├── .github └── workflows │ └── build-scan-push.yml ├── .gitignore ├── .hadolint.yaml ├── .kube-linter └── config.yaml ├── Dockerfile ├── LICENSE ├── README.md ├── docker-compose.yml ├── entrypoint.sh └── k8s ├── bitlbee-deployment.yaml ├── bitlbee-namespace.yaml ├── bitlbee-pvc.yaml ├── bitlbee-service.yaml ├── bitlbee-stunnel-configmap.yaml ├── bitlbee-stunnel-deployment.yaml └── bitlbee-stunnel-service.yaml /.github/workflows/build-scan-push.yml: -------------------------------------------------------------------------------- 1 | name: Build and Push Docker Image 2 | 3 | on: 4 | push: 5 | branches: 6 | - master 7 | pull_request: 8 | branches: 9 | - master 10 | 11 | jobs: 12 | build: 13 | runs-on: ubuntu-latest 14 | permissions: 15 | packages: write 16 | contents: read 17 | 18 | steps: 19 | - name: Checkout code 20 | uses: actions/checkout@v4 21 | 22 | - name: Lint Dockerfile with Hadolint 23 | uses: hadolint/hadolint-action@v3.1.0 24 | with: 25 | dockerfile: Dockerfile 26 | 27 | - name: Lint Shell Scripts with ShellCheck 28 | uses: ludeeus/action-shellcheck@master 29 | 30 | - name: Lint Kubernetes Resources with KubeLinter 31 | id: kube-lint-scan 32 | uses: stackrox/kube-linter-action@v1 33 | with: 34 | directory: k8s 35 | config: .kube-linter/config.yaml 36 | 37 | # Set up Docker Buildx for multi-architecture builds 38 | - name: Set up Docker Buildx 39 | uses: docker/setup-buildx-action@v3 40 | 41 | # Cache Docker layers for faster builds 42 | - name: Cache Docker Layers 43 | uses: actions/cache@v3 44 | with: 45 | path: /tmp/.buildx-cache 46 | key: ${{ runner.os }}-buildx-latest 47 | restore-keys: | 48 | ${{ runner.os }}-buildx- 49 | 50 | - name: Log in to Docker Hub 51 | if: github.event_name != 'pull_request' 52 | uses: docker/login-action@v2 53 | with: 54 | username: ${{ secrets.DOCKER_USERNAME }} 55 | password: ${{ secrets.DOCKER_PASSWORD }} 56 | 57 | - name: Log into registry 58 | if: github.event_name != 'pull_request' 59 | uses: docker/login-action@v2 60 | with: 61 | registry: ghcr.io 62 | username: ${{ github.actor }} 63 | password: ${{ secrets.GITHUB_TOKEN }} 64 | 65 | - name: Build and Push Docker Image 66 | uses: docker/build-push-action@v4 67 | with: 68 | context: . 69 | file: ./Dockerfile 70 | platforms: linux/amd64,linux/arm64 71 | tags: | 72 | ${{ secrets.DOCKER_USERNAME }}/docker-bitlbee:latest 73 | ghcr.io/${{ github.repository_owner }}/docker-bitlbee:latest 74 | cache-from: type=gha 75 | cache-to: type=gha,mode=max 76 | push: ${{ github.event_name != 'pull_request' }} 77 | 78 | - name: Scan Docker Image for Vulnerabilities with Trivy 79 | uses: aquasecurity/trivy-action@master 80 | with: 81 | image-ref: ${{ secrets.DOCKER_USERNAME }}/docker-bitlbee:latest 82 | format: 'table' 83 | ignore-unfixed: true 84 | vuln-type: 'os,library' 85 | severity: 'CRITICAL,HIGH' 86 | 87 | - name: Upload Trivy Report 88 | uses: actions/upload-artifact@v3 89 | with: 90 | name: trivy-scan-results 91 | path: trivy-results.json 92 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Logs 2 | *.log 3 | 4 | # Docker 5 | docker/data/ 6 | .env 7 | 8 | # Kubernetes 9 | k8s/*.secret.yaml 10 | 11 | # Build artifacts 12 | *.o 13 | *.out 14 | -------------------------------------------------------------------------------- /.hadolint.yaml: -------------------------------------------------------------------------------- 1 | failure-threshold: error 2 | -------------------------------------------------------------------------------- /.kube-linter/config.yaml: -------------------------------------------------------------------------------- 1 | checks: 2 | exclude: 3 | - "latest-tag" 4 | - "no-read-only-root-fs" 5 | - "run-as-non-root" 6 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/buildpack-deps:stable-scm AS builder 2 | 3 | LABEL org.opencontainers.image.title="BitlBee container" \ 4 | org.opencontainers.image.description="A containerized version of BitlBee with additional plugins." \ 5 | org.opencontainers.image.url="https://github.com/mbologna/docker-bitlbee" \ 6 | org.opencontainers.image.licenses="MIT" 7 | 8 | ENV BITLBEE_VERSION="3.6" SKYPE4PIDGIN_VERSION="1.7" FACEBOOK_VERSION="1.2.2" 9 | 10 | WORKDIR "/" 11 | RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends \ 12 | autoconf automake build-essential cmake g++ gettext gcc git \ 13 | gperf imagemagick libtool make libglib2.0-dev libhttp-parser-dev \ 14 | libotr5-dev libpurple-dev libgnutls28-dev libjson-glib-dev libnss3-dev \ 15 | libpng-dev libolm-dev libprotobuf-c-dev libqrencode-dev libssl-dev \ 16 | protobuf-c-compiler libgcrypt20-dev libmarkdown2-dev \ 17 | libpng-dev libpurple-dev librsvg2-bin libsqlite3-dev libwebp-dev \ 18 | libgdk-pixbuf2.0-dev libopusfile-dev \ 19 | libtool-bin netcat-traditional pkg-config sudo && \ 20 | curl -LO https://get.bitlbee.org/src/bitlbee-"$BITLBEE_VERSION".tar.gz && \ 21 | git clone https://github.com/EionRobb/purple-hangouts && \ 22 | git clone https://github.com/EionRobb/purple-discord && \ 23 | git clone https://github.com/matrix-org/purple-matrix && \ 24 | git clone https://github.com/EionRobb/purple-teams && \ 25 | git clone https://github.com/dylex/slack-libpurple && \ 26 | curl -LO https://github.com/EionRobb/skype4pidgin/archive/"$SKYPE4PIDGIN_VERSION".tar.gz && \ 27 | curl -LO https://github.com/bitlbee/bitlbee-facebook/archive/v"$FACEBOOK_VERSION".tar.gz && \ 28 | git clone https://src.alexschroeder.ch/bitlbee-mastodon.git && \ 29 | git clone https://github.com/BenWiederhake/tdlib-purple && \ 30 | rm -fr /var/lib/apt/lists/* 31 | 32 | RUN tar zxvf bitlbee-"$BITLBEE_VERSION".tar.gz 33 | WORKDIR /bitlbee-"$BITLBEE_VERSION" 34 | RUN ./configure --verbose=1 --jabber=1 --otr=1 --purple=1 --strip=1 && \ 35 | make -j"$(nproc)" && \ 36 | make install && \ 37 | make install-bin && \ 38 | make install-doc && \ 39 | make install-dev && \ 40 | make install-etc && \ 41 | make install-plugin-otr 42 | 43 | WORKDIR /purple-hangouts 44 | RUN make -j"$(nproc)" && make install 45 | WORKDIR /purple-discord 46 | RUN make -j"$(nproc)" && make install 47 | WORKDIR /purple-matrix 48 | RUN make -j"$(nproc)" && make install 49 | WORKDIR /purple-teams 50 | RUN make -j"$(nproc)" && make install 51 | WORKDIR /slack-libpurple 52 | RUN make install 53 | WORKDIR / 54 | RUN tar zxvf "$SKYPE4PIDGIN_VERSION".tar.gz 55 | WORKDIR /skype4pidgin-$SKYPE4PIDGIN_VERSION/skypeweb 56 | RUN make -j"$(nproc)" && make install 57 | WORKDIR / 58 | RUN tar zxvf v"$FACEBOOK_VERSION".tar.gz 59 | WORKDIR /bitlbee-facebook-$FACEBOOK_VERSION 60 | RUN ./autogen.sh && make -j"$(nproc)" && make install 61 | WORKDIR /bitlbee-mastodon 62 | RUN sh autogen.sh && ./configure && make -j"$(nproc)" && make install 63 | WORKDIR /tdlib-purple 64 | RUN ./build_and_install.sh 65 | 66 | WORKDIR / 67 | RUN libtool --finish /usr/local/lib/bitlbee 68 | 69 | RUN rm -fr ./bitlbee-"$BITLBEE_VERSION" && \ 70 | rm -fr ./purple* && \ 71 | rm -fr ./slack-libpurple && \ 72 | rm -fr ./skype4pidgin* && \ 73 | rm -fr ./bitlbee-facebook* && \ 74 | rm -fr ./bitlbee-mastodon* && \ 75 | rm -fr ./tdlib-purple && \ 76 | rm -fr -- *.gz && \ 77 | apt-get clean && \ 78 | rm -fr /tmp/* /var/tmp/* 79 | 80 | # FROM docker.io/debian:stable-slim 81 | 82 | # COPY --from=builder /usr/local/etc/bitlbee/ /usr/local/etc/bitlbee/ 83 | # COPY --from=builder /usr/local/lib/bitlbee/ /usr/local/lib/bitlbee/ 84 | # COPY --from=builder /usr/local/lib/pkgconfig/ /usr/local/lib/pkgconfig/ 85 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libdiscord.so /usr/lib/x86_64-linux-gnu/purple-2/libdiscord.so 86 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libhangouts.so /usr/lib/x86_64-linux-gnu/purple-2/libhangouts.so 87 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libmatrix.so /usr/lib/x86_64-linux-gnu/purple-2/libmatrix.so 88 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libskypeweb.so /usr/slib/x86_64-linux-gnu/purple-2/libskypeweb.so 89 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libslack.so /usr/lib/x86_64-linux-gnu/purple-2/libslack.so 90 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libteams-personal.so /usr/lib/x86_64-linux-gnu/purple-2/libteams-personal.so 91 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libteams.so /usr/lib/x86_64-linux-gnu/purple-2/libteams.so 92 | # COPY --from=builder /usr/lib/x86_64-linux-gnu/purple-2/libtelegram-tdlib.so /usr/lib/x86_64-linux-gnu/purple-2/libtelegram-tdlib.so 93 | # COPY --from=builder /usr/local/sbin/bitlbee /usr/local/sbin/bitlbee 94 | # COPY --from=builder /usr/local/share/bitlbee/ /usr/local/share/bitlbee/ 95 | # COPY --from=builder /usr/local/share/locale/ /usr/local/share/locale/ 96 | # COPY --from=builder /usr/local/share/man/ /usr/local/share/man/ 97 | # COPY --from=builder /usr/local/share/metainfo/ /usr/local/share/metainfo/ 98 | 99 | # RUN apt-get update && apt-get install --no-install-recommends -y \ 100 | # libpurple0 \ 101 | # libotr5 102 | 103 | RUN adduser --system --home /var/lib/bitlbee --disabled-password \ 104 | --disabled-login --shell /usr/sbin/nologin bitlbee 105 | RUN touch /var/run/bitlbee.pid && chown bitlbee:nogroup /var/run/bitlbee.pid 106 | 107 | EXPOSE 6667 108 | 109 | # Needed for VOLUME permissions 110 | COPY entrypoint.sh /entrypoint.sh 111 | RUN chmod +x entrypoint.sh 112 | 113 | # Define volumes for persistent data 114 | VOLUME ["/var/lib/bitlbee"] 115 | USER bitlbee 116 | ENTRYPOINT ["/entrypoint.sh"] 117 | 118 | CMD ["/usr/local/sbin/bitlbee", "-F", "-n", "-v", "-u", "bitlbee"] 119 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Michele Bologna 