updated k8s configs to use non-root containers
This commit is contained in:
parent
deb15c161e
commit
289b212205
|
@ -7,9 +7,9 @@ type: Opaque
|
|||
stringData:
|
||||
JICOFO_AUTH_PASSWORD: 1b90bbfb8b17b3b8f610dd9e282b076c
|
||||
JVB_AUTH_PASSWORD: 21e5abd0efbb69e31facbf735d737caa
|
||||
JIGASI_XMPP_PASSWORD: 78e1d598b43d57a7ce38d5a102a48946
|
||||
JIBRI_RECORDER_PASSWORD: 3fc11181cc426d698317bceab3fe76ad
|
||||
JIBRI_XMPP_PASSWORD: 21412968cb037cd706996bcbb1c5502a
|
||||
# JIGASI_XMPP_PASSWORD: 78e1d598b43d57a7ce38d5a102a48946
|
||||
# JIBRI_RECORDER_PASSWORD: 3fc11181cc426d698317bceab3fe76ad
|
||||
# JIBRI_XMPP_PASSWORD: 21412968cb037cd706996bcbb1c5502a
|
||||
|
||||
---
|
||||
|
||||
|
@ -26,7 +26,7 @@ data:
|
|||
ETHERPAD_SKIN_VARIANTS: "super-light-toolbar super-light-editor light-background full-width-editor"
|
||||
ENABLE_AUTH: "1"
|
||||
AUTH_TYPE: internal
|
||||
XMPP_SERVER: prosody.jitsi.svc.cluster.local
|
||||
XMPP_BOSH_URL: http://prosody:5280
|
||||
XMPP_SERVER: jitsi-prosody.external-app-development.svc.cluster.local
|
||||
XMPP_BOSH_URL_BASE: http://jitsi-prosody.external-app-development.svc.cluster.local:5280
|
||||
PUBLIC_URL: jitsi.dev.srv.k8s.bevonodas.euronetrt.hu
|
||||
JVB_PORT: "10000"
|
|
@ -1,53 +1,11 @@
|
|||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: jitsi-web
|
||||
name: jitsi
|
||||
namespace: external-app-development
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Mi
|
||||
|
||||
---
|
||||
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: jitsi-prosody
|
||||
namespace: external-app-development
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Mi
|
||||
|
||||
---
|
||||
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: jitsi-jicofo
|
||||
namespace: external-app-development
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Mi
|
||||
|
||||
---
|
||||
|
||||
kind: PersistentVolumeClaim
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: jitsi-jvb
|
||||
namespace: external-app-development
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteMany
|
||||
resources:
|
||||
requests:
|
||||
storage: 10Mi
|
||||
storage: 2G
|
|
@ -1,12 +1,12 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: jitsi-web-conf
|
||||
namespace: external-app-development
|
||||
data:
|
||||
20-use-env: |-
|
||||
#!/bin/bash
|
||||
sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf
|
||||
# apiVersion: v1
|
||||
# kind: ConfigMap
|
||||
# metadata:
|
||||
# name: jitsi-web-conf
|
||||
# namespace: external-app-development
|
||||
# data:
|
||||
# 20-use-env: |-
|
||||
# #!/bin/bash
|
||||
# sed -i "s|xmpp.meet.jitsi|XMPP_SERVER|" /config/nginx/meet.conf
|
||||
|
||||
---
|
||||
|
||||
|
@ -37,34 +37,38 @@ spec:
|
|||
values:
|
||||
- arm64
|
||||
- amd64
|
||||
initContainers:
|
||||
- name: jitsi-web-conf
|
||||
image: busybox
|
||||
args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"]
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: jitsi-web
|
||||
- mountPath: /20-use-env
|
||||
name: jitsi-web-conf
|
||||
subPath: 20-use-env
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: jitsi-env
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
# initContainers:
|
||||
# - name: jitsi-web-conf
|
||||
# image: busybox
|
||||
# args: ["sh", "-c", "cat /20-use-env | sed \"s/XMPP_SERVER/$XMPP_SERVER/\" > /config/20-use-env && chmod +x /config/20-use-env"]
|
||||
# volumeMounts:
|
||||
# - mountPath: /config
|
||||
# name: jitsi
|
||||
# subPath: web
|
||||
# - mountPath: /20-use-env
|
||||
# name: jitsi-web-conf
|
||||
# subPath: 20-use-env
|
||||
