diff --git a/.github/workflows/cd-pipeline.yml b/.github/workflows/cd-pipeline.yml
index d596f5ac03..b244b48d37 100644
--- a/.github/workflows/cd-pipeline.yml
+++ b/.github/workflows/cd-pipeline.yml
@@ -50,6 +50,7 @@ on: # rebuild any PRs and main branch changes
- 'bitnami/kubernetes-event-exporter/**'
- 'bitnami/logstash/**'
- 'bitnami/magento/**'
+ - 'bitnami/mastodon/**'
- 'bitnami/mariadb-galera/**'
- 'bitnami/mariadb/**'
- 'bitnami/matomo/**'
diff --git a/.vib/mastodon/cypress/cypress.json b/.vib/mastodon/cypress/cypress.json
new file mode 100644
index 0000000000..b37d8461d3
--- /dev/null
+++ b/.vib/mastodon/cypress/cypress.json
@@ -0,0 +1,12 @@
+{
+ "env": {
+ "username": "vib-user@example.com",
+ "password": "bitnami!1234"
+ },
+ "hosts": {
+ "bitnami-mastodon.my": "{{ TARGET_IP }}"
+ },
+ "viewportWidth": 1920,
+ "viewportHeight": 1080,
+ "defaultCommandTimeout": 30000
+}
diff --git a/.vib/mastodon/cypress/cypress/fixtures/images/test_image.jpeg b/.vib/mastodon/cypress/cypress/fixtures/images/test_image.jpeg
new file mode 100644
index 0000000000..1d2a619290
Binary files /dev/null and b/.vib/mastodon/cypress/cypress/fixtures/images/test_image.jpeg differ
diff --git a/.vib/mastodon/cypress/cypress/fixtures/tweets.json b/.vib/mastodon/cypress/cypress/fixtures/tweets.json
new file mode 100644
index 0000000000..1b32654540
--- /dev/null
+++ b/.vib/mastodon/cypress/cypress/fixtures/tweets.json
@@ -0,0 +1,3 @@
+{
+ "text": "This is my tweet"
+}
diff --git a/.vib/mastodon/cypress/cypress/integration/mastodon_spec.js b/.vib/mastodon/cypress/cypress/integration/mastodon_spec.js
new file mode 100644
index 0000000000..202473334e
--- /dev/null
+++ b/.vib/mastodon/cypress/cypress/integration/mastodon_spec.js
@@ -0,0 +1,21 @@
+///
+import {
+ random,
+} from '../support/utils';
+
+it.only('allows to publish a tweet with an image', () => {
+ cy.login();
+ cy.get('[type="file"]').selectFile('cypress/fixtures/images/test_image.jpeg', {force: true});
+ cy.fixture('tweets').then((tweet) => {
+ // There is another hidden textarea so we need to use the *compose* class
+ cy.get('[class*="compose"] textarea').type(`${tweet.text} ${random}`, {
+ force: true,
+ });
+ cy.get('[type="submit"]').should('be.enabled').click();
+ cy.get('.status-public').contains(`${tweet.text} ${random}`);
+ });
+ // The image will get renamed so we need to use a regex containing the media_attachments section
+ // which will be the only element containing it
+ cy.get('.media-gallery').first().click();
+ cy.get('[src*="media_attachments"]');
+});
diff --git a/.vib/mastodon/cypress/cypress/support/commands.js b/.vib/mastodon/cypress/cypress/support/commands.js
new file mode 100644
index 0000000000..0fa744b9d9
--- /dev/null
+++ b/.vib/mastodon/cypress/cypress/support/commands.js
@@ -0,0 +1,30 @@
+const COMMAND_DELAY = 2000;
+const BASE_URL = 'http://bitnami-mastodon.my';
+
+for (const command of ['click']) {
+ Cypress.Commands.overwrite(command, (originalFn, ...args) => {
+ const origVal = originalFn(...args);
+
+ return new Promise((resolve) => {
+ setTimeout(() => {
+ resolve(origVal);
+ }, COMMAND_DELAY);
+ });
+ });
+}
+
+Cypress.Commands.overwrite('visit', (originalFn, url, options) => {
+ return originalFn(`${BASE_URL}${url}`, options);
+});
+
+Cypress.Commands.add(
+ 'login',
+ (username = Cypress.env('username'), password = Cypress.env('password')) => {
+ cy.visit('/auth/sign_in');
+ cy.get('#user_email').type(username);
+ cy.get('#user_password').type(`${password}{enter}`);
+ // We click on Home to skip a welcome page
+ cy.contains('a', 'Home').click();
+ cy.contains('Edit profile');
+ }
+);
diff --git a/.vib/mastodon/cypress/cypress/support/index.js b/.vib/mastodon/cypress/cypress/support/index.js
new file mode 100644
index 0000000000..37a498fb5b
--- /dev/null
+++ b/.vib/mastodon/cypress/cypress/support/index.js
@@ -0,0 +1,20 @@
+// ***********************************************************
+// This example support/index.js is processed and
+// loaded automatically before your test files.
+//
+// This is a great place to put global configuration and
+// behavior that modifies Cypress.
+//
+// You can change the location of this file or turn off
+// automatically serving support files with the
+// 'supportFile' configuration option.
+//
+// You can read more here:
+// https://on.cypress.io/configuration
+// ***********************************************************
+
+// Import commands.js using ES2015 syntax:
+import './commands';
+
+// Alternatively you can use CommonJS syntax:
+// require('./commands')
diff --git a/.vib/mastodon/cypress/cypress/support/utils.js b/.vib/mastodon/cypress/cypress/support/utils.js
new file mode 100644
index 0000000000..f0217c9773
--- /dev/null
+++ b/.vib/mastodon/cypress/cypress/support/utils.js
@@ -0,0 +1,3 @@
+///
+
+export let random = (Math.random() + 1).toString(36).substring(7);
diff --git a/.vib/mastodon/goss/goss.yaml b/.vib/mastodon/goss/goss.yaml
new file mode 100644
index 0000000000..617a048909
--- /dev/null
+++ b/.vib/mastodon/goss/goss.yaml
@@ -0,0 +1,45 @@
+command:
+ check-user-info:
+ exec: id
+ exit-status: 0
+ stdout:
+ - uid={{ .Vars.web.containerSecurityContext.runAsUser }}
+ - /groups=.*{{ .Vars.web.podSecurityContext.fsGroup }}/
+ check-no-capabilities:
+ exec: cat /proc/1/status
+ exit-status: 0
+ stdout:
+ - "CapInh: 0000000000000000"
+ - "CapPrm: 0000000000000000"
+ - "CapEff: 0000000000000000"
+ - "CapBnd: 0000000000000000"
+ - "CapAmb: 0000000000000000"
+ conf-vars:
+ exec: |
+ bash -ec ". /opt/bitnami/scripts/mastodon-env.sh && env"
+ exit-status: 0
+ stdout:
+ - /ES_HOST.*mastodon-elasticsearch/
+ - /ES_PORT.*{{ .Vars.elasticsearch.service.ports.restAPI }}/
+ - /DB_HOST.*mastodon-postgresql/
+ - /DB_PORT.*{{ .Vars.postgresql.primary.service.ports.postgresql }}/
+ - /REDIS_HOST.*mastodon-redis/
+ - /REDIS_PORT.*{{ .Vars.redis.master.service.ports.redis }}/
+ - /S3_ENDPOINT.*http://mastodon-minio:{{ .Vars.minio.service.ports.api }}/
+
+file:
+ /var/run/secrets/kubernetes.io/serviceaccount:
+ exists: {{ .Vars.serviceAccount.automountServiceAccountToken }}
+ filetype: directory
+ mode: "3777"
+http:
+ http://127.0.0.1:{{ .Vars.web.containerPorts.http }}/health:
+ status: 200
+ http://mastodon-web:{{ .Vars.web.service.ports.http }}/health:
+ status: 200
+ http://mastodon-streaming:{{ .Vars.streaming.service.ports.http }}/api/v1/streaming/health:
+ status: 200
+ http://mastodon-apache:{{ .Vars.apache.service.ports.http }}/health:
+ status: 200
+ http://mastodon-apache:{{ .Vars.apache.service.ports.http }}/api/v1/streaming/health:
+ status: 200
diff --git a/.vib/mastodon/goss/vars.yaml b/.vib/mastodon/goss/vars.yaml
new file mode 100644
index 0000000000..ca9d2954b0
--- /dev/null
+++ b/.vib/mastodon/goss/vars.yaml
@@ -0,0 +1,45 @@
+serviceAccount:
+ automountServiceAccountToken: true
+
+web:
+ containerPorts:
+ http: 8123
+ containerSecurityContext:
+ runAsUser: 1002
+ podSecurityContext:
+ fsGroup: 1002
+ service:
+ ports:
+ http: 8500
+
+streaming:
+ service:
+ ports:
+ http: 8600
+
+apache:
+ service:
+ ports:
+ http: 80
+
+postgresql:
+ primary:
+ service:
+ ports:
+ postgresql: 9393
+
+minio:
+ service:
+ ports:
+ api: 8011
+
+redis:
+ master:
+ service:
+ ports:
+ redis: 6800
+
+elasticsearch:
+ service:
+ ports:
+ restAPI: 7777
diff --git a/.vib/mastodon/vib-action.config b/.vib/mastodon/vib-action.config
new file mode 100644
index 0000000000..98dc98a97e
--- /dev/null
