paperless-ngx: Split resources into separate files

The Paperless-ngx ecosystem consists of several services. Defining the resources for each service in separate manifest files will make maintenance a little bit easier.
2024-10-17 07:27:33 -05:00 · 2024-10-17 07:27:33 -05:00 · 99c8f7694c
parent e19e8f50ab
commit 99c8f7694c
7 changed files with 238 additions and 241 deletions
--- a/paperless-ngx/gotenberg.yaml
+++ b/paperless-ngx/gotenberg.yaml
@ -0,0 +1,65 @@
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app.kubernetes.io/name: gotenberg
    app.kubernetes.io/component: gotenberg
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
  name: gotenberg
  namespace: paperless-ngx
 spec:
  ports:
  - name: gotenberg
    port: 3000
  selector:
    app.kubernetes.io/name: gotenberg
    app.kubernetes.io/component: gotenberg
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: gotenberg
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: gotenberg
    app.kubernetes.io/component: gotenberg
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: gotenberg
      app.kubernetes.io/component: gotenberg
      app.kubernetes.io/instance: paperless-ngx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: gotenberg
        app.kubernetes.io/component: gotenberg
        app.kubernetes.io/instance: paperless-ngx
    spec:
      containers:
      - name: gotenberg
        image: docker.io/gotenberg/gotenberg:7.5.4
        imagePullPolicy: IfNotPresent
        command:
        - gotenberg
        - --chromium-disable-javascript=true
        - --chromium-allow-list=file:///tmp/.*
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 1000
          runAsGroup: 1000
        volumeMounts:
        - name: tmp
          mountPath: /tmp
      securityContext:
        fsGroup: 1000
      volumes:
      - name: tmp
        emptyDir:
--- a/paperless-ngx/kustomization.yaml
+++ b/paperless-ngx/kustomization.yaml
@ -1,10 +1,31 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: paperless-ngx
 labels:
 - pairs:
    app.kubernetes.io/instance: paperless-ngx
 resources:
 - namespace.yaml
 - redis.yaml
 - gotenberg.yaml
 - tika.yaml
 - paperless-ngx.yaml
 - ingress.yaml
 configMapGenerator:
 - name: paperless-cmd
  files:
  - paperless_cmd.sh
  options:
    labels:
      app.kubernetes.io/name: paperless_cmd.sh
      app.kubernetes.io/component: paperless-ngx
      app.kubernetes.io/part-of: paperless-ngx
    disableNameSuffixHash: true
 patches:
 - target:
    kind: StatefulSet
--- a/paperless-ngx/namespace.yaml
+++ b/paperless-ngx/namespace.yaml
@ -0,0 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: paperless-ngx
--- a/paperless-ngx/paperless-ngx.yaml
+++ b/paperless-ngx/paperless-ngx.yaml
@ -1,29 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
  name: paperless-ngx
  labels:
    app.kubernetes.io/instance: paperless-ngx
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: paperless-cmd
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: paperless_cmd.sh
    app.kubernetes.io/component: paperless-ngx
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 data:
  paperless_cmd.sh: |+
    #!/bin/sh
    exec /usr/local/bin/supervisord -c /etc/supervisord.conf --user paperless
 ---
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
  name: paperless-ngx
@ -40,27 +15,6 @@ spec:
    requests:
      storage: 20Gi
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app.kubernetes.io/name: redis
    app.kubernetes.io/component: redis
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
  name: redis
  namespace: paperless-ngx
 spec:
  ports:
  - name: redis
    port: 6379
  selector:
    app.kubernetes.io/name: redis
    app.kubernetes.io/component: redis
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: v1
 kind: Service
@ -82,113 +36,6 @@ spec:
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app.kubernetes.io/name: gotenberg
    app.kubernetes.io/component: gotenberg
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
  name: gotenberg
  namespace: paperless-ngx
 spec:
  ports:
  - name: gotenberg
    port: 3000
  selector:
    app.kubernetes.io/name: gotenberg
    app.kubernetes.io/component: gotenberg
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app.kubernetes.io/name: tika
    app.kubernetes.io/component: tika
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
  name: tika
  namespace: paperless-ngx
 spec:
  ports:
  - name: tika
    port: 9998
  selector:
    app.kubernetes.io/name: tika
    app.kubernetes.io/component: tika
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
  name: redis
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: redis
    app.kubernetes.io/component: redis
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 spec:
  serviceName: redis
  selector:
    matchLabels:
      app.kubernetes.io/name: redis
      app.kubernetes.io/component: redis
      app.kubernetes.io/instance: paperless-ngx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: redis
        app.kubernetes.io/component: redis
        app.kubernetes.io/instance: paperless-ngx
    spec:
      containers:
      - name: redis
        image: docker.io/library/redis:7
        imagePullPolicy: IfNotPresent
        ports:
        - name: redis
          containerPort: 6379
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 1000
          runAsGroup: 1000
        volumeMounts:
        - name: data
          mountPath: /data
          subPath: data
        - name: tmp
          mountPath: /tmp
      securityContext:
        fsGroup: 1000
      volumes:
      - name: tmp
        emptyDir:
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: data
      labels:
        app.kubernetes.io/name: redis
