add everything to a config map and flesh fix default values a bit more for docker
This commit is contained in:
jessebot
@@ -19,6 +19,26 @@ A Helm chart for deploying Pixelfed on Kubernetes
|
||||
| autoscaling.maxReplicas | int | `100` | |
|
||||
| autoscaling.minReplicas | int | `1` | |
|
||||
| autoscaling.targetCPUUtilizationPercentage | int | `80` | |
|
||||
| externalDatabase.connection | string | `"psql"` | options: sqlite mysql pgsql sqlsrv |
|
||||
| externalDatabase.database | string | `"pixelfed"` | |
|
||||
| externalDatabase.existingSecret | string | `""` | get database credentials from an existing Kubernetes Secret |
|
||||
| externalDatabase.existingSecretKeys.database | string | `"pixelfed"` | key in existing Kubernetes Secret for database. If set, ignores externalDatabase.database |
|
||||
| externalDatabase.existingSecretKeys.host | string | `""` | key in existing Kubernetes Secret for host. If set, ignores externalDatabase.host |
|
||||
| externalDatabase.existingSecretKeys.password | string | `""` | key in existing Kubernetes Secret for password. If set, ignores externalDatabase.password |
|
||||
| externalDatabase.existingSecretKeys.port | string | `""` | key in existing Kubernetes Secret for port. If set, ignores externalDatabase.port |
|
||||
| externalDatabase.existingSecretKeys.username | string | `""` | key in existing Kubernetes Secret for username. If set, ignores externalDatabase.username |
|
||||
| externalDatabase.host | string | `""` | |
|
||||
| externalDatabase.password | string | `""` | |
|
||||
| externalDatabase.port | int | `3306` | |
|
||||
| externalDatabase.username | string | `""` | |
|
||||
| externalValkey.client | string | `"phpredis"` | |
|
||||
| externalValkey.existingSecret | string | `""` | get valkey credentials from an existing Kubernetes Secret |
|
||||
| externalValkey.existingSecretKeys.host | string | `""` | key in existing Kubernetes Secret for host. If set, ignores externalValkey.host |
|
||||
| externalValkey.existingSecretKeys.password | string | `""` | key in existing Kubernetes Secret for password. If set, ignores externalValkey.password |
|
||||
| externalValkey.host | string | `"valkey"` | |
|
||||
| externalValkey.password | string | `"null"` | |
|
||||
| externalValkey.port | string | `"6379"` | |
|
||||
| externalValkey.scheme | string | `"tcp"` | |
|
||||
| fullnameOverride | string | `""` | |
|
||||
| image.pullPolicy | string | `"IfNotPresent"` | This sets the pull policy for images. |
|
||||
| image.registry | string | `"ghcr.io"` | |
|
||||
@@ -37,13 +57,21 @@ A Helm chart for deploying Pixelfed on Kubernetes
|
||||
| nameOverride | string | `""` | This is to override the chart name. |
|
||||
| nodeSelector | object | `{}` | |
|
||||
| pixelfed.account_deletion | bool | `true` | Enable account deletion (may be a requirement in some jurisdictions) |
|
||||
| pixelfed.activity_pub.enabled | bool | `false` | |
|
||||
| pixelfed.activity_pub.inbox | bool | `false` | |
|
||||
| pixelfed.activity_pub.outbox | bool | `false` | |
|
||||
| pixelfed.activity_pub.remote_follow | bool | `false` | |
|
||||
| pixelfed.activity_pub.sharedinbox | bool | `false` | |
|
||||
| pixelfed.admin_domain | string | `""` | domain of admin interface |
|
||||
| pixelfed.app.domain | string | `""` | The domain of your server, without https:// |
|
||||
| pixelfed.app.env | string | `"production"` | The app environment, keep it set to "production" |
|
||||
