From 3cde5e28a8d946c1110697946b180027204b5d2c Mon Sep 17 00:00:00 2001
From: Leon Klingele <git@leonklingele.de>
Date: Mon, 3 Feb 2020 23:19:18 +0100
Subject: [PATCH] Add support to run on Kubernetes, add Helm chart

See relevant README.md for more details.
---
 kubernetes/.gitignore                |  1 +
 kubernetes/Chart.lock                |  6 ++++
 kubernetes/Chart.yaml                | 22 ++++++++++++
 kubernetes/README.md                 | 42 ++++++++++++++++++++++
 kubernetes/templates/_helpers.tpl    | 16 +++++++++
 kubernetes/templates/configmap.yaml  | 11 ++++++
 kubernetes/templates/deployment.yaml | 53 ++++++++++++++++++++++++++++
 kubernetes/templates/hpa.yaml        | 18 ++++++++++
 kubernetes/templates/service.yaml    | 16 +++++++++
 kubernetes/values.yaml               | 51 ++++++++++++++++++++++++++
 10 files changed, 236 insertions(+)
 create mode 100644 kubernetes/.gitignore
 create mode 100644 kubernetes/Chart.lock
 create mode 100644 kubernetes/Chart.yaml
 create mode 100644 kubernetes/README.md
 create mode 100644 kubernetes/templates/_helpers.tpl
 create mode 100644 kubernetes/templates/configmap.yaml
 create mode 100644 kubernetes/templates/deployment.yaml
 create mode 100644 kubernetes/templates/hpa.yaml
 create mode 100644 kubernetes/templates/service.yaml
 create mode 100644 kubernetes/values.yaml

diff --git a/kubernetes/.gitignore b/kubernetes/.gitignore
new file mode 100644
index 00000000..0ad51707
--- /dev/null
+++ b/kubernetes/.gitignore
@@ -0,0 +1 @@
+/charts/*.tgz
diff --git a/kubernetes/Chart.lock b/kubernetes/Chart.lock
new file mode 100644
index 00000000..1799798b
--- /dev/null
+++ b/kubernetes/Chart.lock
@@ -0,0 +1,6 @@
+dependencies:
+- name: postgresql
+  repository: https://kubernetes-charts.storage.googleapis.com/
+  version: 8.3.0
+digest: sha256:1feec3c396cbf27573dc201831ccd3376a4a6b58b2e7618ce30a89b8f5d707fd
+generated: "2020-02-07T13:39:38.624846+01:00"
diff --git a/kubernetes/Chart.yaml b/kubernetes/Chart.yaml
new file mode 100644
index 00000000..0d7791d7
--- /dev/null
+++ b/kubernetes/Chart.yaml
@@ -0,0 +1,22 @@
+apiVersion: v2
+name: invidious
+description: Invidious is an alternative front-end to YouTube
+version: 1.0.0
+appVersion: 0.20.1
+keywords:
+- youtube
+- proxy
+- video
+- privacy
+home: https://invidio.us/
+icon: https://raw.githubusercontent.com/omarroth/invidious/05988c1c49851b7d0094fca16aeaf6382a7f64ab/assets/favicon-32x32.png
+sources:
+- https://github.com/omarroth/invidious
+maintainers:
+- name: Leon Klingele
+  email: mail@leonklingele.de
+dependencies:
+- name: postgresql
+  version: ~8.3.0
+  repository: "https://kubernetes-charts.storage.googleapis.com/"
+engine: gotpl
diff --git a/kubernetes/README.md b/kubernetes/README.md
new file mode 100644
index 00000000..163e9cd7
--- /dev/null
+++ b/kubernetes/README.md
@@ -0,0 +1,42 @@
+# Invidious Helm chart
+
+Easily deploy Invidious to Kubernetes.
+
+## Installing Helm chart
+
+```sh
+# Build Helm dependencies
+$ helm dep build
+
+# Add PostgreSQL init scripts
+$ kubectl create configmap invidious-postgresql-init \
+  --from-file=../config/sql/channels.sql \
+  --from-file=../config/sql/videos.sql \
+  --from-file=../config/sql/channel_videos.sql \
+  --from-file=../config/sql/users.sql \
+  --from-file=../config/sql/session_ids.sql \
+  --from-file=../config/sql/nonces.sql \
+  --from-file=../config/sql/annotations.sql \
+  --from-file=../config/sql/playlists.sql \
+  --from-file=../config/sql/playlist_videos.sql \
+  --from-file=../config/sql/privacy.sql
+
+# Install Helm app to your Kubernetes cluster
+$ helm install invidious ./
+```
+
+## Upgrading
+
+```sh
+# Upgrading is easy, too!
