountPath: /var/www/pixelfed/bootstrap/cache
containers:
- name: pixelfed-worker
image: <YOUR_REGISTRY_URL>/library/pixelfed-worker:v0.12.6
imagePullPolicy: Always
command: ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
volumeMounts:
- name: app-storage
mountPath: /var/www/pixelfed/storage
- name: pixelfed-env-writable
mountPath: /var/www/pixelfed/.env
subPath: .env
- name: cache-storage
mountPath: /var/www/pixelfed/bootstrap/cache
resources:
requests:
memory: "2Gi"
cpu: "500m"
limits:
memory: "4Gi"
cpu: "1500m"
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
seccompProfile:
type: RuntimeDefault
livenessProbe:
exec:
command:
- /bin/sh
- -c
- "cd /var/www/pixelfed && php artisan horizon:status >/dev/null 2>&1"
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
readinessProbe:
exec:
command:
- /bin/sh
- -c
- "cd /var/www/pixelfed && php artisan horizon:status >/dev/null 2>&1"
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
startupProbe:
exec:
command:
- /bin/sh
- -c
- "cd /var/www/pixelfed && php artisan horizon:status >/dev/null 2>&1"
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 5
failureThreshold: 12
volumes:
- name: app-storage
persistentVolumeClaim:
claimName: pixelfed-app-storage
- name: cache-storage
persistentVolumeClaim:
claimName: pixelfed-cache-storage
- name: pixelfed-env-writable
persistentVolumeClaim:
claimName: pixelfed-env-storage
# Node affinity to distribute across nodes
affinity:
podAntiAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
labelSelector:
matchExpressions:
- key: app
operator: In
values: ["pixelfed"]
- key: component
operator: In
values: ["web"]
topologyKey: kubernetes.io/hostname