diff --git a/charts/pixelfed/README.md b/charts/pixelfed/README.md index 1d77769..8440beb 100644 --- a/charts/pixelfed/README.md +++ b/charts/pixelfed/README.md @@ -19,6 +19,26 @@ A Helm chart for deploying Pixelfed on Kubernetes | autoscaling.maxReplicas | int | `100` | | | autoscaling.minReplicas | int | `1` | | | autoscaling.targetCPUUtilizationPercentage | int | `80` | | +| externalDatabase.connection | string | `"psql"` | options: sqlite mysql pgsql sqlsrv | +| externalDatabase.database | string | `"pixelfed"` | | +| externalDatabase.existingSecret | string | `""` | get database credentials from an existing Kubernetes Secret | +| externalDatabase.existingSecretKeys.database | string | `"pixelfed"` | key in existing Kubernetes Secret for database. If set, ignores externalDatabase.database | +| externalDatabase.existingSecretKeys.host | string | `""` | key in existing Kubernetes Secret for host. If set, ignores externalDatabase.host | +| externalDatabase.existingSecretKeys.password | string | `""` | key in existing Kubernetes Secret for password. If set, ignores externalDatabase.password | +| externalDatabase.existingSecretKeys.port | string | `""` | key in existing Kubernetes Secret for port. If set, ignores externalDatabase.port | +| externalDatabase.existingSecretKeys.username | string | `""` | key in existing Kubernetes Secret for username. If set, ignores externalDatabase.username | +| externalDatabase.host | string | `""` | | +| externalDatabase.password | string | `""` | | +| externalDatabase.port | int | `3306` | | +| externalDatabase.username | string | `""` | | +| externalValkey.client | string | `"phpredis"` | | +| externalValkey.existingSecret | string | `""` | get valkey credentials from an existing Kubernetes Secret | +| externalValkey.existingSecretKeys.host | string | `""` | key in existing Kubernetes Secret for host. If set, ignores externalValkey.host | +| externalValkey.existingSecretKeys.password | string | `""` | key in existing Kubernetes Secret for password. If set, ignores externalValkey.password | +| externalValkey.host | string | `"valkey"` | | +| externalValkey.password | string | `"null"` | | +| externalValkey.port | string | `"6379"` | | +| externalValkey.scheme | string | `"tcp"` | | | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | This sets the pull policy for images. | | image.registry | string | `"ghcr.io"` | | @@ -37,13 +57,21 @@ A Helm chart for deploying Pixelfed on Kubernetes | nameOverride | string | `""` | This is to override the chart name. | | nodeSelector | object | `{}` | | | pixelfed.account_deletion | bool | `true` | Enable account deletion (may be a requirement in some jurisdictions) | +| pixelfed.activity_pub.enabled | bool | `false` | | +| pixelfed.activity_pub.inbox | bool | `false` | | +| pixelfed.activity_pub.outbox | bool | `false` | | +| pixelfed.activity_pub.remote_follow | bool | `false` | | +| pixelfed.activity_pub.sharedinbox | bool | `false` | | +| pixelfed.admin_domain | string | `""` | domain of admin interface | | pixelfed.app.domain | string | `""` | The domain of your server, without https:// | | pixelfed.app.env | string | `"production"` | The app environment, keep it set to "production" | | pixelfed.app.locale | string | `"en"` | change this to the language code of your pixelfed instance | | pixelfed.app.name | string | `"Pixelfed"` | The name of your server/instance | | pixelfed.app.url | string | `"https://localhost"` | change this to the domain of your pixelfed instance | +| pixelfed.atom_feeds | string | `"true"` | https://docs.pixelfed.org/technical-documentation/config/#atom_feeds | | pixelfed.enable_config_cache | bool | `true` | Enable the config cache to allow you to manage settings via the admin dashboard | | pixelfed.enforce_email_verification | bool | `true` | Enforce email verification | +| pixelfed.exp_emc | bool | `true` | Experimental Configuration | | pixelfed.force_https_urls | bool | `true` | Force https url generation | | pixelfed.image_quality | int | `80` | Set the image optimization quality, between 1-100. Lower uses less space, higher more quality | | pixelfed.instance.contact_email | string | `""` | The public contact email for your server | @@ -60,6 +88,19 @@ A Helm chart for deploying Pixelfed on Kubernetes | pixelfed.instance.reports.email_autospam | bool | `false` | Enable autospam reports (require INSTANCE_REPORTS_EMAIL_ENABLED) | | pixelfed.instance.reports.email_enabled | bool | `false` | Send a report email to the admin account for new autospam/reports | | pixelfed.instance.show_peers | bool | `false` | Enable the api/v1/peers API endpoint | +| pixelfed.mail.driver | string | `"smtp"` | options: "smtp" (default), "sendmail", "mailgun", "mandrill", "ses" "sparkpost", "log", "array" | +| pixelfed.mail.encryption | string | `"tls"` | | +| pixelfed.mail.existingSecret | string | `""` | name of an existing Kubernetes Secret for mail credentials | +| pixelfed.mail.existingSecretKeys.host | string | `""` | key in existing Kubernetes Secret for host. If set, ignores mail.host | +| pixelfed.mail.existingSecretKeys.password | string | `""` | key in existing Kubernetes Secret for password. If set, ignores mail.password | +| pixelfed.mail.existingSecretKeys.port | string | `""` | key in existing Kubernetes Secret for port. If set, ignores mail.port | +| pixelfed.mail.existingSecretKeys.username | string | `""` | key in existing Kubernetes Secret for username. If set, ignores mail.username | +| pixelfed.mail.from_address | string | `"pixelfed@example.com"` | | +| pixelfed.mail.from_name | string | `"Pixelfed"` | | +| pixelfed.mail.host | string | `"smtp.mailtrap.io"` | | +| pixelfed.mail.password | string | `""` | | +| pixelfed.mail.port | int | `2525` | | +| pixelfed.mail.username | string | `""` | | | pixelfed.max_account_size | int | `1000000` | The max allowed account size in KB | | pixelfed.max_album_length | int | `6` | The max number of media per post album | | pixelfed.max_avatar_size | int | `2000` | The max user avatar size in KB | @@ -68,6 +109,7 @@ A Helm chart for deploying Pixelfed on Kubernetes | pixelfed.max_name_length | int | `32` | The max user display name length | | pixelfed.max_photo_size | int | `15000` | The max photo/video size in KB | | pixelfed.min_password_length | int | `16` | The min password length | +| pixelfed.nodeinfo | string | `"true"` | https://docs.pixelfed.org/technical-documentation/config/#nodeinfo | | pixelfed.oauth_enabled | bool | `true` | Enable oAuth support, required for mobile/3rd party apps | | pixelfed.open_registration | bool | `true` | Enable open registration for new accounts | | pixelfed.pf.admin_invites_enabled | bool | `true` | Enable the Admin Invites feature | @@ -82,10 +124,28 @@ A Helm chart for deploying Pixelfed on Kubernetes | pixelfed.pf.max_users | int | `1000` | Limit max user registrations | | pixelfed.pf.optimize_images | bool | `true` | Enable image optimization | | pixelfed.pf.optimize_videos | bool | `true` | Enable video optimization | +| pixelfed.s3.access_key_id | string | `""` | s3 access_key_id. ignored if s3.existingSecretKeys.access_key_id is set | +| pixelfed.s3.bucket | string | `""` | s3 bucket | +| pixelfed.s3.endpoint | string | `""` | s3 endpoint excluding protocol such as s3.domain.com | +| pixelfed.s3.existingSecret | string | `""` | name of an existing Kubernetes Secret for s3 credentials | +| pixelfed.s3.existingSecretKeys.access_key_id | string | `""` | key in existing Kubernetes Secret for access_key_id. If set, ignores s3.access_key_id | +| pixelfed.s3.existingSecretKeys.endpoint | string | `""` | key in existing Kubernetes Secret for endpoint. If set, ignores s3.endpoint | +| pixelfed.s3.existingSecretKeys.secret_access_key | string | `""` | key in existing Kubernetes Secret for secret_access_key. If set, ignores s3.secret_access_key | +| pixelfed.s3.existingSecretKeys.url | string | `""` | key in existing Kubernetes Secret for url. If set, ignores s3.url | +| pixelfed.s3.region | string | `""` | s3 region | +| pixelfed.s3.secret_access_key | string | `""` | s3 secret_access_key. ignored if s3.existingSecretKeys.secret_access_key is set | +| pixelfed.s3.url | string | `""` | s3 url including protocol such as https://s3.domain.com | +| pixelfed.s3.use_path_style_endpoint | bool | `false` | use S3 path type instead of using a DNS subdomain | +| pixelfed.session_domain | string | `""` | domain of session? | | pixelfed.stories_enabled | bool | `false` | Enable the Stories feature | +| pixelfed.timezone | string | `"europe/amsterdam"` | timezone for docker container | +| pixelfed.trusted_proxies | string | `"*"` | trusted proxies | +| pixelfed.webfinger | string | `"true"` | https://docs.pixelfed.org/technical-documentation/config/#webfinger | | podAnnotations | object | `{}` | This is for setting Kubernetes Annotations to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/ | | podLabels | object | `{}` | This is for setting Kubernetes Labels to a Pod. For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/ | | podSecurityContext | object | `{}` | | +| postgresql.enabled | bool | `false` | enable the bundled postgresql sub chart from Bitnami. Must set to true if externalDatabase.enabled=false | +| postgresql.fullnameOverride | string | `""` | | | readinessProbe.httpGet.path | string | `"/"` | | | readinessProbe.httpGet.port | string | `"http"` | | | replicaCount | int | `1` | This will set the replicaset count more information can be found here: https://kubernetes.io/docs/concepts/workloads/controllers/replicaset/ | @@ -98,8 +158,26 @@ A Helm chart for deploying Pixelfed on Kubernetes | serviceAccount.create | bool | `true` | Specifies whether a service account should be created | | serviceAccount.name | string | `""` | The name of the service account to use. If not set and create is true, a name is generated using the fullname template | | tolerations | list | `[]` | | +| valkey.auth.enabled | bool | `true` | | +| valkey.auth.existingSecret | string | `""` | | +| valkey.auth.existingSecretPasswordKey | string | `"password"` | | +| valkey.auth.metrics.enabled | bool | `false` | | +| valkey.auth.persistentVolumeClaimRetentionPolicy.enabled | bool | `true` | | +| valkey.auth.persistentVolumeClaimRetentionPolicy.whenDeleted | string | `"Retain"` | | +| valkey.auth.persistentVolumeClaimRetentionPolicy.whenScaled | string | `"Retain"` | | +| valkey.auth.primary.persistence.enabled | bool | `true` | | +| valkey.auth.primary.persistence.existingClaim | string | `""` | | +| valkey.auth.replica.persistence.enabled | bool | `true` | | +| valkey.auth.replica.persistence.existingClaim | string | `""` | | +| valkey.auth.resourcesPreset | string | `"small"` | | +| valkey.auth.tls.authClients | bool | `true` | | +| valkey.auth.tls.autoGenerated | bool | `false` | | +| valkey.auth.tls.enabled | bool | `false` | | +| valkey.enabled | bool | `false` | enable the bundled valkey sub chart