+$ helm upgrade invidious ./
+```
+
+## Uninstall
+
+```sh
+# Get rid of everything (except database)
+$ helm delete invidious
+
+# To also delete the database, remove all invidious-postgresql PVCs
+```
diff --git a/kubernetes/templates/_helpers.tpl b/kubernetes/templates/_helpers.tpl
new file mode 100644
index 00000000..52158b78
--- /dev/null
+++ b/kubernetes/templates/_helpers.tpl
@@ -0,0 +1,16 @@
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "invidious.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+*/}}
+{{- define "invidious.fullname" -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
diff --git a/kubernetes/templates/configmap.yaml b/kubernetes/templates/configmap.yaml
new file mode 100644
index 00000000..58542a31
--- /dev/null
+++ b/kubernetes/templates/configmap.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ template "invidious.fullname" . }}
+  labels:
+    app: {{ template "invidious.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: {{ .Release.Name }}
+data:
+  INVIDIOUS_CONFIG: |
+{{ toYaml .Values.config | indent 4 }}
diff --git a/kubernetes/templates/deployment.yaml b/kubernetes/templates/deployment.yaml
new file mode 100644
index 00000000..34156127
--- /dev/null
+++ b/kubernetes/templates/deployment.yaml
@@ -0,0 +1,53 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "invidious.fullname" . }}
+  labels:
+    app: {{ template "invidious.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: {{ .Release.Name }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ template "invidious.name" . }}
+      release: {{ .Release.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "invidious.name" . }}
+        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+        release: {{ .Release.Name }}
+    spec:
+      securityContext:
+        runAsUser: {{ .Values.securityContext.runAsUser }}
+        runAsGroup: {{ .Values.securityContext.runAsGroup }}
+        fsGroup: {{ .Values.securityContext.fsGroup }}
+      containers:
+      - name: {{ .Chart.Name }}
+        image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+        imagePullPolicy: {{ .Values.image.pullPolicy }}
+        ports:
+        - containerPort: 3000
+        env:
+        - name: INVIDIOUS_CONFIG
+          valueFrom:
+            configMapKeyRef:
+              key: INVIDIOUS_CONFIG
+              name: {{ template "invidious.fullname" . }}
+        securityContext:
+          allowPrivilegeEscalation: {{ .Values.securityContext.allowPrivilegeEscalation }}
+          capabilities:
+            drop:
+            - ALL
+        resources:
+{{ toYaml .Values.resources | indent 10 }}
+        readinessProbe:
+          httpGet:
+            port: 3000
+            path: /
+        livenessProbe:
+          httpGet:
+            port: 3000
+            path: /
+      restartPolicy: Always
diff --git a/kubernetes/templates/hpa.yaml b/kubernetes/templates/hpa.yaml
new file mode 100644
index 00000000..c6fbefe2
--- /dev/null
+++ b/kubernetes/templates/hpa.yaml
@@ -0,0 +1,18 @@
+{{- if .Values.autoscaling.enabled }}
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ template "invidious.fullname" . }}
+  labels:
+    app: {{ template "invidious.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: {{ .Release.Name }}
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ template "invidious.fullname" . }}
+  minReplicas: {{ .Values.autoscaling.minReplicas }}
+  maxReplicas: {{ .Values.autoscaling.maxReplicas }}
+  targetCPUUtilizationPercentage: {{ .Values.autoscaling.targetCPUUtilizationPercentage }}
+{{- end }}
diff --git a/kubernetes/templates/service.yaml b/kubernetes/templates/service.yaml
new file mode 100644
index 00000000..56bdea2e
--- /dev/null
+++ b/kubernetes/templates/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ template "invidious.fullname" . }}
+  labels:
+    app: {{ template "invidious.name" . }}
+    chart: {{ .Chart.Name }}
+    release: {{ .Release.Name }}
+spec:
+  ports:
+  - name: http
+    port: 3000
+    targetPort: 3000
+  selector:
+    app: {{ template "invidious.name" . }}
+    release: {{ .Release.Name }}
diff --git a/kubernetes/values.yaml b/kubernetes/values.yaml
new file mode 100644
index 00000000..ce32b257
--- /dev/null
+++ b/kubernetes/values.yaml
@@ -0,0 +1,51 @@
+name: invidious
+
+image:
+  repository: omarroth/invidious
+  tag: latest
+  pullPolicy: Always
+
+replicaCount: 1
+
+autoscaling:
+  enabled: false
+  minReplicas: 1
+  maxReplicas: 16
+  targetCPUUtilizationPercentage: 50
+
+resources: {}
+  #requests:
+  #  cpu: 100m
+  #  memory: 64Mi
+  #limits:
+  #  cpu: 800m
+  #  memory: 512Mi
+
+securityContext:
+  allowPrivilegeEscalation: false
+  runAsUser: 1000
+  runAsGroup: 1000
+  fsGroup: 1000
+
+# See https://github.com/helm/charts/tree/master/stable/postgresql
+postgresql:
+  postgresqlUsername: kemal
+  postgresqlPassword: kemal
+  postgresqlDatabase: invidious
+  initdbUsername: kemal
+  initdbPassword: kemal
+  initdbScriptsConfigMap: invidious-postgresql-init
+
+# Adapted from ../config/config.yml
+config:
+  channel_threads: 1
+  feed_threads: 1
+  db:
+    user: kemal
+    password: kemal
+    host: invidious-postgresql
+    port: 5432
+    dbname: invidious
+  full_refresh: false
+  https_only: false
+  domain: