github-personal/Biohazard
1
0
Fork 0
mirror of https://github.com/outbackdingo/Biohazard.git synced 2026-01-27 18:18:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(rclone-retro): rework using rcd & serve FTP

Browse Source
This commit is contained in:
JJGadgets
2025-07-04 00:07:01 +08:00
parent 3fbd7b4bad
commit 477cb6e20d
4 changed files with 171 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

215
kube/deploy/apps/rclone-retro/app/hr.yaml
View File

@@ -1,5 +1,5 @@
---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/app-template-4.1.1/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/app-template-4.1.2/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
@@ -10,32 +10,35 @@ spec:
chart:
spec:
chart: app-template
version: 4.1.1
version: 4.1.2
sourceRef:
name: bjw-s
kind: HelmRepository
namespace: flux-system
values:
controllers:
# TODO: add sync from Vita and serve FTP for Apollo save tool
3ds: &rclone
type: cronjob
cronjob:
schedule: "@hourly"
app:
type: deployment
replicas: 1
pod:
labels:
ingress.home.arpa/nginx-internal: allow
prom.home.arpa/kps: allow
egress.home.arpa/retro-consoles: allow
containers:
main: &rclct
app:
image: &img
repository: "jank.ing/jjgadgets/rclone"
tag: "1.70.2@sha256:b8dad82933961be28ebbe4aab87e14f2d2fcd23ed3e8335a43a837209cb46f5f"
args: ["sync", "3ds:/", "/data/", "--progress", "--exclude", "/Nintendo 3DS/title/**/**/content/*.app", "--exclude", "**/*.cia", "--exclude", "**/*.fbi", "--exclude", "/GBA/**", "--exclude", "/GBA/*"]
repository: ghcr.io/rclone/rclone
tag: 1.70.2@sha256:b8dad82933961be28ebbe4aab87e14f2d2fcd23ed3e8335a43a837209cb46f5f
args: ["serve", "ftp", "local:", "--addr=:$(FTP_PORT)", "--rc", "--rc-addr=:$(HTTP_PORT)", "--rc-serve", "--rc-serve-no-modtime", "--rc-web-gui", "--rc-web-gui-no-open-browser", "--rc-user=$(RC_USER)", "--rc-pass=$(RC_PASS)", "--rc-enable-metrics", "--metrics-addr=:$(METRICS_PORT)"]
env: &env
TZ: "${CONFIG_TZ}"
# envFrom: &envFrom
# - secretRef:
# name: rclone-retro-secrets
FTP_PORT: &ftp 2121
HTTP_PORT: &http 8080
METRICS_PORT: &metrics 9090
envFrom: &envFrom
- secretRef:
name: rclone-retro-secrets
securityContext: &sc
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
@@ -47,64 +50,109 @@ spec:
limits:
cpu: "1"
memory: "128Mi"
probes:
liveness:
enabled: true
readiness:
enabled: true
3ds: &cron
type: cronjob
cronjob:
schedule: "@hourly"
containers:
main: &rclct
image: *img
args: ["rc", "sync/sync", "3ds:/", "/data/3ds/", "_filter='{$(FILTER)}'", "_config='{$(CONFIG)}'"]
env:
<<: *env
FILTER: |
"IncludeRule": [ "/Nintendo 3DS/title/**/**/content/*.app", "**/*.cia", "**/*.fbi", "**/*.nds", "/GBA/**", "/GBA/*", "**/*.mp3", "**/*.m4a", "**/*.aac", "**/*.wav", "**/*.flac" ]
CONFIG: |
"Progress": true
envFrom: *envFrom
securityContext: *sc
resources:
requests:
cpu: "10m"
limits:
cpu: "1"
memory: "128Mi"
3ds-gba:
<<: *rclone
<<: *cron
containers:
main:
<<: *rclct
args: ["bisync", "3ds:GBA/", "/data/", "--progress"]
# service:
# rclone-retro:
# controller: rclone-retro
# ports:
# http:
# port: 80
# targetPort: 8080
# protocol: HTTP
# appProtocol: http
# expose:
# primary: false
# controller: rclone-retro
# type: LoadBalancer
# annotations:
# coredns.io/hostname: "${APP_DNS_RCLONE-RETRO:=rclone-retro}"
# "io.cilium/lb-ipam-ips": "${APP_IP_RCLONE-RETRO:=127.0.0.1}"
# ports:
# http:
# port: 443
# targetPort: 8443
# protocol: HTTPS
# ldap-tcp:
# port: 636
# targetPort: 3636
# protocol: TCP
# ldap-udp:
# port: 636
# targetPort: 3636
# protocol: UDP
args: ["rc", "sync/sync", "3ds:GBA/", "/data/3ds-gba/", "_config='{$(CONFIG)}'"]
env:
<<: *env
FILTER: |
"IncludeRule": [ "**/*.nds", "**/*.mp3", "**/*.m4a", "**/*.aac", "**/*.wav", "**/*.flac" ]
CONFIG: |
"Progress": true
ds:
<<: *cron
containers:
main:
<<: *rclct
args: ["rc", "sync/sync", "ds:/", "/data/ds/", "_filter='{$(FILTER)}'", "_config='{$(CONFIG)}'"]
env:
<<: *env
FILTER: |
"IncludeRule": [ "**/*.nds", "**/*.mp3", "**/*.m4a", "**/*.aac", "**/*.wav", "**/*.flac" ]
CONFIG: |
"Progress": true
service:
app:
primary: false
controller: app
ports:
http:
port: 80
targetPort: *http
protocol: HTTP
appProtocol: http
expose:
controller: app
type: LoadBalancer
annotations:
coredns.io/hostname: "${APP_DNS_RCLONE_RETRO_FTP:=rclone-retro}"
lbipam.cilium.io/ips: "${APP_IP_RCLONE_RETRO_FTP:=127.0.0.1}"
ports:
ftp:
port: 21
targetPort: *ftp
protocol: TCP
appProtocol: ftp
ingress:
main:
className: nginx-internal
annotations:
nginx.ingress.kubernetes.io/whitelist-source-range: "${IP_JJ_V4:=127.0.0.1/32}"
hosts:
- host: &host "${APP_DNS_RCLONE_RETRO:=rclone-retro}"
paths: &paths
- path: /
pathType: Prefix
service:
identifier: app
port: http
tls:
- hosts: [*host]
persistence:
config:
type: configMap
name: rclone-retro-config
identifier: config
globalMounts:
- subPath: "rclone.conf"
path: "/.rclone.conf"
readOnly: true
data:
existingClaim: rclone-retro-data
advancedMounts:
3ds:
main:
- subPath: 3ds
path: /data
- subPath: cache-3ds
path: /.cache
3ds-gba:
main:
- subPath: 3ds-gba
path: /data
- subPath: cache-3ds-gba
path: /.cache
globalMounts:
- subPath: data
path: /data
- subPath: cache
path: /.cache
# nfs:
# type: nfs
# server: "${IP_TRUENAS:=127.0.0.1}"
@@ -120,8 +168,6 @@ spec:
path: /tmp
configMaps:
config:
enabled: true
suffix: config
data:
rclone.conf: |
[3ds]
@@ -132,7 +178,27 @@ spec:
pass = PyY5-F-6MhsVR9BYdBGEQy0
concurrency = 1
idle_timeout = 0s
writing_mdtm = true # needed for modtime support, use `rclone backend features 3ds:` to verify
writing_mdtm = true
# needed for modtime support, use `rclone backend features 3ds:` to verify
[ds]
type = ftp
host = ds.internal
port = 5000
user = anonymous
pass = PyY5-F-6MhsVR9BYdBGEQy0
concurrency = 1
idle_timeout = 0s
writing_mdtm = true
# needed for modtime support, use `rclone backend features ds:` to verify
[vita]
type = ftp
host = 3ds.internal
port = 5000
user = anonymous
pass = PyY5-F-6MhsVR9BYdBGEQy0
concurrency = 1
idle_timeout = 0s
writing_mdtm = true
defaultPodOptions:
automountServiceAccountToken: false
enableServiceLinks: false
@@ -157,11 +223,32 @@ spec:
whenUnsatisfiable: DoNotSchedule
labelSelector:
matchLabels:
app.kubernetes.io/name: *app
app.kubernetes.io/name: "{{ .Release.Name }}"
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: fuckoff.home.arpa/{{ .Release.Name }}
- key: "fuckoff.home.arpa/{{ .Release.Name }}"
operator: DoesNotExist
networkpolicies:
same-ns:
podSelector: {}
policyTypes: [Ingress, Egress]
rules:
ingress: [from: [{podSelector: {}}]]
egress: [to: [{podSelector: {}}]]
conosoles:
controller: app
policyTypes: [Ingress, Egress]
rules:
ingress:
- from: &consoles
- ipBlock:
cidr: "${IP_VLAN_RETROCONSOLES_CIDR:=127.0.0.1/32}"
- ipBlock:
cidr: "${IP_VLAN_NDS_CIDR:=127.0.0.1/32}"
# from: [{ podSelector: {} }]]
egress:
- to: *consoles
# serviceMonitor: # TODO: add serviceMonitors

20
kube/deploy/apps/rclone-retro/ks.yaml
View File

@@ -12,8 +12,25 @@ spec:
labels: *l
path: ./kube/deploy/apps/rclone-retro/app
components:
- ../../../core/storage/volsync/component/
- ../../../core/flux-system/alerts/template/
dependsOn:
- name: crds
namespace: flux-system
- name: rclone-retro-pvc
---
apiVersion: kustomize.toolkit.fluxcd.io/v1
kind: Kustomization
metadata:
name: rclone-retro-pvc
namespace: flux-system
labels: &l
app.kubernetes.io/name: rclone-retro
pvc.home.arpa/volsync: "true"
spec:
targetNamespace: rclone-retro
commonMetadata:
labels: *l
path: ./kube/deploy/core/storage/volsync/template
dependsOn:
- name: crds
namespace: flux-system
@@ -28,3 +45,4 @@ spec:
RUID: &uid "1000"
RGID: *uid
RFSG: *uid
VS_APP_CURRENT_VERSION: "{{.IMAGENAME}}:{{.IMAGETAG}}"

2
kube/deploy/apps/rclone-retro/kustomization.yaml
View File

@@ -2,5 +2,5 @@
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
# - ns.yaml
- ns.yaml
- ks.yaml

0
kube/deploy/apps/rclone-retro/app/ns.yaml → kube/deploy/apps/rclone-retro/ns.yaml
View File