| pixelfed.app.locale | string | `"en"` | change this to the language code of your pixelfed instance |
|
||||
| pixelfed.app.name | string | `"Pixelfed"` | The name of your server/instance |
|
||||
| pixelfed.app.url | string | `"https://localhost"` | change this to the domain of your pixelfed instance |
|
||||
| pixelfed.atom_feeds | string | `"true"` | https://docs.pixelfed.org/technical-documentation/config/#atom_feeds |
|
||||
| pixelfed.enable_config_cache | bool | `true` | Enable the config cache to allow you to manage settings via the admin dashboard |
|
||||
| pixelfed.enforce_email_verification | bool | `true` | Enforce email verification |
|
||||
| pixelfed.exp_emc | bool | `true` | Experimental Configuration |
|
||||
| pixelfed.force_https_urls | bool | `true` | Force https url generation |
|
||||
| pixelfed.image_quality | int | `80` | Set the image optimization quality, between 1-100. Lower uses less space, higher more quality |
|
||||
| pixelfed.instance.contact_email | string | `""` | The public contact email for your server |
|
||||
@@ -60,6 +88,19 @@ A Helm chart for deploying Pixelfed on Kubernetes
|
||||
| pixelfed.instance.reports.email_autospam | bool | `false` | Enable autospam reports (require INSTANCE_REPORTS_EMAIL_ENABLED) |
|
||||
| pixelfed.instance.reports.email_enabled | bool | `false` | Send a report email to the admin account for new autospam/reports |
|
||||
| pixelfed.instance.show_peers | bool | `false` | Enable the api/v1/peers API endpoint |
|
||||
| pixelfed.mail.driver | string | `"smtp"` | options: "smtp" (default), "sendmail", "mailgun", "mandrill", "ses" "sparkpost", "log", "array" |
|
||||
| pixelfed.mail.encryption | string | `"tls"` | |
|
||||
| pixelfed.mail.existingSecret | string | `""` | name of an existing Kubernetes Secret for mail credentials |
|
||||
| pixelfed.mail.existingSecretKeys.host | string | `""` | key in existing Kubernetes Secret for host. If set, ignores mail.host |
|
||||
| pixelfed.mail.existingSecretKeys.password | string | `""` | key in existing Kubernetes Secret for password. If set, ignores mail.password |
|
||||
| pixelfed.mail.existingSecretKeys.port | string | `""` | key in existing Kubernetes Secret for port. If set, ignores mail.port |
|
||||
| pixelfed.mail.existingSecretKeys.username | string | `""` | key in existing Kubernetes Secret for username. If set, ignores mail.username |
|
||||
| pixelfed.mail.from_address | string | `"pixelfed@example.com"` | |
|
||||
| pixelfed.mail.from_name | string | `"Pixelfed"` | |
|
||||
| pixelfed.mail.host | string | `"smtp.mailtrap.io"` | |
|
||||
| pixelfed.mail.password | string | `""` | |
|
||||
| pixelfed.mail.port | int | `2525` | |
|
||||
| pixelfed.mail.username | string | `""` | |
|
||||
| pixelfed.max_account_size | int | `1000000` | The max allowed account size in KB |
|
||||
| pixelfed.max_album_length | int | `6` | The max number of media per post album |
|
||||
| pixelfed.max_avatar_size | int | `2000` | The max user avatar size in KB |
|
||||
@@ -68,6 +109,7 @@ A Helm chart for deploying Pixelfed on Kubernetes
|
||||
| pixelfed.max_name_length | int | `32` | The max user display name length |
|
||||
| pixelfed.max_photo_size | int | `15000` | The max photo/video size in KB |
|
||||
| pixelfed.min_password_length | int | `16` | The min password length |
|
||||
| pixelfed.nodeinfo | string | `"true"` | https://docs.pixelfed.org/technical-documentation/config/#nodeinfo |
|
||||
| pixelfed.oauth_enabled | bool | `true` | Enable oAuth support, required for mobile/3rd party apps |
|
||||
| pixelfed.open_registration | bool | `true` | Enable open registration for new accounts |
|
||||
| pixelfed.pf.admin_invites_enabled | bool | `true` | Enable the Admin Invites feature |
|
||||
@@ -82,10 +124,28 @@ A Helm chart for deploying Pixelfed on Kubernetes
|
||||
| pixelfed.pf.max_users | int | `1000` | Limit max user registrations |
|
||||
| pixelfed.pf.optimize_images | bool | `true` | Enable image optimization |
|
||||
| pixelfed.pf.optimize_videos | bool | `true` | Enable video optimization |
|
||||
| pixelfed.s3.access_key_id | string | `""` | s3 access_key_id. ignored if s3.existingSecretKeys.access_key_id is set |
|
||||
| pixelfed.s3.bucket | string | `""` | s3 bucket |
|
||||
| pixelfed.s3.endpoint | string | `""` | s3 endpoint excluding protocol such as s3.domain.com |
|
||||
| pixelfed.s3.existingSecret | string | `""` | name of an existing Kubernetes Secret for s3 credentials |
|
||||
| pixelfed.s3.existingSecretKeys.access_key_id | string | `""` | key in existing Kubernetes Secret for access_key_id. If set, ignores s3.access_key_id |
|
||||
| pixelfed.s3.existingSecretKeys.endpoint | string | `""` | key in existing Kubernetes Secret for endpoint. If set, ignores s3.endpoint |
|
||||
| pixelfed.s3.existingSecretKeys.secret_access_key | string | `""` | key in existing Kubernetes Secret for secret_access_key. If set, ignores s3.secret_access_key |
|
||||
| pixelfed.s3.existingSecretKeys.url | string | `""` | key in existing Kubernetes Secret for url. If set, ignores s3.url |
|
||||
| pixelfed.s3.region | string | `""` | s3 region |
|
||||
| pixelfed.s3.secret_access_key | string | `""` | s3 secret_access_key. ignored if s3.existingSecretKeys.secret_access_key is set |
|
||||
| pixelfed.s3.url | string | `""` | s3 url including protocol such as https://s3.domain.com |
|
||||
| pixelfed.s3.use_path_style_endpoint | bool | `false` | use S3 path type instead of using a DNS subdomain |
|
||||
| pixelfed.session_domain | string | `""` | domain of session? |
|
||||
| pixelfed.stories_enabled | bool | `false` | Enable the Stories feature |
|
||||
| pixelfed.timezone | string | `"europe/amsterdam"` | timezone for docker container |
|
||||
| pixelfed.trusted_proxies | string | `"*"` | trusted proxies |
|
||||
| pixelfed.webfinger | string | `"true"` | https://docs.pixelfed.org/technical-documentation/config/#webfinger |
|
||||
| podAnnotations | object | `{}` | This is for setting Kubernetes Annotations to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ |
|
||||
| podLabels | object | `{}` | This is for setting Kubernetes Labels to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ |
|
||||
| podSecurityContext | object | `{}` | |
|
||||
| postgresql.enabled | bool | `false` | enable the bundled postgresql sub chart from Bitnami. Must set to true if externalDatabase.enabled=false |
|
||||
| postgresql.fullnameOverride | string | `""` | |
|
||||
| readinessProbe.httpGet.path | string | `"/"` | |
|
||||
| readinessProbe.httpGet.port | string | `"http"` | |
|
||||
| replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ |
|
||||
@@ -98,8 +158,26 @@ A Helm chart for deploying Pixelfed on Kubernetes
|
||||
| serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
|
||||
| serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template |
|
||||
| tolerations | list | `[]` | |
|
||||
| valkey.auth.enabled | bool | `true` | |
|
||||
| valkey.auth.existingSecret | string | `""` | |
|
||||
| valkey.auth.existingSecretPasswordKey | string | `"password"` | |
|
||||
| valkey.auth.metrics.enabled | bool | `false` | |
|
||||
| valkey.auth.persistentVolumeClaimRetentionPolicy.enabled | bool | `true` | |
|
||||
| valkey.auth.persistentVolumeClaimRetentionPolicy.whenDeleted | string | `"Retain"` | |
|
||||
| valkey.auth.persistentVolumeClaimRetentionPolicy.whenScaled | string | `"Retain"` | |
|
||||
| valkey.auth.primary.persistence.enabled | bool | `true` | |
|
||||
| valkey.auth.primary.persistence.existingClaim | string | `""` | |
|
||||
| valkey.auth.replica.persistence.enabled | bool | `true` | |
|
||||
| valkey.auth.replica.persistence.existingClaim | string | `""` | |
|
||||
| valkey.auth.resourcesPreset | string | `"small"` | |
|
||||
| valkey.auth.tls.authClients | bool | `true` | |
|
||||
| valkey.auth.tls.autoGenerated | bool | `false` | |
|
||||
| valkey.auth.tls.enabled | bool | `false` | |
|
||||
| valkey.enabled | bool | `false` | enable the bundled valkey sub chart from Bitnami. Must set to true if externalValkey.enabled=false |
|
||||
| valkey.fullnameOverride | string | `""` | |
|
||||
| valkey.global.storageClass | string | `""` | |
|
||||
| volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. |
|
||||
| volumes | list | `[]` | Additional volumes on the output Deployment definition. |
|
||||
|
||||
----------------------------------------------
|
||||
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
|
||||
Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
|
||||
|
||||
@@ -0,0 +1,115 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ConfigMap
|
||||
metadata:
|
||||
name: pixelfed-env
|
||||
data:
|
||||
env: |-
|
||||
# app config vars
|
||||
APP_NAME={{ .Values.pixelfed.app.name }}
|
||||
APP_ENV={{ .Values.pixelfed.app.env }}
|
||||
APP_URL={{ .Values.pixelfed.app.url }}
|
||||
APP_LOCALE={{ .Values.pixelfed.app.locale }}
|
||||
{{- with .Values.pixelfed.app.domain }}
|
||||
APP_DOMAIN={{ . }}
|
||||
{{- end }}
|
||||
|
||||
# registration related env vars
|
||||
OPEN_REGISTRATION={{ .Values.pixelfed.open_registration | quote }}
|
||||
ENFORCE_EMAIL_VERIFICATION={{ .Values.pixelfed.enforce_email_verification | quote }}
|
||||
ACCOUNT_DELETION={{ .Values.pixelfed.account_deletion | quote }}
|
||||
OAUTH_ENABLED={{ .Values.pixelfed.oauth_enabled | quote }}
|
||||
|
||||
MIN_PASSWORD_LENGTH={{ .Values.pixelfed.min_password_length | quote }}
|
||||
MAX_ACCOUNT_SIZE={{ .Values.pixelfed.max_account_size | quote }}
|
||||
MAX_PHOTO_SIZE={{ .Values.pixelfed.max_photo_size | quote }}
|
||||
MAX_AVATAR_SIZE={{ .Values.pixelfed.max_avatar_size | quote }}
|
||||
MAX_CAPTION_LENGTH={{ .Values.pixelfed.max_caption_length | quote }}
|
||||
MAX_BIO_LENGTH={{ .Values.pixelfed.max_bio_length | quote }}
|
||||
MAX_NAME_LENGTH={{ .Values.pixelfed.max_name_length | quote }}
|
||||
MAX_ALBUM_LENGTH={{ .Values.pixelfed.max_album_length | quote }}
|
||||
FORCE_HTTPS_URLS={{ .Values.pixelfed.force_https_urls | quote }}
|
||||
|
||||
# misc
|
||||
STORIES_ENABLED={{ .Values.pixelfed.stories_enabled | quote }}
|
||||
ENABLE_CONFIG_CACHE={{ .Values.pixelfed.enable_config_cache | quote }}
|
||||
IMAGE_QUALITY={{ .Values.pixelfed.image_quality | quote }}
|
||||
|
||||
# instance wide configuration
|
||||
INSTANCE_DESCRIPTION={{ .Values.pixelfed.instance.description }}
|
||||
INSTANCE_CONTACT_FORM={{ .Values.pixelfed.instance.contact_form | quote }}
