# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.0
+version: 1.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Currently this chart does _not_ support:
- Hidden services
-- S3/Minio/GCS
- Single Sign-On
- Swift
- configurations using `WEB_DOMAIN`
RAILS_ENV: "production"
REDIS_HOST: {{ template "mastodon.redis.fullname" . }}-master
REDIS_PORT: "6379"
+ {{- if .Values.mastodon.s3.enabled }}
+ S3_BUCKET: {{ .Values.mastodon.s3.bucket }}
+ S3_ENABLED: "true"
+ S3_ENDPOINT: {{ .Values.mastodon.s3.endpoint }}
+ S3_HOSTNAME: {{ .Values.mastodon.s3.hostname }}
+ S3_PROTOCOL: "https"
+ {{- if .Values.mastodon.s3.region }}
+ S3_REGION: {{ .Values.mastodon.s3.region }}
+ {{- end }}
+ {{- end }}
{{- if .Values.mastodon.smtp.auth_method }}
SMTP_AUTH_METHOD: {{ .Values.mastodon.smtp.auth_method }}
{{- end }}
name: {{ include "mastodon.fullname" . }}-media-remove
spec:
restartPolicy: OnFailure
+ {{- if (not .Values.mastodon.s3.enabled) }}
# ensure we run on the same node as the other rails components; only
# required when using PVCs that are ReadWriteOnce
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ include "mastodon.fullname" . }}-media-remove
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
{{- end }}
serviceAccountName: {{ include "mastodon.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
# ensure we run on the same node as the other rails components; only
# required when using PVCs that are ReadWriteOnce
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
secretKeyRef:
name: {{ .Release.Name }}-redis
key: redis-password
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- with .Values.nodeSelector }}
serviceAccountName: {{ include "mastodon.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumes:
- name: assets
persistentVolumeClaim:
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ .Chart.Name }}
securityContext:
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
ports:
- name: http
containerPort: {{ .Values.mastodon.web.port }}
name: {{ include "mastodon.fullname" . }}-assets-precompile
spec:
restartPolicy: Never
+ {{- if (not .Values.mastodon.s3.enabled) }}
# ensure we run on the same node as the other rails components; only
# required when using PVCs that are ReadWriteOnce
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ include "mastodon.fullname" . }}-assets-precompile
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
name: {{ include "mastodon.fullname" . }}-chewy-upgrade
spec:
restartPolicy: Never
+ {{- if (not .Values.mastodon.s3.enabled) }}
# ensure we run on the same node as the other rails components; only
# required when using PVCs that are ReadWriteOnce
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ include "mastodon.fullname" . }}-chewy-setup
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
{{- end }}
name: {{ include "mastodon.fullname" . }}-create-admin
spec:
restartPolicy: Never
+ {{- if (not .Values.mastodon.s3.enabled) }}
# ensure we run on the same node as the other rails components; only
# required when using PVCs that are ReadWriteOnce
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ include "mastodon.fullname" . }}-create-admin
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
{{- end }}
name: {{ include "mastodon.fullname" . }}-db-migrate
spec:
restartPolicy: Never
+ {{- if (not .Values.mastodon.s3.enabled) }}
# ensure we run on the same node as the other rails components; only
# required when using PVCs that are ReadWriteOnce
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
+ {{- end }}
containers:
- name: {{ include "mastodon.fullname" . }}-db-migrate
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
+ {{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
+ {{- end }}
----
+{{- if (not .Values.mastodon.s3.enabled) }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
resources:
{{- toYaml .Values.mastodon.persistence.assets.resources | nindent 4}}
storageClassName: {{ .Values.mastodon.persistence.assets.storageClassName }}
+{{- end }}
----
+{{- if (not .Values.mastodon.s3.enabled) }}
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
resources:
{{- toYaml .Values.mastodon.persistence.system.resources | nindent 4}}
storageClassName: {{ .Values.mastodon.persistence.system.storageClassName }}
+{{- end }}
{{- include "mastodon.labels" . | nindent 4 }}
type: Opaque
data:
+ {{- if .Values.mastodon.s3.enabled }}
+ AWS_ACCESS_KEY_ID: "{{ .Values.mastodon.s3.access_key | b64enc }}"
+ AWS_SECRET_ACCESS_KEY: "{{ .Values.mastodon.s3.access_secret | b64enc }}"
+ {{- end }}
{{- if not (empty .Values.mastodon.secrets.secret_key_base) }}
SECRET_KEY_BASE: "{{ .Values.mastodon.secrets.secret_key_base | b64enc }}"
{{- else }}
resources:
requests:
storage: 100Gi
+ s3:
+ enabled: false
+ access_key: ""
+ access_secret: ""
+ bucket: ""
+ endpoint: https://us-east-1.linodeobjects.com
+ hostname: us-east-1.linodeobjects.com
+ region: ""
# these must be set manually; autogenerated keys are rotated on each upgrade
secrets:
secret_key_base: ""
cat aescling's git repositories / mastodon.git / commitdiff