Federated social network node, running on kosmos.social
https://kosmos.social
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
175 lines
4.6 KiB
175 lines
4.6 KiB
replicaCount: 1 |
|
|
|
image: |
|
repository: tootsuite/mastodon |
|
pullPolicy: Always |
|
# https://hub.docker.com/r/tootsuite/mastodon/tags |
|
tag: v3.3.0 |
|
# alternatively, use `latest` for the latest release or `edge` for the image |
|
# built from the most recent commit |
|
# |
|
# tag: latest |
|
|
|
ingress: |
|
enabled: false |
|
annotations: |
|
kubernetes.io/ingress.class: nginx |
|
kubernetes.io/tls-acme: "true" |
|
# cert-manager.io/cluster-issuer: "letsencrypt" |
|
# |
|
# ensure that NGINX's upload size matches Mastodon's |
|
# for the K8s ingress controller: |
|
# nginx.ingress.kubernetes.io/proxy-body-size: 40m |
|
# for the NGINX ingress controller: |
|
# nginx.org/client-max-body-size: 40m |
|
# this value is used for LOCAL_DOMAIN |
|
hostname: mastodon.local |
|
tls: |
|
- secretName: mastodon-tls |
|
hosts: |
|
- mastodon.local |
|
|
|
# create an initial administrator user; the password is autogenerated and will |
|
# have to be reset |
|
createAdmin: |
|
enabled: false |
|
username: not_gargron |
|
email: not@example.com |
|
|
|
# available locales: https://github.com/tootsuite/mastodon/blob/master/config/application.rb#L43 |
|
locale: en |
|
|
|
cron: |
|
# run `tootctl media remove` every week |
|
removeMedia: |
|
enabled: true |
|
schedule: "0 0 * * 0" |
|
|
|
application: |
|
web: |
|
port: 3000 |
|
streaming: |
|
port: 4000 |
|
# this should be set manually since os.cpus() returns the number of CPUs on |
|
# the node running the pod, which is unrelated to the resources allocated to |
|
# the pod by k8s |
|
workers: 1 |
|
sidekiq: |
|
concurrency: 25 |
|
|
|
# these must be set manually; autogenerated keys are rotated on each upgrade |
|
secrets: |
|
secret_key_base: "" |
|
otp_secret: "" |
|
vapid: |
|
private_key: "" |
|
public_key: "" |
|
|
|
smtp: |
|
auth_method: plain |
|
ca_file: |
|
delivery_method: smtp |
|
domain: |
|
enable_starttls_auto: true |
|
from_address: notifications@example.com |
|
login: |
|
openssl_verify_mode: peer |
|
password: |
|
port: 587 |
|
reply_to: |
|
server: smtp.mailgun.org |
|
tls: false |
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/elasticsearch#parameters |
|
elasticsearch: |
|
# `false` will disable full-text search |
|
# |
|
# if you enable ES after the initial install, you will need to manually run |
|
# RAILS_ENV=production bundle exec rake chewy:sync |
|
# (https://docs.joinmastodon.org/admin/optional/elasticsearch/) |
|
enabled: true |
|
# may be removed once https://github.com/tootsuite/mastodon/pull/13828 is part |
|
# of a tagged release |
|
image: |
|
tag: 6 |
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql#parameters |
|
postgresql: |
|
postgresqlDatabase: mastodon_production |
|
# you must set a password; the password generated by the postgresql chart will |
|
# be rotated on each upgrade: |
|
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql#upgrade |
|
postgresqlPassword: "" |
|
postgresqlUsername: postgres |
|
|
|
# https://github.com/bitnami/charts/tree/master/bitnami/redis#parameters |
|
redis: |
|
# you must set a password; the password generated by the redis chart will be |
|
# rotated on each upgrade: |
|
password: "" |
|
|
|
persistence: |
|
assets: |
|
# ReadWriteOnce is more widely supported than ReadWriteMany, but limits |
|
# scalability, since it requires the Rails and Sidekiq pods to run on the |
|
# same node. |
|
accessMode: ReadWriteOnce |
|
resources: |
|
requests: |
|
storage: 10Gi |
|
system: |
|
accessMode: ReadWriteOnce |
|
resources: |
|
requests: |
|
storage: 100Gi |
|
|
|
service: |
|
type: ClusterIP |
|
port: 80 |
|
|
|
# https://github.com/tootsuite/mastodon/blob/master/Dockerfile#L88 |
|
# |
|
# if you manually change the UID/GID environment variables, ensure these values |
|
# match: |
|
podSecurityContext: |
|
runAsUser: 991 |
|
runAsGroup: 991 |
|
fsGroup: 991 |
|
|
|
securityContext: {} |
|
|
|
serviceAccount: |
|
# Specifies whether a service account should be created |
|
create: true |
|
# Annotations to add to the service account |
|
annotations: {} |
|
# The name of the service account to use. |
|
# If not set and create is true, a name is generated using the fullname template |
|
name: "" |
|
|
|
podAnnotations: {} |
|
|
|
resources: {} |
|
# We usually recommend not to specify default resources and to leave this as a conscious |
|
# choice for the user. This also increases chances charts run on environments with little |
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following |
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'. |
|
# limits: |
|
# cpu: 100m |
|
# memory: 128Mi |
|
# requests: |
|
# cpu: 100m |
|
# memory: 128Mi |
|
|
|
autoscaling: |
|
enabled: false |
|
minReplicas: 1 |
|
maxReplicas: 100 |
|
targetCPUUtilizationPercentage: 80 |
|
# targetMemoryUtilizationPercentage: 80 |
|
|
|
nodeSelector: {} |
|
|
|
tolerations: [] |
|
|
|
affinity: {}
|
|
|