@@ -10,6 +10,7 @@ ADD . /go/src/github.com/dutchcoders/transfer.sh | |||
WORKDIR /go/src/github.com/dutchcoders/transfer.sh | |||
ENV GO111MODULE=on | |||
ENV APP_PORT=8080 | |||
# build & install server | |||
RUN go get -u ./... && CGO_ENABLED=0 go build -ldflags -a -tags netgo -ldflags '-w -extldflags "-static"' -o /go/bin/transfersh github.com/dutchcoders/transfer.sh | |||
@@ -20,6 +21,6 @@ LABEL maintainer="Andrea Spacca <andrea.spacca@gmail.com>" | |||
COPY --from=build /go/bin/transfersh /go/bin/transfersh | |||
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt | |||
ENTRYPOINT ["/go/bin/transfersh", "--listener", ":8080"] | |||
ENTRYPOINT /go/bin/transfersh --listener :$APP_PORT | |||
EXPOSE 8080 |
@@ -145,6 +145,61 @@ For easy deployment, we've created a Docker container. | |||
```bash | |||
docker run --publish 8080:8080 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/ | |||
``` | |||
Pass the params to the transfer.sh binary inside container by the *args*, not through docker environment vars. | |||
```bash | |||
docker run -p 8080:8080 dutchcoders/transfer.sh:latest --provider s3 --http-auth-user my-username --http-auth-pass somepassword --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION | |||
``` | |||
## Manually run inside kubernetes cluster | |||
```sh | |||
# run locally | |||
kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider local --basedir=/tmp | |||
# run with s3 | |||
kubectl run transfersh --restart=Never --image=dutchcoders/transfer.sh:latest -- --http-auth-user my-username --http-auth-pass somepassword --provider s3 --aws-access-key $AWS_ACCESS_KEY_ID --aws-secret-key $AWS_SECRET_ACCESS_KEY --bucket $AWS_TRANSFERSH_BUCKET --s3-region $AWS_TRANSFERSH_BUCKET_REGION | |||
# Example to manually create needed secrets for deployment params totally aligned with [Usage Params](https://github.com/dutchcoders/transfer.sh#usage-1) | |||
kubectl create secret generic transfersh-secrets --from-literal=HTTP_AUTH_USER=$HTTP_AUTH_USER --from-literal=HTTP_AUTH_PASS=$HTTP_AUTH_PASS --from-literal=AWS_ACCESS_KEY=$AWS_ACCESS_KEY --from-literal=AWS_SECRET_KEY=$AWS_SECRET_KEY --from-literal=BUCKET=$BUCKET --from-literal=S3_REGION=$S3_REGION --from-literal=PROXY_PATH=$PROXY_PATH --from-literal=PROVIDER=$PROVIDER | |||
``` | |||
### TIPS | |||
If your service is going to run behind nginx or any other proxy in your kubernetes cluster then passing on `proxy-path` variable becomes a must to avoid to avoid errors by webend, by-default it is blank. | |||
dont add prefix '/' for the path. | |||
Ex: if your kubernetes ingress piece of routing yaml is like this | |||
```yaml | |||
... | |||
spec: | |||
rules: | |||
- host: api.myhost.mysite.com | |||
http: | |||
paths: | |||
- backend: | |||
serviceName: transfersh | |||
servicePort: 80 | |||
path: /filemanager | |||
... | |||
``` | |||
=> PROXY_PATH arg must be set to 'filemanager' & not /filemanager. | |||
## Helm chart | |||
```sh | |||
cd charts/transfersh | |||
helm install --debug --name=transfersh transfersh/ | |||
``` | |||
### NOTE: | |||
- All variables are same as mentioned [here](https://github.com/dutchcoders/transfer.sh#usage-1) with below mentioned operations done on them. | |||
- Operations applied on Usage params | |||
- UPPERCASING them | |||
- replacing hyphens by underscores | |||
- Ex: http-auth-user => HTTP_AUTH_USER, s3-region => S3_REGION | |||
- Every arg needed by the transfer.sh binary is passed via environment variable in deployment yaml injected via the secrets/configmaps at runtime. | |||
- Deployment fails in case of non-availability of secrets/configMaps in your cluster, as selected via values.yaml file. | |||
## S3 Usage | |||
@@ -0,0 +1,21 @@ | |||
# Patterns to ignore when building packages. | |||
# This supports shell glob matching, relative path matching, and | |||
# negation (prefixed with !). Only one pattern per line. | |||
.DS_Store | |||
# Common VCS dirs | |||
.git/ | |||
.gitignore | |||
.bzr/ | |||
.bzrignore | |||
.hg/ | |||