from Bitnami. Must set to true if externalValkey.enabled=false | +| valkey.fullnameOverride | string | `""` | | +| valkey.global.storageClass | string | `""` | | | volumeMounts | list | `[]` | Additional volumeMounts on the output Deployment definition. | | volumes | list | `[]` | Additional volumes on the output Deployment definition. | ---------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0) +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/pixelfed/templates/configmap.yaml b/charts/pixelfed/templates/configmap.yaml new file mode 100644 index 0000000..ef70150 --- /dev/null +++ b/charts/pixelfed/templates/configmap.yaml @@ -0,0 +1,115 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: pixelfed-env +data: + env: |- + # app config vars + APP_NAME={{ .Values.pixelfed.app.name }} + APP_ENV={{ .Values.pixelfed.app.env }} + APP_URL={{ .Values.pixelfed.app.url }} + APP_LOCALE={{ .Values.pixelfed.app.locale }} + {{- with .Values.pixelfed.app.domain }} + APP_DOMAIN={{ . }} + {{- end }} + + # registration related env vars + OPEN_REGISTRATION={{ .Values.pixelfed.open_registration | quote }} + ENFORCE_EMAIL_VERIFICATION={{ .Values.pixelfed.enforce_email_verification | quote }} + ACCOUNT_DELETION={{ .Values.pixelfed.account_deletion | quote }} + OAUTH_ENABLED={{ .Values.pixelfed.oauth_enabled | quote }} + + MIN_PASSWORD_LENGTH={{ .Values.pixelfed.min_password_length | quote }} + MAX_ACCOUNT_SIZE={{ .Values.pixelfed.max_account_size | quote }} + MAX_PHOTO_SIZE={{ .Values.pixelfed.max_photo_size | quote }} + MAX_AVATAR_SIZE={{ .Values.pixelfed.max_avatar_size | quote }} + MAX_CAPTION_LENGTH={{ .Values.pixelfed.max_caption_length | quote }} + MAX_BIO_LENGTH={{ .Values.pixelfed.max_bio_length | quote }} + MAX_NAME_LENGTH={{ .Values.pixelfed.max_name_length | quote }} + MAX_ALBUM_LENGTH={{ .Values.pixelfed.max_album_length | quote }} + FORCE_HTTPS_URLS={{ .Values.pixelfed.force_https_urls | quote }} + + # misc + STORIES_ENABLED={{ .Values.pixelfed.stories_enabled | quote }} + ENABLE_CONFIG_CACHE={{ .Values.pixelfed.enable_config_cache | quote }} + IMAGE_QUALITY={{ .Values.pixelfed.image_quality | quote }} + + # instance wide configuration + INSTANCE_DESCRIPTION={{ .Values.pixelfed.instance.description }} + INSTANCE_CONTACT_FORM={{ .Values.pixelfed.instance.contact_form | quote }} + INSTANCE_DISCOVER_PUBLIC={{ .Values.pixelfed.instance.discover_public | quote }} + INSTANCE_PUBLIC_HASHTAGS={{ .Values.pixelfed.instance.public_hashtags | quote }} + {{- with .Values.pixelfed.instance.contact_email }} + INSTANCE_CONTACT_EMAIL={{ .Values.pixelfed.instance.contact_email }} + {{- end }} + INSTANCE_PROFILE_EMBEDS={{ .Values.pixelfed.instance.profile_embeds | quote }} + INSTANCE_POST_EMBEDS={{ .Values.pixelfed.instance.post_embeds | quote }} + INSTANCE_REPORTS_EMAIL_ENABLED={{ .Values.pixelfed.instance.reports.email_enabled | quote }} + {{- with .Values.pixelfed.instance.reports.email_addresses }} + INSTANCE_REPORTS_EMAIL_ADDRESSES={{ join "," . }} + {{- end }} + INSTANCE_REPORTS_EMAIL_AUTOSPAM={{ .Values.pixelfed.instance.reports.email_autospam | quote }} + INSTANCE_LANDING_SHOW_DIRECTORY={{ .Values.pixelfed.instance.landing.show_directory | quote }} + INSTANCE_LANDING_SHOW_EXPLORE={{ .Values.pixelfed.instance.landing.show_explore | quote }} + INSTANCE_CUR_REG={{ .Values.pixelfed.instance.cur_reg | quote }} + INSTANCE_SHOW_PEERS={{ .Values.pixelfed.instance.show_peers | quote }} + + # pixelfed config + PF_HIDE_NSFW_ON_PUBLIC_FEEDS={{ .Values.pixelfed.pf.hide_nsfw_on_public_feeds | quote }} + PF_LOCAL_AVATAR_TO_CLOUD={{ .Values.pixelfed.pf.local_avatar_to_cloud | quote }} + PF_ADMIN_INVITES_ENABLED={{ .Values.pixelfed.pf.admin_invites_enabled | quote }} + PF_MAX_USER_BLOCKS={{ .Values.pixelfed.pf.max_user_blocks | quote }} + PF_MAX_USER_MUTES={{ .Values.pixelfed.pf.max_user_mutes | quote }} + PF_MAX_DOMAIN_BLOCKS={{ .Values.pixelfed.pf.max_domain_blocks | quote }} + PF_ENABLE_CLOUD={{ .Values.pixelfed.pf.enable_cloud | quote }} + PF_MAX_USERS={{ .Values.pixelfed.pf.max_users | quote }} + PF_ENFORCE_MAX_USERS={{ .Values.pixelfed.pf.enforce_max_users | quote }} + PF_OPTIMIZE_IMAGES={{ .Values.pixelfed.pf.optimize_images | quote }} + PF_OPTIMIZE_VIDEOS={{ .Values.pixelfed.pf.optimize_videos | quote }} + PF_MAX_COLLECTION_LENGTH={{ .Values.pixelfed.pf.max_collection_length | quote }} + + # Laravel Configuration + SESSION_DRIVER="redis" + CACHE_DRIVER="redis" + QUEUE_DRIVER="redis" + BROADCAST_DRIVER="log" + LOG_CHANNEL="stack" + HORIZON_PREFIX="horizon-" + + # activity pub + ACTIVITY_PUB="true" + AP_REMOTE_FOLLOW="true" + AP_SHAREDINBOX="true" + AP_INBOX="true" + AP_OUTBOX="true" + + # redis + {{- with .Values.externalValkey.host }} + REDIS_HOST={{ . }} + {{- end }} + {{- with .Values.externalValkey.port }} + REDIS_PORT={{ . }} + {{- end }} + {{- with .Values.externalValkey.password }} + REDIS_PASSWORD={{ . }} + {{- end }} + + # mail + MAIL_DRIVER="smtp" + MAIL_HOST="smtp.mailgun.org" + MAIL_PORT="587" + MAIL_FROM_ADDRESS="__CHANGE_ME__" + MAIL_FROM_NAME="${APP_NAME}" + MAIL_USERNAME="" + MAIL_PASSWORD="" + MAIL_ENCRYPTION="tls" + + # db + DB_CONNECTION="pgsql" + DB_HOST="db" + DB_USERNAME="pixelfed" + DB_PASSWORD= + DB_DATABASE="pixelfed_prod" + DB_PORT="3306" + DB_APPLY_NEW_MIGRATIONS_AUTOMATICALLY="false" diff --git a/charts/pixelfed/templates/deployment.yaml b/charts/pixelfed/templates/deployment.yaml index 201ecd6..2105b9f 100644 --- a/charts/pixelfed/templates/deployment.yaml +++ b/charts/pixelfed/templates/deployment.yaml @@ -41,6 +41,7 @@ spec: containerPort: {{ .Values.service.port }} protocol: TCP env: + # app data - name: APP_NAME value: {{ .Values.pixelfed.app.name }} - name: APP_ENV @@ -53,6 +54,8 @@ spec: - name: APP_DOMAIN value: {{ . }} {{- end }} + + # registration related - name: OPEN_REGISTRATION value: {{ .Values.pixelfed.open_registration | quote }} - name: ENFORCE_EMAIL_VERIFICATION @@ -63,6 +66,8 @@ spec: value: {{ .Values.pixelfed.account_deletion | quote }} - name: OAUTH_ENABLED value: {{ .Values.pixelfed.oauth_enabled | quote }} + + # limits - name: MIN_PASSWORD_LENGTH value: {{ .Values.pixelfed.min_password_length | quote }} - name: MAX_ACCOUNT_SIZE @@ -85,6 +90,8 @@ spec: value: {{ .Values.pixelfed.stories_enabled | quote }} - name: ENABLE_CONFIG_CACHE value: {{ .Values.pixelfed.enable_config_cache | quote }} + + # instance config - name: INSTANCE_DESCRIPTION value: {{ .Values.pixelfed.instance.description }} - name: INSTANCE_CONTACT_FORM @@ -117,6 +124,8 @@ spec: value: {{ .Values.pixelfed.instance.cur_reg | quote }} - name: INSTANCE_SHOW_PEERS value: {{ .Values.pixelfed.instance.show_peers | quote }} + + # public feed - name: PF_HIDE_NSFW_ON_PUBLIC_FEEDS value: {{ .Values.pixelfed.pf.hide_nsfw_on_public_feeds | quote }} - name: PF_LOCAL_AVATAR_TO_CLOUD @@ -141,6 +150,81 @@ spec: value: {{ .Values.pixelfed.pf.optimize_videos | quote }} - name: PF_MAX_COLLECTION_LENGTH value: {{ .Values.pixelfed.pf.max_collection_length | quote }} + + # Laravel Configuration + - name: SESSION_DRIVER + value: "database" + - name: CACHE_DRIVER + value: "redis" + - name: QUEUE_DRIVER + value: "redis" + - name: BROADCAST_DRIVER + value: "log" + - name: LOG_CHANNEL + value: "stack" + - name: HORIZON_PREFIX + value: "horizon-" + + # activity pub + - name: ACTIVITY_PUB + value: "true" + - name: AP_REMOTE_FOLLOW + value: "true" + - name: AP_SHAREDINBOX + value: "true" + - name: AP_INBOX + value: "true" + - name: AP_OUTBOX + value: "true" + + # redis + {{- with .Values.externalValkey.host }} + - name: REDIS_HOST + value: {{ . }} + {{- end }} + {{- with .Values.externalValkey.port }} + - name: REDIS_PORT + value: {{ . }} + {{- end }} + {{- with .Values.externalValkey.password }} + - name: REDIS_PASSWORD + value: {{ . }} + {{- end }} + + # mail + - name: MAIL_DRIVER + value: "smtp" + - name: MAIL_HOST + value: "smtp.mailgun.org" + - name: MAIL_PORT + value: "587" + - name: MAIL_FROM_ADDRESS + value: "__CHANGE_ME__" + - name: MAIL_FROM_NAME + value: "${APP_NAME}" + - name: MAIL_USERNAME + value: "" + - name: MAIL_PASSWORD + value: "" + - name: MAIL_ENCRYPTION + value: "tls" + + # db + - name: DB_CONNECTION + value: "pgsql" + - name: DB_HOST + value: "db" + - name: DB_USERNAME + value: "pixelfed" + - name: DB_PASSWORD + value: "" + - name: DB_DATABASE + value: "pixelfed_prod" + - name: DB_PORT + value: "3306" + - name: DB_APPLY_NEW_MIGRATIONS_AUTOMATICALLY + value: "false" + livenessProbe: {{- toYaml .Values.livenessProbe | nindent 12 }} readinessProbe: diff --git a/charts/pixelfed/values.yaml b/charts/pixelfed/values.yaml index 32954fc..cf47de8 100644 --- a/charts/pixelfed/values.yaml +++ b/charts/pixelfed/values.yaml @@ -62,8 +62,6 @@ ingress: enabled: false className: "" annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" hosts: - host: chart-example.local paths: @@ -124,7 +122,121 @@ tolerations: [] affinity: {} +externalDatabase: + # -- options: sqlite mysql pgsql sqlsrv + connection: psql + host: "" + port: 3306 + database: pixelfed + username: "" + password: "" + # options: disable, require, allow, prefer, verify-full + # ssl_mode: "" + # path to ssl root cert + # ssl_root_cert: + # path to ssl cert + # ssl_cert: "" + # path to ssl key + # ssl_key: "" + # -- get database credentials from an existing Kubernetes Secret + existingSecret: "" + existingSecretKeys: + # -- key in existing Kubernetes Secret for host. If set, ignores externalDatabase.host + host: "" + # -- key in existing Kubernetes Secret for port. If set, ignores externalDatabase.port + port: "" + # -- key in existing Kubernetes Secret for database. If set, ignores externalDatabase.database + database: pixelfed + # -- key in existing Kubernetes Secret for username. If set, ignores externalDatabase.username + username: "" + # -- key in existing Kubernetes Secret for password. If set, ignores externalDatabase.password + password: "" + +# External Redis Configuration. Use this if you set valkey.enabled: false +externalValkey: + client: "phpredis" + scheme: "tcp" + host: "valkey" + password: "null" + port: "6379" + # -- get valkey credentials from an existing Kubernetes Secret + existingSecret: "" + existingSecretKeys: + # -- key in existing Kubernetes Secret for host. If set, ignores externalValkey.host + host: "" + # -- key in existing Kubernetes Secret for password. If set, ignores externalValkey.password + password: "" + +# valkey is a fork of redis with a better license +valkey: + # -- enable the bundled valkey sub chart from Bitnami. + # Must set to true if externalValkey.enabled=false + enabled: false + fullnameOverride: "" + global: + storageClass: "" + + # for auth, we get the valkey credentials from an ExternalSecret + auth: + enabled: true + existingSecret: "" + existingSecretPasswordKey: "password" + # TLS settings + tls: + enabled: false + authClients: true + autoGenerated: false + + # primary (control plane) configuration + primary: + persistence: + enabled: true + existingClaim: "" + + # valkey