infra/mastodon-chart-mirror
3
0
Fork 0
mirror of https://github.com/mastodon/chart synced 2025-05-18 13:03:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

making sure new secrets are referenced in all deployments going forward

Browse Source
This commit is contained in:
jessebot 2023-07-14 11:02:17 +02:00
parent a066e0b236
commit e0b02395b5
7 changed files with 129 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
charts/mastodon/templates/cronjob-media-remove.yaml
View File

@ -52,8 +52,10 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
- name: "DB_PASS"
valueFrom:
@ -68,16 +70,36 @@ spec:
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
{{- if (and .Values.mastodon.s3.enabled .Values.mastodon.s3.existingSecret) }}
- name: "AWS_SECRET_ACCESS_KEY"
- name: "S3_HOSTNAME"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: AWS_SECRET_ACCESS_KEY
key: {{ .Values.mastodon.s3.secretKeys.s3Hostname }}
- name: "S3_ENDPOINT"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Endpoint }}
- name: "S3_REGION"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Region }}
- name: "S3_BUCKET"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Bucket }}
- name: "AWS_ACCESS_KEY_ID"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: AWS_ACCESS_KEY_ID
key: {{ .Values.mastodon.s3.secretKeys.s3AccessKeyID }}
- name: "AWS_SECRET_ACCESS_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3AccessKey }}
{{- end }}
{{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:

34
charts/mastodon/templates/deployment-sidekiq.yaml
View File

@ -82,8 +82,10 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" $context }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" $context }}
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
- name: "DB_PASS"
valueFrom:
@ -107,16 +109,36 @@ spec:
name: {{ include "mastodon.smtp.secretName" $context }}
key: password
{{- if (and $context.Values.mastodon.s3.enabled $context.Values.mastodon.s3.existingSecret) }}
- name: "AWS_SECRET_ACCESS_KEY"
- name: "S3_HOSTNAME"
valueFrom:
secretKeyRef:
name: {{ $context.Values.mastodon.s3.existingSecret }}
key: AWS_SECRET_ACCESS_KEY
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Hostname }}
- name: "S3_ENDPOINT"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Endpoint }}
- name: "S3_REGION"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Region }}
- name: "S3_BUCKET"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3Bucket }}
- name: "AWS_ACCESS_KEY_ID"
valueFrom:
secretKeyRef:
name: {{ $context.Values.mastodon.s3.existingSecret }}
key: AWS_ACCESS_KEY_ID
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3AccessKeyID }}
- name: "AWS_SECRET_ACCESS_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: {{ .Values.mastodon.s3.secretKeys.s3AccessKey }}
{{- end }}
{{- if (not $context.Values.mastodon.s3.enabled) }}
volumeMounts:

24
charts/mastodon/templates/deployment-web.yaml
View File

@ -63,9 +63,33 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
{{- if .Values.mastodon.secrets.existingSecret }}
- name: "SECRET_KEY_BASE"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }}
- name: "OTP_SECRET"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.optSecret }}
- name: "VAPID_PRIVATE_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }}
- name: "VAPID_PUBLIC_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }}
{{- end }}
- name: "DB_PASS"
valueFrom:
secretKeyRef:

24
charts/mastodon/templates/job-assets-precompile.yaml
View File

@ -53,9 +53,33 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
{{- if .Values.mastodon.secrets.existingSecret }}
- name: "SECRET_KEY_BASE"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }}
- name: "OTP_SECRET"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.optSecret }}
- name: "VAPID_PRIVATE_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }}
- name: "VAPID_PUBLIC_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }}
{{- end }}
- name: "DB_PASS"
valueFrom:
secretKeyRef:

2
charts/mastodon/templates/job-chewy-upgrade.yaml
View File

@ -54,8 +54,10 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
- name: "DB_PASS"
valueFrom:

2
charts/mastodon/templates/job-create-admin.yaml
View File

@ -53,8 +53,10 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
- name: "ADMIN_USER"
{{- if .Values.mastodon.createAdmin.existingSecret }}

24
charts/mastodon/templates/job-db-migrate.yaml
View File

@ -52,9 +52,33 @@ spec:
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
{{- if not .Values.mastodon.secrets.existingSecret }}
- secretRef:
name: {{ template "mastodon.secretName" . }}
{{- end }}
env:
{{- if .Values.mastodon.secrets.existingSecret }}
- name: "SECRET_KEY_BASE"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.secretKeyBase }}
- name: "OTP_SECRET"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.optSecret }}
- name: "VAPID_PRIVATE_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.vapidPrivateKey }}
- name: "VAPID_PUBLIC_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.secrets.existingSecret }}
key: {{ .Values.mastodon.secrets.secretKeys.vapidPublicKey }}
{{- end }}
- name: "DB_PASS"
valueFrom:
secretKeyRef: