mirror of
https://github.com/mastodon/chart
synced 2025-03-14 21:11:50 +00:00
Create new pre/post migrate jobs (#163)
This commit is contained in:
parent
18272009b2
commit
cbd5259b69
107
templates/_db-migrate.tpl
Normal file
107
templates/_db-migrate.tpl
Normal file
|
@ -0,0 +1,107 @@
|
||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
{{/*
|
||||||
|
Spec template for DB migration pre- and post-install/upgrade jobs.
|
||||||
|
*/}}
|
||||||
|
{{- define "mastodon.dbMigrateJob" -}}
|
||||||
|
apiVersion: batch/v1
|
||||||
|
kind: Job
|
||||||
|
metadata:
|
||||||
|
{{- if .prepare }}
|
||||||
|
name: {{ include "mastodon.fullname" . }}-db-prepare
|
||||||
|
{{- else if .preDeploy }}
|
||||||
|
name: {{ include "mastodon.fullname" . }}-db-pre-migrate
|
||||||
|
{{- else }}
|
||||||
|
name: {{ include "mastodon.fullname" . }}-db-post-migrate
|
||||||
|
{{- end }}
|
||||||
|
labels:
|
||||||
|
{{- include "mastodon.labels" . | nindent 4 }}
|
||||||
|
annotations:
|
||||||
|
{{- if .prepare }}
|
||||||
|
"helm.sh/hook": pre-install
|
||||||
|
{{- else if .preDeploy }}
|
||||||
|
"helm.sh/hook": pre-upgrade
|
||||||
|
{{- else }}
|
||||||
|
"helm.sh/hook": post-install,post-upgrade
|
||||||
|
{{- end }}
|
||||||
|
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
|
||||||
|
"helm.sh/hook-weight": "-2"
|
||||||
|
spec:
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
name: {{ include "mastodon.fullname" . }}-db-migrate
|
||||||
|
{{- with .Values.jobAnnotations }}
|
||||||
|
annotations:
|
||||||
|
{{- toYaml . | nindent 8 }}
|
||||||
|
{{- end }}
|
||||||
|
spec:
|
||||||
|
restartPolicy: Never
|
||||||
|
containers:
|
||||||
|
- name: {{ include "mastodon.fullname" . }}-db-migrate
|
||||||
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
||||||
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
||||||
|
command:
|
||||||
|
- bundle
|
||||||
|
- exec
|
||||||
|
- rake
|
||||||
|
{{- if .prepare }}
|
||||||
|
- db:prepare
|
||||||
|
{{- else }}
|
||||||
|
- db:migrate
|
||||||
|
{{- end }}
|
||||||
|
envFrom:
|
||||||
|
- secretRef:
|
||||||
|
{{- if and .prepare (not .Values.mastodon.secrets.existingSecret) }}
|
||||||
|
name: {{ template "mastodon.secretName" . }}-prepare
|
||||||
|
{{- else }}
|
||||||
|
name: {{ template "mastodon.secretName" . }}
|
||||||
|
{{- end }}
|
||||||
|
env:
|
||||||
|
- name: "DB_HOST"
|
||||||
|
value: {{ template "mastodon.postgres.host" . }}
|
||||||
|
- name: "DB_PORT"
|
||||||
|
value: {{ template "mastodon.postgres.port" . }}
|
||||||
|
- name: "DB_NAME"
|
||||||
|
value: {{ .Values.postgresql.auth.database }}
|
||||||
|
- name: "DB_USER"
|
||||||
|
value: {{ .Values.postgresql.auth.username }}
|
||||||
|
- name: "DB_PASS"
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ template "mastodon.postgresql.secretName" . }}
|
||||||
|
key: password
|
||||||
|
- name: "REDIS_HOST"
|
||||||
|
value: {{ template "mastodon.redis.host" . }}
|