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BitlBee with additional plugins in a container 2 | 3 | ![Docker](https://img.shields.io/docker/pulls/mbologna/docker-bitlbee) 4 | ![GitHub Workflow Status](https://img.shields.io/github/actions/workflow/status/mbologna/docker-bitlbee/build-scan-push.yml?branch=master) 5 | 6 | This repository provides a Docker-based setup for running [Bitlbee](https://www.bitlbee.org/) with additional plugins for extended functionality and an optional [Stunnel](https://www.stunnel.org/) service to enable secure IRC communications over TLS. 7 | 8 | ## Features 9 | 10 | - **[Bitlbee](https://www.bitlbee.org)**: A popular gateway that connects instant messaging services with IRC. In addition to the [Bitlbee's out of the box supported protocols](https://wiki.bitlbee.org/), these are the pre-installed plugins: 11 | - Google Hangouts via [purple-hangouts](https://github.com/EionRobb/purple-hangouts) 12 | - Discord via [purple-discord](https://github.com/EionRobb/purple-discord) 13 | - Matrix via [purple-matrix](https://github.com/matrix-org/purple-matrix) 14 | - Microsoft Teams via [teams](https://github.com/EionRobb/purple-teams) 15 | - Slack via [slack-libpurple](https://github.com/dylex/slack-libpurple) 16 | - Skype via [skype4pidgin](https://github.com/EionRobb/skype4pidgin) 17 | - Facebook (MQTT) via [bitlbee-facebook](https://github.com/bitlbee/bitlbee-facebook) 18 | - Mastodon via [bitlbee-mastodon](https://alexschroeder.ch/software/Bitlbee_Mastodon) 19 | - Telegram via [tdlib-purple](https://github.com/BenWiederhake/) 20 | - **[Stunnel](https://www.stunnel.org/)**: Adds TLS encryption for secure IRC connections. 21 | - Multi-architecture support: builds for `linux/amd64` and `linux/arm64`. 22 | - Kubernetes resources included for deployment in containerized environments. 23 | - Linting and security scans integrated into CI/CD workflows. 24 | 25 | ## Quick Start 26 | 27 | ### Running Locally with Podman or Docker Compose 28 | 29 | 1. Clone this repository: 30 | ```bash 31 | git clone https://github.com/mbologna/docker-bitlbee.git 32 | cd docker-bitlbee 33 | 34 | 2. Build and run the containers: 35 | 36 | ``` 37 | podman-compose up --build 38 | ``` 39 | 40 | If you're using Docker: 41 | ``` 42 | docker-compose up --build 43 | ``` 44 | 45 | 3. Access the Bitlbee service on port 6667 and the Stunnel service on port 16697. 46 | 47 | #### Environment Variables 48 | 49 | `UID` and `GID`: Set these to match your local user for proper volume permissions. 50 | 51 | #### Persistent Data 52 | 53 | The `data/` directory is mounted as a volume to store Bitlbee configurations and data. Ensure it is backed up for persistent setups. 54 | 55 | ### Kubernetes Deployment 56 | 57 | Kubernetes manifests for deploying Bitlbee and Stunnel are located in the `k8s/` directory. 58 | 59 | 1. Apply the manifests: 60 | 61 | ``` 62 | kubectl apply -f k8s/ 63 | ``` 64 | 65 | Verify deployment: 66 | ``` 67 | kubectl get pods -n bitlbee 68 | ``` 69 | Expose the service as needed (e.g., via `NodePort` or `Ingress`). 