From cf492363d62d5292ccbe268672cfef44e55880c6 Mon Sep 17 00:00:00 2001 From: jessebot Date: Fri, 14 Jul 2023 13:52:28 +0200 Subject: [PATCH] broken --- charts/mastodon/dev-values.yaml | 16 +++++------ charts/mastodon/templates/_helpers.tpl | 13 +++------ .../templates/cronjob-media-remove.yaml | 24 ----------------- .../templates/deployment-sidekiq.yaml | 24 ----------------- charts/mastodon/templates/deployment-web.yaml | 24 ----------------- .../templates/job-assets-precompile.yaml | 24 ----------------- .../mastodon/templates/job-chewy-upgrade.yaml | 24 ----------------- .../mastodon/templates/job-create-admin.yaml | 24 ----------------- charts/mastodon/templates/job-db-migrate.yaml | 24 ----------------- .../{secret-mastodon.yaml => secret.yaml} | 0 charts/mastodon/values.yaml | 27 ++++++++++--------- 11 files changed, 25 insertions(+), 199 deletions(-) rename charts/mastodon/templates/{secret-mastodon.yaml => secret.yaml} (100%) diff --git a/charts/mastodon/dev-values.yaml b/charts/mastodon/dev-values.yaml index 004c383..8345f32 100644 --- a/charts/mastodon/dev-values.yaml +++ b/charts/mastodon/dev-values.yaml @@ -1,3 +1,6 @@ +nameOverride: "" +fullnameOverride: "" + # Chart values used for testing the Helm chart. # image: @@ -12,8 +15,8 @@ image: pullPolicy: IfNotPresent mastodon: - # -- create an initial administrator user; the password is autogenerated and will - # have to be reset + # -- create an initial administrator user; the password is autogenerated and + # will have to be reset createAdmin: # @ignored enabled: false @@ -21,7 +24,7 @@ mastodon: username: not_gargron # @ignored email: not@example.commit - # existingSecret: mastodon-admin + existingSecret: "" # secretKeys: # usernameKey: username # passwordKey: password @@ -93,11 +96,6 @@ mastodon: # with keys SECRET_KEY_BASE and OTP_SECRET and # VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY # existingSecret: "" - # secretKeys: - # vapidPrivateKey: VAPID_PRIVATE_KEY - # vapidPublicKey: VAPID_PUBLIC_KEY - # secretKeyBase: SECRET_KEY_BASE - # otpSecret: OTP_SECRET sidekiq: # -- Pod security context for all Sidekiq Pods, overwrites .Values.podSecurityContext @@ -167,7 +165,7 @@ mastodon: password: # -- Instead of defining login/password above, you can specify the name of an existing secret here. Login and # password must be located in keys named `login` and `password` respectively. - existingSecret: + existingSecret: "" streaming: port: 4000 # -- this should be set manually since os.cpus() returns the number of CPUs on diff --git a/charts/mastodon/templates/_helpers.tpl b/charts/mastodon/templates/_helpers.tpl index d1de112..7da08c0 100644 --- a/charts/mastodon/templates/_helpers.tpl +++ b/charts/mastodon/templates/_helpers.tpl @@ -58,7 +58,7 @@ Rolling pod annotations {{- if .Values.revisionPodAnnotation }} rollme: {{ .Release.Revision | quote }} {{- end }} -checksum/config-secrets: {{ include ( print $.Template.BasePath "/secret-mastodon.yaml" ) . | sha256sum | quote }} +checksum/config-secrets: {{ include ( print $.Template.BasePath "/secret.yaml" ) . | sha256sum | quote }} checksum/config-configmap: {{ include ( print $.Template.BasePath "/configmap-env.yaml" ) . | sha256sum | quote }} {{- end }} @@ -89,16 +89,9 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- printf "%s-%s" .Release.Name "postgresql" | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{/* -Get the mastodon secret. -*/}} {{- define "mastodon.secretName" -}} -{{- if .Values.mastodon.secrets.existingSecret }} - {{- printf "%s" (tpl .Values.mastodon.secrets.existingSecret $) -}} -{{- else -}} - {{- printf "%s" (include "common.names.fullname" .) -}} -{{- end -}} -{{- end -}} +{{- default "secret" .Values.mastodon.secrets.existingSecret }} +{{- end }} {{/* Get the smtp secret. diff --git a/charts/mastodon/templates/cronjob-media-remove.yaml b/charts/mastodon/templates/cronjob-media-remove.yaml index f9d0060..e8545ca 100644 --- a/charts/mastodon/templates/cronjob-media-remove.yaml +++ b/charts/mastodon/templates/cronjob-media-remove.yaml @@ -52,33 +52,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "DB_PASS" valueFrom: secretKeyRef: diff --git a/charts/mastodon/templates/deployment-sidekiq.yaml b/charts/mastodon/templates/deployment-sidekiq.yaml index 7815428..5072e59 100644 --- a/charts/mastodon/templates/deployment-sidekiq.yaml +++ b/charts/mastodon/templates/deployment-sidekiq.yaml @@ -82,33 +82,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" $context }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "DB_PASS" valueFrom: secretKeyRef: diff --git a/charts/mastodon/templates/deployment-web.yaml b/charts/mastodon/templates/deployment-web.yaml index d3f56d2..d04db8f 100644 --- a/charts/mastodon/templates/deployment-web.yaml +++ b/charts/mastodon/templates/deployment-web.yaml @@ -63,33 +63,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "DB_PASS" valueFrom: secretKeyRef: diff --git a/charts/mastodon/templates/job-assets-precompile.yaml b/charts/mastodon/templates/job-assets-precompile.yaml index 6dbe0d4..bc5ff7b 100644 --- a/charts/mastodon/templates/job-assets-precompile.yaml +++ b/charts/mastodon/templates/job-assets-precompile.yaml @@ -53,33 +53,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "DB_PASS" valueFrom: secretKeyRef: diff --git a/charts/mastodon/templates/job-chewy-upgrade.yaml b/charts/mastodon/templates/job-chewy-upgrade.yaml index a3f3e19..f86a4e3 100644 --- a/charts/mastodon/templates/job-chewy-upgrade.yaml +++ b/charts/mastodon/templates/job-chewy-upgrade.yaml @@ -54,33 +54,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "DB_PASS" valueFrom: secretKeyRef: diff --git a/charts/mastodon/templates/job-create-admin.yaml b/charts/mastodon/templates/job-create-admin.yaml index a3e5238..12d0e1c 100644 --- a/charts/mastodon/templates/job-create-admin.yaml +++ b/charts/mastodon/templates/job-create-admin.yaml @@ -53,33 +53,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "ADMIN_USER" {{- if .Values.mastodon.createAdmin.existingSecret }} valueFrom: diff --git a/charts/mastodon/templates/job-db-migrate.yaml b/charts/mastodon/templates/job-db-migrate.yaml index 6985331..8ea3a7e 100644 --- a/charts/mastodon/templates/job-db-migrate.yaml +++ b/charts/mastodon/templates/job-db-migrate.yaml @@ -52,33 +52,9 @@ spec: envFrom: - configMapRef: name: {{ include "mastodon.fullname" . }}-env - {{- if not .Values.mastodon.secrets.existingSecret }} - secretRef: name: {{ template "mastodon.secretName" . }} - {{- end }} env: - {{- if .Values.mastodon.secrets.existingSecret }} - - name: "SECRET_KEY_BASE" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }} - - name: "OTP_SECRET" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.optSecret }} - - name: "VAPID_PRIVATE_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }} - - name: "VAPID_PUBLIC_KEY" - valueFrom: - secretKeyRef: - name: {{ .Values.mastodon.secrets.existingSecret }} - key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }} - {{- end }} - name: "DB_PASS" valueFrom: secretKeyRef: diff --git a/charts/mastodon/templates/secret-mastodon.yaml b/charts/mastodon/templates/secret.yaml similarity index 100% rename from charts/mastodon/templates/secret-mastodon.yaml rename to charts/mastodon/templates/secret.yaml diff --git a/charts/mastodon/values.yaml b/charts/mastodon/values.yaml index aee532a..05e1121 100644 --- a/charts/mastodon/values.yaml +++ b/charts/mastodon/values.yaml @@ -1,3 +1,6 @@ +nameOverride: "" +fullnameOverride: "" + image: repository: ghcr.io/mastodon/mastodon # https://github.com/mastodon/mastodon/pkgs/container/mastodon @@ -19,11 +22,11 @@ mastodon: username: not_gargron # @ignored email: not@example.commit - # existingSecret: mastodon-admin - # secretKeys: - # usernameKey: username - # passwordKey: password - # emailKey: email + existingSecret: "" + secretKeys: + usernameKey: username + passwordKey: password + emailKey: email cron: # -- run `tootctl media remove` every week removeMedia: @@ -88,12 +91,12 @@ mastodon: private_key: "" public_key: "" # -- you can also specify the name of an existing Secret + # keys must be: + # VAPID_PRIVATE_KEY + # VAPID_PUBLIC_KEY + # SECRET_KEY_BASE + # OTP_SECRET existingSecret: "" - secretKeys: - vapidPrivateKey: VAPID_PRIVATE_KEY - vapidPublicKey: VAPID_PUBLIC_KEY - secretKeyBase: SECRET_KEY_BASE - otpSecret: OTP_SECRET sidekiq: # -- Pod security context for all Sidekiq Pods, overwrites .Values.podSecurityContext @@ -163,7 +166,7 @@ mastodon: password: # -- Instead of defining login/password above, you can specify the name of an existing secret here. Login and # password must be located in keys named `login` and `password` respectively. - existingSecret: + existingSecret: "" streaming: port: 4000 # -- this should be set manually since os.cpus() returns the number of CPUs on @@ -296,7 +299,7 @@ redis: password: "" # you can also specify the name of an existing Secret # with a key of redis-password set to the password you want - # existingSecret: "" + existingSecret: "" # @ignored service: