infra/mastodon-chart
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

store smtp credentials on a secret

Browse Source
This commit is contained in:
Roberto Santalla 2023-01-27 22:05:37 +01:00 committed by Renaud Chaput
parent 41152e0ed3
commit b4302e04e6
5 changed files with 40 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
templates/_helpers.tpl
View File

@ -100,6 +100,17 @@ Get the mastodon secret.
{{- end -}} {{- end -}}
{{- end -}} {{- end -}}
{{/*
Get the smtp secret.
*/}}
{{- define "mastodon.smtp.secretName" -}}
{{- if .Values.mastodon.smtp.existingSecret }}
{{- printf "%s" (tpl .Values.mastodon.smtp.existingSecret $) -}}
{{- else -}}
{{- printf "%s-smtp" (include "common.names.fullname" .) -}}
{{- end -}}
{{- end -}}
{{/* {{/*
Get the postgresql secret. Get the postgresql secret.
*/}} */}}

6
templates/configmap-env.yaml
View File

@ -81,15 +81,9 @@ data:
{{- with .Values.mastodon.smtp.from_address }} {{- with .Values.mastodon.smtp.from_address }}
SMTP_FROM_ADDRESS: {{ . }} SMTP_FROM_ADDRESS: {{ . }}
{{- end }} {{- end }}
{{- with .Values.mastodon.smtp.login }}
SMTP_LOGIN: {{ . }}
{{- end }}
{{- with .Values.mastodon.smtp.openssl_verify_mode }} {{- with .Values.mastodon.smtp.openssl_verify_mode }}
SMTP_OPENSSL_VERIFY_MODE: {{ . }} SMTP_OPENSSL_VERIFY_MODE: {{ . }}
{{- end }} {{- end }}
{{- with .Values.mastodon.smtp.password }}
SMTP_PASSWORD: {{ . }}
{{- end }}
{{- with .Values.mastodon.smtp.port }} {{- with .Values.mastodon.smtp.port }}
SMTP_PORT: {{ . | quote }} SMTP_PORT: {{ . | quote }}
{{- end }} {{- end }}

24
templates/deployment-sidekiq.yaml
View File

@ -90,6 +90,17 @@ spec:
secretKeyRef: secretKeyRef:
name: {{ template "mastodon.redis.secretName" $context }} name: {{ template "mastodon.redis.secretName" $context }}
key: redis-password key: redis-password
- name: "SMTP_LOGIN"
valueFrom:
secretKeyRef:
name: {{ include "mastodon.smtp.secretName" $context }}
key: login
optional: true
- name: "SMTP_PASSWORD"
valueFrom:
secretKeyRef:
name: {{ include "mastodon.smtp.secretName" $context }}
key: password
{{- if (and $context.Values.mastodon.s3.enabled $context.Values.mastodon.s3.existingSecret) }} {{- if (and $context.Values.mastodon.s3.enabled $context.Values.mastodon.s3.existingSecret) }}
- name: "AWS_SECRET_ACCESS_KEY" - name: "AWS_SECRET_ACCESS_KEY"
valueFrom: valueFrom:
@ -102,19 +113,6 @@ spec:
name: {{ $context.Values.mastodon.s3.existingSecret }} name: {{ $context.Values.mastodon.s3.existingSecret }}
key: AWS_ACCESS_KEY_ID key: AWS_ACCESS_KEY_ID
{{- end }} {{- end }}
{{- if $context.Values.mastodon.smtp.existingSecret }}
- name: "SMTP_LOGIN"
valueFrom:
secretKeyRef:
name: {{ $context.Values.mastodon.smtp.existingSecret }}
key: login
optional: true
- name: "SMTP_PASSWORD"
valueFrom:
secretKeyRef:
name: {{ $context.Values.mastodon.smtp.existingSecret }}
key: password
{{- end }}
{{- if (not $context.Values.mastodon.s3.enabled) }} {{- if (not $context.Values.mastodon.s3.enabled) }}
volumeMounts: volumeMounts:
- name: assets - name: assets

16
templates/secret-smtp.yaml Normal file
View File

@ -0,0 +1,16 @@
{{- if not .Values.mastodon.smtp.existingSecret -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ printf "%s-smtp" (include "common.names.fullname" .) }}
labels:
{{- include "mastodon.labels" . | nindent 4 }}
type: Opaque
data:
{{- with .Values.mastodon.smtp.login }}
login: {{ . | b64enc }}
{{- end }}
{{- with .Values.mastodon.smtp.password }}
password: {{ . | b64enc }}
{{- end }}
{{- end }}

4
values.yaml
View File

@ -144,8 +144,8 @@ mastodon:
tls: false tls: false
login: login:
password: password:
# -- you can also specify the name of an existing Secret # -- Instead of defining login/password above, you can specify the name of an existing secret here. Login and
# with the keys login and password # password must be located in keys named `login` and `password` respectively.
existingSecret: existingSecret:
streaming: streaming:
port: 4000 port: 4000