fix(piped): rm cron, SOCKS5, /api ingress

2026-01-27 10:18:27 +00:00 · 2024-10-31 01:35:52 +08:00
parent cc24e254af
commit c76a24ca36
2 changed files with 44 additions and 29 deletions
--- a/kube/deploy/apps/piped/app/es.yaml
+++ b/kube/deploy/apps/piped/app/es.yaml
@@ -77,12 +77,15 @@ spec:
        PGPASSWORD: '{{ .password }}'
        PGDATABASE: '{{ .dbname }}'
        # backend
+        # TODO: Mullvad SOCKS5 proxy temporarily due to ISP IP being rate limited from refresh cron
+        #  MATRIX_SERVER: ""
        config.properties: |
          PORT: 8080
          HTTP_WORKERS: 2
          PROXY_PART: https://${APP_DNS_PIPED}/ytproxy
          API_URL: https://${APP_DNS_PIPED}/server
          FRONTEND_URL: https://${APP_DNS_PIPED}
+          REQWEST_PROXY: socks5://10.124.0.221:1080
          COMPROMISED_PASSWORD_CHECK: true
          DISABLE_REGISTRATION: true
          FEED_RETENTION: 365
@@ -90,4 +93,3 @@ spec:
          hibernate.connection.username: {{ .user }}
          hibernate.connection.password: {{ .password }}
          SENTRY_DSN:
-          MATRIX_SERVER: ""
--- a/kube/deploy/apps/piped/app/hr.yaml
+++ b/kube/deploy/apps/piped/app/hr.yaml
@@ -98,34 +98,34 @@ spec:
              limits:
                cpu: "1"
                memory: "256Mi"
-      refresh:
-        type: cronjob
-        cronjob:
-          schedule: "@hourly"
-          concurrencyPolicy: Forbid
-          successfulJobsHistory: 0
-          failedJobsHistory: 1
-        pod:
-          labels:
-            db.home.arpa/pg: pg-default
-        containers:
-          main:
-            image: &img
-              repository: ghcr.io/bjw-s-labs/piped-scripts
-              tag: 0.0.1@sha256:55dcbc2d65eb47d7a7f2c49c4fba1bc05ab3a715ae5b3f63a9653d804c704e69
-            env:
-              SCRIPT_NAME: update_subscriptions.sh
-              PIPED_BACKEND: http://piped-backend.piped.svc.cluster.local:8080
-            envFrom:
-              - secretRef:
-                  name: piped-secrets
-            securityContext: *sc
-            resources:
-              requests:
-                cpu: "10m"
-              limits:
-                cpu: "1"
-                memory: "128Mi"
+      # refresh: # TODO: got rate limited from this
+      #   type: cronjob
+      #   cronjob:
+      #     schedule: "@hourly"
+      #     concurrencyPolicy: Forbid
+      #     successfulJobsHistory: 0
+      #     failedJobsHistory: 1
+      #   pod:
+      #     labels:
+      #       db.home.arpa/pg: pg-default
+      #   containers:
+      #     main:
+      #       image: &img
+      #         repository: ghcr.io/bjw-s-labs/piped-scripts
+      #         tag: 0.0.1@sha256:55dcbc2d65eb47d7a7f2c49c4fba1bc05ab3a715ae5b3f63a9653d804c704e69
+      #       env:
+      #         SCRIPT_NAME: update_subscriptions.sh
+      #         PIPED_BACKEND: http://piped-backend.piped.svc.cluster.local:8080
+      #       envFrom:
+      #         - secretRef:
+      #             name: piped-secrets
+      #       securityContext: *sc
+      #       resources:
+      #         requests:
+      #           cpu: "10m"
+      #         limits:
+      #           cpu: "1"
+      #           memory: "128Mi"
    service:
      frontend:
        controller: frontend
@@ -198,6 +198,19 @@ spec:
                  port: http
        tls:
          - hosts: [*host]
+      ytproxy-api:
+        className: nginx-internal
+        annotations: *cors
+        hosts:
+          - host: *host
+            paths: &paths
+              - path: /api
+                pathType: Prefix
+                service:
+                  identifier: ytproxy
+                  port: http
+        tls:
+          - hosts: [*host]
    persistence:
      config:
        type: secret