+++ b/.vib/mastodon/vib-action.config
@@ -0,0 +1 @@
+verification-mode=SERIAL
\ No newline at end of file
diff --git a/.vib/mastodon/vib-publish.json b/.vib/mastodon/vib-publish.json
new file mode 100644
index 0000000000..1597ee66d3
--- /dev/null
+++ b/.vib/mastodon/vib-publish.json
@@ -0,0 +1,85 @@
+{
+ "phases": {
+ "package": {
+ "context": {
+ "resources": {
+ "url": "{SHA_ARCHIVE}",
+ "path": "/bitnami/mastodon"
+ }
+ },
+ "actions": [
+ {
+ "action_id": "helm-package"
+ },
+ {
+ "action_id": "helm-lint"
+ }
+ ]
+ },
+ "verify": {
+ "context": {
+ "resources": {
+ "url": "{SHA_ARCHIVE}",
+ "path": "/bitnami/mastodon"
+ },
+ "runtime_parameters": "YWRtaW5FbWFpbDogInZpYi11c2VyQGV4YW1wbGUuY29tIgphZG1pblBhc3N3b3JkOiAiYml0bmFtaSExMjM0IgoKd2ViRG9tYWluOiBiaXRuYW1pLW1hc3RvZG9uLm15CgpzZXJ2aWNlQWNjb3VudDoKICBjcmVhdGU6IHRydWUKICBhdXRvbW91bnRTZXJ2aWNlQWNjb3VudFRva2VuOiB0cnVlCgp3ZWI6CiAgY29udGFpbmVyUG9ydHM6CiAgICBodHRwOiA4MTIzCiAgY29udGFpbmVyU2VjdXJpdHlDb250ZXh0OgogICAgZW5hYmxlZDogdHJ1ZQogICAgcnVuQXNVc2VyOiAxMDAyCiAgICBjYXBhYmlsaXRpZXM6CiAgICAgIGRyb3A6IFsiQUxMIl0KICBwb2RTZWN1cml0eUNvbnRleHQ6CiAgICBlbmFibGVkOiB0cnVlCiAgICBmc0dyb3VwOiAxMDAyCiAgICBzZWNjb21wUHJvZmlsZToKICAgICAgdHlwZTogIlJ1bnRpbWVEZWZhdWx0IgogIHNlcnZpY2U6CiAgICBwb3J0czoKICAgICAgaHR0cDogODUwMAoKc3RyZWFtaW5nOgogIHNlcnZpY2U6CiAgICBwb3J0czoKICAgICAgaHR0cDogODYwMAoKYXBhY2hlOgogIGVuYWJsZWQ6IHRydWUKICBzZXJ2aWNlOgogICAgdHlwZTogTG9hZEJhbGFuY2VyCiAgICBwb3J0czoKICAgICAgaHR0cDogODAKCnBvc3RncmVzcWw6CiAgZW5hYmxlZDogdHJ1ZQogIHByaW1hcnk6CiAgICBzZXJ2aWNlOgogICAgICBwb3J0czoKICAgICAgICBwb3N0Z3Jlc3FsOiA5MzkzCgptaW5pbzoKICBlbmFibGVkOiB0cnVlCiAgc2VydmljZToKICAgIHBvcnRzOgogICAgICBhcGk6IDgwMTEKCnJlZGlzOgogIGVuYWJsZWQ6IHRydWUKICBtYXN0ZXI6CiAgICBzZXJ2aWNlOgogICAgICBwb3J0czoKICAgICAgICByZWRpczogNjgwMAoKZWxhc3RpY3NlYXJjaDoKICBlbmFibGVkOiB0cnVlCiAgc2VydmljZToKICAgIHBvcnRzOgogICAgICByZXN0QVBJOiA3Nzc3Cg==",
+ "target_platform": {
+ "target_platform_id": "{VIB_ENV_TARGET_PLATFORM}",
+ "size": {
+ "name": "L4"
+ }
+ }
+ },
+ "actions": [
+ {
+ "action_id": "health-check",
+ "params": {
+ "endpoint": "lb-mastodon-apache-http",
+ "app_protocol": "HTTP"
+ }
+ },
+ {
+ "action_id": "goss",
+ "params": {
+ "vars_file": "vars.yaml",
+ "resources": {
+ "path": "/.vib/mastodon/goss"
+ },
+ "remote": {
+ "workload": "deploy-mastodon-web"
+ }
+ }
+ },
+ {
+ "action_id": "cypress",
+ "params": {
+ "resources": {
+ "path": "/.vib/mastodon/cypress"
+ },
+ "endpoint": "lb-mastodon-apache-http",
+ "app_protocol": "HTTP",
+ "env": {
+ "user": "vib-user@example.com",
+ "password": "bitnami!1234"
+ }
+ }
+ }
+ ]
+ },
+ "publish": {
+ "actions": [
+ {
+ "action_id": "helm-publish",
+ "params": {
+ "repository": {
+ "kind": "S3",
+ "url": "{VIB_ENV_S3_URL}",
+ "username": "{VIB_ENV_S3_USERNAME}",
+ "password": "{VIB_ENV_S3_PASSWORD}"
+ }
+ }
+ }
+ ]
+ }
+ }
+}
diff --git a/.vib/mastodon/vib-verify.json b/.vib/mastodon/vib-verify.json
new file mode 100644
index 0000000000..ed73725fe3
--- /dev/null
+++ b/.vib/mastodon/vib-verify.json
@@ -0,0 +1,70 @@
+{
+ "phases": {
+ "package": {
+ "context": {
+ "resources": {
+ "url": "{SHA_ARCHIVE}",
+ "path": "/bitnami/mastodon"
+ }
+ },
+ "actions": [
+ {
+ "action_id": "helm-package"
+ },
+ {
+ "action_id": "helm-lint"
+ }
+ ]
+ },
+ "verify": {
+ "context": {
+ "resources": {
+ "url": "{SHA_ARCHIVE}",
+ "path": "/bitnami/mastodon"
+ },
+ "runtime_parameters": "YWRtaW5FbWFpbDogInZpYi11c2VyQGV4YW1wbGUuY29tIgphZG1pblBhc3N3b3JkOiAiYml0bmFtaSExMjM0IgoKd2ViRG9tYWluOiBiaXRuYW1pLW1hc3RvZG9uLm15CgpzZXJ2aWNlQWNjb3VudDoKICBjcmVhdGU6IHRydWUKICBhdXRvbW91bnRTZXJ2aWNlQWNjb3VudFRva2VuOiB0cnVlCgp3ZWI6CiAgY29udGFpbmVyUG9ydHM6CiAgICBodHRwOiA4MTIzCiAgY29udGFpbmVyU2VjdXJpdHlDb250ZXh0OgogICAgZW5hYmxlZDogdHJ1ZQogICAgcnVuQXNVc2VyOiAxMDAyCiAgICBjYXBhYmlsaXRpZXM6CiAgICAgIGRyb3A6IFsiQUxMIl0KICBwb2RTZWN1cml0eUNvbnRleHQ6CiAgICBlbmFibGVkOiB0cnVlCiAgICBmc0dyb3VwOiAxMDAyCiAgICBzZWNjb21wUHJvZmlsZToKICAgICAgdHlwZTogIlJ1bnRpbWVEZWZhdWx0IgogIHNlcnZpY2U6CiAgICBwb3J0czoKICAgICAgaHR0cDogODUwMAoKc3RyZWFtaW5nOgogIHNlcnZpY2U6CiAgICBwb3J0czoKICAgICAgaHR0cDogODYwMAoKYXBhY2hlOgogIGVuYWJsZWQ6IHRydWUKICBzZXJ2aWNlOgogICAgdHlwZTogTG9hZEJhbGFuY2VyCiAgICBwb3J0czoKICAgICAgaHR0cDogODAKCnBvc3RncmVzcWw6CiAgZW5hYmxlZDogdHJ1ZQogIHByaW1hcnk6CiAgICBzZXJ2aWNlOgogICAgICBwb3J0czoKICAgICAgICBwb3N0Z3Jlc3FsOiA5MzkzCgptaW5pbzoKICBlbmFibGVkOiB0cnVlCiAgc2VydmljZToKICAgIHBvcnRzOgogICAgICBhcGk6IDgwMTEKCnJlZGlzOgogIGVuYWJsZWQ6IHRydWUKICBtYXN0ZXI6CiAgICBzZXJ2aWNlOgogICAgICBwb3J0czoKICAgICAgICByZWRpczogNjgwMAoKZWxhc3RpY3NlYXJjaDoKICBlbmFibGVkOiB0cnVlCiAgc2VydmljZToKICAgIHBvcnRzOgogICAgICByZXN0QVBJOiA3Nzc3Cg==",
+ "target_platform": {
+ "target_platform_id": "{VIB_ENV_TARGET_PLATFORM}",
+ "size": {
+ "name": "L4"
+ }
+ }
+ },
+ "actions": [
+ {
+ "action_id": "health-check",
+ "params": {
+ "endpoint": "lb-mastodon-apache-http",
+ "app_protocol": "HTTP"
+ }
+ },
+ {
+ "action_id": "goss",
+ "params": {
+ "vars_file": "vars.yaml",
+ "resources": {
+ "path": "/.vib/mastodon/goss"
+ },
+ "remote": {
+ "workload": "deploy-mastodon-web"
+ }
+ }
+ },
+ {
+ "action_id": "cypress",
+ "params": {
+ "resources": {
+ "path": "/.vib/mastodon/cypress"
+ },
+ "endpoint": "lb-mastodon-apache-http",
+ "app_protocol": "HTTP",
+ "env": {
+ "user": "vib-user@example.com",
+ "password": "bitnami!1234"
+ }
+ }
+ }
+ ]
+ }
+ }
+}
diff --git a/bitnami/mastodon/.helmignore b/bitnami/mastodon/.helmignore
new file mode 100644
index 0000000000..f0c1319444
--- /dev/null
+++ b/bitnami/mastodon/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/bitnami/mastodon/Chart.lock b/bitnami/mastodon/Chart.lock
new file mode 100644
index 0000000000..f026866d82
--- /dev/null
+++ b/bitnami/mastodon/Chart.lock
@@ -0,0 +1,21 @@
+dependencies:
+- name: redis
+ repository: https://charts.bitnami.com/bitnami
+ version: 17.3.16
+- name: postgresql
+ repository: https://charts.bitnami.com/bitnami
+ version: 12.1.4
+- name: elasticsearch
+ repository: https://charts.bitnami.com/bitnami
+ version: 19.5.5
+- name: minio
+ repository: https://charts.bitnami.com/bitnami
+ version: 11.10.24
+- name: apache
+ repository: https://charts.bitnami.com/bitnami
+ version: 9.2.9
+- name: common
+ repository: https://charts.bitnami.com/bitnami
+ version: 2.2.2
+digest: sha256:def9ee4aa3be780c93b0715db971f2143ca020fab4565a8c7b93a373673b6663
+generated: "2022-12-15T15:51:11.328487+01:00"
diff --git a/bitnami/mastodon/Chart.yaml b/bitnami/mastodon/Chart.yaml
new file mode 100644
index 0000000000..62ba7b1df3
--- /dev/null
+++ b/bitnami/mastodon/Chart.yaml
@@ -0,0 +1,45 @@
+annotations:
+ category: CMS
+apiVersion: v2
+appVersion: 4.0.2
+dependencies:
+ - condition: redis.enabled
+ name: redis
+ repository: https://charts.bitnami.com/bitnami
+ version: 17.x.x
+ - condition: postgresql.enabled
+ name: postgresql
+ repository: https://charts.bitnami.com/bitnami
+ version: 12.x.x
+ - condition: elasticsearch.enabled
+ name: elasticsearch
+ repository: https://charts.bitnami.com/bitnami
+ version: 19.x.x
+ - condition: minio.enabled
+ name: minio
+ repository: https://charts.bitnami.com/bitnami
+ version: 11.x.x
+ - condition: apache.enabled
+ name: apache
+ repository: https://charts.bitnami.com/bitnami
+ version: 9.x.x
+ - name: common
+ repository: https://charts.bitnami.com/bitnami
+ tags:
+ - bitnami-common
+ version: 2.x.x
+description: Mastodon is self-hosted social network server based on ActivityPub. Written in Ruby, features real-time updates, multimedia attachments and no vendor lock-in.
+engine: gotpl
+home: https://joinmastodon.org/
+icon: https://bitnami.com/assets/stacks/mastodon/img/mastodon-stack-220x234.png
+keywords:
+ - development
+ - dashboards
+maintainers:
+ - name: Bitnami
+ url: https://github.com/bitnami/charts
+name: mastodon
+sources:
+ - https://github.com/bitnami/containers/tree/main/bitnami/mastodon
+ - https://github.com/mastodon/mastodon/
+version: 0.1.0
diff --git a/bitnami/mastodon/README.md b/bitnami/mastodon/README.md
new file mode 100644
index 0000000000..79ea5c1908
--- /dev/null
+++ b/bitnami/mastodon/README.md
@@ -0,0 +1,668 @@
+
+
+# Mastodon packaged by Bitnami
+
+Mastodon is self-hosted social network server based on ActivityPub. Written in Ruby, features real-time updates, multimedia attachments and no vendor lock-in.
+
+[Overview of Mastodon](https://joinmastodon.org/)
+
+Trademarks: This software listing is packaged by Bitnami. The respective trademarks mentioned in the offering are owned by the respective companies, and use of them does not imply any affiliation or endorsement.
+
+## TL;DR
+
+```console
+$ helm repo add my-repo https://charts.bitnami.com/bitnami
+$ helm install my-release my-repo/mastodon
+```
+
+## Introduction
+
+Bitnami charts for Helm are carefully engineered, actively maintained and are the quickest and easiest way to deploy containers on a Kubernetes cluster that are ready to handle production workloads.
+
+This chart bootstraps an [Mastodon](https://www.mastodon.com/) Deployment in a [Kubernetes](https://kubernetes.io) cluster using the [Helm](https://helm.sh) package manager.
+
+Bitnami charts can be used with [Kubeapps](https://kubeapps.com/) for deployment and management of Helm charts in clusters.
+
+[Learn more about the default configuration of the chart](https://docs.bitnami.com/kubernetes/infrastructure/mastodon/get-started/).
+
+## Prerequisites
+
+- Kubernetes 1.19+
+- Helm 3.2.0+
+- PV provisioner support in the underlying infrastructure
+
+## Installing the Chart
+
+To install the chart with the release name `my-release`:
+
+```console
+helm install my-release my-repo/mastodon
+```
+
+The command deploys Mastodon on the Kubernetes cluster in the default configuration. The [Parameters](#parameters) section lists the parameters that can be configured during installation.
+
+> **Tip**: List all releases using `helm list`
+
+## Uninstalling the Chart
+
+To uninstall/delete the `my-release` deployment:
+
+```console
+helm delete my-release
+```
+
+The command removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Parameters
+
+### Global parameters
+
+| Name | Description | Value |
+| ------------------------- | ----------------------------------------------- | ----- |
+| `global.imageRegistry` | Global Docker image registry | `""` |
+| `global.imagePullSecrets` | Global Docker registry secret names as an array | `[]` |
+| `global.storageClass` | Global StorageClass for Persistent Volume(s) | `""` |
+
+
+### Common parameters
+
+| Name | Description | Value |
+| ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------- |
+| `kubeVersion` | Override Kubernetes version | `""` |
+| `nameOverride` | String to partially override common.names.name | `""` |
+| `fullnameOverride` | String to fully override common.names.fullname | `""` |
+| `namespaceOverride` | String to fully override common.names.namespace | `""` |
+| `commonLabels` | Labels to add to all deployed objects | `{}` |
+| `commonAnnotations` | Annotations to add to all deployed objects | `{}` |
+| `clusterDomain` | Kubernetes cluster domain name | `cluster.local` |
+| `extraDeploy` | Array of extra objects to deploy with the release | `[]` |
+| `diagnosticMode.enabled` | Enable diagnostic mode (all probes will be disabled and the command will be overridden) | `false` |
+| `diagnosticMode.command` | Command to override all containers in the deployment | `["sleep"]` |
+| `diagnosticMode.args` | Args to override all containers in the deployment | `["infinity"]` |
+| `image.registry` | Mastodon image registry | `docker.io` |
+| `image.repository` | Mastodon image repository | `bitnami/mastodon` |
+| `image.tag` | Mastodon image tag (immutable tags are recommended) | `4.0.2-debian-11-r6` |
+| `image.digest` | Mastodon image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended) | `""` |
+| `image.pullPolicy` | Mastodon image pull policy | `IfNotPresent` |
+| `image.pullSecrets` | Mastodon image pull secrets | `[]` |
+| `image.debug` | Enable Mastodon image debug mode | `false` |
+
+
+### Mastodon common parameters
+
+| Name | Description | Value |
+| ------------------------------ | ------------------------------------------------------------------------------ | ------------------ |
+| `adminUser` | Mastodon admin username | `user` |
+| `adminEmail` | Mastodon admin email | `user@example.com` |
+| `adminPassword` | Mastodon admin password | `""` |
+| `defaultConfig` | Default configuration for Mastodon in the form of environment variables | `""` |
+| `defaultSecretConfig` | Default secret configuration for Mastodon in the form of environment variables | `""` |
+| `extraConfig` | Extra configuration for Mastodon in the form of environment variables | `{}` |
+| `extraSecretConfig` | Extra secret configuration for Mastodon in the form of environment variables | `{}` |
+| `existingConfigmap` | The name of an existing ConfigMap with your default configuration for Mastodon | `""` |
+| `existingSecret` | The name of an existing Secret with your default configuration for Mastodon | `""` |
+| `extraConfigExistingConfigmap` | The name of an existing ConfigMap with your extra configuration for Mastodon | `""` |
+| `extraConfigExistingSecret` | The name of an existing Secret with your extra configuration for Mastodon | `""` |
+| `enableSearches` | Enable the search engine (uses Elasticsearch under the hood) | `true` |
+| `enableS3` | Enable the S3 storage engine | `true` |
+| `webDomain` | Web domain for Mastodon | `""` |
+| `s3AliasHost` | S3 alias host for Mastodon (will use http://webDomain/bucket if not set) | `""` |
+
+
+### Mastodon Web Parameters
+
+| Name | Description | Value |
+| ------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------- |
+| `web.replicaCount` | Number of Mastodon web replicas to deploy | `1` |
+| `web.containerPorts.http` | Mastodon web HTTP container port | `3000` |
+| `web.livenessProbe.enabled` | Enable livenessProbe on Mastodon web containers | `true` |
+| `web.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` |
+| `web.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
+| `web.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
+| `web.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
+| `web.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
+| `web.readinessProbe.enabled` | Enable readinessProbe on Mastodon web containers | `true` |
+| `web.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` |
+| `web.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
+| `web.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
+| `web.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
+| `web.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
+| `web.startupProbe.enabled` | Enable startupProbe on Mastodon web containers | `false` |
+| `web.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` |
+| `web.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
+| `web.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
+| `web.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
+| `web.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
+| `web.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
+| `web.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
+| `web.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
+| `web.resources.limits` | The resources limits for the Mastodon web containers | `{}` |
+| `web.resources.requests` | The requested resources for the Mastodon web containers | `{}` |
+| `web.podSecurityContext.enabled` | Enabled Mastodon web pods' Security Context | `true` |
+| `web.podSecurityContext.fsGroup` | Set Mastodon web pod's Security Context fsGroup | `1001` |
+| `web.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
+| `web.containerSecurityContext.enabled` | Enabled Mastodon web containers' Security Context | `true` |
+| `web.containerSecurityContext.runAsUser` | Set Mastodon web containers' Security Context runAsUser | `1001` |
+| `web.containerSecurityContext.runAsNonRoot` | Set Mastodon web containers' Security Context runAsNonRoot | `true` |
+| `web.containerSecurityContext.readOnlyRootFilesystem` | Set Mastodon web containers' Security Context runAsNonRoot | `false` |
+| `web.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
+| `web.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
+| `web.command` | Override default container command (useful when using custom images) | `[]` |
+| `web.args` | Override default container args (useful when using custom images) | `[]` |
+| `web.hostAliases` | Mastodon web pods host aliases | `[]` |
+| `web.podLabels` | Extra labels for Mastodon web pods | `{}` |
+| `web.podAnnotations` | Annotations for Mastodon web pods | `{}` |
+| `web.podAffinityPreset` | Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` |
+| `web.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
+| `web.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard` | `""` |
+| `web.nodeAffinityPreset.key` | Node label key to match. Ignored if `web.affinity` is set | `""` |
+| `web.nodeAffinityPreset.values` | Node label values to match. Ignored if `web.affinity` is set | `[]` |
+| `web.affinity` | Affinity for Mastodon web pods assignment | `{}` |
+| `web.nodeSelector` | Node labels for Mastodon web pods assignment | `{}` |
+| `web.tolerations` | Tolerations for Mastodon web pods assignment | `[]` |
+| `web.updateStrategy.type` | Mastodon web statefulset strategy type | `RollingUpdate` |
+| `web.priorityClassName` | Mastodon web pods' priorityClassName | `""` |
+| `web.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
+| `web.schedulerName` | Name of the k8s scheduler (other than default) for Mastodon web pods | `""` |
+| `web.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
+| `web.lifecycleHooks` | for the Mastodon web container(s) to automate configuration before or after startup | `{}` |
+| `web.extraEnvVars` | Array with extra environment variables to add to Mastodon web nodes | `[]` |
+| `web.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Mastodon web nodes | `""` |
+| `web.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Mastodon web nodes | `""` |
+| `web.extraVolumes` | Optionally specify extra list of additional volumes for the Mastodon web pod(s) | `[]` |
