infra/kube-cascade
3
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
kube-cascade/toots-werts/deployment.yaml

180 lines
4.3 KiB
YAML
Raw Permalink Normal View History

true it on up y'all
2023-12-20 22:40:16 +00:00
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pleroma-uploads
namespace: toots-werts
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Gi
storageClassName: nfs
---
apiVersion: v1
kind: ConfigMap
metadata:
namespace: toots-werts
name: pleroma-config
data:
config.exs: |
import Config
config :pleroma, :instance,
healthcheck: true
config :pleroma, Pleroma.Repo,
adapter: Ecto.Adapters.Postgres,
ssl: true,
ssl_opts: [
verify: :verify_none
]
config :pleroma, Pleroma.Web.Endpoint,
url: [host: "toots.werts.us", scheme: "https"]
config :pleroma, Pleroma.Emails.Mailer,
adapter: Swoosh.Adapters.SMTP,
enabled: true,
relay: "smtp.mailgun.org",
username: "pleroma-admin@strudelline.net",
password: "245eaf795de6ea505d190a4aa2b2a046-28e9457d-e1805793",
port: 465,
ssl: true,
tls: :always,
auth: :always
config :ueberauth, Ueberauth.Strategy.Keycloak.OAuth,
client_id: System.get_env("KEYCLOAK_CLIENT_ID"),
client_secret: System.get_env("KEYCLOAK_CLIENT_SECRET"),
site: "https://auth.werts.us/",
authorize_url: "https://auth.werts.us/realms/werts/protocol/openid-connect/auth",
token_url: "https://auth.werts.us/realms/werts/protocol/openid-connect/token",
userinfo_url: "https://auth.werts.us/realms/werts/protocol/openid-connect/userinfo",
token_method: :post
config :ueberauth, Ueberauth,
providers: [
keycloak: {Ueberauth.Strategy.Keycloak, [uid_field: :email, default_scope: "profile"]}
]
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: toots-werts
name: pleroma
annotations:
"reloader.stakater.com/auto": "true"
spec:
replicas: 1
selector:
matchLabels:
app: pleroma
strategy:
type: Recreate
template:
metadata:
labels:
app: pleroma
spec:
containers:
- name: pleroma
image: jamesandariese/pleroma:latest-keycloak
imagePullPolicy: Always
env:
- name: DB_USER
valueFrom:
secretKeyRef:
key: user
name: pleroma-db-pguser-pleroma-db
- name: DB_PASS
valueFrom:
secretKeyRef:
key: password
name: pleroma-db-pguser-pleroma-db
- name: DB_HOST
valueFrom:
secretKeyRef:
key: host
name: pleroma-db-pguser-pleroma-db
- name: DB_NAME
valueFrom:
secretKeyRef:
key: dbname
name: pleroma-db-pguser-pleroma-db
- name: KEYCLOAK_CLIENT_ID
valueFrom:
secretKeyRef:
key: client_id
name: toots-oidc
- name: KEYCLOAK_CLIENT_SECRET
valueFrom:
secretKeyRef:
key: client_secret
name: toots-oidc
- name: OAUTH_CONSUMER_STRATEGIES
value: keycloak:ueberauth_keycloak_strategy
- name: INSTANCE_NAME
value: WerToots
- name: ADMIN_EMAIL
value: pleroma-admin@strudelline.net
- name: NOTIFY_EMAIL
value: pleroma-admin@strudelline.net
- name: DOMAIN
value: toots.werts.us
- name: PORT
value: "4000"
volumeMounts:
- mountPath: /var/lib/pleroma/uploads
name: pleroma-uploads
- mountPath: /var/lib/pleroma/config.exs
name: pleroma-config
subPath: config.exs
volumes:
- name: pleroma-uploads
persistentVolumeClaim:
claimName: pleroma-uploads
- name: pleroma-config
configMap:
name: pleroma-config
defaultMode: 0444
restartPolicy: Always
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: toots
namespace: toots-werts
spec:
ingressClassName: haproxy
rules:
- host: toots.werts.us
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: pleroma
port:
number: 4000
---
apiVersion: v1
kind: Service
metadata:
labels:
app: pleroma
name: pleroma
namespace: toots-werts
spec:
selector:
app: pleroma
ports:
- name: http
port: 4000
protocol: TCP
targetPort: 4000
clusterIP: None
type: ClusterIP
Reference in New Issue Copy Permalink