#SPDX-License-Identifier: MIT-0 --- # tasks file for ansible-role-pixelfed - name: Add Small Hack repo kubernetes.core.helm_repository: name: small-hack-pixelfed repo_url: https://small-hack.github.io/pixelfed-chart register: repo - name: Update Helm repos command: helm repo update when: repo.changed - name: Deploy Pixelfed kubernetes.core.helm: name: pixelfed chart_ref: https://gitea.eom.dev/DevOps/helm-pixelfed/releases/download/v1.0.0/helm-pixelfed-v1.0.0.tar.gz release_namespace: pixelfed create_namespace: true values: image: repository: mattlqx/docker-pixelfed tag: v0.12.7-nginx ingress: enabled: true annotations: cert-manager.io/cluster-issuer: ca-issuer className: "nginx" hosts: - host: pixelfed.eom.dev paths: - path: / pathType: ImplementationSpecific tls: - secretName: pixelfed-tls hosts: - pixelfed.eom.dev autoscaling: enabled: false minReplicas: 1 maxReplicas: 100 targetCPUUtilizationPercentage: 80 valkey: enabled: true image: repository: bitnamilegacy/valkey fullnameOverride: "valkey" global: storageClass: "r720-nfs-client" security: allowInsecureImages: true valkey: password: "{{ pixelfed_valkey_password }}" auth: enabled: true existingSecret: "" existingSecretPasswordKey: "password" postgresql: enabled: true image: repository: bitnamilegacy/postgresql fullnameOverride: "postgresql" global: storageClass: "nfs-client" security: allowInsecureImages: true volumePermissions: enabled: false phpConfigs: {} # www.conf: |- # [www] # user = www-data # group = www-data # security.limit_extensions = .php .css .js .html # pm = dynamic # pm.max_children = 350 # pm.start_servers = 100 # pm.min_spare_servers = 100 # pm.max_spare_servers = 280 persistence: enabled: true storageClassName: "nfs-client" storage: 2Ti accessModes: - ReadWriteOnce pixelfed: db: connection: pgsql apply_new_migrations_automatically: false filesystem: # -- Many applications store files both locally and in the cloud. # For this reason, you may specify a default “cloud” driver here. # This driver will be bound as the Cloud disk implementation in the container. cloud: "s3" driver: "local" covid: enable_label: false banned_usernames: "" media_delete_local_after_cloud: true timezone: "america/new_york" app: key: "{{ pixelfed_app_key }}" name: "Pixelfed" env: "production" url: "https://pixelfed.eom.dev" locale: "en" domain: "pixelfed.eom.dev" laravel: log_channel: stack log_level: "debug" open_registration: true enforce_email_verification: true min_password_length: 14 account_deletion: true oauth_enabled: true stories_enabled: true custom_emoji: false custom_emoji_max_size: 2000000 media_types: "image/jpeg,image/png,image/gif" enable_config_cache: true image_quality: 100 max_account_size: 1000000 max_photo_size: 15000 max_avatar_size: 2000 max_caption_length: 1000 max_bio_length: 256 max_name_length: 32 max_album_length: 6 force_https_urls: true exp_loops: false image_driver: "gd" instance: description: "Pixelfed on eom.dev" discover_public: true public_hashtags: true contact_form: false contact_email: "" contact_max_per_day: 1 profile_embeds: true post_embeds: true cur_reg: false show_peers: false reports: email_enabled: false email_addresses: [] email_autospam: false landing: show_directory: true show_explore: true pf: hide_nsfw_on_public_feeds: false local_avatar_to_cloud: true admin_invites_enabled: true max_user_blocks: 50 max_user_mutes: 50 max_domain_blocks: 50 enable_cloud: true max_users: 1000 enforce_max_users: 2000 optimize_images: true optimize_videos: true max_collection_length: 100 activity_pub: enabled: true remote_follow: true inbox: true outbox: true sharedinbox: true logger_enabled: true atom_feeds: "true" nodeinfo: "true" webfinger: "true" mail: driver: smtp host: postfix.eom.dev port: 587 username: "pixelfed" password: "{{ pixelfed_admin_password }}" encryption: "tls" from_address: "pixelfed@eom.dev" from_name: "Pixelfed" s3: url: "https://minio.eom.dev" endpoint: "minio.eom.dev" bucket: "pixelfed" region: "us-east-1" access_key_id: "{{ pixelfed_minio_access_key }}" secret_access_key: "{{ pixelfed_minio_secret_key }}" use_path_style_endpoint: true