||||||
|
- name: "REDIS_PORT"
|
||||||
|
value: {{ .Values.redis.port | default "6379" | quote }}
|
||||||
|
{{- if .Values.redis.sidekiq.enabled }}
|
||||||
|
{{- if .Values.redis.sidekiq.hostname }}
|
||||||
|
- name: SIDEKIQ_REDIS_HOST
|
||||||
|
value: {{ .Values.redis.sidekiq.hostname }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.redis.sidekiq.port }}
|
||||||
|
- name: SIDEKIQ_REDIS_PORT
|
||||||
|
value: {{ .Values.redis.sidekiq.port | quote }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.redis.cache.enabled }}
|
||||||
|
{{- if .Values.redis.cache.hostname }}
|
||||||
|
- name: CACHE_REDIS_HOST
|
||||||
|
value: {{ .Values.redis.cache.hostname }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if .Values.redis.cache.port }}
|
||||||
|
- name: CACHE_REDIS_PORT
|
||||||
|
value: {{ .Values.redis.cache.port | quote }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
- name: "REDIS_DRIVER"
|
||||||
|
value: "ruby"
|
||||||
|
- name: "REDIS_PASSWORD"
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: {{ template "mastodon.redis.secretName" . }}
|
||||||
|
key: redis-password
|
||||||
|
{{- if .preDeploy }}
|
||||||
|
- name: "SKIP_POST_DEPLOYMENT_MIGRATIONS"
|
||||||
|
value: "true"
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
|
@ -121,6 +121,33 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
|
||||||
{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
|
{{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}}
|
||||||
{{- end -}}
|
{{- end -}}
|
||||||
|
|
||||||
|
{{/*
|
||||||
|
Establish which values we will use for remote connections
|
||||||
|
*/}}
|
||||||
|
{{- define "mastodon.postgres.host" -}}
|
||||||
|
{{- if .Values.postgresql.enabled }}
|
||||||
|
{{- printf "%s" (include "mastodon.postgresql.fullname" .) -}}
|
||||||
|
{{- else }}
|
||||||
|
{{- printf "%s" .Values.postgresql.postgresqlHostname -}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "mastodon.postgres.port" -}}
|
||||||
|
{{- if .Values.postgresql.enabled }}
|
||||||
|
{{- printf "%d" 5432 | int | quote -}}
|
||||||
|
{{- else }}
|
||||||
|
{{- printf "%d" | default 5432 .Values.postgresql.postgresqlPort | int | quote -}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
|
{{- define "mastodon.redis.host" -}}
|
||||||
|
{{- if .Values.redis.enabled }}
|
||||||
|
{{- printf "%s-%s" (include "mastodon.redis.fullname" .) "master" -}}
|
||||||
|
{{- else }}
|
||||||
|
{{- printf "%s" (required "When the redis chart is disabled .Values.redis.hostname is required" .Values.redis.hostname) -}}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
|
||||||
{{/*
|
{{/*
|
||||||
Get the mastodon secret.
|
Get the mastodon secret.
|
||||||
*/}}
|
*/}}
|
||||||
|
|
72
templates/_secrets.tpl
Normal file
72
templates/_secrets.tpl
Normal file
|
@ -0,0 +1,72 @@
|
||||||
|
{{/* vim: set filetype=mustache: */}}
|
||||||
|
{{/*
|
||||||
|
Spec template for mastodon secrets object.
|
||||||
|
*/}}
|
||||||
|
{{- define "mastodon.secrets.object" -}}
|
||||||
|
apiVersion: v1
|
||||||
|
kind: Secret
|
||||||
|
metadata:
|
||||||
|
{{- if .prepare }}
|
||||||
|
name: {{ template "mastodon.fullname" . }}-prepare
|
||||||
|
{{- else }}
|
||||||
|
name: {{ template "mastodon.fullname" . }}
|
||||||
|
{{- end }}
|
||||||
|
labels:
|
||||||
|
{{- include "mastodon.labels" . | nindent 4 }}
|
||||||
|
annotations:
|
||||||
|
{{- if .prepare }}
|
||||||
|
"helm.sh/hook": pre-install
|
||||||
|
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
|
||||||
|
"helm.sh/hook-weight": "-3"
|
||||||
|
{{- end }}
|
||||||
|
type: Opaque
|
||||||
|
data:
|
||||||
|
{{- if .Values.mastodon.s3.enabled }}
|
||||||
|
{{- if not .Values.mastodon.s3.existingSecret }}
|
||||||
|
AWS_ACCESS_KEY_ID: "{{ .Values.mastodon.s3.access_key | b64enc }}"
|
||||||
|
AWS_SECRET_ACCESS_KEY: "{{ .Values.mastodon.s3.access_secret | b64enc }}"
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not .Values.mastodon.secrets.existingSecret }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.secret_key_base) }}
|
||||||
|
SECRET_KEY_BASE: "{{ .Values.mastodon.secrets.secret_key_base | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.mastodon.secrets.secret_key_base }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.otp_secret) }}
|
||||||
|
OTP_SECRET: "{{ .Values.mastodon.secrets.otp_secret | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
OTP_SECRET: {{ required "otp_secret is required" .Values.mastodon.secrets.otp_secret }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.vapid.private_key) }}
|
||||||
|
VAPID_PRIVATE_KEY: "{{ .Values.mastodon.secrets.vapid.private_key | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.mastodon.secrets.vapid.private_key }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.vapid.public_key) }}
|
||||||
|
VAPID_PUBLIC_KEY: "{{ .Values.mastodon.secrets.vapid.public_key | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.mastodon.secrets.vapid.public_key }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.activeRecordEncryption.primaryKey) }}
|
||||||
|
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: "{{ .Values.mastodon.secrets.activeRecordEncryption.primaryKey | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: {{ required "activeRecordEncryption.primaryKey is required" .Values.mastodon.secrets.activeRecordEncryption.primaryKey }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.activeRecordEncryption.deterministicKey) }}
|
||||||
|
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: "{{ .Values.mastodon.secrets.activeRecordEncryption.deterministicKey | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: {{ required "activeRecordEncryption.deterministicKey is required" .Values.mastodon.secrets.activeRecordEncryption.deterministicKey }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not (empty .Values.mastodon.secrets.activeRecordEncryption.keyDerivationSalt) }}
|
||||||
|
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: "{{ .Values.mastodon.secrets.activeRecordEncryption.keyDerivationSalt | b64enc }}"
|
||||||
|
{{- else }}
|
||||||
|
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: {{ required "activeRecordEncryption.keyDerivationSalt is required" .Values.mastodon.secrets.activeRecordEncryption.keyDerivationSalt }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- if not .Values.postgresql.enabled }}
|
||||||
|
{{- if not .Values.postgresql.auth.existingSecret }}
|
||||||
|
password: "{{ .Values.postgresql.auth.password | b64enc }}"
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
||||||
|
{{- end }}
|
|
@ -5,13 +5,8 @@ metadata:
|
||||||
labels:
|
labels:
|
||||||
{{- include "mastodon.labels" . | nindent 4 }}
|
{{- include "mastodon.labels" . | nindent 4 }}
|
||||||
data:
|
data:
|
||||||
{{- if .Values.postgresql.enabled }}
|
DB_HOST: {{ template "mastodon.postgres.host" . }}
|
||||||
DB_HOST: {{ template "mastodon.postgresql.fullname" . }}
|
DB_PORT: {{ template "mastodon.postgres.port" . }}
|
||||||
DB_PORT: "5432"
|
|
||||||
{{- else }}
|
|
||||||
DB_HOST: {{ .Values.postgresql.postgresqlHostname }}
|
|
||||||
DB_PORT: {{ .Values.postgresql.postgresqlPort | default "5432" | quote }}
|
|
||||||
{{- end }}
|
|
||||||
DB_NAME: {{ .Values.postgresql.auth.database }}
|
DB_NAME: {{ .Values.postgresql.auth.database }}
|
||||||
DB_POOL: {{ include "mastodon.maxDbPool" . }}
|
DB_POOL: {{ include "mastodon.maxDbPool" . }}
|
||||||
DB_USER: {{ .Values.postgresql.auth.username }}
|
DB_USER: {{ .Values.postgresql.auth.username }}
|
||||||
|
@ -66,11 +61,7 @@ data:
|
||||||
MALLOC_ARENA_MAX: "2"
|
MALLOC_ARENA_MAX: "2"
|
||||||
NODE_ENV: "production"
|
NODE_ENV: "production"
|
||||||
RAILS_ENV: "production"
|
RAILS_ENV: "production"
|
||||||
{{- if .Values.redis.enabled }}
|
REDIS_HOST: {{ template "mastodon.redis.host" . }}
|
||||||
REDIS_HOST: {{ template "mastodon.redis.fullname" . }}-master
|
|
||||||
{{- else }}
|
|
||||||
REDIS_HOST: {{ required "When the redis chart is disabled .Values.redis.hostname is required" .Values.redis.hostname }}
|
|
||||||
{{- end }}
|
|
||||||
REDIS_PORT: {{ .Values.redis.port | default "6379" | quote }}
|
REDIS_PORT: {{ .Values.redis.port | default "6379" | quote }}
|
||||||
{{- if .Values.redis.sidekiq.enabled }}
|
{{- if .Values.redis.sidekiq.enabled }}
|
||||||
{{- if .Values.redis.sidekiq.hostname }}
|
{{- if .Values.redis.sidekiq.hostname }}
|
||||||
|
|
|
@ -1,93 +1 @@
|
||||||
{{- if .Values.mastodon.hooks.dbMigrate.enabled -}}
|
{{- include "mastodon.dbMigrateJob" (merge (dict "preDeploy" false ) .) }}
|
||||||
apiVersion: batch/v1
|
|
||||||
kind: Job
|
|
||||||
metadata:
|
|
||||||
name: {{ include "mastodon.fullname" . }}-db-migrate
|
|
||||||
labels:
|
|
||||||
{{- include "mastodon.labels" . | nindent 4 }}
|
|
||||||
annotations:
|
|
||||||
"helm.sh/hook": post-install,pre-upgrade
|
|
||||||
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
|
|
||||||
"helm.sh/hook-weight": "-2"
|
|
||||||
spec:
|
|
||||||
template:
|
|
||||||
metadata:
|
|
||||||
name: {{ include "mastodon.fullname" . }}-db-migrate
|
|
||||||
{{- with .Values.jobAnnotations }}
|
|
||||||
annotations:
|
|
||||||
{{- toYaml . | nindent 8 }}
|
|
||||||
{{- end }}
|
|
||||||
spec:
|
|
||||||
restartPolicy: Never
|
|
||||||
{{- if (not .Values.mastodon.s3.enabled) }}
|
|
||||||
# ensure we run on the same node as the other rails components; only
|
|
||||||
# required when using PVCs that are ReadWriteOnce
|
|
||||||
{{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
|
|
||||||
affinity:
|
|
||||||
podAffinity:
|
|
||||||
requiredDuringSchedulingIgnoredDuringExecution:
|
|
||||||
- labelSelector:
|
|
||||||
matchExpressions:
|
|
||||||
- key: app.kubernetes.io/part-of
|
|
||||||
operator: In
|
|
||||||
values:
|
|
||||||
- rails
|
|
||||||
topologyKey: kubernetes.io/hostname
|
|
||||||
{{- end }}
|
|
||||||
volumes:
|
|
||||||
- name: assets
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: {{ template "mastodon.pvc.assets" . }}
|
|
||||||
- name: system
|
|
||||||
persistentVolumeClaim:
|
|
||||||
claimName: {{ template "mastodon.pvc.system" . }}
|
|
||||||
{{- end }}
|
|
||||||
containers:
|
|
||||||
- name: {{ include "mastodon.fullname" . }}-db-migrate
|
|
||||||
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
||||||
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
||||||
command:
|
|
||||||
- bundle
|
|
||||||
- exec
|