+| `web.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Mastodon web container(s) | `[]` |
+| `web.sidecars` | Add additional sidecar containers to the Mastodon web pod(s) | `[]` |
+| `web.initContainers` | Add additional init containers to the Mastodon web pod(s) | `[]` |
+
+
+### Mastodon Web Traffic Exposure Parameters
+
+| Name | Description | Value |
+| -------------------------------------- | --------------------------------------------------------------------------------------- | ----------- |
+| `web.service.type` | Mastodon web service type | `ClusterIP` |
+| `web.service.ports.http` | Mastodon web service HTTP port | `80` |
+| `web.service.nodePorts.http` | Node port for HTTP | `""` |
+| `web.service.clusterIP` | Mastodon web service Cluster IP | `""` |
+| `web.service.loadBalancerIP` | Mastodon web service Load Balancer IP | `""` |
+| `web.service.loadBalancerSourceRanges` | Mastodon web service Load Balancer sources | `[]` |
+| `web.service.externalTrafficPolicy` | Mastodon web service external traffic policy | `Cluster` |
+| `web.service.annotations` | Additional custom annotations for Mastodon web service | `{}` |
+| `web.service.extraPorts` | Extra ports to expose in Mastodon web service (normally used with the `sidecars` value) | `[]` |
+| `web.service.sessionAffinity` | Control where web requests go, to the same pod or round-robin | `None` |
+| `web.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
+
+
+### Mastodon Sidekiq Parameters
+
+| Name | Description | Value |
+| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------- |
+| `sidekiq.replicaCount` | Number of Mastodon sidekiq replicas to deploy | `1` |
+| `sidekiq.livenessProbe.enabled` | Enable livenessProbe on Mastodon sidekiq containers | `true` |
+| `sidekiq.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` |
+| `sidekiq.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
+| `sidekiq.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
+| `sidekiq.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
+| `sidekiq.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
+| `sidekiq.readinessProbe.enabled` | Enable readinessProbe on Mastodon sidekiq containers | `true` |
+| `sidekiq.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` |
+| `sidekiq.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
+| `sidekiq.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
+| `sidekiq.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
+| `sidekiq.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
+| `sidekiq.startupProbe.enabled` | Enable startupProbe on Mastodon sidekiq containers | `false` |
+| `sidekiq.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` |
+| `sidekiq.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
+| `sidekiq.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
+| `sidekiq.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
+| `sidekiq.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
+| `sidekiq.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
+| `sidekiq.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
+| `sidekiq.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
+| `sidekiq.resources.limits` | The resources limits for the Mastodon sidekiq containers | `{}` |
+| `sidekiq.resources.requests` | The requested resources for the Mastodon sidekiq containers | `{}` |
+| `sidekiq.podSecurityContext.enabled` | Enabled Mastodon sidekiq pods' Security Context | `true` |
+| `sidekiq.podSecurityContext.fsGroup` | Set Mastodon sidekiq pod's Security Context fsGroup | `1001` |
+| `sidekiq.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
+| `sidekiq.containerSecurityContext.enabled` | Enabled Mastodon sidekiq containers' Security Context | `true` |
+| `sidekiq.containerSecurityContext.runAsUser` | Set Mastodon sidekiq containers' Security Context runAsUser | `1001` |
+| `sidekiq.containerSecurityContext.runAsNonRoot` | Set Mastodon sidekiq containers' Security Context runAsNonRoot | `true` |
+| `sidekiq.containerSecurityContext.readOnlyRootFilesystem` | Set Mastodon sidekiq containers' Security Context runAsNonRoot | `false` |
+| `sidekiq.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
+| `sidekiq.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
+| `sidekiq.command` | Override default container command (useful when using custom images) | `[]` |
+| `sidekiq.args` | Override default container args (useful when using custom images) | `[]` |
+| `sidekiq.hostAliases` | Mastodon sidekiq pods host aliases | `[]` |
+| `sidekiq.podLabels` | Extra labels for Mastodon sidekiq pods | `{}` |
+| `sidekiq.podAnnotations` | Annotations for Mastodon sidekiq pods | `{}` |
+| `sidekiq.podAffinityPreset` | Pod affinity preset. Ignored if `sidekiq.affinity` is set. Allowed values: `soft` or `hard` | `""` |
+| `sidekiq.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `sidekiq.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
+| `sidekiq.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `sidekiq.affinity` is set. Allowed values: `soft` or `hard` | `""` |
+| `sidekiq.nodeAffinityPreset.key` | Node label key to match. Ignored if `sidekiq.affinity` is set | `""` |
+| `sidekiq.nodeAffinityPreset.values` | Node label values to match. Ignored if `sidekiq.affinity` is set | `[]` |
+| `sidekiq.affinity` | Affinity for Mastodon sidekiq pods assignment | `{}` |
+| `sidekiq.nodeSelector` | Node labels for Mastodon sidekiq pods assignment | `{}` |
+| `sidekiq.tolerations` | Tolerations for Mastodon sidekiq pods assignment | `[]` |
+| `sidekiq.updateStrategy.type` | Mastodon sidekiq statefulset strategy type | `RollingUpdate` |
+| `sidekiq.priorityClassName` | Mastodon sidekiq pods' priorityClassName | `""` |
+| `sidekiq.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
+| `sidekiq.schedulerName` | Name of the k8s scheduler (other than default) for Mastodon sidekiq pods | `""` |
+| `sidekiq.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
+| `sidekiq.lifecycleHooks` | for the Mastodon sidekiq container(s) to automate configuration before or after startup | `{}` |
+| `sidekiq.extraEnvVars` | Array with extra environment variables to add to Mastodon sidekiq nodes | `[]` |
+| `sidekiq.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Mastodon sidekiq nodes | `""` |
+| `sidekiq.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Mastodon sidekiq nodes | `""` |
+| `sidekiq.extraVolumes` | Optionally specify extra list of additional volumes for the Mastodon sidekiq pod(s) | `[]` |
+| `sidekiq.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Mastodon sidekiq container(s) | `[]` |
+| `sidekiq.sidecars` | Add additional sidecar containers to the Mastodon sidekiq pod(s) | `[]` |
+| `sidekiq.initContainers` | Add additional init containers to the Mastodon sidekiq pod(s) | `[]` |
+
+
+### Mastodon Streaming Parameters
+
+| Name | Description | Value |
+| ------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------ | ---------------- |
+| `streaming.replicaCount` | Number of Mastodon streaming replicas to deploy | `1` |
+| `streaming.containerPorts.http` | Mastodon streaming HTTP container port | `8080` |
+| `streaming.livenessProbe.enabled` | Enable livenessProbe on Mastodon streaming containers | `true` |
+| `streaming.livenessProbe.initialDelaySeconds` | Initial delay seconds for livenessProbe | `10` |
+| `streaming.livenessProbe.periodSeconds` | Period seconds for livenessProbe | `10` |
+| `streaming.livenessProbe.timeoutSeconds` | Timeout seconds for livenessProbe | `5` |
+| `streaming.livenessProbe.failureThreshold` | Failure threshold for livenessProbe | `6` |
+| `streaming.livenessProbe.successThreshold` | Success threshold for livenessProbe | `1` |
+| `streaming.readinessProbe.enabled` | Enable readinessProbe on Mastodon streaming containers | `true` |
+| `streaming.readinessProbe.initialDelaySeconds` | Initial delay seconds for readinessProbe | `10` |
+| `streaming.readinessProbe.periodSeconds` | Period seconds for readinessProbe | `10` |
+| `streaming.readinessProbe.timeoutSeconds` | Timeout seconds for readinessProbe | `5` |
+| `streaming.readinessProbe.failureThreshold` | Failure threshold for readinessProbe | `6` |
+| `streaming.readinessProbe.successThreshold` | Success threshold for readinessProbe | `1` |
+| `streaming.startupProbe.enabled` | Enable startupProbe on Mastodon streaming containers | `false` |
+| `streaming.startupProbe.initialDelaySeconds` | Initial delay seconds for startupProbe | `10` |
+| `streaming.startupProbe.periodSeconds` | Period seconds for startupProbe | `10` |
+| `streaming.startupProbe.timeoutSeconds` | Timeout seconds for startupProbe | `5` |
+| `streaming.startupProbe.failureThreshold` | Failure threshold for startupProbe | `6` |
+| `streaming.startupProbe.successThreshold` | Success threshold for startupProbe | `1` |
+| `streaming.customLivenessProbe` | Custom livenessProbe that overrides the default one | `{}` |
+| `streaming.customReadinessProbe` | Custom readinessProbe that overrides the default one | `{}` |
+| `streaming.customStartupProbe` | Custom startupProbe that overrides the default one | `{}` |
+| `streaming.resources.limits` | The resources limits for the Mastodon streaming containers | `{}` |
+| `streaming.resources.requests` | The requested resources for the Mastodon streaming containers | `{}` |
+| `streaming.podSecurityContext.enabled` | Enabled Mastodon streaming pods' Security Context | `true` |
+| `streaming.podSecurityContext.fsGroup` | Set Mastodon streaming pod's Security Context fsGroup | `1001` |
+| `streaming.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
+| `streaming.containerSecurityContext.enabled` | Enabled Mastodon streaming containers' Security Context | `true` |
+| `streaming.containerSecurityContext.runAsUser` | Set Mastodon streaming containers' Security Context runAsUser | `1001` |
+| `streaming.containerSecurityContext.runAsNonRoot` | Set Mastodon streaming containers' Security Context runAsNonRoot | `true` |
+| `streaming.containerSecurityContext.readOnlyRootFilesystem` | Set Mastodon streaming containers' Security Context runAsNonRoot | `false` |
+| `streaming.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
+| `streaming.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
+| `streaming.command` | Override default container command (useful when using custom images) | `[]` |
+| `streaming.args` | Override default container args (useful when using custom images) | `[]` |
+| `streaming.hostAliases` | Mastodon streaming pods host aliases | `[]` |
+| `streaming.podLabels` | Extra labels for Mastodon streaming pods | `{}` |
+| `streaming.podAnnotations` | Annotations for Mastodon streaming pods | `{}` |
+| `streaming.podAffinityPreset` | Pod affinity preset. Ignored if `streaming.affinity` is set. Allowed values: `soft` or `hard` | `""` |
+| `streaming.podAntiAffinityPreset` | Pod anti-affinity preset. Ignored if `streaming.affinity` is set. Allowed values: `soft` or `hard` | `soft` |
+| `streaming.nodeAffinityPreset.type` | Node affinity preset type. Ignored if `streaming.affinity` is set. Allowed values: `soft` or `hard` | `""` |
+| `streaming.nodeAffinityPreset.key` | Node label key to match. Ignored if `streaming.affinity` is set | `""` |
+| `streaming.nodeAffinityPreset.values` | Node label values to match. Ignored if `streaming.affinity` is set | `[]` |
+| `streaming.affinity` | Affinity for Mastodon streaming pods assignment | `{}` |
+| `streaming.nodeSelector` | Node labels for Mastodon streaming pods assignment | `{}` |
+| `streaming.tolerations` | Tolerations for Mastodon streaming pods assignment | `[]` |
+| `streaming.updateStrategy.type` | Mastodon streaming statefulset strategy type | `RollingUpdate` |
+| `streaming.priorityClassName` | Mastodon streaming pods' priorityClassName | `""` |
+| `streaming.topologySpreadConstraints` | Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template | `[]` |
+| `streaming.schedulerName` | Name of the k8s scheduler (other than default) for Mastodon streaming pods | `""` |
+| `streaming.terminationGracePeriodSeconds` | Seconds Redmine pod needs to terminate gracefully | `""` |
+| `streaming.lifecycleHooks` | for the Mastodon streaming container(s) to automate configuration before or after startup | `{}` |
+| `streaming.extraEnvVars` | Array with extra environment variables to add to Mastodon streaming nodes | `[]` |
+| `streaming.extraEnvVarsCM` | Name of existing ConfigMap containing extra env vars for Mastodon streaming nodes | `""` |
+| `streaming.extraEnvVarsSecret` | Name of existing Secret containing extra env vars for Mastodon streaming nodes | `""` |
+| `streaming.extraVolumes` | Optionally specify extra list of additional volumes for the Mastodon streaming pod(s) | `[]` |
+| `streaming.extraVolumeMounts` | Optionally specify extra list of additional volumeMounts for the Mastodon streaming container(s) | `[]` |
+| `streaming.sidecars` | Add additional sidecar containers to the Mastodon streaming pod(s) | `[]` |
+| `streaming.initContainers` | Add additional init containers to the Mastodon streaming pod(s) | `[]` |
+
+
+### Mastodon Streaming Traffic Exposure Parameters
+
+| Name | Description | Value |
+| -------------------------------------------- | --------------------------------------------------------------------------------------------- | ----------- |
+| `streaming.service.type` | Mastodon streaming service type | `ClusterIP` |
+| `streaming.service.ports.http` | Mastodon streaming service HTTP port | `80` |
+| `streaming.service.nodePorts.http` | Node port for HTTP | `""` |
+| `streaming.service.clusterIP` | Mastodon streaming service Cluster IP | `""` |
+| `streaming.service.loadBalancerIP` | Mastodon streaming service Load Balancer IP | `""` |
+| `streaming.service.loadBalancerSourceRanges` | Mastodon streaming service Load Balancer sources | `[]` |
+| `streaming.service.externalTrafficPolicy` | Mastodon streaming service external traffic policy | `Cluster` |
+| `streaming.service.annotations` | Additional custom annotations for Mastodon streaming service | `{}` |
+| `streaming.service.extraPorts` | Extra ports to expose in Mastodon streaming service (normally used with the `sidecars` value) | `[]` |
+| `streaming.service.sessionAffinity` | Control where streaming requests go, to the same pod or round-robin | `None` |
+| `streaming.service.sessionAffinityConfig` | Additional settings for the sessionAffinity | `{}` |
+
+
+### Mastodon Migration job Parameters
+
+| Name | Description | Value |
+| ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ---------------- |
+| `initJob.precompileAssets` | Execute rake assets:precompile as part of the job | `true` |
+| `initJob.migrateDB` | Execute rake db:migrate as part of the job | `true` |
+| `initJob.migrateElasticsearch` | Execute rake chewy:upgrade as part of the job | `true` |
+| `initJob.createAdmin` | Create admin user as part of the job | `true` |
+| `initJob.backoffLimit` | set backoff limit of the job | `10` |
+| `initJob.extraVolumes` | Optionally specify extra list of additional volumes for the Mastodon init job | `[]` |
+| `initJob.containerSecurityContext.enabled` | Enabled Mastodon init job containers' Security Context | `true` |
+| `initJob.containerSecurityContext.runAsUser` | Set Mastodon init job containers' Security Context runAsUser | `1001` |
+| `initJob.containerSecurityContext.runAsNonRoot` | Set Mastodon init job containers' Security Context runAsNonRoot | `true` |
+| `initJob.containerSecurityContext.readOnlyRootFilesystem` | Set Mastodon init job containers' Security Context runAsNonRoot | `false` |
+| `initJob.containerSecurityContext.allowPrivilegeEscalation` | Set container's privilege escalation | `false` |
+| `initJob.containerSecurityContext.capabilities.drop` | Set container's Security Context runAsNonRoot | `["ALL"]` |
+| `initJob.podSecurityContext.enabled` | Enabled Mastodon init job pods' Security Context | `true` |
+| `initJob.podSecurityContext.fsGroup` | Set Mastodon init job pod's Security Context fsGroup | `1001` |
+| `initJob.podSecurityContext.seccompProfile.type` | Set container's Security Context seccomp profile | `RuntimeDefault` |
+| `initJob.extraEnvVars` | Array containing extra env vars to configure the Mastodon init job | `[]` |
+| `initJob.extraEnvVarsCM` | ConfigMap containing extra env vars to configure the Mastodon init job | `""` |
+| `initJob.extraEnvVarsSecret` | Secret containing extra env vars to configure the Mastodon init job (in case of sensitive data) | `""` |
+| `initJob.extraVolumeMounts` | Array of extra volume mounts to be added to the Mastodon Container (evaluated as template). Normally used with `extraVolumes`. | `[]` |
+| `initJob.resources.limits` | The resources limits for the container | `{}` |
+| `initJob.resources.requests` | The requested resources for the container | `{}` |
+| `initJob.hostAliases` | Add deployment host aliases | `[]` |
+| `initJob.annotations` | Add annotations to the job | `{}` |
+| `initJob.podLabels` | Additional pod labels | `{}` |
+| `initJob.podAnnotations` | Additional pod annotations | `{}` |
+
+
+### Persistence Parameters (only when S3 is disabled)
+
+| Name | Description | Value |
+| --------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------- |
+| `persistence.enabled` | Enable persistence using Persistent Volume Claims | `false` |
+| `persistence.mountPath` | Path to mount the volume at. | `/bitnami/mastodon` |
+| `persistence.subPath` | The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services | `""` |
+| `persistence.storageClass` | Storage class of backing PVC | `""` |
+| `persistence.annotations` | Persistent Volume Claim annotations | `{}` |
+| `persistence.accessModes` | Persistent Volume Access Modes | `["ReadWriteOnce"]` |
+| `persistence.size` | Size of data volume | `8Gi` |
+| `persistence.existingClaim` | The name of an existing PVC to use for persistence | `""` |
+| `persistence.selector` | Selector to match an existing Persistent Volume for WordPress data PVC | `{}` |
+| `persistence.dataSource` | Custom PVC data source | `{}` |
+
+
+### Init Container Parameters
+
+| Name | Description | Value |
+| ------------------------------------------------------ | ----------------------------------------------------------------------------------------------- | ----------------------- |
+| `volumePermissions.enabled` | Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup` | `false` |
+| `volumePermissions.image.registry` | Bitnami Shell image registry | `docker.io` |
+| `volumePermissions.image.repository` | Bitnami Shell image repository | `bitnami/bitnami-shell` |
+| `volumePermissions.image.tag` | Bitnami Shell image tag (immutable tags are recommended) | `11-debian-11-r57` |
+| `volumePermissions.image.pullPolicy` | Bitnami Shell image pull policy | `IfNotPresent` |
+| `volumePermissions.image.pullSecrets` | Bitnami Shell image pull secrets | `[]` |
+| `volumePermissions.resources.limits` | The resources limits for the init container | `{}` |
+| `volumePermissions.resources.requests` | The requested resources for the init container | `{}` |
+| `volumePermissions.containerSecurityContext.runAsUser` | Set init container's Security Context runAsUser | `0` |
+
+
+### Other Parameters
+
+| Name | Description | Value |
+| --------------------------------------------- | ----------------------------------------------------------------------- | ------------- |
+| `serviceAccount.create` | Specifies whether a ServiceAccount should be created | `true` |
+| `serviceAccount.name` | The name of the ServiceAccount to use. | `""` |
+| `serviceAccount.annotations` | Additional Service Account annotations (evaluated as a template) | `{}` |
+| `serviceAccount.automountServiceAccountToken` | Automount service account token for the server service account | `true` |
+| `externalDatabase.host` | Database host | `""` |
+| `externalDatabase.port` | Database port number | `5432` |
+| `externalDatabase.user` | Non-root username for JupyterHub | `postgres` |
+| `externalDatabase.password` | Password for the non-root username for JupyterHub | `""` |
+| `externalDatabase.database` | JupyterHub database name | `mastodon` |
+| `externalDatabase.existingSecret` | Name of an existing secret resource containing the database credentials | `""` |
+| `externalDatabase.existingSecretPasswordKey` | Name of an existing secret key containing the database credentials | `db-password` |
+
+
+### External Redis parameters
+
+| Name | Description | Value |
+| ----------------------------------------- | -------------------------------------------------------------------- | ------ |
+| `externalRedis.host` | Redis host | `""` |
+| `externalRedis.port` | Redis port number | `6379` |
+| `externalRedis.password` | Password for the Redis | `""` |
+| `externalRedis.existingSecret` | Name of an existing secret resource containing the Redis credentials | `""` |
+| `externalRedis.existingSecretPasswordKey` | Name of an existing secret key containing the Redis credentials | `""` |
+
+
+### External S3 parameters
+
+| Name | Description | Value |
+| ----------------------------------------- | ------------------------------------------------------------------ | --------------- |
+| `externalS3.host` | External S3 host | `""` |
+| `externalS3.port` | External S3 port number | `443` |
+| `externalS3.accessKeyID` | External S3 access key ID | `""` |
+| `externalS3.accessKeySecret` | External S3 access key secret | `""` |