70 | 71 | ## CI/CD Workflow 72 | 73 | This repository uses GitHub Actions for automated builds and deployments: 74 | 75 | * Build and Push: Docker images are built for amd64 and arm64 platforms and pushed to: 76 | - Docker Hub: `mbologna/docker-bitlbee:latest` 77 | - GitHub Container Registry: `ghcr.io/mbologna/docker-bitlbee:latest` 78 | 79 | * Linting: Integrated linters for Dockerfile, shell scripts, and Kubernetes resources. 80 | * Security Scans: Uses Trivy to scan Docker images for vulnerabilities. 81 | 82 | ## Local Development 83 | 84 | ### Building Multi-Arch Images Locally 85 | 86 | For multi-architecture builds with Podman: 87 | 88 | ``` 89 | podman build --platform linux/amd64,linux/arm64 -t mbologna/docker-bitlbee:latest . 90 | ``` 91 | 92 | Or with Docker: 93 | 94 | ``` 95 | docker buildx build --platform linux/amd64,linux/arm64 -t mbologna/docker-bitlbee:latest --push . 96 | ``` 97 | 98 | ## Resources 99 | 100 | [BitlBee Documentation](https://wiki.bitlbee.org/) 101 | -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3.8' 2 | 3 | services: 4 | bitlbee: 5 | build: 6 | context: . 7 | dockerfile: Dockerfile 8 | image: docker.io/mbologna/docker-bitlbee:latest 9 | container_name: bitlbee 10 | restart: unless-stopped 11 | ports: 12 | - "6667:6667" 13 | volumes: 14 | - ./data:/var/lib/bitlbee 15 | user: "${UID}:${GID}" # Needed for VOLUME permissions 16 | healthcheck: 17 | test: [ "CMD", "nc", "-z", "localhost", "6667" ] 18 | interval: 30s 19 | retries: 3 20 | logging: 21 | driver: json-file 22 | options: 23 | max-size: "10m" 24 | max-file: "3" 25 | networks: 26 | - bitlbee-net 27 | deploy: 28 | resources: 29 | limits: 30 | memory: 512m 31 | cpus: "1.0" 32 | reservations: 33 | memory: 256m 34 | 35 | stunnel: 36 | image: docker.io/dweomer/stunnel:latest 37 | container_name: bitlbee-stunnel 38 | restart: always 39 | ports: 40 | - "16697:6697" 41 | environment: 42 | - STUNNEL_SERVICE=bitlbee-stunnel 43 | - STUNNEL_ACCEPT=6697 44 | - STUNNEL_CONNECT=bitlbee:6667 45 | depends_on: 46 | - bitlbee 47 | healthcheck: 48 | test: [ "CMD", "nc", "-z", "localhost", "6697" ] 49 | interval: 30s 50 | retries: 3 51 | logging: 52 | driver: json-file 53 | options: 54 | max-size: "10m" 55 | max-file: "3" 56 | networks: 57 | - bitlbee-net 58 | deploy: 59 | resources: 60 | limits: 61 | memory: 256m 62 | cpus: "1.0" 63 | reservations: 64 | memory: 128m 65 | 66 | networks: 67 | bitlbee-net: 68 | driver: bridge 69 | -------------------------------------------------------------------------------- /entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -euxo pipefail 3 | # Debug log for ownership check 4 | echo "Current owner of /var/lib/bitlbee: $(stat -c %U /var/lib/bitlbee)" 5 | 6 | if [ "$(stat -c %U /var/lib/bitlbee)" != "bitlbee" ]; then 7 | echo "Changing ownership of /var/lib/bitlbee to bitlbee" 8 | chown -R bitlbee:nogroup /var/lib/bitlbee || echo "Failed to change ownership" 9 | else 10 | echo "Ownership is already correct" 11 | fi 12 | exec "$@" 13 | -------------------------------------------------------------------------------- /k8s/bitlbee-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: bitlbee 5 | namespace: bitlbee 6 | spec: 7 | replicas: 1 8 | selector: 9 | matchLabels: 10 | app: bitlbee 11 | template: 12 | metadata: 13 | labels: 14 | app: bitlbee 15 | spec: 