diff options
Diffstat (limited to 'chart')
| -rw-r--r-- | chart/Chart.yaml | 2 | ||||
| -rw-r--r-- | chart/README.md | 103 | ||||
| -rw-r--r-- | chart/readme.md | 49 | ||||
| -rw-r--r-- | chart/templates/_helpers.tpl | 9 | ||||
| -rw-r--r-- | chart/templates/configmap-env.yaml | 3 | ||||
| -rw-r--r-- | chart/templates/cronjob-media-remove.yaml | 6 | ||||
| -rw-r--r-- | chart/templates/deployment-sidekiq.yaml | 20 | ||||
| -rw-r--r-- | chart/templates/deployment-streaming.yaml | 22 | ||||
| -rw-r--r-- | chart/templates/deployment-web.yaml | 33 | ||||
| -rw-r--r-- | chart/templates/hpa.yaml | 10 | ||||
| -rw-r--r-- | chart/templates/ingress.yaml | 5 | ||||
| -rw-r--r-- | chart/templates/job-assets-precompile.yaml | 4 | ||||
| -rw-r--r-- | chart/templates/job-chewy-upgrade.yaml | 6 | ||||
| -rw-r--r-- | chart/templates/job-create-admin.yaml | 6 | ||||
| -rw-r--r-- | chart/templates/job-db-migrate.yaml | 4 | ||||
| -rw-r--r-- | chart/templates/pvc-assets.yaml | 6 | ||||
| -rw-r--r-- | chart/templates/pvc-system.yaml | 6 | ||||
| -rw-r--r-- | chart/templates/secrets.yaml | 4 | ||||
| -rw-r--r-- | chart/values.yaml | 17 |
19 files changed, 208 insertions, 107 deletions
diff --git a/chart/Chart.yaml b/chart/Chart.yaml index 6120a7f3a..c8ed0c9f9 100644 --- a/chart/Chart.yaml +++ b/chart/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.0.0 +version: 2.2.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/chart/README.md b/chart/README.md new file mode 100644 index 000000000..272d59a81 --- /dev/null +++ b/chart/README.md @@ -0,0 +1,103 @@ +# Introduction + +This is a [Helm](https://helm.sh/) chart for installing Mastodon into a +Kubernetes cluster. The basic usage is: + +1. edit `values.yaml` or create a separate yaml file for custom values +1. `helm dep update` +1. `helm install --namespace mastodon --create-namespace my-mastodon ./ -f path/to/additional/values.yaml` + +This chart has been tested on Helm 3.0.1 and above. + +# Configuration + +The variables that _must_ be configured are: + +- password and keys in the `mastodon.secrets`, `postgresql`, and `redis` groups; if + left blank, some of those values will be autogenerated, but will not persist + across upgrades. + +- SMTP settings for your mailer in the `mastodon.smtp` group. + +# Administration + +You can run [admin CLI](https://docs.joinmastodon.org/admin/tootctl/) commands in the web deployment. + +```bash +kubectl -n mastodon exec -it deployment/mastodon-web -- bash +tootctl accounts modify admin --reset-password +``` + +or +```bash +kubectl -n mastodon exec -it deployment/mastodon-web -- tootctl accounts modify admin --reset-password +``` + +# Missing features + +Currently this chart does _not_ support: + +- Hidden services +- Swift + +# Upgrading + +Because database migrations are managed as a Job separate from the Rails and +Sidekiq deployments, it’s possible they will occur in the wrong order. After +upgrading Mastodon versions, it may sometimes be necessary to manually delete +the Rails and Sidekiq pods so that they are recreated against the latest +migration. + +# Upgrades in 2.1.0 + +## ingressClassName and tls-acme changes +The annotations previously defaulting to nginx have been removed and support + for ingressClassName has been added. +```yaml +ingress: + annotations: + kubernetes.io/ingress.class: nginx + kubernetes.io/tls-acme: "true" +``` + +To restore the old functionality simply add the above snippet to your `values.yaml`, +but the recommendation is to replace these with `ingress.ingressClassName` and use +cert-manager's issuer/cluster-issuer instead of tls-acme. +If you're uncertain about your current setup leave `ingressClassName` empty and add +`kubernetes.io/tls-acme` to `ingress.annotations` in your `values.yaml`. + +# Upgrades in 2.0.0 + +## Fixed labels +Because of the changes in [#19706](https://github.com/mastodon/mastodon/pull/19706) the upgrade may fail with the following error: +```Error: UPGRADE FAILED: cannot patch "mastodon-sidekiq"``` + +If you want an easy upgrade and you're comfortable with some downtime then +simply delete the -sidekiq, -web, and -streaming Deployments manually. + +If you require a no-downtime upgrade then: +1. run `helm template` instead of `helm upgrade` +2. Copy the new -web and -streaming services into `services.yml` +3. Copy the new -web and -streaming deployments into `deployments.yml` +4. Append -temp to the name of each deployment in `deployments.yml` +5. `kubectl apply -f deployments.yml` then wait until all pods are ready +6. `kubectl apply -f services.yml` +7. Delete the old -sidekiq, -web, and -streaming deployments manually +8. `helm upgrade` like normal +9. `kubectl delete -f deployments.yml` to clear out the temporary deployments + +## PostgreSQL passwords +If you've previously installed the chart and you're having problems with +postgres not accepting your password then make sure to set `username` to +`postgres` and `password` and `postgresPassword` to the same passwords. +```yaml +postgresql: + auth: + username: postgres + password: <same password> + postgresPassword: <same password> +``` + +And make sure to set `password` to the same value as `postgres-password` +in your `mastodon-postgresql` secret: +```kubectl edit secret mastodon-postgresql``` \ No newline at end of file diff --git a/chart/readme.md b/chart/readme.md deleted file mode 100644 index edcc973bc..000000000 --- a/chart/readme.md +++ /dev/null @@ -1,49 +0,0 @@ -# Introduction - -This is a [Helm](https://helm.sh/) chart for installing Mastodon into a -Kubernetes cluster. The basic usage is: - -1. edit `values.yaml` or create a separate yaml file for custom values -1. `helm dep update` -1. `helm install --namespace mastodon --create-namespace my-mastodon ./ -f path/to/additional/values.yaml` - -This chart has been tested on Helm 3.0.1 and above. - -# Configuration - -The variables that _must_ be configured are: - -- password and keys in the `mastodon.secrets`, `postgresql`, and `redis` groups; if - left blank, some of those values will be autogenerated, but will not persist - across upgrades. - -- SMTP settings for your mailer in the `mastodon.smtp` group. - -# Administration - -You can run [admin CLI](https://docs.joinmastodon.org/admin/tootctl/) commands in the web deployment. - -```bash -kubectl -n mastodon exec -it deployment/mastodon-web -- bash -tootctl accounts modify admin --reset-password -``` - -or -```bash -kubectl -n mastodon exec -it deployment/mastodon-web -- tootctl accounts modify admin --reset-password -``` - -# Missing features - -Currently this chart does _not_ support: - -- Hidden services -- Swift - -# Upgrading - -Because database migrations are managed as a Job separate from the Rails and -Sidekiq deployments, it’s possible they will occur in the wrong order. After -upgrading Mastodon versions, it may sometimes be necessary to manually delete -the Rails and Sidekiq pods so that they are recreated against the latest -migration. diff --git a/chart/templates/_helpers.tpl b/chart/templates/_helpers.tpl index 71bb002ef..207780b34 100644 --- a/chart/templates/_helpers.tpl +++ b/chart/templates/_helpers.tpl @@ -52,6 +52,15 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{/* +Rolling pod annotations +*/}} +{{- define "mastodon.rollingPodAnnotations" -}} +rollme: {{ .Release.Revision | quote }} +checksum/config-secrets: {{ include ( print $.Template.BasePath "/secrets.yaml" ) . | sha256sum | quote }} +checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-env.yaml" ) . | sha256sum | quote }} +{{- end }} + +{{/* Create the name of the service account to use */}} {{- define "mastodon.serviceAccountName" -}} diff --git a/chart/templates/configmap-env.yaml b/chart/templates/configmap-env.yaml index 12da91cf9..00e60f315 100644 --- a/chart/templates/configmap-env.yaml +++ b/chart/templates/configmap-env.yaml @@ -58,6 +58,9 @@ data: {{- if .Values.mastodon.smtp.domain }} SMTP_DOMAIN: {{ .Values.mastodon.smtp.domain }} {{- end }} + {{- if .Values.mastodon.smtp.enable_starttls }} + SMTP_ENABLE_STARTTLS: {{ .Values.mastodon.smtp.enable_starttls | quote }} + {{- end }} {{- if .Values.mastodon.smtp.enable_starttls_auto }} SMTP_ENABLE_STARTTLS_AUTO: {{ .Values.mastodon.smtp.enable_starttls_auto | quote }} {{- end }} diff --git a/chart/templates/cronjob-media-remove.yaml b/chart/templates/cronjob-media-remove.yaml index d3566e32d..b175f0ee7 100644 --- a/chart/templates/cronjob-media-remove.yaml +++ b/chart/templates/cronjob-media-remove.yaml @@ -1,4 +1,4 @@ -{{ if .Values.mastodon.cron.removeMedia.enabled }} +{{ if .Values.mastodon.cron.removeMedia.enabled -}} apiVersion: batch/v1 kind: CronJob metadata: @@ -12,10 +12,10 @@ spec: template: metadata: name: {{ include "mastodon.fullname" . }}-media-remove - {{- with .Values.jobAnnotations }} + {{- with .Values.jobAnnotations }} annotations: {{- toYaml . | nindent 12 }} - {{- end }} + {{- end }} spec: restartPolicy: OnFailure {{- if (not .Values.mastodon.s3.enabled) }} diff --git a/chart/templates/deployment-sidekiq.yaml b/chart/templates/deployment-sidekiq.yaml index dd707a4d0..878b01150 100644 --- a/chart/templates/deployment-sidekiq.yaml +++ b/chart/templates/deployment-sidekiq.yaml @@ -5,9 +5,9 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} spec: -{{- if not .Values.autoscaling.enabled }} + {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} -{{- end }} + {{- end }} selector: matchLabels: {{- include "mastodon.selectorLabels" . | nindent 6 }} @@ -16,11 +16,11 @@ spec: template: metadata: annotations: - {{- with .Values.podAnnotations }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} - # roll the pods to pick up any db migrations - rollme: {{ randAlphaNum 5 | quote }} + {{- end }} + # roll the pods to pick up any db migrations or other changes + {{- include "mastodon.rollingPodAnnotations" . | nindent 8 }} labels: {{- include "mastodon.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: sidekiq @@ -31,8 +31,10 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "mastodon.serviceAccountName" . }} + {{- with .Values.podSecurityContext }} securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- if (not .Values.mastodon.s3.enabled) }} # ensure we run on the same node as the other rails components; only # required when using PVCs that are ReadWriteOnce @@ -95,7 +97,7 @@ spec: secretKeyRef: name: {{ .Values.mastodon.s3.existingSecret }} key: AWS_ACCESS_KEY_ID - {{- end -}} + {{- end }} {{- if .Values.mastodon.smtp.existingSecret }} - name: "SMTP_LOGIN" valueFrom: @@ -108,7 +110,7 @@ spec: secretKeyRef: name: {{ .Values.mastodon.smtp.existingSecret }} key: password - {{- end -}} + {{- end }} {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets diff --git a/chart/templates/deployment-streaming.yaml b/chart/templates/deployment-streaming.yaml index 7f03c9e23..5d565765e 100644 --- a/chart/templates/deployment-streaming.yaml +++ b/chart/templates/deployment-streaming.yaml @@ -5,19 +5,21 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} spec: -{{- if not .Values.autoscaling.enabled }} + {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} -{{- end }} + {{- end }} selector: matchLabels: {{- include "mastodon.selectorLabels" . | nindent 6 }} app.kubernetes.io/component: streaming template: metadata: - {{- with .Values.podAnnotations }} annotations: + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} + # roll the pods to pick up any db migrations or other changes + {{- include "mastodon.rollingPodAnnotations" . | nindent 8 }} labels: {{- include "mastodon.