#SPDX-License-Identifier: MIT-0 --- # tasks file for ansible-role-open-archiver - name: namespace k8s: state: present definition: apiVersion: v1 kind: Namespace metadata: name: "{{ open_archiver_namespace }}" - name: pvc for postgresql k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgresql namespace: "{{ open_archiver_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ open_archiver_pvc_size_postgresql }}" - name: pvc for valkey k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: valkey namespace: "{{ open_archiver_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ open_archiver_pvc_size_data }}" - name: pvc for meili k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: meili namespace: "{{ open_archiver_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ open_archiver_pvc_size_meilidata }}" - name: pvc for open-archiver k8s: state: present definition: apiVersion: v1 kind: PersistentVolumeClaim metadata: name: open-archiver namespace: "{{ open_archiver_namespace }}" spec: accessModes: - ReadWriteOnce resources: requests: storage: "{{ open_archiver_pvc_size_open_archiver }}" - name: deployment for postgresql k8s: definition: apiVersion: v1 kind: Deployment metadata: name: postgresql namespace: "{{ open_archiver_namespace }}" spec: replicas: 1 selector: matchLabels: app: postgresql template: metadata: labels: app: postgresql spec: containers: - name: postgresql image: postgres:17-alpine env: - name: POSTGRES_DB value: open_archiver - name: POSTGRES_USER value: open_archiver - name: POSTGRES_PASSWORD value: "{{ open_archiver_postgres_password }}" volumeMounts: - name: postgresql mountPath: /var/lib/postgresql/data ports: - containerPort: 5432 volumes: - name: postgresql persistentVolumeClaim: claimName: postgresql - name: service for postgresql k8s: definition: apiVersion: v1 kind: Service metadata: name: postgresql namespace: "{{ open_archiver_namespace }}" spec: selector: app: postgresql ports: - port: 5432 name: postgresql type: ClusterIP - name: deployment for valkey k8s: definition: apiVersion: v1 kind: Deployment metadata: name: valkey namespace: "{{ open_archiver_namespace }}" spec: replicas: 1 selector: matchLabels: app: valkey template: metadata: labels: app: valkey spec: containers: - name: valkey image: valkey/valkey:8-alpine command: - valkey-server args: - "--port" - "7777" - "--requirepass" - "{{ open_archiver_redis_password }}" volumeMounts: - name: valkey mountPath: /data ports: - containerPort: 7777 volumes: - name: valkey persistentVolumeClaim: claimName: valkey - name: service for valkey k8s: definition: apiVersion: v1 kind: Service metadata: name: valkey namespace: "{{ open_archiver_namespace }}" spec: selector: app: valkey ports: - port: 7777 name: valkey type: ClusterIP - name: deployment k8s: definition: apiVersion: v1 kind: Deployment metadata: name: open-archiver namespace: "{{ open_archiver_namespace }}" spec: replicas: 1 selector: matchLabels: app: open-archiver template: metadata: labels: app: open-archiver spec: containers: - name: open-archiver image: logiclabshq/open-archiver:latest env: - name: NODE_ENV value: "{{ open_archiver_node_env }}" - name: APP_URL value: "https://open-archiver.eom.dev" - name: ORIGIN value: "https://open-archiver.eom.dev" - name: PORT_BACKEND value: "4000" - name: PORT_FRONTEND value: "3000" - name: SYNC_FREQUENCY value: "{{ open_archiver_sync_frequency }}" - name: ALL_INCLUSIVE_ARCHIVE value: "{{ open_archiver_all_inclusive_archive }}" - name: POSTGRES_DB value: "open_archiver" - name: POSTGRES_USER value: "open_archiver" - name: POSTGRES_PASSWORD value: "{{ open_archiver_postgres_password }}" - name: DATABASE_URL value: "postgresql://open_archiver:{{ open_archiver_postgres_password }}@postgresql:5432/open_archiver" - name: MEILI_MASTER_KEY value: "{{ open_archiver_meili_master_key }}" - name: MEILI_HOST value: "http://localhost:7700" - name: MEILI_INDEXING_BATCH value: "{{ open_archiver_meili_indexing_batch }}" - name: REDIS_HOST value: "valkey" - name: REDIS_PORT value: "7777" - name: REDIS_PASSWORD value: "{{ open_archiver_redis_password }}" - name: REDIS_TLS_ENABLED value: "false" - name: STORAGE_TYPE value: "local" - name: BODY_SIZE_LIMIT value: "{{ open_archiver_body_size_limit }}" - name: STORAGE_LOCAL_ROOT_PATH value: "/data" - name: ENABLE_DELETION value: "{{ open_archiver_enable_deletion }}" - name: JWT_SECRET value: "{{ open_archiver_jwt_secret }}" - name: JWT_EXPIRES_IN value: "{{ open_archiver_jwt_expires_in }}" - name: RATE_LIMIT_WINDOW_MS value: "{{ open_archiver_rate_limit_window_ms }}" - name: RATE_LIMIT_MAX_REQUESTS value: "{{ open_archiver_rate_limit_max_requests }}" - name: ENCRYPTION_KEY value: "{{ open_archiver_encryption_key }}" - name: TIKA_URL value: "http://localhost:9998" volumeMounts: - name: open-archiver mountPath: /data ports: - containerPort: 3000 - name: meilisearch image: getmeili/meilisearch:v1.15 env: - name: MEILI_MASTER_KEY value: "{{ open_archiver_meili_master_key }}" volumeMounts: - name: meili mountPath: /meili_data - name: tika image: apache/tika:3.2.2.0-full volumes: - name: meili persistentVolumeClaim: claimName: meili - name: open-archiver persistentVolumeClaim: claimName: open-archiver - name: service for open-archiver k8s: definition: apiVersion: v1 kind: Service metadata: name: open-archiver namespace: "{{ open_archiver_namespace }}" spec: selector: app: open-archiver ports: - port: 3000 name: http type: ClusterIP - name: ingress k8s: state: present definition: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: annotations: cert-manager.io/cluster-issuer: ca-issuer name: open-archiver namespace: open-archiver spec: ingressClassName: nginx rules: - host: open-archiver.eom.dev http: paths: - pathType: Prefix path: / backend: service: name: open-archiver port: number: 3000 tls: - hosts: - open-archiver.eom.dev secretName: open-archiver