16 | securityContext: 17 | fsGroup: 1001 # Needed for volume permissions 18 | containers: 19 | - name: bitlbee 20 | image: docker.io/mbologna/docker-bitlbee:latest 21 | ports: 22 | - containerPort: 6667 23 | volumeMounts: 24 | - mountPath: /var/lib/bitlbee 25 | name: bitlbee-data 26 | resources: 27 | limits: 28 | memory: "512Mi" 29 | cpu: "1" 30 | requests: 31 | memory: "256Mi" 32 | cpu: "1" 33 | livenessProbe: 34 | exec: 35 | command: 36 | - nc 37 | - -z 38 | - localhost 39 | - "6667" 40 | initialDelaySeconds: 30 41 | periodSeconds: 30 42 | readinessProbe: 43 | exec: 44 | command: 45 | - nc 46 | - -z 47 | - localhost 48 | - "6667" 49 | initialDelaySeconds: 10 50 | periodSeconds: 30 51 | volumes: 52 | - name: bitlbee-data 53 | persistentVolumeClaim: 54 | claimName: bitlbee-pvc 55 | -------------------------------------------------------------------------------- /k8s/bitlbee-namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: bitlbee 5 | -------------------------------------------------------------------------------- /k8s/bitlbee-pvc.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | name: bitlbee-pvc 5 | namespace: bitlbee 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 128Mi 12 | -------------------------------------------------------------------------------- /k8s/bitlbee-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: bitlbee 5 | namespace: bitlbee 6 | spec: 7 | ports: 8 | - protocol: TCP 9 | port: 6667 10 | targetPort: 6667 11 | selector: 12 | app: bitlbee 13 | -------------------------------------------------------------------------------- /k8s/bitlbee-stunnel-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | name: stunnel-config 5 | namespace: bitlbee 6 | data: 7 | STUNNEL_SERVICE: bitlbee-stunnel 8 | STUNNEL_ACCEPT: "6697" 9 | STUNNEL_CONNECT: bitlbee:6667 10 | -------------------------------------------------------------------------------- /k8s/bitlbee-stunnel-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: bitlbee-stunnel 5 | namespace: bitlbee 6 | spec: 7 | replicas: 1 8 | selector: 9 | matchLabels: 10 | app: bitlbee-stunnel 11 | template: 12 | metadata: 13 | labels: 14 | app: bitlbee-stunnel 15 | spec: 16 | containers: 17 | - name: stunnel 18 | image: docker.io/dweomer/stunnel:latest 19 | ports: 20 | - containerPort: 6697 21 | envFrom: 22 | - configMapRef: 23 | name: stunnel-config 24 | resources: 25 | limits: 26 | memory: "256Mi" 27 | cpu: "1" 28 | requests: 29 | memory: "128Mi" 30 | cpu: "1" 31 | livenessProbe: 32 | exec: 33 | command: 34 | - nc 35 | - -z 36 | - localhost 37 | - "6697" 38 | initialDelaySeconds: 30 39 | periodSeconds: 30 40 | readinessProbe: 41 | exec: 42 | command: 43 | - nc 44 | - -z 45 | - localhost 46 | - "6697" 47 | initialDelaySeconds: 10 48 | periodSeconds: 30 49 | -------------------------------------------------------------------------------- /k8s/bitlbee-stunnel-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | name: bitlbee-stunnel 5 | namespace: bitlbee 6 | spec: 7 | ports: 8 | - protocol: TCP 9 | port: 6697 10 | targetPort: 6697 11 | selector: 12 | app: bitlbee-stunnel 13 | --------------------------------------------------------------------------------