        app.kubernetes.io/component: redis
        app.kubernetes.io/part-of: paperless-ngx
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 2Gi
 ---
 apiVersion: apps/v1
 kind: StatefulSet
@ -299,91 +146,3 @@ spec:
      - name: run
        emptyDir:
          medium: Memory
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: gotenberg
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: gotenberg
    app.kubernetes.io/component: gotenberg
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: gotenberg
      app.kubernetes.io/component: gotenberg
      app.kubernetes.io/instance: paperless-ngx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: gotenberg
        app.kubernetes.io/component: gotenberg
        app.kubernetes.io/instance: paperless-ngx
    spec:
      containers:
      - name: gotenberg
        image: docker.io/gotenberg/gotenberg:7.5.4
        imagePullPolicy: IfNotPresent
        command:
        - gotenberg
        - --chromium-disable-javascript=true
        - --chromium-allow-list=file:///tmp/.*
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 1000
          runAsGroup: 1000
        volumeMounts:
        - name: tmp
          mountPath: /tmp
      securityContext:
        fsGroup: 1000
      volumes:
      - name: tmp
        emptyDir:
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: tika
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: tika
    app.kubernetes.io/component: tika
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: tika
      app.kubernetes.io/component: tika
      app.kubernetes.io/instance: paperless-ngx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: tika
        app.kubernetes.io/component: tika
        app.kubernetes.io/instance: paperless-ngx
    spec:
      containers:
      - name: tika
        image: docker.io/apache/tika:2.5.0
        imagePullPolicy: IfNotPresent
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 1000
          runAsGroup: 1000
        volumeMounts:
        - name: tmp
          mountPath: /tmp
      securityContext:
        fsGroup: 1000
      volumes:
      - name: tmp
        emptyDir:
--- a/paperless-ngx/paperless_cmd.sh
+++ b/paperless-ngx/paperless_cmd.sh
@ -0,0 +1,4 @@
 #!/bin/sh
 exec /usr/local/bin/supervisord -c /etc/supervisord.conf --user paperless
--- a/paperless-ngx/redis.yaml
+++ b/paperless-ngx/redis.yaml
@ -0,0 +1,83 @@
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app.kubernetes.io/name: redis
    app.kubernetes.io/component: redis
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
  name: redis
  namespace: paperless-ngx
 spec:
  ports:
  - name: redis
    port: 6379
  selector:
    app.kubernetes.io/name: redis
    app.kubernetes.io/component: redis
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
  name: redis
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: redis
    app.kubernetes.io/component: redis
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 spec:
  serviceName: redis
  selector:
    matchLabels:
      app.kubernetes.io/name: redis
      app.kubernetes.io/component: redis
      app.kubernetes.io/instance: paperless-ngx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: redis
        app.kubernetes.io/component: redis
        app.kubernetes.io/instance: paperless-ngx
    spec:
      containers:
      - name: redis
        image: docker.io/library/redis:7
        imagePullPolicy: IfNotPresent
        ports:
        - name: redis
          containerPort: 6379
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 1000
          runAsGroup: 1000
        volumeMounts:
        - name: data
          mountPath: /data
          subPath: data
        - name: tmp
          mountPath: /tmp
      securityContext:
        fsGroup: 1000
      volumes:
      - name: tmp
        emptyDir:
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: data
      labels:
        app.kubernetes.io/name: redis
        app.kubernetes.io/component: redis
        app.kubernetes.io/part-of: paperless-ngx
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 2Gi
--- a/paperless-ngx/tika.yaml
+++ b/paperless-ngx/tika.yaml
@ -0,0 +1,61 @@
 apiVersion: v1
 kind: Service
 metadata:
  labels:
    app.kubernetes.io/name: tika
    app.kubernetes.io/component: tika
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
  name: tika
  namespace: paperless-ngx
 spec:
  ports:
  - name: tika
    port: 9998
  selector:
    app.kubernetes.io/name: tika
    app.kubernetes.io/component: tika
    app.kubernetes.io/instance: paperless-ngx
  type: ClusterIP
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: tika
  namespace: paperless-ngx
  labels:
    app.kubernetes.io/name: tika
    app.kubernetes.io/component: tika
    app.kubernetes.io/instance: paperless-ngx
    app.kubernetes.io/part-of: paperless-ngx
 spec:
  selector:
    matchLabels:
      app.kubernetes.io/name: tika
      app.kubernetes.io/component: tika
      app.kubernetes.io/instance: paperless-ngx
  template:
    metadata:
      labels:
        app.kubernetes.io/name: tika
        app.kubernetes.io/component: tika
        app.kubernetes.io/instance: paperless-ngx
    spec:
      containers:
      - name: tika
        image: docker.io/apache/tika:2.5.0
        imagePullPolicy: IfNotPresent
        securityContext:
          runAsNonRoot: true
          readOnlyRootFilesystem: true
          runAsUser: 1000
          runAsGroup: 1000
        volumeMounts:
        - name: tmp
          mountPath: /tmp
      securityContext:
        fsGroup: 1000
      volumes:
      - name: tmp
        emptyDir:
		`@ -0,0 +1,4 @@`
							`#!/bin/sh`

							`exec /usr/local/bin/supervisord -c /etc/supervisord.conf --user paperless`