ansible/roles/mastodon/defaults/main.yaml

mastodon_enabled: false
mastodon_publish: true
mastodon_chart_ref: "ghp/mastodon"
mastodon_use_external_db: true
mastodon_short_name: "mastodon"
mastodon_enable_elasticsearch: true
mastodon_admin_email: "mastodon@{{ mail_domain | default(domain) }}" 
mastodon_default_values:
  ingress:
    enabled: true
    ingressClassName: "{{ external_ingress_class if mastodon_publish else internal_ingress_class }}"
    annotations:
      cert-manager.io/cluster-issuer: "letsencrypt-prod"
      kubernetes.io/tls-acme: "true"
      nginx.ingress.kubernetes.io/proxy-body-size: "0"
      nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
      nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
    hosts:
      - host: "{{ mastodon_short_name }}.{{ domain }}"
        paths:
          - path: /
            pathType: ImplementationSpecific
    tls:
      - secretName: "{{ mastodon_short_name }}.{{ domain }}-tls"
        hosts:
          - "{{ mastodon_short_name }}.{{ domain }}"

  mastodon:
    createAdmin:
      enabled: true
      username: "{{ mastodon_admin_user | default(mastodon_admin_username) | default('mastodon') }}"
      password: "{{ mastodon_admin_pass | default(mastodon_admin_password) }}" 
      email: "{{ mastodon_admin_email }}"
    
    locale: en
    local_domain: "{{ mastodon_short_name }}.{{ domain }}"
    
    secrets:
      secret_key_base: "{{ mastodon_vapid_public_key_base64 | hash('sha256') }}"
      otp_secret: "{{ mastodon_vapid_public_key_base64 | hash('sha256') | hash('sha256') }}"
      vapid:
        private_key: "{{ mastodon_vapid_private_key_base64 | b64decode }}"
        public_key: "{{ mastodon_vapid_public_key_base64 | b64decode }}"
      activeRecordEncryption:
        primaryKey: "{{ mastodon_primary_key_secret }}"
        deterministicKey: "{{ mastodon_deterministic_key_secret }}"
        keyDerivationSalt: "{{ mastodon_key_derivation_salt_secret }}"

    smtp:
      auth_method: login
      ca_file:
      delivery_method: smtp
      domain: "{{ domain }}"
      enable_starttls: false
      from_address: "{{ mastodon_admin_email }}"
      login: "{{ mastodon_admin_user | default(mastodon_admin_username) | default('mastodon') }}"
      openssl_verify_mode: false
      password: "{{ mastodon_ldap_pass | default(mastodon_ldap_password) }}"
      port: 465
      reply_to: "{{ mastodon_admin_email }}"
      server: "{{ mail_short_name | default('mail') }}.{{ domain }}"
      tls: true
    persistence:
      assets:
        # ReadWriteOnce is more widely supported than ReadWriteMany, but limits
        # scalability, since it requires the Rails and Sidekiq pods to run on the
        # same node.
        storageClassName: "{{ mastodon_assets_storage | default('nfs-ssd') }}"
        accessMode: "{{ mastodon_assets_storage_mode | default('ReadWriteMany') }}"
        resources:
          requests:
            storage: "{{ mastodon_assets_size | default('10Gi') }}"
      system:
        storageClassName: "{{ mastodon_system_storage | default('nfs-hdd') }}"
        accessMode: "{{ mastodon_system_storage_mode | default('ReadWriteMany') }}"
        resources:
          requests:
            storage: "{{ mastodon_system_size | default('100Gi') }}"
  
  elasticsearch:
    enabled: "{{ mastodon_enable_elasticsearch }}" 
    master:
      name: master
      ## Number of master-eligible node(s) replicas to deploy
      ##
      replicas: 1
    coordinating:
      ## Number of coordinating-only node(s) replicas to deploy
      ##
      replicas: 1
    data:
      name: data
      ## Number of data node(s) replicas to deploy
      ##
      replicas: 1