.hgignore | |||
.svn/ | |||
# Common backup files | |||
*.swp | |||
*.bak | |||
*.tmp | |||
*~ | |||
# Various IDEs | |||
.project | |||
.idea/ | |||
*.tmproj |
@@ -0,0 +1,5 @@ | |||
apiVersion: v1 | |||
appVersion: "1.0" | |||
description: A Helm chart for Kubernetes | |||
name: transfersh | |||
version: 0.1.0 |
@@ -0,0 +1,19 @@ | |||
1. Get the application URL by running these commands: | |||
{{- if .Values.ingress.enabled }} | |||
{{- range .Values.ingress.hosts }} | |||
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} | |||
{{- end }} | |||
{{- else if contains "NodePort" .Values.service.type }} | |||
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "transfersh.fullname" . }}) | |||
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") | |||
echo http://$NODE_IP:$NODE_PORT | |||
{{- else if contains "LoadBalancer" .Values.service.type }} | |||
NOTE: It may take a few minutes for the LoadBalancer IP to be available. | |||
You can watch the status of by running 'kubectl get svc -w {{ include "transfersh.fullname" . }}' | |||
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "transfersh.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') | |||
echo http://$SERVICE_IP:{{ .Values.service.port }} | |||
{{- else if contains "ClusterIP" .Values.service.type }} | |||
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "transfersh.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") | |||
echo "Visit http://127.0.0.1:8080 to use your application" | |||
kubectl port-forward $POD_NAME 8080:80 | |||
{{- end }} |
@@ -0,0 +1,32 @@ | |||
{{/* vim: set filetype=mustache: */}} | |||
{{/* | |||
Expand the name of the chart. | |||
*/}} | |||
{{- define "transfersh.name" -}} | |||
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} | |||
{{- end -}} | |||
{{/* | |||
Create a default fully qualified app name. | |||
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). | |||
If release name contains chart name it will be used as a full name. | |||
*/}} | |||
{{- define "transfersh.fullname" -}} | |||
{{- if .Values.fullnameOverride -}} | |||
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} | |||
{{- else -}} | |||
{{- $name := default .Chart.Name .Values.nameOverride -}} | |||
{{- if contains $name .Release.Name -}} | |||
{{- .Release.Name | trunc 63 | trimSuffix "-" -}} | |||
{{- else -}} | |||
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} | |||
{{- end -}} | |||
{{- end -}} | |||
{{- end -}} | |||
{{/* | |||
Create chart name and version as used by the chart label. | |||
*/}} | |||
{{- define "transfersh.chart" -}} | |||
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} | |||
{{- end -}} |
@@ -0,0 +1,58 @@ | |||
apiVersion: apps/v1beta2 | |||
kind: Deployment | |||
metadata: | |||
name: {{ include "transfersh.fullname" . }} | |||
labels: | |||
app.kubernetes.io/name: {{ include "transfersh.name" . }} | |||
helm.sh/chart: {{ include "transfersh.chart" . }} | |||
app.kubernetes.io/instance: {{ .Release.Name }} | |||
app.kubernetes.io/managed-by: {{ .Release.Service }} | |||
spec: | |||
replicas: {{ .Values.replicaCount }} | |||
selector: | |||
matchLabels: | |||
app.kubernetes.io/name: {{ include "transfersh.name" . }} | |||
app.kubernetes.io/instance: {{ .Release.Name }} | |||
template: | |||
metadata: | |||
labels: | |||
app.kubernetes.io/name: {{ include "transfersh.name" . }} | |||
app.kubernetes.io/instance: {{ .Release.Name }} | |||
spec: | |||
{{- $keyRefSource := .Values.argValues.source.type -}} | |||
{{ $keyRefName := .Values.argValues.source.name }} | |||
containers: | |||
- name: {{ .Chart.Name }} | |||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" | |||
imagePullPolicy: {{ .Values.image.pullPolicy }} | |||
env: | |||
{{- range .Values.argValues.paramNames }} | |||
- name: {{ . | upper | replace "-" "_" }} | |||
valueFrom: | |||
{{ $keyRefSource }}: | |||
name: {{ $keyRefName }} | |||
key: {{ . | upper | replace "-" "_"}} | |||
{{- end }} | |||