|
||||
INSTANCE_DISCOVER_PUBLIC={{ .Values.pixelfed.instance.discover_public | quote }}
|
||||
INSTANCE_PUBLIC_HASHTAGS={{ .Values.pixelfed.instance.public_hashtags | quote }}
|
||||
{{- with .Values.pixelfed.instance.contact_email }}
|
||||
INSTANCE_CONTACT_EMAIL={{ .Values.pixelfed.instance.contact_email }}
|
||||
{{- end }}
|
||||
INSTANCE_PROFILE_EMBEDS={{ .Values.pixelfed.instance.profile_embeds | quote }}
|
||||
INSTANCE_POST_EMBEDS={{ .Values.pixelfed.instance.post_embeds | quote }}
|
||||
INSTANCE_REPORTS_EMAIL_ENABLED={{ .Values.pixelfed.instance.reports.email_enabled | quote }}
|
||||
{{- with .Values.pixelfed.instance.reports.email_addresses }}
|
||||
INSTANCE_REPORTS_EMAIL_ADDRESSES={{ join "," . }}
|
||||
{{- end }}
|
||||
INSTANCE_REPORTS_EMAIL_AUTOSPAM={{ .Values.pixelfed.instance.reports.email_autospam | quote }}
|
||||
INSTANCE_LANDING_SHOW_DIRECTORY={{ .Values.pixelfed.instance.landing.show_directory | quote }}
|
||||
INSTANCE_LANDING_SHOW_EXPLORE={{ .Values.pixelfed.instance.landing.show_explore | quote }}
|
||||
INSTANCE_CUR_REG={{ .Values.pixelfed.instance.cur_reg | quote }}
|
||||
INSTANCE_SHOW_PEERS={{ .Values.pixelfed.instance.show_peers | quote }}
|
||||
|
||||
# pixelfed config
|
||||
PF_HIDE_NSFW_ON_PUBLIC_FEEDS={{ .Values.pixelfed.pf.hide_nsfw_on_public_feeds | quote }}
|
||||
PF_LOCAL_AVATAR_TO_CLOUD={{ .Values.pixelfed.pf.local_avatar_to_cloud | quote }}
|
||||
PF_ADMIN_INVITES_ENABLED={{ .Values.pixelfed.pf.admin_invites_enabled | quote }}
|
||||
PF_MAX_USER_BLOCKS={{ .Values.pixelfed.pf.max_user_blocks | quote }}
|
||||
PF_MAX_USER_MUTES={{ .Values.pixelfed.pf.max_user_mutes | quote }}
|
||||
PF_MAX_DOMAIN_BLOCKS={{ .Values.pixelfed.pf.max_domain_blocks | quote }}
|
||||
PF_ENABLE_CLOUD={{ .Values.pixelfed.pf.enable_cloud | quote }}
|
||||
PF_MAX_USERS={{ .Values.pixelfed.pf.max_users | quote }}
|
||||
PF_ENFORCE_MAX_USERS={{ .Values.pixelfed.pf.enforce_max_users | quote }}
|
||||
PF_OPTIMIZE_IMAGES={{ .Values.pixelfed.pf.optimize_images | quote }}
|
||||
PF_OPTIMIZE_VIDEOS={{ .Values.pixelfed.pf.optimize_videos | quote }}
|
||||
PF_MAX_COLLECTION_LENGTH={{ .Values.pixelfed.pf.max_collection_length | quote }}
|
||||
|
||||
# Laravel Configuration
|
||||
SESSION_DRIVER="redis"
|
||||
CACHE_DRIVER="redis"
|
||||
QUEUE_DRIVER="redis"
|
||||
BROADCAST_DRIVER="log"
|
||||
LOG_CHANNEL="stack"
|
||||
HORIZON_PREFIX="horizon-"
|
||||
|
||||
# activity pub
|
||||
ACTIVITY_PUB="true"
|
||||
AP_REMOTE_FOLLOW="true"
|
||||
AP_SHAREDINBOX="true"
|
||||
AP_INBOX="true"
|
||||
AP_OUTBOX="true"
|
||||
|
||||
# redis
|
||||
{{- with .Values.externalValkey.host }}
|
||||
REDIS_HOST={{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.externalValkey.port }}
|
||||
REDIS_PORT={{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.externalValkey.password }}
|
||||
REDIS_PASSWORD={{ . }}
|
||||
{{- end }}
|
||||
|
||||
# mail
|
||||
MAIL_DRIVER="smtp"
|
||||
MAIL_HOST="smtp.mailgun.org"
|
||||
MAIL_PORT="587"
|
||||
MAIL_FROM_ADDRESS="__CHANGE_ME__"
|
||||
MAIL_FROM_NAME="${APP_NAME}"
|
||||
MAIL_USERNAME=""
|
||||
MAIL_PASSWORD=""
|
||||
MAIL_ENCRYPTION="tls"
|
||||
|
||||
# db
|
||||
DB_CONNECTION="pgsql"
|
||||
DB_HOST="db"
|
||||
DB_USERNAME="pixelfed"
|
||||
DB_PASSWORD=
|
||||
DB_DATABASE="pixelfed_prod"
|
||||
DB_PORT="3306"
|
||||
DB_APPLY_NEW_MIGRATIONS_AUTOMATICALLY="false"
|
||||
@@ -41,6 +41,7 @@ spec:
|
||||
containerPort: {{ .Values.service.port }}