  postgresql:
    enabled: false
    postgresqlHostname: "{{ namespace }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local"
    auth:
      database: mastodon
      username: "{{ mastodon_db_username }}"
      password: "{{ mastodon_db_password }}"

  redis:
    architecture: standalone
    enabled: true
    auth:
      password: "{{ mastodon_vapid_public_key_base64 | hash('md5') }}"
add mastodon 2021-02-09 23:28:01 +00:00			`mastodon_enabled: false`
			`mastodon_publish: true`
cleanup and mass update: moving from Harbor to Gitea registries and from Drone to Gitea CI/CD with Gitea Act Runner 2023-06-10 03:20:10 +00:00			`mastodon_chart_ref: "ghp/mastodon"`
add mastodon 2021-02-09 23:28:01 +00:00			`mastodon_use_external_db: true`
			`mastodon_short_name: "mastodon"`
			`mastodon_enable_elasticsearch: true`
update mastodon admin account values 2021-03-25 18:33:58 +00:00			`mastodon_admin_email: "mastodon@{{ mail_domain \| default(domain) }}"`
add mastodon 2021-02-09 23:28:01 +00:00			`mastodon_default_values:`
			`ingress:`
			`enabled: true`
postgres-operator: bump to v1.9.0, helm chart v1.9.0 postgres-operator-ui: bump to v1.9.0, helm chart v1.9.0 astodon: bump to v4.1.2, helm chart v4.0.0 cert-manager: bump to v1.11.1, helm chart v1.11.1 2023-04-08 19:26:06 +00:00			`ingressClassName: "{{ external_ingress_class if mastodon_publish else internal_ingress_class }}"`
add mastodon 2021-02-09 23:28:01 +00:00			`annotations:`
			`cert-manager.io/cluster-issuer: "letsencrypt-prod"`
mass update and migrate to networking.k8s.io/v1 api 2022-07-31 03:28:07 +00:00			`kubernetes.io/tls-acme: "true"`
add mastodon 2021-02-09 23:28:01 +00:00			`nginx.ingress.kubernetes.io/proxy-body-size: "0"`
			`nginx.ingress.kubernetes.io/proxy-read-timeout: "600"`
			`nginx.ingress.kubernetes.io/proxy-send-timeout: "600"`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`hosts:`
			`- host: "{{ mastodon_short_name }}.{{ domain }}"`
			`paths:`
mass update and migrate to networking.k8s.io/v1 api 2022-07-31 03:28:07 +00:00			`- path: /`
			`pathType: ImplementationSpecific`
add mastodon 2021-02-09 23:28:01 +00:00			`tls:`
			`- secretName: "{{ mastodon_short_name }}.{{ domain }}-tls"`
			`hosts:`
			`- "{{ mastodon_short_name }}.{{ domain }}"`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00
			`mastodon:`
			`createAdmin:`
add mastodon 2021-02-09 23:28:01 +00:00			`enabled: true`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`username: "{{ mastodon_admin_user \| default(mastodon_admin_username) \| default('mastodon') }}"`
			`password: "{{ mastodon_admin_pass \| default(mastodon_admin_password) }}"`
			`email: "{{ mastodon_admin_email }}"`

			`locale: en`
			`local_domain: "{{ mastodon_short_name }}.{{ domain }}"`

			`secrets:`
			`secret_key_base: "{{ mastodon_vapid_public_key_base64 \| hash('sha256') }}"`
			`otp_secret: "{{ mastodon_vapid_public_key_base64 \| hash('sha256') \| hash('sha256') }}"`
			`vapid:`
			`private_key: "{{ mastodon_vapid_private_key_base64 \| b64decode }}"`
			`public_key: "{{ mastodon_vapid_public_key_base64 \| b64decode }}"`
mastodon: bump to vv4.2.9, helm chart v5.1.2 postgres-operator: bump to v1.12.0, helm chart v1.12.0 postgres-operator-ui: bump to v1.12.0, helm chart v1.12.0 2024-06-01 00:42:30 +00:00			`activeRecordEncryption:`
			`primaryKey: "{{ mastodon_primary_key_secret }}"`
			`deterministicKey: "{{ mastodon_deterministic_key_secret }}"`
			`keyDerivationSalt: "{{ mastodon_key_derivation_salt_secret }}"`

update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`smtp:`
			`auth_method: login`
			`ca_file:`
			`delivery_method: smtp`
			`domain: "{{ domain }}"`
postgres-operator: bump to v1.9.0, helm chart v1.9.0 postgres-operator-ui: bump to v1.9.0, helm chart v1.9.0 astodon: bump to v4.1.2, helm chart v4.0.0 cert-manager: bump to v1.11.1, helm chart v1.11.1 2023-04-08 19:26:06 +00:00			`enable_starttls: false`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`from_address: "{{ mastodon_admin_email }}"`
			`login: "{{ mastodon_admin_user \| default(mastodon_admin_username) \| default('mastodon') }}"`
			`openssl_verify_mode: false`
			`password: "{{ mastodon_ldap_pass \| default(mastodon_ldap_password) }}"`
			`port: 465`
			`reply_to: "{{ mastodon_admin_email }}"`
			`server: "{{ mail_short_name \| default('mail') }}.{{ domain }}"`
			`tls: true`
			`persistence:`
			`assets:`
			`# ReadWriteOnce is more widely supported than ReadWriteMany, but limits`
			`# scalability, since it requires the Rails and Sidekiq pods to run on the`
			`# same node.`
			`storageClassName: "{{ mastodon_assets_storage \| default('nfs-ssd') }}"`
			`accessMode: "{{ mastodon_assets_storage_mode \| default('ReadWriteMany') }}"`
			`resources:`
			`requests:`
			`storage: "{{ mastodon_assets_size \| default('10Gi') }}"`
			`system:`
			`storageClassName: "{{ mastodon_system_storage \| default('nfs-hdd') }}"`
			`accessMode: "{{ mastodon_system_storage_mode \| default('ReadWriteMany') }}"`
			`resources:`
			`requests:`
			`storage: "{{ mastodon_system_size \| default('100Gi') }}"`
add mastodon 2021-02-09 23:28:01 +00:00
			`elasticsearch:`
			`enabled: "{{ mastodon_enable_elasticsearch }}"`
			`master:`
			`name: master`
			`## Number of master-eligible node(s) replicas to deploy`
			`##`
			`replicas: 1`
			`coordinating:`
			`## Number of coordinating-only node(s) replicas to deploy`
			`##`
			`replicas: 1`
			`data:`
			`name: data`
			`## Number of data node(s) replicas to deploy`
			`##`
			`replicas: 1`

			`postgresql:`
			`enabled: false`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`postgresqlHostname: "{{ namespace }}-postgres.{{ postgres_db_namespace \| default(namespace) }}.svc.cluster.local"`
postgres-operator: bump to v1.9.0, helm chart v1.9.0 postgres-operator-ui: bump to v1.9.0, helm chart v1.9.0 astodon: bump to v4.1.2, helm chart v4.0.0 cert-manager: bump to v1.11.1, helm chart v1.11.1 2023-04-08 19:26:06 +00:00			`auth:`
			`database: mastodon`
			`username: "{{ mastodon_db_username }}"`
			`password: "{{ mastodon_db_password }}"`

add mastodon 2021-02-09 23:28:01 +00:00			`redis:`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`architecture: standalone`
add mastodon 2021-02-09 23:28:01 +00:00			`enabled: true`
update mastodon role for helm chart ghp/mastodon-0.2.0 2021-08-09 14:15:49 +00:00			`auth:`
			`password: "{{ mastodon_vapid_public_key_base64 \| hash('md5') }}"`