diff options
| author | Claire <claire.github-309c@sitedethib.com> | 2021-02-22 19:36:03 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-02-22 19:36:03 +0100 |
| commit | 4aa860b65bd796b09dc0ceffa1fdd7de31060a34 (patch) | |
| tree | 8850793f3118de3a91e2e224bcec9651e023acd0 /chart/templates | |
| parent | 8792128f38e19b0d7882468a4f1f9362b98793a0 (diff) | |
| parent | 6ae04d990c50c12e171fc2a3d2593fa42d9c4c9c (diff) | |
Merge pull request #1501 from ClearlyClaire/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'chart/templates')
| -rw-r--r-- | chart/templates/NOTES.txt | 5 | ||||
| -rw-r--r-- | chart/templates/configmap-env.yaml | 74 | ||||
| -rw-r--r-- | chart/templates/cronjob-media-remove.yaml | 14 | ||||
| -rw-r--r-- | chart/templates/deployment-sidekiq.yaml | 12 | ||||
| -rw-r--r-- | chart/templates/deployment-streaming.yaml | 8 | ||||
| -rw-r--r-- | chart/templates/deployment-web.yaml | 12 | ||||
| -rw-r--r-- | chart/templates/ingress.yaml | 17 | ||||
| -rw-r--r-- | chart/templates/job-assets-precompile.yaml | 12 | ||||
| -rw-r--r-- | chart/templates/job-chewy-upgrade.yaml | 12 | ||||
| -rw-r--r-- | chart/templates/job-create-admin.yaml | 18 | ||||
| -rw-r--r-- | chart/templates/job-db-migrate.yaml | 12 | ||||
| -rw-r--r-- | chart/templates/pvc-assets.yaml | 9 | ||||
| -rw-r--r-- | chart/templates/pvc-system.yaml | 9 | ||||
| -rw-r--r-- | chart/templates/secrets.yaml | 31 | ||||
| -rw-r--r-- | chart/templates/service-streaming.yaml | 2 | ||||
| -rw-r--r-- | chart/templates/service-web.yaml | 2 |
16 files changed, 167 insertions, 82 deletions
diff --git a/chart/templates/NOTES.txt b/chart/templates/NOTES.txt index 36cced67a..b09c40bec 100644 --- a/chart/templates/NOTES.txt +++ b/chart/templates/NOTES.txt @@ -2,7 +2,7 @@ {{- if .Values.ingress.enabled }} {{- range $host := .Values.ingress.hosts }} {{- range .paths }} - http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ . }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host.host }}{{ .path }} {{- end }} {{- end }} {{- else if contains "NodePort" .Values.service.type }} @@ -16,6 +16,7 @@ echo http://$SERVICE_IP:{{ .Values.service.port }} {{- else if contains "ClusterIP" .Values.service.type }} export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "mastodon.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + export CONTAINER_PORT=$(kubectl get pod --namespace {{ .Release.Namespace }} $POD_NAME -o jsonpath="{.spec.containers[0].ports[0].containerPort}") echo "Visit http://127.0.0.1:8080 to use your application" - kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:80 + kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8080:$CONTAINER_PORT {{- end }} diff --git a/chart/templates/configmap-env.yaml b/chart/templates/configmap-env.yaml index 27351e97e..701368e49 100644 --- a/chart/templates/configmap-env.yaml +++ b/chart/templates/configmap-env.yaml @@ -5,61 +5,75 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} data: + {{- if .Values.postgresql.enabled }} DB_HOST: {{ template "mastodon.postgresql.fullname" . }} + {{- else }} + DB_HOST: {{ .Values.postgresql.postgresqlHostname }} + {{- end }} DB_NAME: {{ .Values.postgresql.postgresqlDatabase }} - DB_POOL: {{ .Values.application.sidekiq.concurrency | quote }} + DB_POOL: {{ .Values.mastodon.sidekiq.concurrency | quote }} DB_PORT: "5432" DB_USER: {{ .Values.postgresql.postgresqlUsername }} - DEFAULT_LOCALE: {{ .Values.locale }} + DEFAULT_LOCALE: {{ .Values.mastodon.locale }} {{- if .Values.elasticsearch.enabled }} ES_ENABLED: "true" ES_HOST: {{ template "mastodon.elasticsearch.fullname" . }}-master ES_PORT: "9200" {{- end }} - LOCAL_DOMAIN: {{ .Values.ingress.hostname }} + LOCAL_DOMAIN: {{ .Values.mastodon.local_domain }} # https://devcenter.heroku.com/articles/tuning-glibc-memory-behavior MALLOC_ARENA_MAX: "2" NODE_ENV: "production" RAILS_ENV: "production" REDIS_HOST: {{ template "mastodon.redis.fullname" . }}-master REDIS_PORT: "6379" - {{- if .Values.smtp.auth_method }} - SMTP_AUTH_METHOD: {{ .Values.smtp.auth_method }} + {{- if .Values.mastodon.s3.enabled }} + S3_BUCKET: {{ .Values.mastodon.s3.bucket }} + S3_ENABLED: "true" + S3_ENDPOINT: {{ .Values.mastodon.s3.endpoint }} + S3_HOSTNAME: {{ .Values.mastodon.s3.hostname }} + S3_PROTOCOL: "https" + {{- if .Values.mastodon.s3.region }} + S3_REGION: {{ .Values.mastodon.s3.region }} + {{- end }} + {{- end }} + {{- if .Values.mastodon.smtp.auth_method }} + SMTP_AUTH_METHOD: {{ .Values.mastodon.smtp.auth_method }} {{- end }} - {{- if .Values.smtp.ca_file }} - SMTP_CA_FILE: {{ .Values.smtp.ca_file }} + {{- if .Values.mastodon.smtp.ca_file }} + SMTP_CA_FILE: {{ .Values.mastodon.smtp.ca_file }} {{- end }} - {{- if .Values.smtp.delivery_method }} - SMTP_DELIVERY_METHOD: {{ .Values.smtp.delivery_method }} + {{- if .Values.mastodon.smtp.delivery_method }} + SMTP_DELIVERY_METHOD: {{ .Values.mastodon.smtp.delivery_method }} {{- end }} - {{- if .Values.smtp.domain }} - SMTP_DOMAIN: {{ .Values.smtp.domain }} + {{- if .Values.mastodon.smtp.domain }} + SMTP_DOMAIN: {{ .Values.mastodon.smtp.domain }} {{- end }} - {{- if .Values.smtp.enable_starttls_auto }} - SMTP_ENABLE_STARTTLS_AUTO: {{ .Values.smtp.enable_starttls_auto | quote }} + {{- if .Values.mastodon.smtp.enable_starttls_auto }} + SMTP_ENABLE_STARTTLS_AUTO: {{ .Values.mastodon.smtp.enable_starttls_auto | quote }} {{- end }} - {{- if .Values.smtp.from_address }} - SMTP_FROM_ADDRESS: {{ .Values.smtp.from_address }} + {{- if .Values.mastodon.smtp.from_address }} + SMTP_FROM_ADDRESS: {{ .Values.mastodon.smtp.from_address }} {{- end }} - {{- if .Values.smtp.login }} - SMTP_LOGIN: {{ .Values.smtp.login }} + {{- if .Values.mastodon.smtp.login }} + SMTP_LOGIN: {{ .Values.mastodon.smtp.login }} {{- end }} - {{- if .Values.smtp.openssl_verify_mode }} - SMTP_OPENSSL_VERIFY_MODE: {{ .Values.smtp.openssl_verify_mode }} + {{- if .Values.mastodon.smtp.openssl_verify_mode }} + SMTP_OPENSSL_VERIFY_MODE: {{ .Values.mastodon.smtp.openssl_verify_mode }} {{- end }} - {{- if .Values.smtp.password }} - SMTP_PASSWORD: {{ .Values.smtp.password }} + {{- if .Values.mastodon.smtp.password }} + SMTP_PASSWORD: {{ .Values.mastodon.smtp.password }} {{- end }} - {{- if .Values.smtp.port }} - SMTP_PORT: {{ .Values.smtp.port | quote }} + {{- if .Values.mastodon.smtp.port }} + SMTP_PORT: {{ .Values.mastodon.smtp.port | quote }} {{- end }} - {{- if .Values.smtp.reply_to }} - SMTP_REPLY_TO: {{ .Values.smtp.reply_to }} + {{- if .Values.mastodon.smtp.reply_to }} + SMTP_REPLY_TO: {{ .Values.mastodon.smtp.reply_to }} {{- end }} - {{- if .Values.smtp.server }} - SMTP_SERVER: {{ .Values.smtp.server }} + {{- if .Values.mastodon.smtp.server }} + SMTP_SERVER: {{ .Values.mastodon.smtp.server }} {{- end }} - {{- if .Values.smtp.tls }} - SMTP_TLS: {{ .Values.smtp.tls | quote }} + {{- if .Values.mastodon.smtp.tls }} + SMTP_TLS: {{ .Values.mastodon.smtp.tls | quote }} {{- end }} - STREAMING_CLUSTER_NUM: {{ .Values.application.streaming.workers | quote }} + STREAMING_CLUSTER_NUM: {{ .Values.mastodon.streaming.workers | quote }} diff --git a/chart/templates/cronjob-media-remove.yaml b/chart/templates/cronjob-media-remove.yaml index 8a01a2551..3d6e25cc6 100644 --- a/chart/templates/cronjob-media-remove.yaml +++ b/chart/templates/cronjob-media-remove.yaml @@ -1,4 +1,4 @@ -{{ if .Values.cron.removeMedia.enabled }} +{{ if .Values.mastodon.cron.removeMedia.enabled }} apiVersion: batch/v1beta1 kind: CronJob metadata: @@ -6,7 +6,7 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} spec: - schedule: {{ .Values.cron.removeMedia.schedule }} + schedule: {{ .Values.mastodon.cron.removeMedia.schedule }} jobTemplate: spec: template: @@ -14,9 +14,10 @@ spec: name: {{ include "mastodon.fullname" . }}-media-remove spec: restartPolicy: OnFailure + {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce - {{- if or (eq "ReadWriteOnce" .Values.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.persistence.system.accessMode) }} + {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }} affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -35,6 +36,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ include "mastodon.fullname" . }}-media-remove image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" @@ -55,7 +57,7 @@ spec: {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql {{- else }} - name: {{ template "mastodon.fullname" . }}-postgresql + name: {{ template "mastodon.fullname" . }} {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" @@ -64,10 +66,12 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.web.port | quote }} + value: {{ .Values.mastodon.web.port | quote }} + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} {{- end }} diff --git a/chart/templates/deployment-sidekiq.yaml b/chart/templates/deployment-sidekiq.yaml index 5457183a3..baf6c2b2d 100644 --- a/chart/templates/deployment-sidekiq.yaml +++ b/chart/templates/deployment-sidekiq.yaml @@ -31,9 +31,10 @@ spec: serviceAccountName: {{ include "mastodon.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce - {{- if or (eq "ReadWriteOnce" .Values.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.persistence.system.accessMode) }} + {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }} affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -52,6 +53,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ .Chart.Name }} securityContext: @@ -63,7 +65,7 @@ spec: - exec - sidekiq - -c - - {{ .Values.application.sidekiq.concurrency | quote }} + - {{ .Values.mastodon.sidekiq.concurrency | quote }} envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env @@ -73,18 +75,24 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: secretKeyRef: name: {{ .Release.Name }}-redis key: redis-password + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- with .Values.nodeSelector }} diff --git a/chart/templates/deployment-streaming.yaml b/chart/templates/deployment-streaming.yaml index 5d642d72c..b332b686a 100644 --- a/chart/templates/deployment-streaming.yaml +++ b/chart/templates/deployment-streaming.yaml @@ -43,7 +43,11 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: @@ -51,10 +55,10 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.streaming.port | quote }} + value: {{ .Values.mastodon.streaming.port | quote }} ports: - name: streaming - containerPort: {{ .Values.application.streaming.port }} + containerPort: {{ .Values.mastodon.streaming.port }} protocol: TCP livenessProbe: httpGet: diff --git a/chart/templates/deployment-web.yaml b/chart/templates/deployment-web.yaml index 5010e567a..8b8bb4f29 100644 --- a/chart/templates/deployment-web.yaml +++ b/chart/templates/deployment-web.yaml @@ -31,6 +31,7 @@ spec: serviceAccountName: {{ include "mastodon.