|
||||
protocol: TCP
|
||||
env:
|
||||
# app data
|
||||
- name: APP_NAME
|
||||
value: {{ .Values.pixelfed.app.name }}
|
||||
- name: APP_ENV
|
||||
@@ -53,6 +54,8 @@ spec:
|
||||
- name: APP_DOMAIN
|
||||
value: {{ . }}
|
||||
{{- end }}
|
||||
|
||||
# registration related
|
||||
- name: OPEN_REGISTRATION
|
||||
value: {{ .Values.pixelfed.open_registration | quote }}
|
||||
- name: ENFORCE_EMAIL_VERIFICATION
|
||||
@@ -63,6 +66,8 @@ spec:
|
||||
value: {{ .Values.pixelfed.account_deletion | quote }}
|
||||
- name: OAUTH_ENABLED
|
||||
value: {{ .Values.pixelfed.oauth_enabled | quote }}
|
||||
|
||||
# limits
|
||||
- name: MIN_PASSWORD_LENGTH
|
||||
value: {{ .Values.pixelfed.min_password_length | quote }}
|
||||
- name: MAX_ACCOUNT_SIZE
|
||||
@@ -85,6 +90,8 @@ spec:
|
||||
value: {{ .Values.pixelfed.stories_enabled | quote }}
|
||||
- name: ENABLE_CONFIG_CACHE
|
||||
value: {{ .Values.pixelfed.enable_config_cache | quote }}
|
||||
|
||||
# instance config
|
||||
- name: INSTANCE_DESCRIPTION
|
||||
value: {{ .Values.pixelfed.instance.description }}
|
||||
- name: INSTANCE_CONTACT_FORM
|
||||
@@ -117,6 +124,8 @@ spec:
|
||||
value: {{ .Values.pixelfed.instance.cur_reg | quote }}
|
||||
- name: INSTANCE_SHOW_PEERS
|
||||
value: {{ .Values.pixelfed.instance.show_peers | quote }}
|
||||
|
||||
# public feed
|
||||
- name: PF_HIDE_NSFW_ON_PUBLIC_FEEDS
|
||||
value: {{ .Values.pixelfed.pf.hide_nsfw_on_public_feeds | quote }}
|
||||
- name: PF_LOCAL_AVATAR_TO_CLOUD
|
||||
@@ -141,6 +150,81 @@ spec:
|
||||
value: {{ .Values.pixelfed.pf.optimize_videos | quote }}
|
||||
- name: PF_MAX_COLLECTION_LENGTH
|
||||
value: {{ .Values.pixelfed.pf.max_collection_length | quote }}
|
||||
|
||||
# Laravel Configuration
|
||||
- name: SESSION_DRIVER
|
||||
value: "database"
|
||||
- name: CACHE_DRIVER
|
||||
value: "redis"
|
||||
- name: QUEUE_DRIVER
|
||||
value: "redis"
|
||||
- name: BROADCAST_DRIVER
|
||||
value: "log"
|
||||
- name: LOG_CHANNEL
|
||||
value: "stack"
|
||||
- name: HORIZON_PREFIX
|
||||
value: "horizon-"
|
||||
|
||||
# activity pub
|
||||
- name: ACTIVITY_PUB
|
||||
value: "true"
|
||||
- name: AP_REMOTE_FOLLOW
|
||||
value: "true"
|
||||
- name: AP_SHAREDINBOX
|
||||
value: "true"
|
||||
- name: AP_INBOX
|
||||
value: "true"
|
||||
- name: AP_OUTBOX
|
||||
value: "true"
|
||||
|
||||
# redis
|
||||
{{- with .Values.externalValkey.host }}
|
||||
- name: REDIS_HOST
|
||||
value: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.externalValkey.port }}
|
||||
- name: REDIS_PORT
|
||||
value: {{ . }}
|
||||
{{- end }}
|
||||
{{- with .Values.externalValkey.password }}
|
||||
- name: REDIS_PASSWORD
|
||||
value: {{ . }}
|
||||
{{- end }}
|
||||
|
||||
# mail
|
||||
- name: MAIL_DRIVER
|
||||
value: "smtp"
|
||||
- name: MAIL_HOST
|
||||
value: "smtp.mailgun.org"
|
||||
- name: MAIL_PORT
|
||||
value: "587"
|
||||
- name: MAIL_FROM_ADDRESS
|
||||
value: "__CHANGE_ME__"
|
||||
- name: MAIL_FROM_NAME
|
||||
value: "${APP_NAME}"
|
||||
- name: MAIL_USERNAME
|
||||
value: ""
|
||||
- name: MAIL_PASSWORD
|
||||
value: ""
|
||||
- name: MAIL_ENCRYPTION
|
||||
value: "tls"
|
||||
|
||||
# db
|
||||
- name: DB_CONNECTION
|
||||
value: "pgsql"
|
||||
- name: DB_HOST
|
||||
value: "db"
|
||||
- name: DB_USERNAME
|
||||
value: "pixelfed"
|
||||
- name: DB_PASSWORD
|
||||
value: ""
|
||||
- name: DB_DATABASE
|
||||
value: "pixelfed_prod"
|
||||
- name: DB_PORT
|
||||
value: "3306"
|
||||
- name: DB_APPLY_NEW_MIGRATIONS_AUTOMATICALLY
|
||||
value: "false"
|
||||
|
||||
livenessProbe:
|
||||
{{- toYaml .Values.livenessProbe | nindent 12 }}
|
||||
readinessProbe:
|
||||
|
||||
+186
-2
@@ -62,8 +62,6 @@ ingress:
|
||||
enabled: false
|
||||
className: ""
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
@@ -124,7 +122,121 @@ tolerations: []
|
||||
|
||||
affinity: {}
|
||||
|
||||
externalDatabase:
|
||||
# -- options: sqlite mysql pgsql sqlsrv
|
||||
connection: psql
|
||||
host: ""
|
||||
port: 3306
|
||||
database: pixelfed
|
||||
username: ""
|
||||
password: ""
|
||||
# options: disable, require, allow, prefer, verify-full
|
||||
# ssl_mode: ""
|
||||
# path to ssl root cert
|
||||
# ssl_root_cert:
|
||||
# path to ssl cert
|
||||
# ssl_cert: ""
|
||||
# path to ssl key
|
||||
# ssl_key: ""
|
||||
# -- get database credentials from an existing Kubernetes Secret
|
||||
existingSecret: ""
|
||||
existingSecretKeys:
|
||||
# -- key in existing Kubernetes Secret for host. If set, ignores externalDatabase.host
|
||||
host: ""
|
||||
# -- key in existing Kubernetes Secret for port. If set, ignores externalDatabase.port
|
||||
port: ""
|
||||
# -- key in existing Kubernetes Secret for database. If set, ignores externalDatabase.database
|
||||
database: pixelfed
|
||||
# -- key in existing Kubernetes Secret for username. If set, ignores externalDatabase.username
|
||||
username: ""
|
||||
# -- key in existing Kubernetes Secret for password. If set, ignores externalDatabase.password
|
||||
password: ""
|
||||
|
||||
# External Redis Configuration. Use this if you set valkey.enabled: false
|
||||
externalValkey:
|
||||
client: "phpredis"
|
||||
scheme: "tcp"
|
||||
host: "valkey"
|
||||
password: "null"
|
||||
port: "6379"
|
||||
# -- get valkey credentials from an existing Kubernetes Secret
|
||||
existingSecret: ""
|
||||
existingSecretKeys:
|
||||
# -- key in existing Kubernetes Secret for host. If set, ignores externalValkey.host
|
||||
host: ""
|
||||
# -- key in existing Kubernetes Secret for password. If set, ignores externalValkey.password
|
||||
password: ""
|
||||
|
||||
# valkey is a fork of redis with a better license
|
||||
valkey:
|
||||
# -- enable the bundled valkey sub chart from Bitnami.
|
||||
# Must set to true if externalValkey.enabled=false
|
||||
enabled: false
|
||||
fullnameOverride: ""
|
||||
global:
|
||||
storageClass: ""
|
||||
|
||||
# for auth, we get the valkey credentials from an ExternalSecret
|
||||
auth:
|
||||
enabled: true
|
||||
existingSecret: ""
|
||||
existingSecretPasswordKey: "password"
|
||||
# TLS settings
|
||||
tls:
|
||||
enabled: false
|
||||
authClients: true
|
||||
autoGenerated: false
|
||||
|
||||
# primary (control plane) configuration
|
||||
primary:
|
||||
persistence:
|
||||
enabled: true
|
||||
existingClaim: ""
|
||||
|
||||
# valkey replica configuration
|
||||
replica:
|
||||
persistence:
|
||||
enabled: true
|
||||
existingClaim: ""
|
||||
|
||||
# persistnent volume retention policy for the StatefulSet
|
||||
persistentVolumeClaimRetentionPolicy:
|
||||
enabled: true
|
||||
whenScaled: Retain
|
||||
whenDeleted: Retain
|
||||
|
||||
metrics:
|
||||
# we use a grafana exporter that logs into valkey directly
|
||||
enabled: false
|
||||
|
||||
# definitions: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15
|
||||
# Options: nano, micro, small, medium, large, xlarge, 2xlarge
|
||||
# default: nano
|
||||
resourcesPreset: "small"
|
||||
|
||||
|
||||
postgresql:
