380 lines
11 KiB
YAML
380 lines
11 KiB
YAML
version: 1
|
|
kind: platform-infra-sub2api
|
|
|
|
metadata:
|
|
id: sub2api
|
|
owner: unidesk
|
|
relatedIssues:
|
|
- 220
|
|
- 339
|
|
- 340
|
|
|
|
defaults:
|
|
targetId: PK01
|
|
cleanup:
|
|
externalDbState:
|
|
postgresStatefulSetName: sub2api-postgres
|
|
postgresServiceName: sub2api-postgres
|
|
postgresPvcName: postgres-data-sub2api-postgres-0
|
|
appDataPvcName: sub2api-data
|
|
redisPersistentState:
|
|
pvcName: sub2api-redis-data
|
|
publicExposure:
|
|
deploymentName: sub2api-frpc
|
|
configMapName: sub2api-frpc-config
|
|
secretName: sub2api-frpc-secrets
|
|
egressProxy:
|
|
deploymentName: sub2api-egress-proxy
|
|
serviceName: sub2api-egress-proxy
|
|
secretName: sub2api-egress-proxy-config
|
|
|
|
image:
|
|
repository: weishaw/sub2api
|
|
tag: 0.1.138
|
|
pullPolicy: IfNotPresent
|
|
|
|
dependencyImages:
|
|
postgres: postgres:18-alpine
|
|
redis: redis:8-alpine
|
|
|
|
targets:
|
|
- id: G14
|
|
route: G14:k3s
|
|
namespace: platform-infra
|
|
role: standby
|
|
enabled: true
|
|
databaseMode: external-pending
|
|
redisMode: local-ephemeral
|
|
appReplicas: 0
|
|
redisReplicas: 0
|
|
codexPool:
|
|
sentinelImageBuild:
|
|
baseImageCachePolicy: pull
|
|
noProxy:
|
|
- localhost
|
|
- 127.0.0.1
|
|
- ::1
|
|
- host.docker.internal
|
|
- 74.48.78.17
|
|
- 192.168.0.0/16
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 10.42.0.0/16
|
|
- 10.43.0.0/16
|
|
- .svc
|
|
- .svc.cluster.local
|
|
- .cluster.local
|
|
- kubernetes
|
|
- kubernetes.default
|
|
- kubernetes.default.svc
|
|
- 127.0.0.1:5000
|
|
- localhost:5000
|
|
- id: PK01
|
|
route: PK01
|
|
namespace: platform-infra
|
|
runtimeMode: host-docker
|
|
role: active
|
|
enabled: true
|
|
databaseMode: external-active
|
|
redisMode: local-ephemeral
|
|
appReplicas: 1
|
|
redisReplicas: 1
|
|
image:
|
|
repository: docker.1panel.live/weishaw/sub2api
|
|
tag: 0.1.142
|
|
pullPolicy: IfNotPresent
|
|
dependencyImages:
|
|
redis: docker.m.daocloud.io/library/redis:8-alpine
|
|
hostDocker:
|
|
projectName: sub2api
|
|
workDir: /opt/unidesk/platform-infra/sub2api
|
|
composePath: /opt/unidesk/platform-infra/sub2api/docker-compose.yml
|
|
envPath: /opt/unidesk/platform-infra/sub2api/sub2api.env
|
|
appDataDir: /var/lib/unidesk/platform-infra/sub2api/data
|
|
appPort: 18080
|
|
redisPort: 16379
|
|
databaseHost: 127.0.0.1
|
|
databaseSslMode: require
|
|
noProxy:
|
|
- localhost
|
|
- 127.0.0.1
|
|
- ::1
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 192.168.0.0/16
|
|
- hyueapi.com
|
|
- .hyueapi.com
|
|
publicExposure:
|
|
enabled: true
|
|
mode: pk01-local
|
|
publicBaseUrl: https://api.pikapython.com
|
|
dns:
|
|
hostname: api.pikapython.com
|
|
expectedA: 82.156.23.220
|
|
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
|
|
local:
|
|
upstreamHost: 127.0.0.1
|
|
upstreamPort: 18080
|
|
pk01:
|
|
route: PK01
|
|
caddyBinaryPath: /usr/local/bin/caddy
|
|
caddyDownloadUrl: https://caddyserver.com/api/download?os=linux&arch=amd64
|
|
caddyConfigPath: /etc/caddy/Caddyfile
|
|
caddyServiceName: caddy
|
|
caddyStorageDir: /var/lib/caddy
|
|
caddyEmail: ops@pikapython.com
|
|
pikanodeRoot: /home/ubuntu/pikanode
|
|
pikanodeContainerName: pikanode
|
|
pikanodeImage: pikanode
|
|
pikanodeHttpHostPort: 18888
|
|
responseHeaderTimeoutSeconds: 600
|
|
- id: D601
|
|
route: D601:k3s
|
|
namespace: platform-infra