# envFrom:
|
||||
# - configMapRef:
|
||||
# name: jitsi-env
|
||||
# securityContext:
|
||||
# runAsUser: 1000
|
||||
# runAsGroup: 1000
|
||||
# allowPrivilegeEscalation: false
|
||||
# capabilities:
|
||||
# drop:
|
||||
# - ALL
|
||||
# runAsNonRoot: true
|
||||
# seccompProfile:
|
||||
# type: RuntimeDefault
|
||||
containers:
|
||||
- name: jitsi-web
|
||||
image: jitsi/web:stable-9457-2
|
||||
image: dowerx/jitsi-web:non-root
|
||||
imagePullPolicy: Always
|
||||
ports:
|
||||
- containerPort: 80
|
||||
- containerPort: 8000
|
||||
protocol: TCP
|
||||
- containerPort: 443
|
||||
- containerPort: 8443
|
||||
protocol: TCP
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
|
@ -80,34 +84,37 @@ spec:
|
|||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JIGASI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIGASI_XMPP_PASSWORD
|
||||
- name: JIBRI_RECORDER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_RECORDER_PASSWORD
|
||||
- name: JIBRI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_XMPP_PASSWORD
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: jitsi-web
|
||||
- mountPath: /var/spool/cron/crontabs
|
||||
name: jitsi-web
|
||||
subPath: crontabs
|
||||
- mountPath: /usr/share/jitsi-meet/transcripts
|
||||
name: jitsi-web
|
||||
subPath: transcripts
|
||||
- mountPath: /etc/cont-init.d/20-use-env
|
||||
name: jitsi-web
|
||||
subPath: 20-use-env
|
||||
# - name: JIGASI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIGASI_XMPP_PASSWORD
|
||||
# - name: JIBRI_RECORDER_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_RECORDER_PASSWORD
|
||||
# - name: JIBRI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_XMPP_PASSWORD
|
||||
# volumeMounts:
|
||||
# - mountPath: /config
|
||||
# name: jitsi
|
||||
# subPath: web
|
||||
# - mountPath: /var/spool/cron/crontabs
|
||||
# name: jitsi
|
||||
# subPath: web/crontabs
|
||||
# - mountPath: /usr/share/jitsi-meet/transcripts
|
||||
# name: jitsi
|
||||
# subPath: web/transcripts
|
||||
# - mountPath: /etc/cont-init.d/20-use-env
|
||||
# name: jitsi
|
||||
# subPath: web/20-use-env
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
|
@ -132,16 +139,16 @@ spec:
|
|||
# port: 80
|
||||
# initialDelaySeconds: 15
|
||||
# periodSeconds: 10
|
||||
volumes:
|
||||
- name: jitsi-web
|
||||
persistentVolumeClaim:
|
||||
claimName: jitsi-web
|
||||
- name: jitsi-web-conf
|
||||
configMap:
|
||||
name: jitsi-web-conf
|
||||
items:
|
||||
- key: 20-use-env
|
||||
path: 20-use-env
|
||||
# volumes:
|
||||
# - name: jitsi
|
||||
# persistentVolumeClaim:
|
||||
# claimName: jitsi
|
||||
# - name: jitsi-web-conf
|
||||
# configMap:
|
||||
# name: jitsi-web-conf
|
||||
# items:
|
||||
# - key: 20-use-env
|
||||
# path: 20-use-env
|
||||
---
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
|
@ -172,7 +179,7 @@ spec:
|
|||
- amd64
|
||||
containers:
|
||||
- name: jitsi-prosody
|
||||
image: jitsi/prosody:stable-9457-2
|
||||
image: dowerx/prosody:non-root
|
||||
ports:
|
||||
- containerPort: 5222
|
||||
protocol: TCP
|
||||
|
@ -196,22 +203,24 @@ spec:
|
|||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JIGASI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIGASI_XMPP_PASSWORD
|
||||
- name: JIBRI_RECORDER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_RECORDER_PASSWORD
|
||||
- name: JIBRI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_XMPP_PASSWORD
|
||||
# - name: JIGASI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIGASI_XMPP_PASSWORD
|
||||
# - name: JIBRI_RECORDER_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_RECORDER_PASSWORD
|
