diff options
author | Alex Dunn <dunn.alex@gmail.com> | 2020-06-29 04:58:48 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-29 13:58:48 +0200 |
commit | 6d3125f9c0127095913a9f1dfd7043929ba3bb9d (patch) | |
tree | efa8d552832a5d54608a6e84d1c5a667a3923269 /chart/templates/secrets.yaml | |
parent | 5e8f51b29fccfb7d19d53854f3472f7370593ebf (diff) |
Add Helm chart (#14090)
* add Helm chart known issues/future work: - SSO is unsupported - S3/Minio/GCS is unsupported - Swift is unsupported - WEB_DOMAIN is unsupported - Tor is unsupported * helm: clarify how LOCAL_DOMAIN is set * helm: add chart description * helm: make DB_POOL and Sidekiq concurrency configurable * helm: only enforce pod affinity when using ReadWriteOnce * helm: clarify compatibility * helm: clean up application variables * helm: add job to create initial admin
Diffstat (limited to 'chart/templates/secrets.yaml')
-rw-r--r-- | chart/templates/secrets.yaml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml new file mode 100644 index 000000000..74f4b1516 --- /dev/null +++ b/chart/templates/secrets.yaml @@ -0,0 +1,28 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ template "mastodon.fullname" . }} + labels: + {{- include "mastodon.labels" . | nindent 4 }} +type: Opaque +data: + {{- if not (empty .Values.secrets.secret_key_base) }} + SECRET_KEY_BASE: "{{ .Values.secrets.secret_key_base | b64enc }}" + {{- else }} + SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.secrets.secret_key_base }} + {{- end }} + {{- if not (empty .Values.secrets.otp_secret) }} + OTP_SECRET: "{{ .Values.secrets.otp_secret | b64enc }}" + {{- else }} + OTP_SECRET: {{ required "otp_secret is required" .Values.secrets.otp_secret }} + {{- end }} + {{- if not (empty .Values.secrets.vapid.private_key) }} + VAPID_PRIVATE_KEY: "{{ .Values.secrets.vapid.private_key | b64enc }}" + {{- else }} + VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.secrets.vapid.private_key }} + {{- end }} + {{- if not (empty .Values.secrets.vapid.public_key) }} + VAPID_PUBLIC_KEY: "{{ .Values.secrets.vapid.public_key | b64enc }}" + {{- else }} + VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.secrets.vapid.public_key }} + {{- end }} |