|
|
role: retired
|
|
enabled: true
|
|
databaseMode: external-pending
|
|
redisMode: local-ephemeral
|
|
appReplicas: 0
|
|
redisReplicas: 0
|
|
- id: D518
|
|
route: D518:k3s
|
|
namespace: platform-infra
|
|
role: standby
|
|
enabled: true
|
|
databaseMode: external-pending
|
|
redisMode: local-ephemeral
|
|
appReplicas: 0
|
|
redisReplicas: 0
|
|
image:
|
|
repository: weishaw/sub2api
|
|
tag: 0.1.138
|
|
pullPolicy: IfNotPresent
|
|
dependencyImages:
|
|
postgres: docker.m.daocloud.io/library/postgres:18-alpine
|
|
redis: docker.m.daocloud.io/library/redis:8-alpine
|
|
codexPool:
|
|
sentinelImageBuild:
|
|
baseImageCachePolicy: pull
|
|
noProxy:
|
|
- localhost
|
|
- 127.0.0.1
|
|
- ::1
|
|
- host.docker.internal
|
|
- 74.48.78.17
|
|
- 192.168.0.0/16
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 10.42.0.0/16
|
|
- 10.43.0.0/16
|
|
- .svc
|
|
- .svc.cluster.local
|
|
- .cluster.local
|
|
- kubernetes
|
|
- kubernetes.default
|
|
- kubernetes.default.svc
|
|
publicExposure:
|
|
enabled: false
|
|
publicBaseUrl: https://api2.pikapython.com
|
|
dns:
|
|
hostname: api2.pikapython.com
|
|
expectedA: 82.156.23.220
|
|
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
|
|
frpc:
|
|
deploymentName: sub2api-frpc
|
|
secretName: sub2api-frpc-secrets
|
|
secretKey: frpc.toml
|
|
image: ghcr.io/fatedier/frpc:v0.68.1
|
|
serverAddr: 82.156.23.220
|
|
serverPort: 22000
|
|
proxyName: platform-infra-sub2api-d518-api
|
|
remotePort: 22094
|
|
localIP: sub2api.platform-infra.svc.cluster.local
|
|
localPort: 8080
|
|
tokenSourceRef: platform-infra/pk01-frp.env
|
|
tokenSourceKey: FRP_TOKEN
|
|
pk01:
|
|
route: PK01
|
|
caddyBinaryPath: /usr/local/bin/caddy
|
|
caddyDownloadUrl: https://caddyserver.com/api/download?os=linux&arch=amd64
|
|
caddyDownloadProxyUrl: http://127.0.0.1:18789
|
|
caddyConfigPath: /etc/caddy/Caddyfile
|
|
caddyServiceName: caddy
|
|
caddyStorageDir: /var/lib/caddy
|
|
caddyEmail: ops@pikapython.com
|
|
pikanodeRoot: /home/ubuntu/pikanode
|
|
pikanodeContainerName: pikanode
|
|
pikanodeImage: pikanode
|
|
pikanodeHttpHostPort: 18888
|
|
responseHeaderTimeoutSeconds: 600
|
|
egressProxy:
|
|
enabled: false
|
|
deploymentName: sub2api-egress-proxy
|
|
serviceName: sub2api-egress-proxy
|
|
secretName: sub2api-egress-proxy-config
|
|
secretKey: config.json
|
|
image: ghcr.io/sagernet/sing-box:latest
|
|
imagePullPolicy: IfNotPresent
|
|
listenPort: 10808
|
|
hostNetwork: true
|
|
sourceConfigRef: config/platform-infra/egress-proxy-sources.yaml#sources.master-shadowsocks
|
|
applyToSub2Api: false
|
|
applyToSentinel: false
|
|
noProxy:
|
|
- localhost
|
|
- 127.0.0.1
|
|
- ::1
|
|
- .svc
|
|
- .cluster.local
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 192.168.0.0/16
|
|
- 82.156.23.220
|
|
- 74.48.78.17
|
|
- hyueapi.com
|
|
- .hyueapi.com
|
|
- id: JD01
|
|
route: JD01:k3s
|
|
namespace: platform-infra
|
|
role: active
|
|
enabled: true
|
|
databaseMode: external-active
|
|
redisMode: local-ephemeral
|
|
appReplicas: 1
|
|
redisReplicas: 1
|
|
image:
|
|
repository: weishaw/sub2api
|
|
tag: 0.1.142
|
|
pullPolicy: IfNotPresent
|
|
dependencyImages:
|
|
postgres: docker.m.daocloud.io/library/redis:8-alpine
|
|
redis: docker.m.daocloud.io/library/redis:8-alpine
|
|
codexPool:
|
|
sentinelImageBuild:
|
|
baseImageCachePolicy: pull
|
|
noProxy:
|
|
- localhost
|
|
- 127.0.0.1
|
|
- ::1
|
|
- host.docker.internal
