ghp/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9a390d4637
ansible/roles/mastodon/defaults/main.yaml
ace 2991123422
mastodon: bump to vv4.2.9, helm chart v5.1.2 
postgres-operator: bump to v1.12.0, helm chart v1.12.0

postgres-operator-ui: bump to v1.12.0, helm chart v1.12.0
2024-06-01 03:42:30 +03:00

110 lines
3.9 KiB
YAML
Raw Blame History

mastodon_enabled: false
mastodon_publish: true
mastodon_chart_ref: "ghp/mastodon"
mastodon_use_external_db: true
mastodon_short_name: "mastodon"
mastodon_enable_elasticsearch: true
mastodon_admin_email: "mastodon@{{ mail_domain | default(domain) }}"
mastodon_default_values:
ingress:
enabled: true
ingressClassName: "{{ external_ingress_class if mastodon_publish else internal_ingress_class }}"
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
kubernetes.io/tls-acme: "true"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
hosts:
- host: "{{ mastodon_short_name }}.{{ domain }}"
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: "{{ mastodon_short_name }}.{{ domain }}-tls"
hosts:
- "{{ mastodon_short_name }}.{{ domain }}"
mastodon:
createAdmin:
enabled: true
username: "{{ mastodon_admin_user | default(mastodon_admin_username) | default('mastodon') }}"
password: "{{ mastodon_admin_pass | default(mastodon_admin_password) }}"
email: "{{ mastodon_admin_email }}"
locale: en
local_domain: "{{ mastodon_short_name }}.{{ domain }}"
secrets:
secret_key_base: "{{ mastodon_vapid_public_key_base64 | hash('sha256') }}"
otp_secret: "{{ mastodon_vapid_public_key_base64 | hash('sha256') | hash('sha256') }}"
vapid:
private_key: "{{ mastodon_vapid_private_key_base64 | b64decode }}"
public_key: "{{ mastodon_vapid_public_key_base64 | b64decode }}"
activeRecordEncryption:
primaryKey: "{{ mastodon_primary_key_secret }}"
deterministicKey: "{{ mastodon_deterministic_key_secret }}"
keyDerivationSalt: "{{ mastodon_key_derivation_salt_secret }}"
smtp:
auth_method: login
ca_file:
delivery_method: smtp
domain: "{{ domain }}"
enable_starttls: false
from_address: "{{ mastodon_admin_email }}"
login: "{{ mastodon_admin_user | default(mastodon_admin_username) | default('mastodon') }}"
openssl_verify_mode: false
password: "{{ mastodon_ldap_pass | default(mastodon_ldap_password) }}"
port: 465
reply_to: "{{ mastodon_admin_email }}"
server: "{{ mail_short_name | default('mail') }}.{{ domain }}"
tls: true
persistence:
assets:
# ReadWriteOnce is more widely supported than ReadWriteMany, but limits
# scalability, since it requires the Rails and Sidekiq pods to run on the
# same node.
storageClassName: "{{ mastodon_assets_storage | default('nfs-ssd') }}"
accessMode: "{{ mastodon_assets_storage_mode | default('ReadWriteMany') }}"
resources:
requests:
storage: "{{ mastodon_assets_size | default('10Gi') }}"
system:
storageClassName: "{{ mastodon_system_storage | default('nfs-hdd') }}"
accessMode: "{{ mastodon_system_storage_mode | default('ReadWriteMany') }}"
resources:
requests:
storage: "{{ mastodon_system_size | default('100Gi') }}"
elasticsearch:
enabled: "{{ mastodon_enable_elasticsearch }}"
master:
name: master
## Number of master-eligible node(s) replicas to deploy
##
replicas: 1
coordinating:
## Number of coordinating-only node(s) replicas to deploy
##
replicas: 1
data:
name: data
## Number of data node(s) replicas to deploy
##
replicas: 1
postgresql:
enabled: false
postgresqlHostname: "{{ namespace }}-postgres.{{ postgres_db_namespace | default(namespace) }}.svc.cluster.local"
auth:
database: mastodon
username: "{{ mastodon_db_username }}"
password: "{{ mastodon_db_password }}"
redis:
architecture: standalone
enabled: true
auth:
password: "{{ mastodon_vapid_public_key_base64 | hash('md5') }}"
Reference in New Issue View Git Blame Copy Permalink