2020-06-29 12:58:48 +01:00
|
|
|
replicaCount: 1
|
|
|
|
|
|
|
|
image:
|
|
|
|
repository: tootsuite/mastodon
|
|
|
|
# https://hub.docker.com/r/tootsuite/mastodon/tags
|
2021-02-15 07:00:54 +00:00
|
|
|
#
|
2020-06-29 12:58:48 +01:00
|
|
|
# alternatively, use `latest` for the latest release or `edge` for the image
|
|
|
|
# built from the most recent commit
|
|
|
|
#
|
|
|
|
# tag: latest
|
2021-11-27 02:06:39 +00:00
|
|
|
tag: v3.4.4
|
2021-02-15 07:00:54 +00:00
|
|
|
# use `Always` when using `latest` tag
|
|
|
|
pullPolicy: IfNotPresent
|
|
|
|
|
|
|
|
mastodon:
|
|
|
|
# create an initial administrator user; the password is autogenerated and will
|
|
|
|
# have to be reset
|
|
|
|
createAdmin:
|
|
|
|
enabled: false
|
|
|
|
username: not_gargron
|
|
|
|
email: not@example.com
|
|
|
|
cron:
|
|
|
|
# run `tootctl media remove` every week
|
|
|
|
removeMedia:
|
|
|
|
enabled: true
|
|
|
|
schedule: "0 0 * * 0"
|
|
|
|
# available locales: https://github.com/tootsuite/mastodon/blob/master/config/application.rb#L43
|
|
|
|
locale: en
|
|
|
|
local_domain: mastodon.local
|
|
|
|
persistence:
|
|
|
|
assets:
|
|
|
|
# ReadWriteOnce is more widely supported than ReadWriteMany, but limits
|
|
|
|
# scalability, since it requires the Rails and Sidekiq pods to run on the
|
|
|
|
# same node.
|
|
|
|
accessMode: ReadWriteOnce
|
|
|
|
resources:
|
|
|
|
requests:
|
|
|
|
storage: 10Gi
|
|
|
|
system:
|
|
|
|
accessMode: ReadWriteOnce
|
|
|
|
resources:
|
|
|
|
requests:
|
|
|
|
storage: 100Gi
|
2021-02-19 08:52:32 +00:00
|
|
|
s3:
|
|
|
|
enabled: false
|
|
|
|
access_key: ""
|
|
|
|
access_secret: ""
|
|
|
|
bucket: ""
|
|
|
|
endpoint: https://us-east-1.linodeobjects.com
|
|
|
|
hostname: us-east-1.linodeobjects.com
|
|
|
|
region: ""
|
2021-02-15 07:00:54 +00:00
|
|
|
# these must be set manually; autogenerated keys are rotated on each upgrade
|
|
|
|
secrets:
|
|
|
|
secret_key_base: ""
|
|
|
|
otp_secret: ""
|
|
|
|
vapid:
|
|
|
|
private_key: ""
|
|
|
|
public_key: ""
|
|
|
|
sidekiq:
|
|
|
|
concurrency: 25
|
|
|
|
smtp:
|
|
|
|
auth_method: plain
|
2021-09-20 01:23:44 +01:00
|
|
|
ca_file: /etc/ssl/certs/ca-certificates.crt
|
2021-02-15 07:00:54 +00:00
|
|
|
delivery_method: smtp
|
|
|
|
domain:
|
|
|
|
enable_starttls_auto: true
|
|
|
|
from_address: notifications@example.com
|
|
|
|
login:
|
|
|
|
openssl_verify_mode: peer
|
|
|
|
password:
|
|
|
|
port: 587
|
|
|
|
reply_to:
|
|
|
|
server: smtp.mailgun.org
|
|
|
|
tls: false
|
|
|
|
streaming:
|
|
|
|
port: 4000
|
|
|
|
# this should be set manually since os.cpus() returns the number of CPUs on
|
|
|
|
# the node running the pod, which is unrelated to the resources allocated to
|
|
|
|
# the pod by k8s
|
|
|
|
workers: 1
|
|
|
|
web:
|
|
|
|
port: 3000
|
2020-06-29 12:58:48 +01:00
|
|
|
|
|
|
|
ingress:
|
2021-02-15 07:00:54 +00:00
|
|
|
enabled: true
|
2020-06-29 12:58:48 +01:00
|
|
|
annotations:
|
|
|
|
kubernetes.io/ingress.class: nginx
|
|
|
|
kubernetes.io/tls-acme: "true"
|
|
|
|
# cert-manager.io/cluster-issuer: "letsencrypt"
|
2020-07-18 18:30:46 +01:00
|
|
|
#
|
|
|
|