|
||||||
- rake
|
|
||||||
- db:migrate
|
|
||||||
envFrom:
|
|
||||||
- configMapRef:
|
|
||||||
name: {{ include "mastodon.fullname" . }}-env
|
|
||||||
- secretRef:
|
|
||||||
name: {{ template "mastodon.secretName" . }}
|
|
||||||
env:
|
|
||||||
- name: "DB_PASS"
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ template "mastodon.postgresql.secretName" . }}
|
|
||||||
key: password
|
|
||||||
- name: "REDIS_PASSWORD"
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ template "mastodon.redis.secretName" . }}
|
|
||||||
key: redis-password
|
|
||||||
{{- if and .Values.redis.sidekiq.enabled .Values.redis.sidekiq.auth.existingSecret }}
|
|
||||||
- name: "SIDEKIQ_REDIS_PASSWORD"
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ template "mastodon.redis.sidekiq.secretName" . }}
|
|
||||||
key: redis-password
|
|
||||||
{{- end }}
|
|
||||||
{{- if and .Values.redis.cache.enabled .Values.redis.cache.auth.existingSecret }}
|
|
||||||
- name: "CACHE_REDIS_PASSWORD"
|
|
||||||
valueFrom:
|
|
||||||
secretKeyRef:
|
|
||||||
name: {{ template "mastodon.redis.cache.secretName" . }}
|
|
||||||
key: redis-password
|
|
||||||
{{- end }}
|
|
||||||
- name: "PORT"
|
|
||||||
value: {{ .Values.mastodon.web.port | quote }}
|
|
||||||
{{- if (not .Values.mastodon.s3.enabled) }}
|
|
||||||
volumeMounts:
|
|
||||||
- name: assets
|
|
||||||
mountPath: /opt/mastodon/public/assets
|
|
||||||
- name: system
|
|
||||||
mountPath: /opt/mastodon/public/system
|
|
||||||
{{- end }}
|
|
||||||
{{- end -}}
|
|
||||||
|
|
1
templates/job-db-pre-migrate.yaml
Normal file
1
templates/job-db-pre-migrate.yaml
Normal file
|
@ -0,0 +1 @@
|
||||||
|
{{- include "mastodon.dbMigrateJob" (merge (dict "preDeploy" true ) .) }}
|
4
templates/job-db-prepare.yaml
Normal file
4
templates/job-db-prepare.yaml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# Does not work with included database because of helm install order.
|
||||||
|
{{- if not .Values.postgresql.enabled }}
|
||||||
|
{{- include "mastodon.dbMigrateJob" (merge (dict "prepare" true ) .) }}
|
||||||
|
{{- end }}
|
4
templates/secret-prepare.yml
Normal file
4
templates/secret-prepare.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
# Does not work with included database because of helm install order.
|
||||||
|
{{- if and (include "mastodon.createSecret" .) (not .Values.postgresql.enabled) -}}
|
||||||
|
{{- include "mastodon.secrets.object" (merge (dict "prepare" true ) .) }}
|
||||||
|
{{- end }}
|
|
@ -1,58 +1,3 @@
|
||||||
{{- if (include "mastodon.createSecret" .) -}}
|
{{- if (include "mastodon.createSecret" .) -}}
|
||||||
apiVersion: v1
|
{{- include "mastodon.secrets.object" . }}
|
||||||
kind: Secret
|
|
||||||
metadata:
|
|
||||||
name: {{ template "mastodon.fullname" . }}
|
|
||||||
labels:
|
|
||||||
{{- include "mastodon.labels" . | nindent 4 }}
|
|
||||||
type: Opaque
|
|
||||||
data:
|
|
||||||
{{- if .Values.mastodon.s3.enabled }}
|
|
||||||
{{- if not .Values.mastodon.s3.existingSecret }}
|
|
||||||
AWS_ACCESS_KEY_ID: "{{ .Values.mastodon.s3.access_key | b64enc }}"
|
|
||||||
AWS_SECRET_ACCESS_KEY: "{{ .Values.mastodon.s3.access_secret | b64enc }}"
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not .Values.mastodon.secrets.existingSecret }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.secret_key_base) }}
|
|
||||||
SECRET_KEY_BASE: "{{ .Values.mastodon.secrets.secret_key_base | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
SECRET_KEY_BASE: {{ required "secret_key_base is required" .Values.mastodon.secrets.secret_key_base }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.otp_secret) }}
|
|
||||||
OTP_SECRET: "{{ .Values.mastodon.secrets.otp_secret | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
OTP_SECRET: {{ required "otp_secret is required" .Values.mastodon.secrets.otp_secret }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.vapid.private_key) }}
|
|
||||||
VAPID_PRIVATE_KEY: "{{ .Values.mastodon.secrets.vapid.private_key | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
VAPID_PRIVATE_KEY: {{ required "vapid.private_key is required" .Values.mastodon.secrets.vapid.private_key }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.vapid.public_key) }}
|
|
||||||
VAPID_PUBLIC_KEY: "{{ .Values.mastodon.secrets.vapid.public_key | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
VAPID_PUBLIC_KEY: {{ required "vapid.public_key is required" .Values.mastodon.secrets.vapid.public_key }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.activeRecordEncryption.primaryKey) }}
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: "{{ .Values.mastodon.secrets.activeRecordEncryption.primaryKey | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: {{ required "activeRecordEncryption.primaryKey is required" .Values.mastodon.secrets.activeRecordEncryption.primaryKey }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.activeRecordEncryption.deterministicKey) }}
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: "{{ .Values.mastodon.secrets.activeRecordEncryption.deterministicKey | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: {{ required "activeRecordEncryption.deterministicKey is required" .Values.mastodon.secrets.activeRecordEncryption.deterministicKey }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not (empty .Values.mastodon.secrets.activeRecordEncryption.keyDerivationSalt) }}
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: "{{ .Values.mastodon.secrets.activeRecordEncryption.keyDerivationSalt | b64enc }}"
|
|
||||||
{{- else }}
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: {{ required "activeRecordEncryption.keyDerivationSalt is required" .Values.mastodon.secrets.activeRecordEncryption.keyDerivationSalt }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- if not .Values.postgresql.enabled }}
|
|
||||||
{{- if not .Values.postgresql.auth.existingSecret }}
|
|
||||||
password: "{{ .Values.postgresql.auth.password | b64enc }}"
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
|
|
@ -24,6 +24,9 @@ mastodon:
|
||||||
# @ignored
|
# @ignored
|
||||||
email: not@example.com
|
email: not@example.com
|
||||||
hooks:
|
hooks:
|
||||||
|
# Whether to perform DB migrations on `helm install|upgrade`.
|
||||||
|
# Please note that initial DB schema creation on `helm install` does not
|
||||||
|
# work when using the included database (postgresql.enabled=true).
|
||||||
dbMigrate:
|
dbMigrate:
|
||||||
enabled: true
|
enabled: true
|
||||||
assetsPrecompile:
|
assetsPrecompile:
|
||||||
|
@ -523,7 +526,9 @@ elasticsearch:
|
||||||
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql#parameters
|
# https://github.com/bitnami/charts/tree/master/bitnami/postgresql#parameters
|
||||||
postgresql:
|
postgresql:
|
||||||
# -- disable if you want to use an existing db; in which case the values below
|
# -- disable if you want to use an existing db; in which case the values below
|
||||||
# must match those of that external postgres instance
|
# must match those of that external postgres instance.
|
||||||
|
# Please note that certain features do not work when enabling the included
|
||||||
|
# database, namely automatic schema creation when the app is first installed.
|
||||||
enabled: true
|
enabled: true
|
||||||
# postgresqlHostname: preexisting-postgresql
|
# postgresqlHostname: preexisting-postgresql
|
||||||
# postgresqlPort: 5432
|
# postgresqlPort: 5432
|
||||||
|
|
Loading…
Reference in New Issue
Block a user