Files
pikasTech-unidesk/config/platform-infra/sub2api.yaml
T
2026-07-01 12:52:08 +00:00

380 lines
11 KiB
YAML

version: 1
kind: platform-infra-sub2api
metadata:
id: sub2api
owner: unidesk
relatedIssues:
- 220
- 339
- 340
defaults:
targetId: PK01
cleanup:
externalDbState:
postgresStatefulSetName: sub2api-postgres
postgresServiceName: sub2api-postgres
postgresPvcName: postgres-data-sub2api-postgres-0
appDataPvcName: sub2api-data
redisPersistentState:
pvcName: sub2api-redis-data
publicExposure:
deploymentName: sub2api-frpc
configMapName: sub2api-frpc-config
secretName: sub2api-frpc-secrets
egressProxy:
deploymentName: sub2api-egress-proxy
serviceName: sub2api-egress-proxy
secretName: sub2api-egress-proxy-config
image:
repository: weishaw/sub2api
tag: 0.1.138
pullPolicy: IfNotPresent
dependencyImages:
postgres: postgres:18-alpine
redis: redis:8-alpine
targets:
- id: G14
route: G14:k3s
namespace: platform-infra
role: standby
enabled: true
databaseMode: external-pending
redisMode: local-ephemeral
appReplicas: 0
redisReplicas: 0
codexPool:
sentinelImageBuild:
baseImageCachePolicy: pull
noProxy:
- localhost
- 127.0.0.1
- ::1
- host.docker.internal
- 74.48.78.17
- 192.168.0.0/16
- 10.0.0.0/8
- 172.16.0.0/12
- 10.42.0.0/16
- 10.43.0.0/16
- .svc
- .svc.cluster.local
- .cluster.local
- kubernetes
- kubernetes.default
- kubernetes.default.svc
- 127.0.0.1:5000
- localhost:5000
- id: PK01
route: PK01
namespace: platform-infra
runtimeMode: host-docker
role: active
enabled: true
databaseMode: external-active
redisMode: local-ephemeral
appReplicas: 1
redisReplicas: 1
image:
repository: docker.1panel.live/weishaw/sub2api
tag: 0.1.142
pullPolicy: IfNotPresent
dependencyImages:
redis: docker.m.daocloud.io/library/redis:8-alpine
hostDocker:
projectName: sub2api
workDir: /opt/unidesk/platform-infra/sub2api
composePath: /opt/unidesk/platform-infra/sub2api/docker-compose.yml
envPath: /opt/unidesk/platform-infra/sub2api/sub2api.env
appDataDir: /var/lib/unidesk/platform-infra/sub2api/data
appPort: 18080
redisPort: 16379
databaseHost: 127.0.0.1
databaseSslMode: require
noProxy:
- localhost
- 127.0.0.1
- ::1
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
- hyueapi.com
- .hyueapi.com
publicExposure:
enabled: true
mode: pk01-local
publicBaseUrl: https://api.pikapython.com
dns:
hostname: api.pikapython.com
expectedA: 82.156.23.220
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
local:
upstreamHost: 127.0.0.1
upstreamPort: 18080
pk01:
route: PK01
caddyBinaryPath: /usr/local/bin/caddy
caddyDownloadUrl: https://caddyserver.com/api/download?os=linux&arch=amd64
caddyConfigPath: /etc/caddy/Caddyfile
caddyServiceName: caddy
caddyStorageDir: /var/lib/caddy
caddyEmail: ops@pikapython.com
pikanodeRoot: /home/ubuntu/pikanode
pikanodeContainerName: pikanode
pikanodeImage: pikanode
pikanodeHttpHostPort: 18888
responseHeaderTimeoutSeconds: 600
- id: D601
route: D601:k3s
namespace: platform-infra
role: retired
enabled: true
databaseMode: external-pending
redisMode: local-ephemeral
appReplicas: 0
redisReplicas: 0
- id: D518
route: D518:k3s
namespace: platform-infra
role: standby
enabled: true
databaseMode: external-pending
redisMode: local-ephemeral
appReplicas: 0
redisReplicas: 0
image:
repository: weishaw/sub2api
tag: 0.1.138
pullPolicy: IfNotPresent
dependencyImages:
postgres: docker.m.daocloud.io/library/postgres:18-alpine
redis: docker.m.daocloud.io/library/redis:8-alpine
codexPool:
sentinelImageBuild:
baseImageCachePolicy: pull
noProxy:
- localhost
- 127.0.0.1
- ::1
- host.docker.internal
- 74.48.78.17
- 192.168.0.0/16
- 10.0.0.0/8
- 172.16.0.0/12
- 10.42.0.0/16
- 10.43.0.0/16
- .svc
- .svc.cluster.local
- .cluster.local
- kubernetes
- kubernetes.default
- kubernetes.default.svc
publicExposure:
enabled: false
publicBaseUrl: https://api2.pikapython.com
dns:
hostname: api2.pikapython.com
expectedA: 82.156.23.220
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
frpc:
deploymentName: sub2api-frpc
secretName: sub2api-frpc-secrets
secretKey: frpc.toml
image: ghcr.io/fatedier/frpc:v0.68.1
serverAddr: 82.156.23.220
serverPort: 22000
proxyName: platform-infra-sub2api-d518-api
remotePort: 22094
localIP: sub2api.platform-infra.svc.cluster.local
localPort: 8080
tokenSourceRef: platform-infra/pk01-frp.env
tokenSourceKey: FRP_TOKEN
pk01:
route: PK01
caddyBinaryPath: /usr/local/bin/caddy
caddyDownloadUrl: https://caddyserver.com/api/download?os=linux&arch=amd64
caddyDownloadProxyUrl: http://127.0.0.1:18789
caddyConfigPath: /etc/caddy/Caddyfile
caddyServiceName: caddy
caddyStorageDir: /var/lib/caddy
caddyEmail: ops@pikapython.com
pikanodeRoot: /home/ubuntu/pikanode
pikanodeContainerName: pikanode
pikanodeImage: pikanode
pikanodeHttpHostPort: 18888
responseHeaderTimeoutSeconds: 600
egressProxy:
enabled: false
deploymentName: sub2api-egress-proxy
serviceName: sub2api-egress-proxy
secretName: sub2api-egress-proxy-config
secretKey: config.json
image: ghcr.io/sagernet/sing-box:latest
imagePullPolicy: IfNotPresent
listenPort: 10808
hostNetwork: true
sourceConfigRef: config/platform-infra/egress-proxy-sources.yaml#sources.master-shadowsocks
applyToSub2Api: false
applyToSentinel: false
noProxy:
- localhost
- 127.0.0.1
- ::1
- .svc
- .cluster.local
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
- 82.156.23.220
- 74.48.78.17
- hyueapi.com
- .hyueapi.com
- id: JD01
route: JD01:k3s
namespace: platform-infra
role: active
enabled: true
databaseMode: external-active
redisMode: local-ephemeral
appReplicas: 1
redisReplicas: 1
image:
repository: weishaw/sub2api
tag: 0.1.142
pullPolicy: IfNotPresent
dependencyImages:
postgres: docker.m.daocloud.io/library/redis:8-alpine
redis: docker.m.daocloud.io/library/redis:8-alpine
codexPool:
sentinelImageBuild:
baseImageCachePolicy: pull
noProxy:
- localhost
- 127.0.0.1
- ::1
- host.docker.internal
- 74.48.78.17
- 192.168.0.0/16
- 10.0.0.0/8
- 172.16.0.0/12
- 10.42.0.0/16
- 10.43.0.0/16
- .svc
- .svc.cluster.local
- .cluster.local
- kubernetes
- kubernetes.default
- kubernetes.default.svc
- 127.0.0.1:5000
- localhost:5000
publicExposure:
enabled: true
publicBaseUrl: https://api2.pikapython.com
dns:
hostname: api2.pikapython.com
expectedA: 82.156.23.220
resolvers: [1.1.1.1, 8.8.8.8, 223.5.5.5, 114.114.114.114]
frpc:
deploymentName: sub2api-frpc
secretName: sub2api-frpc-secrets
secretKey: frpc.toml
image: ghcr.io/fatedier/frpc:v0.68.1
serverAddr: 82.156.23.220
serverPort: 22000
proxyName: platform-infra-sub2api-jd01-api
remotePort: 22087
localIP: sub2api.platform-infra.svc.cluster.local
localPort: 8080
tokenSourceRef: platform-infra/pk01-frp.env
tokenSourceKey: FRP_TOKEN
pk01:
route: PK01
caddyBinaryPath: /usr/local/bin/caddy
caddyDownloadUrl: https://caddyserver.com/api/download?os=linux&arch=amd64
caddyDownloadProxyUrl: http://127.0.0.1:18789
caddyConfigPath: /etc/caddy/Caddyfile
caddyServiceName: caddy
caddyStorageDir: /var/lib/caddy
caddyEmail: ops@pikapython.com
pikanodeRoot: /home/ubuntu/pikanode
pikanodeContainerName: pikanode
pikanodeImage: pikanode
pikanodeHttpHostPort: 18888
responseHeaderTimeoutSeconds: 600
egressProxy:
enabled: true
deploymentName: sub2api-egress-proxy
serviceName: sub2api-egress-proxy
secretName: sub2api-egress-proxy-config
secretKey: config.json
image: ghcr.io/sagernet/sing-box:latest
imagePullPolicy: IfNotPresent
listenPort: 10808
hostNetwork: false
hostProxyConfigRef: config/platform-infra/host-proxy.yaml#targets.JD01
proxyEnvPath: /etc/unidesk/proxy.env
sourceConfigRef: config/platform-infra/egress-proxy-sources.yaml#sources.master-shadowsocks
applyToSub2Api: true
applyToSentinel: true
noProxy:
- localhost
- 127.0.0.1
- ::1
- .svc
- .cluster.local
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
- 82.156.23.220
- 74.48.78.17
- hyueapi.com
- .hyueapi.com
accountLocalProxy:
enabled: true
containerName: account-local-proxy
secretName: sub2api-account-local-proxy-config
secretKey: config.json
image: ghcr.io/sagernet/sing-box:latest
imagePullPolicy: IfNotPresent
listenHost: 127.0.0.1
listenPort: 18789
sourceConfigRef: config/platform-infra/egress-proxy-sources.yaml#sources.master-shadowsocks
runtime:
database:
mode: external
sourceRef: platform-db/sub2api-db.env
sourceKeys:
user: SUB2API_DB_USER
password: SUB2API_DB_PASSWORD
dbName: SUB2API_DB_NAME
secretName: sub2api-secrets
passwordKey: POSTGRES_PASSWORD
host: 82.156.23.220
port: 5432
user: sub2api
dbName: sub2api
sslMode: require
pendingAllowed: true
secrets:
root: /root/unidesk/.state/secrets
appSourceRef: platform-infra/sub2api.env
redis:
serviceName: sub2api-redis
persistence: false
appData:
mode: empty-dir
sentinel:
mode: singleton
enabledOnTargets:
- JD01
security:
urlAllowlist:
enabled: false
allowInsecureHttp: true
allowPrivateHosts: false
upstreamHosts: []