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- if (not .Values.mastodon.s3.enabled) }} volumes: - name: assets persistentVolumeClaim: @@ -38,6 +39,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ .Chart.Name }} securityContext: @@ -59,7 +61,11 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: @@ -67,15 +73,17 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.web.port | quote }} + value: {{ .Values.mastodon.web.port | quote }} + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} ports: - name: http - containerPort: {{ .Values.application.web.port }} + containerPort: {{ .Values.mastodon.web.port }} protocol: TCP livenessProbe: httpGet: diff --git a/chart/templates/ingress.yaml b/chart/templates/ingress.yaml index 947bf5b70..8930d2c10 100644 --- a/chart/templates/ingress.yaml +++ b/chart/templates/ingress.yaml @@ -1,6 +1,7 @@ {{- if .Values.ingress.enabled -}} {{- $fullName := include "mastodon.fullname" . -}} -{{- $svcPort := .Values.service.port -}} +{{- $webPort := .Values.mastodon.web.port -}} +{{- $streamingPort := .Values.mastodon.streaming.port -}} {{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1beta1 {{- else -}} @@ -27,15 +28,19 @@ spec: {{- end }} {{- end }} rules: - - host: {{ .Values.ingress.hostname | quote }} + {{- range .Values.ingress.hosts }} + - host: {{ .host | quote }} http: paths: - - path: '/' + {{- range .paths }} + - path: {{ .path }} backend: serviceName: {{ $fullName }}-web - servicePort: {{ $svcPort }} - - path: '/api/v1/streaming' + servicePort: {{ $webPort }} + - path: {{ .path }}api/v1/streaming backend: serviceName: {{ $fullName }}-streaming - servicePort: {{ .Values.application.streaming.port }} + servicePort: {{ $streamingPort }} + {{- end }} + {{- end }} {{- end }} diff --git a/chart/templates/job-assets-precompile.yaml b/chart/templates/job-assets-precompile.yaml index 5472e06d6..825a7e916 100644 --- a/chart/templates/job-assets-precompile.yaml +++ b/chart/templates/job-assets-precompile.yaml @@ -14,9 +14,10 @@ spec: name: {{ include "mastodon.fullname" . }}-assets-precompile spec: restartPolicy: Never + {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce - {{- if or (eq "ReadWriteOnce" .Values.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.persistence.system.accessMode) }} + {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }} affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -35,6 +36,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ include "mastodon.fullname" . }}-assets-precompile image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" @@ -53,7 +55,11 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: @@ -61,9 +67,11 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.web.port | quote }} + value: {{ .Values.mastodon.web.port | quote }} + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} diff --git a/chart/templates/job-chewy-upgrade.yaml b/chart/templates/job-chewy-upgrade.yaml index 789fcff83..cc68a3385 100644 --- a/chart/templates/job-chewy-upgrade.yaml +++ b/chart/templates/job-chewy-upgrade.yaml @@ -15,9 +15,10 @@ spec: name: {{ include "mastodon.fullname" . }}-chewy-upgrade spec: restartPolicy: Never + {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce - {{- if or (eq "ReadWriteOnce" .Values.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.persistence.system.accessMode) }} + {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }} affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -36,6 +37,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ include "mastodon.fullname" . }}-chewy-setup image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" @@ -54,7 +56,11 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: @@ -62,10 +68,12 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.web.port | quote }} + value: {{ .Values.mastodon.web.port | quote }} + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} {{- end }} diff --git a/chart/templates/job-create-admin.yaml b/chart/templates/job-create-admin.yaml index 3c5bdd6eb..ffb8bb059 100644 --- a/chart/templates/job-create-admin.yaml +++ b/chart/templates/job-create-admin.yaml @@ -1,4 +1,4 @@ -{{- if .Values.createAdmin.enabled }} +{{- if .Values.mastodon.createAdmin.enabled }} apiVersion: batch/v1 kind: Job metadata: @@ -15,9 +15,10 @@ spec: name: {{ include "mastodon.fullname" . }}-create-admin spec: restartPolicy: Never + {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce - {{- if or (eq "ReadWriteOnce" .Values.