+| `externalS3.existingSecret` | Name of an existing secret resource containing the S3 credentials | `""` |
+| `externalS3.existingSecretAccessKeyIDKey` | Name of an existing secret key containing the S3 access key ID | `root-user` |
+| `externalS3.existingSecretKeySecretKey` | Name of an existing secret key containing the S3 access key secret | `root-password` |
+| `externalS3.protocol` | External S3 protocol | `https` |
+| `externalS3.bucket` | External S3 bucket | `mastodon` |
+| `externalS3.region` | External S3 region | `us-east-1` |
+
+
+### External elasticsearch configuration
+
+| Name | Description | Value |
+| ------------------------------------------------- | ---------------------------------------------------------------------------- | ------------------------ |
+| `externalElasticsearch.host` | Host of the external elasticsearch server | `""` |
+| `externalElasticsearch.port` | Port of the external elasticsearch server | `""` |
+| `externalElasticsearch.password` | Password for the external elasticsearch server | `""` |
+| `externalElasticsearch.existingSecret` | Name of an existing secret resource containing the elasticsearch credentials | `""` |
+| `externalElasticsearch.existingSecretPasswordKey` | Name of an existing secret key containing the elasticsearch credentials | `elasticsearch-password` |
+
+
+### Redis sub-chart parameters
+
+| Name | Description | Value |
+| ---------------------------------- | ---------------------------------------------- | ------------ |
+| `redis.enabled` | Deploy Redis subchart | `true` |
+| `redis.architecture` | Set Redis architecture | `standalone` |
+| `redis.existingSecret` | Name of a secret containing redis credentials | `""` |
+| `redis.master.service.ports.redis` | Redis port | `6379` |
+| `redis.auth.enabled` | Enable Redis auth | `true` |
+| `redis.auth.password` | Redis password | `""` |
+| `redis.auth.existingSecret` | Name of a secret containing the Redis password | `""` |
+
+
+### PostgreSQL chart configuration
+
+| Name | Description | Value |
+| --------------------------------------------- | --------------------------------------------------------- | ------------------ |
+| `postgresql.enabled` | Switch to enable or disable the PostgreSQL helm chart | `true` |
+| `postgresql.auth.username` | Name for a custom user to create | `bn_mastodon` |
+| `postgresql.auth.password` | Password for the custom user to create | `""` |
+| `postgresql.auth.database` | Name for a custom database to create | `bitnami_mastodon` |
+| `postgresql.auth.existingSecret` | Name of existing secret to use for PostgreSQL credentials | `""` |
+| `postgresql.architecture` | PostgreSQL architecture (`standalone` or `replication`) | `standalone` |
+| `postgresql.primary.service.ports.postgresql` | PostgreSQL service port | `5432` |
+
+
+### MinIO® chart parameters
+
+| Name | Description | Value |
+| ---------------------------------- | --------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------ |
+| `minio` | For full list of MinIO® values configurations please refere [here](https://github.com/bitnami/charts/tree/main/bitnami/minio) | |
+| `minio.enabled` | Enable/disable MinIO® chart installation | `true` |
+| `minio.auth.rootUser` | MinIO® root username | `admin` |
+| `minio.auth.rootPassword` | Password for MinIO® root user | `""` |
+| `minio.auth.existingSecret` | Name of an existing secret containing the MinIO® credentials | `""` |
+| `minio.defaultBuckets` | Comma, semi-colon or space separated list of MinIO® buckets to create | `s3storage` |
+| `minio.provisioning.enabled` | Enable/disable MinIO® provisioning job | `true` |
+| `minio.provisioning.extraCommands` | Extra commands to run on MinIO® provisioning job | `["mc anonymous set download provisioning/s3storage"]` |
+| `minio.tls.enabled` | Enable/disable MinIO® TLS support | `false` |
+| `minio.service.type` | MinIO® service type | `ClusterIP` |
+| `minio.service.loadBalancerIP` | MinIO® service LoadBalancer IP | `""` |
+| `minio.service.ports.api` | MinIO® service port | `80` |
+
+
+### Elasticsearch chart configuration
+
+| Name | Description | Value |
+| ------------------------------------------- | --------------------------------------------------------------------------- | ------- |
+| `elasticsearch.enabled` | Whether to deploy a elasticsearch server to use as Mastodon's search engine | `true` |
+| `elasticsearch.sysctlImage.enabled` | Enable kernel settings modifier image for Elasticsearch | `true` |
+| `elasticsearch.security.enabled` | Enable security settings for Elasticsearch | `false` |
+| `elasticsearch.security.existingSecret` | Name of an existing secret containing the elasticsearch credentials | `""` |
+| `elasticsearch.security.tls.restEncryption` | Enable TLS encryption for REST API | `false` |
+| `elasticsearch.master.replicaCount` | Desired number of Elasticsearch master-eligible nodes | `1` |
+| `elasticsearch.coordinating.replicaCount` | Desired number of Elasticsearch coordinating-only nodes | `1` |
+| `elasticsearch.data.replicaCount` | Desired number of Elasticsearch data nodes | `1` |
+| `elasticsearch.ingest.replicaCount` | Desired number of Elasticsearch ingest nodes | `1` |
+| `elasticsearch.service.ports.restAPI` | Elasticsearch REST API port | `9200` |
+
+
+### Apache chart configuration
+
+| Name | Description | Value |
+| ------------------------------- | --------------------------------------------------------------- | -------------------------- |
+| `apache.enabled` | Enable Apache chart | `true` |
+| `apache.containerPorts.http` | Apache container port | `8080` |
+| `apache.service.type` | Apache service type | `LoadBalancer` |
+| `apache.service.loadBalancerIP` | Apache service LoadBalancer IP | `""` |
+| `apache.service.ports.http` | Apache service port | `80` |
+| `apache.vhostsConfigMap` | Name of the ConfigMap containing the Apache vhost configuration | `""` |
+| `apache.livenessProbe.path` | Apache liveness probe path | `/api/v1/streaming/health` |
+| `apache.readinessProbe.path` | Apache readiness probe path | `/api/v1/streaming/health` |
+| `apache.startupProbe.path` | Apache startup probe path | `/api/v1/streaming/health` |
+| `apache.ingress.enabled` | Enable ingress | `false` |
+| `apache.ingress.hostname` | Ingress hostname | `mastodon.local` |
+
+
+
+Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example,
+
+```console
+helm install my-release \
+ --set adminUsername=admin \
+ --set adminPassword=password \
+ my-repo/mastodon
+```
+
+The above command sets the mastodon administrator account username and password to `admin` and `password` respectively.
+
+> NOTE: Once this chart is deployed, it is not possible to change the application's access credentials, such as usernames or passwords, using Helm. To change these application credentials after deployment, delete any persistent volumes (PVs) used by the chart and re-deploy it, or use the application's built-in administrative tools if available.
+
+Alternatively, a YAML file that specifies the values for the above parameters can be provided while installing the chart. For example,
+
+```console
+helm install my-release -f values.yaml my-repo/mastodon
+```
+
+> **Tip**: You can use the default [values.yaml](values.yaml)
+
+## Configuration and installation details
+
+### [Rolling VS Immutable tags](https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/)
+
+It is strongly recommended to use immutable tags in a production environment. This ensures your deployment does not change automatically if the same tag is updated with a different image.
+
+Bitnami will release a new chart updating its containers if a new version of the main container, significant changes, or critical vulnerabilities exist.
+
+### External database support
+
+You may want to have Mastodon connect to an external database rather than installing one inside your cluster. Typical reasons for this are to use a managed database service, or to share a common database server for all your applications. To achieve this, the chart allows you to specify credentials for an external database with the [`externalDatabase` parameter](#parameters). You should also disable the MongoDB installation with the `postgresql.enabled` option. Here is an example:
+
+```console
+postgresql.enabled=false
+externalDatabase.host=myexternalhost
+externalDatabase.user=myuser
+externalDatabase.password=mypassword
+externalDatabase.database=mydatabase
+externalDatabase.port=5432
+```
+
+### External redis support
+
+You may want to have mastodon connect to an external redis rather than installing one inside your cluster. Typical reasons for this are to use a managed redis service, or to share a common redis server for all your applications. To achieve this, the chart allows you to specify credentials for an external redis with the [`externalRedis` parameter](#parameters). You should also disable the Redis installation with the `redis.enabled` option. Here is an example:
+
+```console
+redis.enabled=false
+externalRedis.host=myexternalhost
+externalRedis.password=mypassword
+externalRedis.port=6379
+```
+
+### External elasticsearch support
+
+You may want to have mastodon connect to an external elasticsearch rather than installing one inside your cluster. Typical reasons for this are to use a managed elasticsearch service, or to share a common elasticsearch server for all your applications. To achieve this, the chart allows you to specify credentials for an external elasticsearch with the [`externalElasticsearch` parameter](#parameters). You should also disable the Redis installation with the `elasticsearch.enabled` option. Here is an example:
+
+```console
+elasticsearch.enabled=false
+externalElasticsearch.host=myexternalhost
+externalElasticsearch.password=mypassword
+externalElasticsearch.port=9200
+```
+
+### External S3 support
+
+You may want to have mastodon connect to an external storage streaming rather than installing MiniIO(TM) inside your cluster. To achieve this, the chart allows you to specify credentials for an external storage streaming with the [`externalS3` parameter](#parameters). You should also disable the MinIO(TM) installation with the `minio.enabled` option. Here is an example:
+
+```console
+minio.enabled=false
+externalS3.host=myexternalhost
+exterernalS3.accessKeyID=accesskey
+externalS3.accessKeySecret=secret
+```
+
+### Ingress
+
+This chart provides support for Ingress resources. If you have an ingress controller installed on your cluster, such as [nginx-ingress-controller](https://github.com/bitnami/charts/tree/main/bitnami/nginx-ingress-controller) or [contour](https://github.com/bitnami/charts/tree/main/bitnami/contour) you can utilize the ingress controller to serve your application.