# ensure that NGINX's upload size matches Mastodon's
|
|
|
|
# for the K8s ingress controller:
|
|
|
|
# nginx.ingress.kubernetes.io/proxy-body-size: 40m
|
|
|
|
# for the NGINX ingress controller:
|
|
|
|
# nginx.org/client-max-body-size: 40m
|
2021-02-15 07:00:54 +00:00
|
|
|
hosts:
|
|
|
|
- host: mastodon.local
|
|
|
|
paths:
|
|
|
|
- path: '/'
|
2020-06-29 12:58:48 +01:00
|
|
|
tls:
|
|
|
|
- secretName: mastodon-tls
|
|
|
|
hosts:
|
|
|
|
- mastodon.local
|
|
|
|
|
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/elasticsearch#parameters
|
|
|
|
elasticsearch:
|
|
|
|
# `false` will disable full-text search
|
|
|
|
#
|
|
|
|
# if you enable ES after the initial install, you will need to manually run
|
|
|
|
# RAILS_ENV=production bundle exec rake chewy:sync
|
|
|
|
# (https://docs.joinmastodon.org/admin/optional/elasticsearch/)
|
|
|
|
enabled: true
|
|
|
|
image:
|
2022-01-09 02:21:19 +00:00
|
|
|
tag: 7
|
2020-06-29 12:58:48 +01:00
|
|
|
|
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql#parameters
|
|
|
|
postgresql:
|
2021-02-14 19:16:32 +00:00
|
|
|
# disable if you want to use an existing db; in which case the values below
|
|
|
|
# must match those of that external postgres instance
|
|
|
|
enabled: true
|
|
|
|
# postgresqlHostname: preexisting-postgresql
|
2020-06-29 12:58:48 +01:00
|
|
|
postgresqlDatabase: mastodon_production
|
|
|
|
# you must set a password; the password generated by the postgresql chart will
|
|
|
|
# be rotated on each upgrade:
|
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrade
|
|
|
|
postgresqlPassword: ""
|
|
|
|
postgresqlUsername: postgres
|
|
|
|
|
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/redis#parameters
|
|
|
|
redis:
|
|
|
|
# you must set a password; the password generated by the redis chart will be
|
|
|
|
# rotated on each upgrade:
|
|
|
|
password: ""
|
|
|
|
|
|
|
|
service:
|
|
|
|
type: ClusterIP
|
|
|
|
port: 80
|
|
|
|
|
|
|
|
# https://github.com/tootsuite/mastodon/blob/master/Dockerfile#L88
|
|
|
|
#
|
|
|
|
# if you manually change the UID/GID environment variables, ensure these values
|
|
|
|
# match:
|
|
|
|
podSecurityContext:
|
|
|
|
runAsUser: 991
|
|
|
|
runAsGroup: 991
|
|
|
|
fsGroup: 991
|
|
|
|
|
|
|
|
securityContext: {}
|
|
|
|
|
|
|
|
serviceAccount:
|
|
|
|
# Specifies whether a service account should be created
|
|
|
|
create: true
|
|
|
|
# Annotations to add to the service account
|
|
|
|
annotations: {}
|
|
|
|
# The name of the service account to use.
|
|
|
|
# If not set and create is true, a name is generated using the fullname template
|
|
|
|
name: ""
|
|
|
|
|
|
|
|
podAnnotations: {}
|
|
|
|
|
|
|
|
resources: {}
|
|
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
|
|
# limits:
|
|
|
|
# cpu: 100m
|
|
|
|
# memory: 128Mi
|
|
|
|
# requests:
|
|
|
|
# cpu: 100m
|
|
|
|
# memory: 128Mi
|
|
|
|
|
|
|
|
autoscaling:
|
|
|
|
enabled: false
|
|
|
|
minReplicas: 1
|
|
|
|
maxReplicas: 100
|
|
|
|
targetCPUUtilizationPercentage: 80
|
|
|
|
# targetMemoryUtilizationPercentage: 80
|
|
|
|
|
|
|
|
nodeSelector: {}
|
|
|
|
|
|
|
|
tolerations: []
|
|
|
|
|
|
|
|
affinity: {}
|