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: streaming @@ -27,12 +29,16 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "mastodon.serviceAccountName" . }} + {{- with .Values.podSecurityContext }} securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: {{ .Chart.Name }} + {{- with .Values.securityContext }} securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} command: @@ -66,8 +72,10 @@ spec: httpGet: path: /api/v1/streaming/health port: streaming + {{- with .Values.resources }} resources: - {{- toYaml .Values.resources | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/chart/templates/deployment-web.yaml b/chart/templates/deployment-web.yaml index fb58b1ade..ec67481bf 100644 --- a/chart/templates/deployment-web.yaml +++ b/chart/templates/deployment-web.yaml @@ -5,9 +5,9 @@ metadata: labels: {{- include "mastodon.labels" . | nindent 4 }} spec: -{{- if not .Values.autoscaling.enabled }} + {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} -{{- end }} + {{- end }} selector: matchLabels: {{- include "mastodon.selectorLabels" . | nindent 6 }} @@ -16,11 +16,11 @@ spec: template: metadata: annotations: - {{- with .Values.podAnnotations }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} - {{- end }} - # roll the pods to pick up any db migrations - rollme: {{ randAlphaNum 5 | quote }} + {{- end }} + # roll the pods to pick up any db migrations or other changes + {{- include "mastodon.rollingPodAnnotations" . | nindent 8 }} labels: {{- include "mastodon.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: web @@ -31,8 +31,10 @@ spec: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "mastodon.serviceAccountName" . }} + {{- with .Values.podSecurityContext }} securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} + {{- toYaml . | nindent 8 }} + {{- end }} {{- if (not .Values.mastodon.s3.enabled) }} volumes: - name: assets @@ -44,8 +46,10 @@ spec: {{- end }} containers: - name: {{ .Chart.Name }} + {{- with .Values.securityContext }} securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} command: @@ -83,7 +87,7 @@ spec: secretKeyRef: name: {{ .Values.mastodon.s3.existingSecret }} key: AWS_ACCESS_KEY_ID - {{- end -}} + {{- end }} {{- if (not .Values.mastodon.s3.enabled) }} volumeMounts: - name: assets @@ -96,15 +100,22 @@ spec: containerPort: {{ .Values.mastodon.web.port }} protocol: TCP livenessProbe: + tcpSocket: + port: http + readinessProbe: httpGet: path: /health port: http - readinessProbe: + startupProbe: httpGet: path: /health port: http + failureThreshold: 30 + periodSeconds: 5 + {{- with .Values.resources }} resources: - {{- toYaml .Values.resources | nindent 12 }} + {{- toYaml . | nindent 12 }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/chart/templates/hpa.yaml b/chart/templates/hpa.yaml index 3f9aa8a93..b23b2cb16 100644 --- a/chart/templates/hpa.yaml +++ b/chart/templates/hpa.yaml @@ -1,4 +1,4 @@ -{{- if .Values.autoscaling.enabled }} +{{- if .Values.autoscaling.enabled -}} apiVersion: autoscaling/v2beta1 kind: HorizontalPodAutoscaler metadata: @@ -13,16 +13,16 @@ spec: minReplicas: {{ .Values.autoscaling.minReplicas }} maxReplicas: {{ .Values.autoscaling.maxReplicas }} metrics: - {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} + {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - type: Resource resource: name: cpu targetAverageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} - {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} + {{- end }} + {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - type: Resource resource: name: memory targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} + {{- end }} {{- end }} diff --git a/chart/templates/ingress.yaml b/chart/templates/ingress.yaml index 811d98a22..e5c5e1dc6 100644 --- a/chart/templates/ingress.yaml +++ b/chart/templates/ingress.yaml @@ -2,7 +2,7 @@ {{- $fullName := include "mastodon.fullname" . -}} {{- $webPort := .Values.mastodon.web.port -}} {{- $streamingPort := .Values.mastodon.streaming.port -}} -{{- if or (.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress") (not (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress")) }} +{{- if or (.Capabilities.APIVersions.Has "networking.k8s.io/v1/Ingress") (not (.Capabilities.APIVersions.Has "networking.k8s.io/v1beta1/Ingress")) -}} apiVersion: networking.k8s.io/v1 {{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} apiVersion: networking.k8s.io/v1beta1 @@ -19,6 +19,9 @@ metadata: {{- toYaml . | nindent 4 }} {{- end }} spec: + {{- if .Values.ingress.ingressClassName }} + ingressClassName: {{ .Values.ingress.ingressClassName }} + {{- end }} {{- if .Values.ingress.tls }} tls: {{- range .Values.ingress.tls }} diff --git a/chart/templates/job-assets-precompile.yaml b/chart/templates/job-assets-precompile.yaml index 9bdec2ab7..30d54b76f 100644 --- a/chart/templates/job-assets-precompile.yaml +++ b/chart/templates/job-assets-precompile.yaml @@ -12,10 +12,10 @@ spec: template: metadata: name: {{ include "mastodon.fullname" . }}-assets-precompile - {{- with .Values.jobAnnotations }} + {{- with .Values.jobAnnotations }} annotations: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} spec: restartPolicy: Never {{- if (not .Values.mastodon.s3.enabled) }} diff --git a/chart/templates/job-chewy-upgrade.yaml b/chart/templates/job-chewy-upgrade.yaml index 556133dd3..5b22a8610 100644 --- a/chart/templates/job-chewy-upgrade.yaml +++ b/chart/templates/job-chewy-upgrade.yaml @@ -1,4 +1,4 @@ -{{- if .Values.elasticsearch.enabled }} +{{- if .Values.elasticsearch.enabled -}} apiVersion: batch/v1 kind: Job metadata: @@ -13,10 +13,10 @@ spec: template: metadata: name: {{ include "mastodon.fullname" . }}-chewy-upgrade - {{- with .Values.jobAnnotations }} + {{- with .Values.jobAnnotations }} annotations: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} spec: restartPolicy: Never {{- if (not .Values.mastodon.s3.enabled) }} diff --git a/chart/templates/job-create-admin.yaml b/chart/templates/job-create-admin.yaml index 94d39dcbb..f28cdab41 100644 --- a/chart/templates/job-create-admin.yaml +++ b/chart/templates/job-create-admin.yaml @@ -1,4 +1,4 @@ -{{- if .Values.mastodon.createAdmin.enabled }} +{{- if .Values.mastodon.createAdmin.enabled -}} apiVersion: batch/v1 kind: Job metadata: @@ -13,10 +13,10 @@ spec: template: metadata: name: {{ include "mastodon.fullname" . }}-create-admin - {{- with .Values.jobAnnotations }} + {{- with .Values.jobAnnotations }} annotations: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} spec: restartPolicy: Never {{- if (not .Values.mastodon.s3.enabled) }} diff --git a/chart/templates/job-db-migrate.yaml b/chart/templates/job-db-migrate.yaml index e1544d2b6..db09c6ea2 100644 --- a/chart/templates/job-db-migrate.yaml +++ b/chart/templates/job-db-migrate.yaml @@ -12,10 +12,10 @@ spec: template: metadata: name: {{ include "mastodon.fullname" . }}-db-migrate - {{- with .Values.jobAnnotations }} + {{- with .Values.jobAnnotations }} annotations: {{- toYaml . | nindent 8 }} - {{- end }} + {{- end }} spec: restartPolicy: Never {{- if (not .Values.mastodon.s3.enabled) }} diff --git a/chart/templates/pvc-assets.yaml b/chart/templates/pvc-assets.yaml index 58b2179df..36d555898 100644 --- a/chart/templates/pvc-assets.yaml +++ b/chart/templates/pvc-assets.yaml @@ -1,4 +1,4 @@ -{{- if (not .Values.mastodon.s3.enabled) }} +{{- if (not .Values.mastodon.s3.enabled) -}} apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -8,7 +8,9 @@ metadata: spec: accessModes: - {{ .Values.mastodon.persistence.system.accessMode }} + {{- with .Values.mastodon.persistence.assets.resources }} resources: - {{- toYaml .Values.mastodon.persistence.assets.resources | nindent 4}} + {{- toYaml . | nindent 4 }} + {{- end }} storageClassName: {{ .Values.mastodon.persistence.assets.storageClassName }} {{- end }} diff --git a/chart/templates/pvc-system.yaml b/chart/templates/pvc-system.yaml index 52398f0da..9865346ea 100644 --- a/chart/templates/pvc-system.yaml +++ b/chart/templates/pvc-system.yaml @@ -1,4 +1,4 @@ -{{- if (not .Values.mastodon.s3.enabled) }} +{{- if (not .Values.mastodon.s3.enabled) -}} apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -8,7 +8,9 @@ metadata: spec: accessModes: - {{ .Values.mastodon.persistence.system.accessMode }} + {{- with .Values.mastodon.persistence.system.resources }} resources: - {{- toYaml .Values.mastodon.persistence.system.resources | nindent 4}} + {{- toYaml . | nindent 4 }} + {{- end }} storageClassName: {{ .Values.mastodon.persistence.system.storageClassName }} {{- end }} diff --git a/chart/templates/secrets.yaml b/chart/templates/secrets.yaml index d7ac936ce..d1776ac59 100644 --- a/chart/templates/secrets.yaml +++ b/chart/templates/secrets.yaml @@ -1,4 +1,4 @@ -{{- if (include "mastodon.createSecret" .) }} +{{- if (include "mastodon.createSecret" .) -}} apiVersion: v1 kind: Secret metadata: @@ -40,4 +40,4 @@ data: password: "{{ .Values.postgresql.auth.password | b64enc }}" {{- end }} {{- end }} -{{- end -}} +{{- end }} diff --git a/chart/values.yaml b/chart/values.yaml index 170025b50..5cee86e0e 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -77,7 +77,7 @@ mastodon: ca_file: /etc/ssl/certs/ca-certificates.crt delivery_method: smtp domain: - enable_starttls_auto: true + enable_starttls: 'auto' from_address: notifications@example.com openssl_verify_mode: peer port: 587 @@ -104,8 +104,11 @@ mastodon: ingress: enabled: true annotations: - kubernetes.io/ingress.class: nginx - kubernetes.io/tls-acme: "true" + # For choosing an ingress ingressClassName is preferred over annotations + # kubernetes.io/ingress.class: nginx + # + # To automatically request TLS certificates use one of the following + # kubernetes.io/tls-acme: "true" # cert-manager.io/cluster-issuer: "letsencrypt" # # ensure that NGINX's upload size matches Mastodon's @@ -113,6 +116,8 @@ ingress: # nginx.ingress.kubernetes.io/proxy-body-size: 40m # for the NGINX ingress controller: # nginx.org/client-max-body-size: 40m + # you can specify the ingressClassName if it differs from the default + ingressClassName: hosts: - host: mastodon.local paths: @@ -146,8 +151,10 @@ postgresql: # be rotated on each upgrade: # https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrade password: "" - # Set same value as above - postgresPassword: "" + # Set the password for the "postgres" admin user + # set this to the same value as above if you've previously installed + # this chart and you're having problems getting mastodon to connect to the DB + # postgresPassword: "" # you can also specify the name of an existing Secret # with a key of password set to the password you want existingSecret: "" |