penta
/
gentoo-glx-desktop


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133
							apiVersion: apps/v1
kind: Deployment
metadata:
  name: xgl
spec:
  replicas: 1
  selector:
    matchLabels:
      app: xgl
  template:
    metadata:
      labels:
        app: xgl
    spec:
      hostname: xgl
      # Uncomment the below line to disable network isolation for WebRTC connectivity, may show an error if disallowed by the cluster
#      hostNetwork: true
      containers:
      - name: xgl
        image: ghcr.io/ehfd/nvidia-glx-desktop:latest
        env:
        - name: TZ
          value: "UTC"
        - name: SIZEW
          value: "1920"
        - name: SIZEH
          value: "1080"
        - name: REFRESH
          value: "60"
        - name: DPI
          value: "96"
        - name: CDEPTH
          value: "24"
        # Change to DP-0 or any other DP-* port for larger resolution support if you are NOT using datacenter GPUs
        - name: VIDEO_PORT
          value: "DFP"
        # Choose either `value:` or `secretKeyRef:` but not both at the same time
        - name: PASSWD
          value: "mypasswd"
#          valueFrom:
#            secretKeyRef:
#              name: my-pass
#              key: my-pass
        # Uncomment this to enable noVNC, disabing selkies-gstreamer and ignoring all its parameters except `BASIC_AUTH_PASSWORD`, which will be used for authentication with noVNC, `BASIC_AUTH_PASSWORD` defaults to `PASSWD` if not provided
#        - name: NOVNC_ENABLE
#          value: "true"
        # Additional view-only password only applicable to the noVNC interface, choose either `value:` or `secretKeyRef:` but not both at the same time
#        - name: NOVNC_VIEWPASS
#          value: "mypasswd"
#          valueFrom:
#            secretKeyRef:
#              name: my-pass
#              key: my-pass
        ###
        # selkies-gstreamer parameters, for additional configurations see lines that start with "parser.add_argument" in https://github.com/selkies-project/selkies-gstreamer/blob/master/src/selkies_gstreamer/__main__.py
        ###
        # Change `WEBRTC_ENCODER` to `x264enc`, `vp8enc`, or `vp9enc` if your GPU doesn't support `H.264 (AVCHD)` under the `NVENC - Encoding` section in https://developer.nvidia.com/video-encode-and-decode-gpu-support-matrix-new
        - name: WEBRTC_ENCODER
          value: "nvh264enc"
        - name: WEBRTC_ENABLE_RESIZE
          value: "false"
        - name: ENABLE_AUDIO
          value: "true"
        - name: ENABLE_BASIC_AUTH
          value: "true"
        # Defaults to `PASSWD` if unspecified, choose either `value:` or `secretKeyRef:` but not both at the same time
#        - name: BASIC_AUTH_PASSWORD
#          value: "mypasswd"
#          valueFrom:
#            secretKeyRef:
#              name: my-pass
#              key: my-pass
        ###
        # Uncomment below to use a TURN server for improved network compatibility
        ###
#        - name: TURN_HOST
#          value: "turn.example.com"
#        - name: TURN_PORT
#          value: "3478"
        # Provide only `TURN_SHARED_SECRET` for time-limited shared secret authentication or both `TURN_USERNAME` and `TURN_PASSWORD` for legacy long-term authentication, but do not provide both authentication methods at the same time
#        - name: TURN_SHARED_SECRET
#          valueFrom:
#            secretKeyRef:
#              name: turn-shared-secret
#              key: turn-shared-secret
#        - name: TURN_USERNAME
#          value: "username"
        # Choose either `value:` or `secretKeyRef:` but not both at the same time
#        - name: TURN_PASSWORD
#          value: "mypasswd"
#          valueFrom:
#            secretKeyRef:
#              name: turn-password
#              key: turn-password
        # Change to `tcp` if the UDP protocol is throttled or blocked in your client network, or when the TURN server does not support UDP
#        - name: TURN_PROTOCOL
#          value: "udp"
        # You need a valid hostname and a certificate from authorities such as ZeroSSL (Let's Encrypt may have issues) to enable this
#        - name: TURN_TLS
#          value: "false"
        stdin: true
        tty: true
        ports:
        - name: http
          containerPort: 8080
          protocol: TCP
        resources:
          limits:
            memory: 64Gi
            cpu: "16"
            nvidia.com/gpu: 1
          requests:
            memory: 100Mi
            cpu: 100m
        volumeMounts:
        - mountPath: /dev/shm
          name: dshm
        - mountPath: /cache
          name: xgl-cache-vol
        - mountPath: /home/user
          name: xgl-root-vol
      volumes:
      - name: dshm
        emptyDir:
          medium: Memory
      - name: xgl-cache-vol
        emptyDir: {}
#        persistentVolumeClaim:
#          claimName: xgl-cache-vol
      - name: xgl-root-vol
        emptyDir: {}
#        persistentVolumeClaim:
#          claimName: xgl-root-vol