args: [ {{- range .Values.argValues.paramNames }} {{ printf "%s%s" $.Values.argIdentifier . | quote}},{{ printf "%s%s%s" "$(" . ")" | upper | replace "-" "_" | quote}},{{- end }} ] | |||
livenessProbe: | |||
httpGet: | |||
path: / | |||
port: {{ .Values.service.internalPort }} | |||
readinessProbe: | |||
httpGet: | |||
path: / | |||
port: {{ .Values.service.internalPort }} | |||
resources: | |||
{{ toYaml .Values.resources | indent 12 }} | |||
{{- with .Values.nodeSelector }} | |||
nodeSelector: | |||
{{ toYaml . | indent 8 }} | |||
{{- end }} | |||
{{- with .Values.affinity }} | |||
affinity: | |||
{{ toYaml . | indent 8 }} | |||
{{- end }} | |||
{{- with .Values.tolerations }} | |||
tolerations: | |||
{{ toYaml . | indent 8 }} | |||
{{- end }} |
@@ -0,0 +1,38 @@ | |||
{{- if .Values.ingress.enabled -}} | |||
{{- $fullName := include "transfersh.fullname" . -}} | |||
{{- $ingressPath := .Values.ingress.path -}} | |||
apiVersion: extensions/v1beta1 | |||
kind: Ingress | |||
metadata: | |||
name: {{ $fullName }} | |||
labels: | |||
app.kubernetes.io/name: {{ include "transfersh.name" . }} | |||
helm.sh/chart: {{ include "transfersh.chart" . }} | |||
app.kubernetes.io/instance: {{ .Release.Name }} | |||
app.kubernetes.io/managed-by: {{ .Release.Service }} | |||
{{- with .Values.ingress.annotations }} | |||
annotations: | |||
{{ toYaml . | indent 4 }} | |||
{{- end }} | |||
spec: | |||
{{- if .Values.ingress.tls }} | |||
tls: | |||
{{- range .Values.ingress.tls }} | |||
- hosts: | |||
{{- range .hosts }} | |||
- {{ . | quote }} | |||
{{- end }} | |||
secretName: {{ .secretName }} | |||
{{- end }} | |||
{{- end }} | |||
rules: | |||
{{- range .Values.ingress.hosts }} | |||
- host: {{ . | quote }} | |||
http: | |||
paths: | |||
- path: {{ $ingressPath }} | |||
backend: | |||
serviceName: {{ $fullName }} | |||
servicePort: http | |||
{{- end }} | |||
{{- end }} |
@@ -0,0 +1,19 @@ | |||
apiVersion: v1 | |||
kind: Service | |||
metadata: | |||
name: {{ include "transfersh.fullname" . }} | |||
labels: | |||
app.kubernetes.io/name: {{ include "transfersh.name" . }} | |||
helm.sh/chart: {{ include "transfersh.chart" . }} | |||
app.kubernetes.io/instance: {{ .Release.Name }} | |||
app.kubernetes.io/managed-by: {{ .Release.Service }} | |||
spec: | |||
type: {{ .Values.service.type }} | |||
ports: | |||
- port: {{ .Values.service.externalPort }} | |||
targetPort: {{ .Values.service.internalPort }} | |||
protocol: TCP | |||
name: {{ .Values.service.name }} | |||
selector: | |||
app.kubernetes.io/name: {{ include "transfersh.name" . }} | |||
app.kubernetes.io/instance: {{ .Release.Name }} |
@@ -0,0 +1,63 @@ | |||
--- | |||
replicaCount: 1 | |||
image: | |||
repository: dutchcoders/transfer.sh | |||
tag: latest | |||
pullPolicy: IfNotPresent | |||
nameOverride: "" | |||
fullnameOverride: "" | |||
service: | |||
type: ClusterIP | |||
name: transfersh-service | |||
externalPort: 80 | |||
internalPort: 8080 | |||
argIdentifier: "--" | |||
argValues : { | |||
"source" :{ | |||
"type" : "secretKeyRef", | |||
"name" : "transfersh-secrets" | |||
}, | |||
"paramNames" :[ | |||
"http-auth-user", | |||
"http-auth-pass", | |||
"provider", | |||
"aws-access-key", | |||
"aws-secret-key", | |||
"bucket", | |||
"s3-region", | |||
"proxy-path" | |||
] | |||
} | |||
ingress: | |||
enabled: false | |||
annotations: {} | |||
path: / | |||
hosts: | |||
- transfersh.local | |||
tls: [] | |||
# - secretName: chart-example-tls | |||
# hosts: | |||
# - chart-example.local | |||
resources: {} | |||
# We usually recommend not to specify default resources and to leave this as a conscious | |||
# choice for the user. This also increases chances charts run on environments with little | |||
# resources, such as Minikube. If you do want to specify resources, uncomment the following | |||
# lines, adjust them as necessary, and remove the curly braces after 'resources:'. | |||
# limits: | |||
# cpu: 100m | |||
# memory: 128Mi | |||
# requests: | |||
# cpu: 100m | |||
# memory: 128Mi | |||
nodeSelector: {} | |||
tolerations: [] | |||
affinity: {} |