175 lines
		
	
	
	
		
			4.6 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
			
		
		
	
	
			175 lines
		
	
	
	
		
			4.6 KiB
		
	
	
	
		
			Text
		
	
	
	
	
	
| replicaCount: 1
 | |
| 
 | |
| image:
 | |
|   repository: tootsuite/mastodon
 | |
|   pullPolicy: Always
 | |
|   # https://hub.docker.com/r/tootsuite/mastodon/tags
 | |
|   tag: v3.2.1
 | |
|   # alternatively, use `latest` for the latest release or `edge` for the image
 | |
|   # built from the most recent commit
 | |
|   #
 | |
|   # tag: latest
 | |
| 
 | |
| ingress:
 | |
|   enabled: false
 | |
|   annotations:
 | |
|     kubernetes.io/ingress.class: nginx
 | |
|     kubernetes.io/tls-acme: "true"
 | |
|     # cert-manager.io/cluster-issuer: "letsencrypt"
 | |
|     #
 | |
|     # ensure that NGINX's upload size matches Mastodon's
 | |
|     #   for the K8s ingress controller:
 | |
|     # nginx.ingress.kubernetes.io/proxy-body-size: 40m
 | |
|     #   for the NGINX ingress controller:
 | |
|     # nginx.org/client-max-body-size: 40m
 | |
|   # this value is used for LOCAL_DOMAIN
 | |
|   hostname: mastodon.local
 | |
|   tls:
 | |
|     - secretName: mastodon-tls
 | |
|       hosts:
 | |
|         - mastodon.local
 | |
| 
 | |
| # create an initial administrator user; the password is autogenerated and will
 | |
| # have to be reset
 | |
| createAdmin:
 | |
|   enabled: false
 | |
|   username: not_gargron
 | |
|   email: not@example.com
 | |
| 
 | |
| # available locales: https://github.com/tootsuite/mastodon/blob/master/config/application.rb#L43
 | |
| locale: en
 | |
| 
 | |
| cron:
 | |
|   # run `tootctl media remove` every week
 | |
|   removeMedia:
 | |
|     enabled: true
 | |
|     schedule: "0 0 * * 0"
 | |
| 
 | |
| application:
 | |
|   web:
 | |
|     port: 3000
 | |
|   streaming:
 | |
|     port: 4000
 | |
|     # this should be set manually since os.cpus() returns the number of CPUs on
 | |
|     # the node running the pod, which is unrelated to the resources allocated to
 | |
|     # the pod by k8s
 | |
|     workers: 1
 | |
|   sidekiq:
 | |
|     concurrency: 25
 | |
| 
 | |
| # these must be set manually; autogenerated keys are rotated on each upgrade
 | |
| secrets:
 | |
|   secret_key_base: ""
 | |
|   otp_secret: ""
 | |
|   vapid:
 | |
|     private_key: ""
 | |
|     public_key: ""
 | |
| 
 | |
| smtp:
 | |
|   auth_method: plain
 | |
|   ca_file:
 | |
|   delivery_method: smtp
 | |
|   domain:
 | |
|   enable_starttls_auto: true
 | |
|   from_address: notifications@example.com
 | |
|   login:
 | |
|   openssl_verify_mode: peer
 | |
|   password:
 | |
|   port: 587
 | |
|   reply_to:
 | |
|   server: smtp.mailgun.org
 | |
|   tls: false
 | |
| 
 | |
| # https://github.com/bitnami/charts/tree/master/bitnami/elasticsearch#parameters
 | |
| elasticsearch:
 | |
|   # `false` will disable full-text search
 | |
|   #
 | |
|   # if you enable ES after the initial install, you will need to manually run
 | |
|   # RAILS_ENV=production bundle exec rake chewy:sync
 | |
|   # (https://docs.joinmastodon.org/admin/optional/elasticsearch/)
 | |
|   enabled: true
 | |
|   # may be removed once https://github.com/tootsuite/mastodon/pull/13828 is part
 | |
|   # of a tagged release
 | |
|   image:
 | |
|     tag: 6
 | |
| 
 | |
| # https://github.com/bitnami/charts/tree/master/bitnami/postgresql#parameters
 | |
| postgresql:
 | |
|   postgresqlDatabase: mastodon_production
 | |
|   # you must set a password; the password generated by the postgresql chart will
 | |
|   # be rotated on each upgrade:
 | |
|   # https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrade
 | |
|   postgresqlPassword: ""
 | |
|   postgresqlUsername: postgres
 | |
| 
 | |
| # https://github.com/bitnami/charts/tree/master/bitnami/redis#parameters
 | |
| redis:
 | |
|   # you must set a password; the password generated by the redis chart will be
 | |
|   # rotated on each upgrade:
 | |
|   password: ""
 | |
| 
 | |
| persistence:
 | |
|   assets:
 | |
|     # ReadWriteOnce is more widely supported than ReadWriteMany, but limits
 | |
|     # scalability, since it requires the Rails and Sidekiq pods to run on the
 | |
|     # same node.
 | |
|     accessMode: ReadWriteOnce
 | |
|     resources:
 | |
|       requests:
 | |
|         storage: 10Gi
 | |
|   system:
 | |
|     accessMode: ReadWriteOnce
 | |
|     resources:
 | |
|       requests:
 | |
|         storage: 100Gi
 | |
| 
 | |
| service:
 | |
|   type: ClusterIP
 | |
|   port: 80
 | |
| 
 | |
| # https://github.com/tootsuite/mastodon/blob/master/Dockerfile#L88
 | |
| #
 | |
| # if you manually change the UID/GID environment variables, ensure these values
 | |
| # match:
 | |
| podSecurityContext:
 | |
|   runAsUser: 991
 | |
|   runAsGroup: 991
 | |
|   fsGroup: 991
 | |
| 
 | |
| securityContext: {}
 | |
| 
 | |
| serviceAccount:
 | |
|   # Specifies whether a service account should be created
 | |
|   create: true
 | |
|   # Annotations to add to the service account
 | |
|   annotations: {}
 | |
|   # The name of the service account to use.
 | |
|   # If not set and create is true, a name is generated using the fullname template
 | |
|   name: ""
 | |
| 
 | |
| podAnnotations: {}
 | |
| 
 | |
| resources: {}
 | |
|   # We usually recommend not to specify default resources and to leave this as a conscious
 | |
|   # choice for the user. This also increases chances charts run on environments with little
 | |
|   # resources, such as Minikube. If you do want to specify resources, uncomment the following
 | |
|   # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
 | |
|   # limits:
 | |
|   #   cpu: 100m
 | |
|   #   memory: 128Mi
 | |
|   # requests:
 | |
|   #   cpu: 100m
 | |
|   #   memory: 128Mi
 | |
| 
 | |
| autoscaling:
 | |
|   enabled: false
 | |
|   minReplicas: 1
 | |
|   maxReplicas: 100
 | |
|   targetCPUUtilizationPercentage: 80
 | |
|   # targetMemoryUtilizationPercentage: 80
 | |
| 
 | |
| nodeSelector: {}
 | |
| 
 | |
| tolerations: []
 | |
| 
 | |
| affinity: {}
 |