|
||||
# -- enable the bundled postgresql sub chart from Bitnami.
|
||||
# Must set to true if externalDatabase.enabled=false
|
||||
enabled: false
|
||||
fullnameOverride: ""
|
||||
|
||||
pixelfed:
|
||||
# -- timezone for docker container
|
||||
timezone: "europe/amsterdam"
|
||||
|
||||
# -- Experimental Configuration
|
||||
exp_emc: true
|
||||
|
||||
# -- domain of admin interface
|
||||
admin_domain: ""
|
||||
|
||||
# -- domain of session?
|
||||
session_domain: ""
|
||||
|
||||
# -- trusted proxies
|
||||
trusted_proxies: "*"
|
||||
|
||||
# app specific settings
|
||||
app:
|
||||
# -- The name of your server/instance
|
||||
@@ -247,3 +359,75 @@ pixelfed:
|
||||
optimize_videos: true
|
||||
# -- Max collection post limit
|
||||
max_collection_length: 100
|
||||
|
||||
# ActivityPub Configuration
|
||||
activity_pub:
|
||||
enabled: false
|
||||
remote_follow: false
|
||||
inbox: false
|
||||
outbox: false
|
||||
sharedinbox: false
|
||||
|
||||
###########################################################
|
||||
# Federation
|
||||
###########################################################
|
||||
# -- https://docs.pixelfed.org/technical-documentation/config/#atom_feeds
|
||||
atom_feeds: "true"
|
||||
|
||||
# -- https://docs.pixelfed.org/technical-documentation/config/#nodeinfo
|
||||
nodeinfo: "true"
|
||||
|
||||
# -- https://docs.pixelfed.org/technical-documentation/config/#webfinger
|
||||
webfinger: "true"
|
||||
|
||||
# Mail Configuration (Post-Installer)
|
||||
mail:
|
||||
# -- options: "smtp" (default), "sendmail", "mailgun", "mandrill", "ses"
|
||||
# "sparkpost", "log", "array"
|
||||
driver: smtp
|
||||
host: smtp.mailtrap.io
|
||||
port: 2525
|
||||
username: ""
|
||||
password: ""
|
||||
encryption: "tls"
|
||||
from_address: "pixelfed@example.com"
|
||||
from_name: "Pixelfed"
|
||||
# -- name of an existing Kubernetes Secret for mail credentials
|
||||
existingSecret: ""
|
||||
existingSecretKeys:
|
||||
# -- key in existing Kubernetes Secret for host. If set, ignores mail.host
|
||||
host: ""
|
||||
# -- key in existing Kubernetes Secret for port. If set, ignores mail.port
|
||||
port: ""
|
||||
# -- key in existing Kubernetes Secret for username. If set, ignores mail.username
|
||||
username: ""
|
||||
# -- key in existing Kubernetes Secret for password. If set, ignores mail.password
|
||||
password: ""
|
||||
|
||||
# Mail Configuration (Post-Installer)
|
||||
s3:
|
||||
# -- s3 url including protocol such as https://s3.domain.com
|
||||
url: ""
|
||||
# -- s3 endpoint excluding protocol such as s3.domain.com
|
||||
endpoint: ""
|
||||
# -- s3 bucket
|
||||
bucket: ""
|
||||
# -- s3 region
|
||||
region: ""
|
||||
# -- s3 access_key_id. ignored if s3.existingSecretKeys.access_key_id is set
|
||||
access_key_id: ""
|
||||
# -- s3 secret_access_key. ignored if s3.existingSecretKeys.secret_access_key is set
|
||||
secret_access_key: ""
|
||||
# -- use S3 path type instead of using a DNS subdomain
|
||||
use_path_style_endpoint: false
|
||||
# -- name of an existing Kubernetes Secret for s3 credentials
|
||||
existingSecret: ""
|
||||
existingSecretKeys:
|
||||
# -- key in existing Kubernetes Secret for url. If set, ignores s3.url
|
||||
url: ""
|
||||
# -- key in existing Kubernetes Secret for endpoint. If set, ignores s3.endpoint
|
||||
endpoint: ""
|
||||
# -- key in existing Kubernetes Secret for access_key_id. If set, ignores s3.access_key_id
|
||||
access_key_id: ""
|
||||
# -- key in existing Kubernetes Secret for secret_access_key. If set, ignores s3.secret_access_key
|
||||
secret_access_key: ""
|
||||
|
||||
Reference in New Issue
Block a user