From 7e39883946013c9f58f9a92599afa4da03f0c81a Mon Sep 17 00:00:00 2001 From: "Dustin C. Hatch" Date: Fri, 17 Oct 2025 09:15:35 -0500 Subject: [PATCH] rustdesk: Initial deployment Rust Desk is a remote assistance software solution. The open source edition is sufficient for what I want to do with it, namely: help Mom and Dad troubleshoot issues on their PCs. Mom is currently having trouble with the Nextcloud sync client, so I need to be able to help her with that. --- rustdesk/kustomization.yaml | 36 +++++++++++ rustdesk/namespace.yaml | 8 +++ rustdesk/network-policy.yaml | 30 +++++++++ rustdesk/rustdesk.yaml | 122 +++++++++++++++++++++++++++++++++++ 4 files changed, 196 insertions(+) create mode 100644 rustdesk/kustomization.yaml create mode 100644 rustdesk/namespace.yaml create mode 100644 rustdesk/network-policy.yaml create mode 100644 rustdesk/rustdesk.yaml diff --git a/rustdesk/kustomization.yaml b/rustdesk/kustomization.yaml new file mode 100644 index 0000000..018025e --- /dev/null +++ b/rustdesk/kustomization.yaml @@ -0,0 +1,36 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namespace: rustdesk + +labels: +- pairs: + app.kubernetes.io/instance: rustdesk + +resources: +- namespace.yaml +- rustdesk.yaml +- network-policy.yaml + +patches: +- patch: |- + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: rustdesk + spec: + storageClassName: synology-iscsi + +- patch: |- + apiVersion: v1 + kind: Service + metadata: + name: rustdesk + spec: + externalIPs: + - 172.30.0.150 + externalTrafficPolicy: Local + +images: +- name: docker.io/rustdesk/rustdesk-server + newTag: 1.1.14 diff --git a/rustdesk/namespace.yaml b/rustdesk/namespace.yaml new file mode 100644 index 0000000..6ec7dc2 --- /dev/null +++ b/rustdesk/namespace.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: rustdesk + labels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + app.kubernetes.io/part-of: rustdesk diff --git a/rustdesk/network-policy.yaml b/rustdesk/network-policy.yaml new file mode 100644 index 0000000..e2528e0 --- /dev/null +++ b/rustdesk/network-policy.yaml @@ -0,0 +1,30 @@ +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: rustdesk + labels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk +spec: + egress: + - to: + - podSelector: + matchLabels: + app.kubernetes.io/part-of: rustdesk + - to: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: kube-system + podSelector: + matchLabels: + k8s-app: kube-dns + ports: + - port: 53 + protocol: UDP + - port: 53 + protocol: TCP + podSelector: + matchLabels: + app.kubernetes.io/component: rustdesk + policyTypes: + - Egress diff --git a/rustdesk/rustdesk.yaml b/rustdesk/rustdesk.yaml new file mode 100644 index 0000000..d213fa5 --- /dev/null +++ b/rustdesk/rustdesk.yaml @@ -0,0 +1,122 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: rustdesk + labels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + app.kubernetes.io/part-of: rustdesk +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + +--- +apiVersion: v1 +kind: Service +metadata: + name: rustdesk + labels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + app.kubernetes.io/part-of: rustdesk +spec: + selector: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + ports: + - port: 21115 + name: nat-t + - port: 21116 + name: hbbs-tcp + protocol: TCP + - port: 21116 + name: hbbs-udp + protocol: UDP + - port: 21118 + name: hbbs-web + - port: 21117 + name: hbbr + - port: 21119 + name: hbbr-web + +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: rustdesk + labels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + app.kubernetes.io/part-of: rustdesk +spec: + selector: + matchLabels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + serviceName: rustdesk + template: + metadata: + labels: + app.kubernetes.io/name: rustdesk + app.kubernetes.io/component: rustdesk + app.kubernetes.io/part-of: rustdesk + spec: + containers: + - name: hbbs + image: docker.io/rustdesk/rustdesk-server + imagePullPolicy: IfNotPresent + args: + - hbbs + env: &env + - name: XDG_CONFIG_HOME + value: /etc + - name: XDG_DATA_HOME + value: /var/lib/rustdesk + workingDir: &dir /var/lib/rustdesk + ports: + - containerPort: 21115 + name: nat-t + - containerPort: 21116 + name: hbbs-tcp + protocol: TCP + - containerPort: 21116 + name: hbbs-udp + protocol: UDP + - containerPort: 21118 + name: hbbs-web + securityContext: + readOnlyRootFilesystem: true + volumeMounts: &mounts + - mountPath: /etc/rustdesk + name: rustdesk-data + subPath: config + - mountPath: /var/lib/rustdesk + name: rustdesk-data + subPath: data + - name: hbbr + image: docker.io/rustdesk/rustdesk-server + imagePullPolicy: IfNotPresent + env: *env + workingDir: *dir + args: + - hbbr + ports: + - containerPort: 21117 + name: hbbr + - containerPort: 21119 + name: hbbr-web + securityContext: + readOnlyRootFilesystem: true + volumeMounts: *mounts + securityContext: + runAsNonRoot: true + runAsUser: 21115 + runAsGroup: 21115 + fsGroup: 21115 + volumes: + - name: rustdesk-data + persistentVolumeClaim: + claimName: rustdesk