||||
# - name: JIBRI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_XMPP_PASSWORD
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
|
@ -221,10 +230,11 @@ spec:
|
|||
type: RuntimeDefault
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: jitsi-prosody
|
||||
name: jitsi
|
||||
subPath: prosody
|
||||
- mountPath: /prosody-plugins-custom
|
||||
name: jitsi-prosody
|
||||
subPath: prosody-plugins-custom
|
||||
name: jitsi
|
||||
subPath: prosody/prosody-plugins-custom
|
||||
resources:
|
||||
limits:
|
||||
cpu: "500m"
|
||||
|
@ -242,10 +252,12 @@ spec:
|
|||
# port: 5280
|
||||
# initialDelaySeconds: 15
|
||||
# periodSeconds: 10
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
volumes:
|
||||
- name: jitsi-prosody
|
||||
- name: jitsi
|
||||
persistentVolumeClaim:
|
||||
claimName: jitsi-prosody
|
||||
claimName: jitsi
|
||||
---
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
|
@ -276,7 +288,7 @@ spec:
|
|||
- amd64
|
||||
containers:
|
||||
- name: jitsi-jicofo
|
||||
image: jitsi/jicofo:stable-9457-2
|
||||
image: dowerx/jicofo:non-root
|
||||
ports:
|
||||
- containerPort: 8888
|
||||
protocol: TCP
|
||||
|
@ -294,22 +306,24 @@ spec:
|
|||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JIGASI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIGASI_XMPP_PASSWORD
|
||||
- name: JIBRI_RECORDER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_RECORDER_PASSWORD
|
||||
- name: JIBRI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_XMPP_PASSWORD
|
||||
# - name: JIGASI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIGASI_XMPP_PASSWORD
|
||||
# - name: JIBRI_RECORDER_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_RECORDER_PASSWORD
|
||||
# - name: JIBRI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_XMPP_PASSWORD
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
|
@ -317,9 +331,10 @@ spec:
|
|||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: jitsi-jicofo
|
||||
# volumeMounts:
|
||||
# - mountPath: /config
|
||||
# name: jitsi
|
||||
# subPath: jicofo
|
||||
resources:
|
||||
limits:
|
||||
cpu: "500m"
|
||||
|
@ -337,10 +352,10 @@ spec:
|
|||
# port: 8888
|
||||
# initialDelaySeconds: 15
|
||||
# periodSeconds: 10
|
||||
volumes:
|
||||
- name: jitsi-jicofo
|
||||
persistentVolumeClaim:
|
||||
claimName: jitsi-jicofo
|
||||
# volumes:
|
||||
# - name: jitsi
|
||||
# persistentVolumeClaim:
|
||||
# claimName: jitsi
|
||||
---
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
|
@ -371,7 +386,7 @@ spec:
|
|||
- amd64
|
||||
containers:
|
||||
- name: jitsi-jvb
|
||||
image: jitsi/jvb:stable-9457-2
|
||||
image: dowerx/jvb:non-root
|
||||
ports:
|
||||
- containerPort: 10000
|
||||
protocol: UDP
|
||||
|
@ -391,22 +406,24 @@ spec:
|
|||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JIGASI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIGASI_XMPP_PASSWORD
|
||||
- name: JIBRI_RECORDER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_RECORDER_PASSWORD
|
||||
- name: JIBRI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_XMPP_PASSWORD
|
||||
# - name: JIGASI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIGASI_XMPP_PASSWORD
|
||||
# - name: JIBRI_RECORDER_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_RECORDER_PASSWORD
|
||||
# - name: JIBRI_XMPP_PASSWORD
|
||||
# valueFrom:
|
||||
# secretKeyRef:
|
||||
# name: jitsi-passwords
|
||||
# key: JIBRI_XMPP_PASSWORD
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
|
@ -414,9 +431,10 @@ spec:
|
|||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: jitsi-jvb