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.persistence.system.accessMode) }} + {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }} affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -36,6 +37,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ include "mastodon.fullname" . }}-create-admin image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" @@ -44,9 +46,9 @@ spec: - bin/tootctl - accounts - create - - {{ .Values.createAdmin.username }} + - {{ .Values.mastodon.createAdmin.username }} - --email - - {{ .Values.createAdmin.email }} + - {{ .Values.mastodon.createAdmin.email }} - --confirmed - --role - admin @@ -59,7 +61,11 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: @@ -67,10 +73,12 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.web.port | quote }} + value: {{ .Values.mastodon.web.port | quote }} + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} {{- end }} diff --git a/chart/templates/job-db-migrate.yaml b/chart/templates/job-db-migrate.yaml index e07832386..72f910e3b 100644 --- a/chart/templates/job-db-migrate.yaml +++ b/chart/templates/job-db-migrate.yaml @@ -14,9 +14,10 @@ spec: name: {{ include "mastodon.fullname" . }}-db-migrate spec: restartPolicy: Never + {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce - {{- if or (eq "ReadWriteOnce" .Values.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.persistence.system.accessMode) }} + {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }} affinity: podAffinity: requiredDuringSchedulingIgnoredDuringExecution: @@ -35,6 +36,7 @@ spec: - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" . }}-system + {{- end }} containers: - name: {{ include "mastodon.fullname" . }}-db-migrate image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" @@ -53,7 +55,11 @@ spec: - name: "DB_PASS" valueFrom: secretKeyRef: + {{- if .Values.postgresql.enabled }} name: {{ .Release.Name }}-postgresql + {{- else }} + name: {{ template "mastodon.fullname" . }} + {{- end }} key: postgresql-password - name: "REDIS_PASSWORD" valueFrom: @@ -61,9 +67,11 @@ spec: name: {{ .Release.Name }}-redis key: redis-password - name: "PORT" - value: {{ .Values.application.web.port | quote }} + value: {{ .Values.mastodon.web.port | quote }} + {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system + {{- end }} diff --git a/chart/templates/pvc-assets.yaml b/chart/templates/pvc-assets.yaml index 5c5315100..58b2179df 100644 --- a/chart/templates/pvc-assets.yaml +++ b/chart/templates/pvc-assets.yaml @@ -1,4 +1,4 @@ ---- +{{- if (not .Values.mastodon.s3.enabled) }} apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -7,7 +7,8 @@ metadata: {{- include "mastodon.labels" . | nindent 4 }} spec: accessModes: - - {{ .Values.persistence.system.accessMode }} + - {{ .Values.mastodon.persistence.system.accessMode }} resources: - {{- toYaml .Values.persistence.assets.resources | nindent 4}} - storageClassName: {{ .Values.persistence.assets.storageClassName }} + {{- toYaml .Values.mastodon.persistence.assets.resources | nindent 4}} + storageClassName: {{ .Values.mastodon.persistence.assets.storageClassName }} +{{- end }} diff --git a/chart/templates/pvc-system.yaml b/chart/templates/pvc-system.yaml index 028551151..52398f0da 100644 --- a/chart/templates/pvc-system.yaml +++ b/chart/templates/pvc-system.yaml @@ -1,4 +1,4 @@ ---- +{{- if (not .Values.mastodon.s3.enabled) }} apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -7,7 +7,8 @@ metadata: {{- include "mastodon.labels" . | nindent 4 }} spec: accessModes: - - {{ .Values.persistence.system.accessMode }} + - {{ .Values.mastodon.persistence.system.accessMode }} resources: - {{- toYaml .Values.persistence.system.resources | nindent 4}} - storageClassName: {{ .Values.persistence.system.storageClassName }} + {{- toYaml .Values.mastodon.persistence.system.resources | nindent 4}} + storageClassName: {{ .Values.mastodon.persistence.system.storageClassName }} +{{- end }} diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml index 74f4b1516..0452a8ae1 100644 --- a/chart/templates/secrets.yaml +++ b/chart/templates/secrets.yaml @@ -6,23 +6,30 @@ metadata: {{- include "mastodon.labels" . | nindent 4 }} type: Opaque data: - {{- if not (empty .Values.secrets.secret_key_base) }} - SECRET_KEY_BASE: "{{ .Values.secrets.secret_key_base | b64enc }}" + {{- if .Values.mastodon.s3.enabled }} + AWS_ACCESS_KEY_ID: "{{ .Values.mastodon.s3.access_key | b64enc }}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.mastodon.s3.access_secret | b64enc }}" + {{- end }} + {{- if not (empty .Values.mastodon.secrets.secret_key_base) }} + SECRET_KEY_BASE: "{{ .Values.mastodon.secrets.secret_key_base | b64enc }}" {{- else }} - SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.secrets.secret_key_base }} + SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.mastodon.secrets.secret_key_base }} {{- end }} - {{- if not (empty .Values.secrets.otp_secret) }} - OTP_SECRET: "{{ .Values.secrets.otp_secret | b64enc }}" + {{- if not (empty .Values.mastodon.secrets.otp_secret) }} + OTP_SECRET: "{{ .Values.mastodon.secrets.otp_secret | b64enc }}" {{- else }} - OTP_SECRET: {{ required "otp_secret is required" .Values.secrets.otp_secret }} + OTP_SECRET: {{ required "otp_secret is required" .Values.mastodon.secrets.otp_secret }} {{- end }} - {{- if not (empty .Values.secrets.vapid.private_key) }} - VAPID_PRIVATE_KEY: "{{ .Values.secrets.vapid.private_key | b64enc }}" + {{- if not (empty .Values.mastodon.secrets.vapid.private_key) }} + VAPID_PRIVATE_KEY: "{{ .Values.mastodon.secrets.vapid.private_key | b64enc }}" {{- else }} - VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.secrets.vapid.private_key }} + VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.mastodon.secrets.vapid.private_key }} {{- end }} - {{- if not (empty .Values.secrets.vapid.public_key) }} - VAPID_PUBLIC_KEY: "{{ .Values.secrets.vapid.public_key | b64enc }}" + {{- if not (empty .Values.mastodon.secrets.vapid.public_key) }} + VAPID_PUBLIC_KEY: "{{ .Values.mastodon.secrets.vapid.public_key | b64enc }}" {{- else }} - VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.secrets.vapid.public_key }} + VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.mastodon.secrets.vapid.public_key }} + {{- end }} + {{- if not .Values.postgresql.enabled }} + postgresql-password: "{{ .Values.postgresql.postgresqlPassword | b64enc }}" {{- end }} diff --git a/chart/templates/service-streaming.yaml b/chart/templates/service-streaming.yaml index ff5dc13ea..a005e617c 100644 --- a/chart/templates/service-streaming.yaml +++ b/chart/templates/service-streaming.yaml @@ -7,7 +7,7 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.application.streaming.port }} + - port: {{ .Values.mastodon.streaming.port }} targetPort: streaming protocol: TCP name: streaming diff --git a/chart/templates/service-web.yaml b/chart/templates/service-web.yaml index e0df35b25..3563fde70 100644 --- a/chart/templates/service-web.yaml +++ b/chart/templates/service-web.yaml @@ -7,7 +7,7 @@ metadata: spec: type: {{ .Values.service.type }} ports: - - port: {{ .Values.service.port }} + - port: {{ .Values.mastodon.web.port }} targetPort: http protocol: TCP name: http |