|
|
- 74.48.78.17
|
|
- 192.168.0.0/16
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 10.42.0.0/16
|
|
- 10.43.0.0/16
|
|
- .svc
|
|
- .svc.cluster.local
|
|
- .cluster.local
|
|
- kubernetes
|
|
- kubernetes.default
|
|
- kubernetes.default.svc
|
|
- 127.0.0.1:5000
|
|
- localhost:5000
|
|
publicExposure:
|
|
enabled: true
|
|
publicBaseUrl: https://api2.pikapython.com
|
|
dns:
|
|
hostname: api2.pikapython.com
|
|
expectedA: 82.156.23.220
|
|
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
|
|
frpc:
|
|
deploymentName: sub2api-frpc
|
|
secretName: sub2api-frpc-secrets
|
|
secretKey: frpc.toml
|
|
image: ghcr.io/fatedier/frpc:v0.68.1
|
|
serverAddr: 82.156.23.220
|
|
serverPort: 22000
|
|
proxyName: platform-infra-sub2api-jd01-api
|
|
remotePort: 22087
|
|
localIP: sub2api.platform-infra.svc.cluster.local
|
|
localPort: 8080
|
|
tokenSourceRef: platform-infra/pk01-frp.env
|
|
tokenSourceKey: FRP_TOKEN
|
|
pk01:
|
|
route: PK01
|
|
caddyBinaryPath: /usr/local/bin/caddy
|
|
caddyDownloadUrl: https://caddyserver.com/api/download?os=linux&arch=amd64
|
|
caddyDownloadProxyUrl: http://127.0.0.1:18789
|
|
caddyConfigPath: /etc/caddy/Caddyfile
|
|
caddyServiceName: caddy
|
|
caddyStorageDir: /var/lib/caddy
|
|
caddyEmail: ops@pikapython.com
|
|
pikanodeRoot: /home/ubuntu/pikanode
|
|
pikanodeContainerName: pikanode
|
|
pikanodeImage: pikanode
|
|
pikanodeHttpHostPort: 18888
|
|
responseHeaderTimeoutSeconds: 600
|
|
egressProxy:
|
|
enabled: true
|
|
deploymentName: sub2api-egress-proxy
|
|
serviceName: sub2api-egress-proxy
|
|
secretName: sub2api-egress-proxy-config
|
|
secretKey: config.json
|
|
image: ghcr.io/sagernet/sing-box:latest
|
|
imagePullPolicy: IfNotPresent
|
|
listenPort: 10808
|
|
hostNetwork: false
|
|
hostProxyConfigRef: config/platform-infra/host-proxy.yaml#targets.JD01
|
|
proxyEnvPath: /etc/unidesk/proxy.env
|
|
sourceConfigRef: config/platform-infra/egress-proxy-sources.yaml#sources.master-shadowsocks
|
|
applyToSub2Api: true
|
|
applyToSentinel: true
|
|
noProxy:
|
|
- localhost
|
|
- 127.0.0.1
|
|
- ::1
|
|
- .svc
|
|
- .cluster.local
|
|
- 10.0.0.0/8
|
|
- 172.16.0.0/12
|
|
- 192.168.0.0/16
|
|
- 82.156.23.220
|
|
- 74.48.78.17
|
|
- hyueapi.com
|
|
- .hyueapi.com
|
|
accountLocalProxy:
|
|
enabled: true
|
|
containerName: account-local-proxy
|
|
secretName: sub2api-account-local-proxy-config
|
|
secretKey: config.json
|
|
image: ghcr.io/sagernet/sing-box:latest
|
|
imagePullPolicy: IfNotPresent
|
|
listenHost: 127.0.0.1
|
|
listenPort: 18789
|
|
sourceConfigRef: config/platform-infra/egress-proxy-sources.yaml#sources.master-shadowsocks
|
|
runtime:
|
|
database:
|
|
mode: external
|
|
sourceRef: platform-db/sub2api-db.env
|
|
sourceKeys:
|
|
user: SUB2API_DB_USER
|
|
password: SUB2API_DB_PASSWORD
|
|
dbName: SUB2API_DB_NAME
|
|
secretName: sub2api-secrets
|
|
passwordKey: POSTGRES_PASSWORD
|
|
host: 82.156.23.220
|
|
port: 5432
|
|
user: sub2api
|
|
dbName: sub2api
|
|
sslMode: require
|
|
pendingAllowed: true
|
|
secrets:
|
|
root: /root/unidesk/.state/secrets
|
|
appSourceRef: platform-infra/sub2api.env
|
|
redis:
|
|
serviceName: sub2api-redis
|
|
persistence: false
|
|
appData:
|
|
mode: empty-dir
|
|
sentinel:
|
|
mode: singleton
|
|
enabledOnTargets:
|
|
- JD01
|
|
security:
|
|
urlAllowlist:
|
|
enabled: false
|
|
allowInsecureHttp: true
|
|
allowPrivateHosts: false
|
|
upstreamHosts: []
|