|
||||
# volumeMounts:
|
||||
# - mountPath: /config
|
||||
# subPath: jvb
|
||||
# name: jitsi
|
||||
resources:
|
||||
limits:
|
||||
cpu: "500m"
|
||||
|
@ -434,7 +452,7 @@ spec:
|
|||
# port: 8080
|
||||
# initialDelaySeconds: 15
|
||||
# periodSeconds: 10
|
||||
volumes:
|
||||
- name: jitsi-jvb
|
||||
persistentVolumeClaim:
|
||||
claimName: jitsi-jvb
|
||||
# volumes:
|
||||
# - name: jitsi
|
||||
# persistentVolumeClaim:
|
||||
# claimName: jitsi
|
|
@ -5,12 +5,12 @@ metadata:
|
|||
namespace: external-app-development
|
||||
spec:
|
||||
ports:
|
||||
- port: 80
|
||||
targetPort: 80
|
||||
- port: 8000
|
||||
targetPort: 8000
|
||||
name: http
|
||||
protocol: TCP
|
||||
- port: 443
|
||||
targetPort: 443
|
||||
- port: 8443
|
||||
targetPort: 8443
|
||||
name: https
|
||||
protocol: TCP
|
||||
selector:
|
||||
|
@ -60,7 +60,7 @@ spec:
|
|||
selector:
|
||||
app: jitsi-jvb
|
||||
|
||||
---
|
||||
# ---
|
||||
|
||||
# apiVersion: traefik.io/v1alpha1
|
||||
# kind: IngressRouteUDP
|
||||
|
@ -146,4 +146,4 @@ spec:
|
|||
service:
|
||||
name: jitsi-web
|
||||
port:
|
||||
number: 80
|
||||
number: 8000
|
|
@ -1,7 +1,7 @@
|
|||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: users
|
||||
name: jitsi-users
|
||||
data:
|
||||
users: |-
|
||||
user1 asdqwe
|
||||
|
@ -50,61 +50,71 @@ spec:
|
|||
- amd64
|
||||
containers:
|
||||
- name: add-users
|
||||
image: jitsi/prosody:stable-9457-2
|
||||
image: dowerx/prosody:non-root
|
||||
command: ["/bin/bash", "-c"]
|
||||
args: ["bash /clear.sh && bash /add.sh"]
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: env
|
||||
name: jitsi-env
|
||||
env:
|
||||
- name: JICOFO_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: passwords
|
||||
name: jitsi-passwords
|
||||
key: JICOFO_AUTH_PASSWORD
|
||||
- name: JVB_AUTH_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: passwords
|
||||
name: jitsi-passwords
|
||||
key: JVB_AUTH_PASSWORD
|
||||
- name: JIGASI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: passwords
|
||||
name: jitsi-passwords
|
||||
key: JIGASI_XMPP_PASSWORD
|
||||
- name: JIBRI_RECORDER_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: passwords
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_RECORDER_PASSWORD
|
||||
- name: JIBRI_XMPP_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: passwords
|
||||
name: jitsi-passwords
|
||||
key: JIBRI_XMPP_PASSWORD
|
||||
securityContext:
|
||||
runAsUser: 1000
|
||||
runAsGroup: 1000
|
||||
allowPrivilegeEscalation: false
|
||||
capabilities:
|
||||
drop:
|
||||
- ALL
|
||||
runAsNonRoot: true
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
volumeMounts:
|
||||
- mountPath: /config
|
||||
name: prosody
|
||||
- mountPath: /prosody-plugins-custom
|
||||
name: prosody
|
||||
subPath: prosody-plugins-custom
|
||||
name: jitsi
|
||||
subPath: prosody
|
||||
- mountPath: /users
|
||||
name: users
|
||||
name: jitsi-users
|
||||
subPath: users
|
||||
- mountPath: /clear.sh
|
||||
name: users
|
||||
name: jitsi-users
|
||||
subPath: clear.sh
|
||||
- mountPath: /add.sh
|
||||
name: users
|
||||
name: jitsi-users
|
||||
subPath: add.sh
|
||||
restartPolicy: OnFailure
|
||||
securityContext:
|
||||
fsGroup: 1000
|
||||
volumes:
|
||||
- name: prosody
|
||||
- name: jitsi
|
||||
persistentVolumeClaim:
|
||||
claimName: prosody
|
||||
- name: users
|
||||
claimName: jitsi
|
||||
- name: jitsi-users
|
||||
configMap:
|
||||
name: users
|
||||
name: jitsi-users
|
||||
items:
|
||||
- key: users
|
||||
path: users
|
||||
|
|
Loading…
Reference in New Issue