mirror of
https://github.com/mastodon/chart
synced 2025-03-14 21:11:50 +00:00
Add values to inject trusted certs into streaming (#92)
Co-authored-by: Tim Campbell <timetinytim@gmail.com>
This commit is contained in:
parent
5fb5416a11
commit
674d9c4252
|
@ -39,6 +39,16 @@ spec:
|
||||||
securityContext:
|
securityContext:
|
||||||
{{- toYaml . | nindent 8 }}
|
{{- toYaml . | nindent 8 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
{{- with .Values.mastodon.streaming.extraCerts }}
|
||||||
|
{{- $name := .name | default "extra-certs" }}
|
||||||
|
volumes:
|
||||||
|
- name: {{ $name }}
|
||||||
|
secret:
|
||||||
|
secretName: {{ .existingSecret }}
|
||||||
|
items:
|
||||||
|
- key: ca.crt
|
||||||
|
path: trusted-ca.crt
|
||||||
|
{{- end }}
|
||||||
containers:
|
containers:
|
||||||
- name: {{ .Chart.Name }}-streaming
|
- name: {{ .Chart.Name }}-streaming
|
||||||
{{- with (default .Values.securityContext .Values.mastodon.streaming.securityContext) }}
|
{{- with (default .Values.securityContext .Values.mastodon.streaming.securityContext) }}
|
||||||
|
@ -50,6 +60,12 @@ spec:
|
||||||
command:
|
command:
|
||||||
- node
|
- node
|
||||||
- ./streaming
|
- ./streaming
|
||||||
|
{{- with .Values.mastodon.streaming.extraCerts }}
|
||||||
|
{{- $name := .name | default "extra-certs" }}
|
||||||
|
volumeMounts:
|
||||||
|
- name: {{ $name }}
|
||||||
|
mountPath: "/usr/local/share/ca-certificates"
|
||||||
|
{{- end }}
|
||||||
envFrom:
|
envFrom:
|
||||||
- configMapRef:
|
- configMapRef:
|
||||||
name: {{ include "mastodon.fullname" . }}-env
|
name: {{ include "mastodon.fullname" . }}-env
|
||||||
|
@ -58,6 +74,18 @@ spec:
|
||||||
name: {{ .Values.mastodon.extraEnvFrom }}
|
name: {{ .Values.mastodon.extraEnvFrom }}
|
||||||
{{- end}}
|
{{- end}}
|
||||||
env:
|
env:
|
||||||
|
{{- with .Values.mastodon.streaming.extraCerts }}
|
||||||
|
- name: "NODE_EXTRA_CA_CERTS"
|
||||||
|
value: "/usr/local/share/ca-certificates/trusted-ca.crt"
|
||||||
|
{{- with .sslMode }}
|
||||||
|
- name: "DB_SSLMODE"
|
||||||
|
value: {{ . }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- with .Values.postgresql.postgresqlReplicaHostname }}
|
||||||
|
- name: "DB_HOST"
|
||||||
|
value: {{ . }}
|
||||||
|
{{- end }}
|
||||||
- name: "DB_PASS"
|
- name: "DB_PASS"
|
||||||
valueFrom:
|
valueFrom:
|
||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
|
|
|
@ -230,6 +230,14 @@ mastodon:
|
||||||
# requests:
|
# requests:
|
||||||
# cpu: 250m
|
# cpu: 250m
|
||||||
# memory: 128Mi
|
# memory: 128Mi
|
||||||
|
# -- Self-signed certificate(s) the (Node.js) needs to trust to connect to e.g. the database
|
||||||
|
extraCerts: {}
|
||||||
|
# -- Secret containing a key "ca.crt" holding one or more root certificates in PEM format
|
||||||
|
# existingSecret:
|
||||||
|
# -- Optional volume name for mounting the .crt file, defaults to "extra-certs"
|
||||||
|
# name:
|
||||||
|
# -- Optional sslMode setting. See nodejs's SSL_MODE. Consider "no-verify"
|
||||||
|
# sslMode:
|
||||||
web:
|
web:
|
||||||
port: 3000
|
port: 3000
|
||||||
# -- Number of Web Pods running
|
# -- Number of Web Pods running
|
||||||
|
|
Loading…
Reference in New Issue
Block a user