replica configuration + replica: + persistence: + enabled: true + existingClaim: "" + + # persistnent volume retention policy for the StatefulSet + persistentVolumeClaimRetentionPolicy: + enabled: true + whenScaled: Retain + whenDeleted: Retain + + metrics: + # we use a grafana exporter that logs into valkey directly + enabled: false + + # definitions: https://github.com/bitnami/charts/blob/main/bitnami/common/templates/_resources.tpl#L15 + # Options: nano, micro, small, medium, large, xlarge, 2xlarge + # default: nano + resourcesPreset: "small" + + +postgresql: + # -- enable the bundled postgresql sub chart from Bitnami. + # Must set to true if externalDatabase.enabled=false + enabled: false + fullnameOverride: "" + pixelfed: + # -- timezone for docker container + timezone: "europe/amsterdam" + + # -- Experimental Configuration + exp_emc: true + + # -- domain of admin interface + admin_domain: "" + + # -- domain of session? + session_domain: "" + + # -- trusted proxies + trusted_proxies: "*" + # app specific settings app: # -- The name of your server/instance @@ -247,3 +359,75 @@ pixelfed: optimize_videos: true # -- Max collection post limit max_collection_length: 100 + + # ActivityPub Configuration + activity_pub: + enabled: false + remote_follow: false + inbox: false + outbox: false + sharedinbox: false + + ########################################################### + # Federation + ########################################################### + # -- https://docs.pixelfed.org/technical-documentation/config/#atom_feeds + atom_feeds: "true" + + # -- https://docs.pixelfed.org/technical-documentation/config/#nodeinfo + nodeinfo: "true" + + # -- https://docs.pixelfed.org/technical-documentation/config/#webfinger + webfinger: "true" + + # Mail Configuration (Post-Installer) + mail: + # -- options: "smtp" (default), "sendmail", "mailgun", "mandrill", "ses" + # "sparkpost", "log", "array" + driver: smtp + host: smtp.mailtrap.io + port: 2525 + username: "" + password: "" + encryption: "tls" + from_address: "pixelfed@example.com" + from_name: "Pixelfed" + # -- name of an existing Kubernetes Secret for mail credentials + existingSecret: "" + existingSecretKeys: + # -- key in existing Kubernetes Secret for host. If set, ignores mail.host + host: "" + # -- key in existing Kubernetes Secret for port. If set, ignores mail.port + port: "" + # -- key in existing Kubernetes Secret for username. If set, ignores mail.username + username: "" + # -- key in existing Kubernetes Secret for password. If set, ignores mail.password + password: "" + + # Mail Configuration (Post-Installer) + s3: + # -- s3 url including protocol such as https://s3.domain.com + url: "" + # -- s3 endpoint excluding protocol such as s3.domain.com + endpoint: "" + # -- s3 bucket + bucket: "" + # -- s3 region + region: "" + # -- s3 access_key_id. ignored if s3.existingSecretKeys.access_key_id is set + access_key_id: "" + # -- s3 secret_access_key. ignored if s3.existingSecretKeys.secret_access_key is set + secret_access_key: "" + # -- use S3 path type instead of using a DNS subdomain + use_path_style_endpoint: false + # -- name of an existing Kubernetes Secret for s3 credentials + existingSecret: "" + existingSecretKeys: + # -- key in existing Kubernetes Secret for url. If set, ignores s3.url + url: "" + # -- key in existing Kubernetes Secret for endpoint. If set, ignores s3.endpoint + endpoint: "" + # -- key in existing Kubernetes Secret for access_key_id. If set, ignores s3.access_key_id + access_key_id: "" + # -- key in existing Kubernetes Secret for secret_access_key. If set, ignores s3.secret_access_key + secret_access_key: ""