+
+To enable Ingress integration, set `apache.ingress.enabled` to `true`. The `apache.ingress.hostname` property can be used to set the host name. The `apache.ingress.tls` parameter can be used to add the TLS configuration for this host. It is also possible to have more than one host, with a separate TLS configuration for each host. [Learn more about configuring and using Ingress](https://docs.bitnami.com/kubernetes/apps/mastodon/configuration/configure-use-ingress/).
+
+### TLS secrets
+
+The chart also facilitates the creation of TLS secrets for use with the Ingress controller, with different options for certificate management. [Learn more about TLS secrets](https://docs.bitnami.com/kubernetes/apps/mastodon/administration/enable-tls/).
+
+## Persistence
+
+The [Bitnami mastodon](https://github.com/bitnami/containers/tree/main/bitnami/mastodon) image stores the mastodon data and configurations at the `/bitnami` path of the container. Persistent Volume Claims are used to keep the data across deployments. [Learn more about persistence in the chart documentation](https://docs.bitnami.com/kubernetes/apps/mastodon/configuration/chart-persistence/).
+
+### Additional environment variables
+
+In case you want to add extra environment variables (useful for advanced operations like custom init scripts), you can use the `extraEnvVars` property inside the `web`, `streaming` and `sidekiq` sections.
+
+```yaml
+streaming:
+ extraEnvVars:
+ - name: LOG_LEVEL
+ value: error
+```
+
+Alternatively, you can use a ConfigMap or a Secret with the environment variables. To do so, use the `extraEnvVarsCM` or the `extraEnvVarsSecret` values inside the `web`, `streaming` and `sidekiq` sections.
+
+### Sidecars
+
+If additional containers are needed in the same pod as mastodon (such as additional metrics or logging exporters), they can be defined using the `sidecars` parameter inside the `web`, `streaming` and `sidekiq` sections. If these sidecars export extra posidekiq, extra port definitions can be added using the `service.extraPosidekiq` parameter. [Learn more about configuring and using sidecar containers](https://docs.bitnami.com/kubernetes/apps/mastodon/administration/configure-use-sidecars/).
+
+### Pod affinity
+
+This chart allows you to set your custom affinity using the `affinity` parameter. Find more information about Pod affinity in the [kubernetes documentation](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity).
+
+As an alternative, use one of the preset configurations for pod affinity, pod anti-affinity, and node affinity available at the [bitnami/common](https://github.com/bitnami/charts/tree/main/bitnami/common#affinities) chart. To do so, set the `podAffinityPreset`, `podAntiAffinityPreset`, or `nodeAffinityPreset` parameters inside the `web`, `streaming` and `sidekiq` sections.
+
+## Troubleshooting
+
+Find more information about how to deal with common errors related to Bitnami's Helm charts in [this troubleshooting guide](https://docs.bitnami.com/general/how-to/troubleshoot-helm-chart-issues).
+
+## License
+
+Copyright © 2022 Bitnami
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/bitnami/mastodon/templates/NOTES.txt b/bitnami/mastodon/templates/NOTES.txt
new file mode 100644
index 0000000000..7f497ce0ef
--- /dev/null
+++ b/bitnami/mastodon/templates/NOTES.txt
@@ -0,0 +1,105 @@
+CHART NAME: {{ .Chart.Name }}
+CHART VERSION: {{ .Chart.Version }}
+APP VERSION: {{ .Chart.AppVersion }}
+
+** Please be patient while the chart is being deployed **
+{{- if empty (include "mastodon.web.domain" .) }}
+###############################################################################
+### ERROR: You did not provide an external host in your 'helm install' call ###
+###############################################################################
+
+This deployment will be incomplete until you configure Mastodon with a resolvable
+host. To configure Mastodon with the URL of your service:
+
+1. Get the Mastodon URL by running:
+
+ {{- if eq .Values.apache.service.type "NodePort" }}
+
+ export APP_PORT=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "mastodon.apache.fullname" . }} -o jsonpath="{.spec.ports[0].nodePort}")
+ export APP_HOST=$(kubectl get nodes --namespace {{ include "common.names.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+
+ {{- else if eq .Values.apache.service.type "LoadBalancer" }}
+
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ Watch the status with: 'kubectl get svc --namespace {{ include "common.names.namespace" . }} -w {{ include "mastodon.apache.fullname" . }}'
+
+ export APP_HOST=$(kubectl get svc --namespace {{ include "common.names.namespace" . }} {{ include "mastodon.apache.fullname" . }} --template "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
+
+ {{- end }}
+2. Complete your Mastodon deployment by running:
+
+ helm upgrade --namespace {{ include "common.names.namespace" . }} {{ .Release.Name }} my-repo/{{ .Chart.Name }} \
+ --set webDomain=$APP_HOST{{- if .Values.global }}{{- if .Values.global.imagePullSecrets }},global.imagePullSecrets={{ .Values.global.imagePullSecrets }}{{- end }}{{- end }}
+
+{{- else if .Values.diagnosticMode.enabled }}
+The chart has been deployed in diagnostic mode. All probes have been disabled and the command has been overwritten with:
+
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 4 }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 4 }}
+
+Get the list of pods by executing:
+
+ kubectl get pods --namespace {{ .Release.Namespace }} -l app.kubernetes.io/instance={{ .Release.Name }}
+
+Access the pod you want to debug by executing
+
+ kubectl exec --namespace {{ .Release.Namespace }} -ti -- bash
+
+In order to replicate the container startup scripts execute this command:
+
+ /opt/bitnami/scripts/mastodon/entrypoint.sh /opt/bitnami/scripts/mastodon/run.sh
+
+{{- else }}
+
+Your Mastodon site can be accessed through the following DNS name from within your cluster:
+
+ {{ include "mastodon.apache.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.clusterDomain }} (port {{ .Values.apache.service.ports.http }})
+
+To access your Mastodon site from outside the cluster follow the steps below:
+
+{{- if .Values.apache.ingress.enabled }}
+
+1. Get the Mastodon URL and associate Mastodon hostname to your cluster external IP:
+
+ export CLUSTER_IP=$(minikube ip) # On Minikube. Use: `kubectl cluster-info` on others K8s clusters
+ echo "Mastodon URL: http{{ if .Values.apache.ingress.tls }}s{{ end }}://{{ .Values.apache.ingress.hostname }}/"
+ echo "$CLUSTER_IP {{ .Values.apache.ingress.hostname }}" | sudo tee -a /etc/hosts
+
+{{- else }}
+{{- $port := .Values.apache.service.ports.http | toString }}
+
+1. Get the Mastodon URL by running these commands:
+
+{{- if contains "NodePort" .Values.apache.service.type }}
+
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "mastodon.apache.fullname" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo "Mastodon URL: http://$NODE_IP:$NODE_PORT/"
+
+{{- else if contains "LoadBalancer" .Values.apache.service.type }}
+
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ include "mastodon.apache.fullname" . }}'
+
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "mastodon.apache.fullname" . }} --include "{{ "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}" }}")
+ echo "Mastodon URL: http://$SERVICE_IP{{- if ne $port "80" }}:{{ .Values.apache.service.ports.http }}{{ end }}/"
+
+{{- else if contains "ClusterIP" .Values.apache.service.type }}
+
+ kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ include "mastodon.apache.fullname" . }} {{ .Values.apache.service.ports.http }}:{{ .Values.apache.service.ports.http }} &
+ echo "Mastodon URL: http://127.0.0.1{{- if ne $port "80" }}:{{ .Values.apache.service.ports.http }}{{ end }}//"
+
+{{- end }}
+{{- end }}
+
+2. Open a browser and access Mastodon using the obtained URL.
+
+3. Login with the following credentials below to see your blog:
+
+ echo Username: {{ .Values.adminEmail }}
+ echo Password: $(kubectl get secret --namespace {{ .Release.Namespace }} {{ printf "%s-default" (include "common.names.fullname" .) }} -o jsonpath="{.data.MASTODON_ADMIN_PASSWORD}" | base64 -d)
+{{- end }}
+
+{{- include "mastodon.validateValues" . }}
+{{- include "common.warnings.rollingTag" .Values.image }}
+{{- include "common.warnings.rollingTag" .Values.volumePermissions.image }}
diff --git a/bitnami/mastodon/templates/_helpers.tpl b/bitnami/mastodon/templates/_helpers.tpl
new file mode 100644
index 0000000000..4142395958
--- /dev/null
+++ b/bitnami/mastodon/templates/_helpers.tpl
@@ -0,0 +1,757 @@
+{{/*
+Return the proper Mastodon image name
+*/}}
+{{- define "mastodon.image" -}}
+{{- include "common.images.image" (dict "imageRoot" .Values.image "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper image name (for the init container volume-permissions image)
+*/}}
+{{- define "mastodon.volumePermissions.image" -}}
+{{- include "common.images.image" (dict "imageRoot" .Values.volumePermissions.image "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper Docker Image Registry Secret Names
+*/}}
+{{- define "mastodon.imagePullSecrets" -}}
+{{- include "common.images.pullSecrets" (dict "images" (list .Values.image .Values.volumePermissions.image) "global" .Values.global) -}}
+{{- end -}}
+
+{{/*
+Return the proper Mastodon web fullname
+*/}}
+{{- define "mastodon.web.fullname" -}}
+{{- printf "%s-%s" (include "common.names.fullname" .) "web" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Return the proper Mastodon web domain
+*/}}
+{{- define "mastodon.web.domain" -}}
+ {{- if .Values.webDomain -}}
+ {{- print .Values.webDomain -}}
+ {{- else if .Values.apache.enabled -}}
+ {{- if .Values.apache.ingress.enabled -}}
+ {{- print .Values.apache.ingress.hostname -}}
+ {{- else if .Values.apache.service.loadBalancerIP -}}
+ {{- print .Values.apache.service.loadBalancerIP -}}
+ {{- end -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the proper Mastodon streaming fullname
+*/}}
+{{- define "mastodon.streaming.fullname" -}}
+{{- printf "%s-%s" (include "common.names.fullname" .) "streaming" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Return Mastodon streaming url
+*/}}
+{{- define "mastodon.streaming.url" -}}
+{{- printf "ws://%s" (include "mastodon.web.domain" .) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Default configuration ConfigMap name
+*/}}
+{{- define "mastodon.defaultConfigmapName" -}}
+{{- if .Values.existingConfigmap -}}
+ {{- print .Values.existingConfigmap -}}
+{{- else -}}
+ {{- printf "%s-default" (include "common.names.fullname" .) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Extra configuration ConfigMap name
+*/}}
+{{- define "mastodon.extraConfigmapName" -}}
+{{- if .Values.extraConfigExistingConfigmap -}}
+ {{- print .Values.extraConfigExistingConfigmap -}}
+{{- else -}}
+ {{- printf "%s-extra" (include "common.names.fullname" .) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Default configuration Secret name
+*/}}
+{{- define "mastodon.defaultSecretName" -}}
+{{- if .Values.existingSecret -}}
+ {{- print .Values.existingSecret -}}
+{{- else -}}
+ {{- printf "%s-default" (include "common.names.fullname" .) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Extra configuration Secret name
+*/}}
+{{- define "mastodon.extraSecretName" -}}
+{{- if .Values.extraConfigExistingSecret -}}
+ {{- print .Values.extraConfigExistingSecret -}}
+{{- else -}}
+ {{- printf "%s-extra" (include "common.names.fullname" .) -}}
+{{- end -}}
+{{- end -}}
+
+{{- define "mastodon.pvc" -}}
+{{- coalesce .Values.persistence.existingClaim (include "common.names.fullname" .) -}}
+{{- end -}}
+
+{{/*
+Return MinIO(TM) fullname
+*/}}
+{{- define "mastodon.minio.fullname" -}}
+{{- include "common.names.dependency.fullname" (dict "chartName" "minio" "chartValues" .Values.minio "context" $) -}}
+{{- end -}}
+
+{{/*
+Return the S3 backend host
+*/}}
+{{- define "mastodon.s3.host" -}}
+ {{- if .Values.minio.enabled -}}
+ {{- include "mastodon.minio.fullname" . -}}
+ {{- else -}}
+ {{- print .Values.externalS3.host -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 alias host
+*/}}
+{{- define "mastodon.s3.aliasHost" -}}
+ {{- if .Values.s3AliasHost -}}
+ {{- print .Values.s3AliasHost -}}
+ {{- else if .Values.minio.enabled -}}
+ {{- if .Values.minio.service.loadBalancerIP }}
+ {{- print .Values.minio.service.loadBalancerIP -}}
+ {{- else -}}
+ {{- printf "%s/%s" (include "mastodon.web.domain" .) (include "mastodon.s3.bucket" . ) -}}
+ {{- end -}}
+ {{- else if .Values.externalS3.host -}}
+ {{- print .Values.externalS3.host -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 bucket
+*/}}
+{{- define "mastodon.s3.bucket" -}}
+ {{- if .Values.minio.enabled -}}
+ {{- print .Values.minio.defaultBuckets -}}
+ {{- else -}}
+ {{- print .Values.externalS3.bucket -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 protocol
+*/}}
+{{- define "mastodon.s3.protocol" -}}
+ {{- if .Values.minio.enabled -}}
+ {{- ternary "https" "http" .Values.minio.tls.enabled -}}
+ {{- else -}}
+ {{- print .Values.externalS3.protocol -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 region
+*/}}
+{{- define "mastodon.s3.region" -}}
+ {{- if .Values.minio.enabled -}}
+ {{- print "us-east-1" -}}
+ {{- else -}}
+ {{- print .Values.externalS3.region -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 port
+*/}}
+{{- define "mastodon.s3.port" -}}
+{{- ternary .Values.minio.service.ports.api .Values.externalS3.port .Values.minio.enabled -}}
+{{- end -}}
+
+{{/*
+Return the S3 endpoint
+*/}}
+{{- define "mastodon.s3.endpoint" -}}
+{{- $port := include "mastodon.s3.port" . | int -}}
+{{- $printedPort := "" -}}
+{{- if and (ne $port 80) (ne $port 443) -}}
+ {{- $printedPort = printf ":%d" $port -}}
+{{- end -}}
+{{- printf "%s://%s%s" (include "mastodon.s3.protocol" .) (include "mastodon.s3.host" .) $printedPort -}}
+{{- end -}}
+
+{{/*
+Return the S3 credentials secret name
+*/}}
+{{- define "mastodon.s3.secretName" -}}
+{{- if .Values.minio.enabled -}}
+ {{- if .Values.minio.auth.existingSecret -}}
+ {{- print .Values.minio.auth.existingSecret -}}
+ {{- else -}}
+ {{- print (include "mastodon.minio.fullname" .) -}}
+ {{- end -}}
+{{- else if .Values.externalS3.existingSecret -}}
+ {{- print .Values.externalS3.existingSecret -}}
+{{- else -}}
+ {{- printf "%s-%s" (include "common.names.fullname" .) "externals3" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 access key id inside the secret
+*/}}
+{{- define "mastodon.s3.accessKeyIDKey" -}}
+ {{- if .Values.minio.enabled -}}
+ {{- print "root-user" -}}
+ {{- else -}}
+ {{- print .Values.externalS3.existingSecretAccessKeyIDKey -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the S3 secret access key inside the secret
+*/}}
+{{- define "mastodon.s3.secretAccessKeyKey" -}}
+ {{- if .Values.minio.enabled -}}
+ {{- print "root-password" -}}
+ {{- else -}}
+ {{- print .Values.externalS3.existingSecretKeySecretKey -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Return the proper Mastodon sidekiq fullname
+*/}}
+{{- define "mastodon.sidekiq.fullname" -}}
+{{- printf "%s-%s" (include "common.names.fullname" .) "sidekiq" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Return true if the init job should be created
+*/}}
+{{- define "mastodon.createInitJob" -}}
+{{- if or .Values.initJob.migrateDB .Values.initJob.createAdmin .Values.initJob.precompileAssets .Values.initJob.migrateElasticsearch -}}
+ {{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "mastodon.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create -}}
+ {{ default (include "common.names.fullname" .) .Values.serviceAccount.name -}}
+{{- else -}}
+ {{ default "default" .Values.serviceAccount.name -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return Elasticsearch fullname
+*/}}
+{{- define "mastodon.elasticsearch.fullname" -}}
+{{- include "common.names.dependency.fullname" (dict "chartName" "elasticsearch" "chartValues" .Values.elasticsearch "context" $) -}}
+{{- end -}}
+
+{{/*
+Return true if Elasticseach auth is enabled
+*/}}
+{{- define "mastodon.elasticsearch.auth.enabled" -}}
+{{- if .Values.elasticsearch.enabled -}}
+ {{- if .Values.elasticsearch.security.enabled -}}
+ {{- true -}}
+ {{- end -}}
+{{- else if .Values.externalElasticsearch.password -}}
+ {{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Elasticsearch Secret Name
+*/}}
+{{- define "mastodon.elasticsearch.secretName" -}}
+{{- if .Values.elasticsearch.enabled -}}
+ {{- print (include "mastodon.elasticsearch.fullname" .) -}}
+{{- else if .Values.externalElasticsearch.existingSecret -}}
+ {{- print .Values.externalElasticsearch.existingSecret -}}
+{{- else -}}
+ {{- printf "%s-externalelasticsearch" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Retrieve key of the Elasticsearch secret
+*/}}
+{{- define "mastodon.elasticsearch.passwordKey" -}}
+{{- if .Values.elasticsearch.enabled -}}
+ {{- print "elasticsearch-password" -}}
+{{- else -}}
+ {{- print .Values.externalElasticsearch.existingSecretPasswordKey -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified Elasticsearch name.
+*/}}
+{{- define "mastodon.elasticsearch.host" -}}
+{{- if .Values.elasticsearch.enabled -}}
+ {{- include "mastodon.elasticsearch.fullname" . -}}
+{{- else -}}
+ {{- print .Values.externalElasticsearch.host -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return Elasticsearch port
+*/}}
+{{- define "mastodon.elasticsearch.port" -}}
+{{- if .Values.elasticsearch.enabled -}}
+ {{- print .Values.elasticsearch.service.ports.restAPI -}}
+{{- else -}}
+ {{- print .Values.externalElasticsearch.port -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return Redis(TM) fullname
+*/}}
+{{- define "mastodon.redis.fullname" -}}
+{{- include "common.names.dependency.fullname" (dict "chartName" "redis" "chartValues" .Values.redis "context" $) -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified Redis(TM) name.
+*/}}
+{{- define "mastodon.redis.host" -}}
+{{- if .Values.redis.enabled -}}
+ {{- printf "%s-master" (include "mastodon.redis.fullname" .) | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+ {{- print .Values.externalRedis.host -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return Redis(TM) port
+*/}}
+{{- define "mastodon.redis.port" -}}
+{{- if .Values.redis.enabled -}}
+ {{- print .Values.redis.master.service.ports.redis -}}
+{{- else -}}
+ {{- print .Values.externalRedis.port -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return if Redis(TM) authentication is enabled
+*/}}
+{{- define "mastodon.redis.auth.enabled" -}}
+{{- if .Values.redis.enabled -}}
+ {{- if .Values.redis.auth.enabled -}}
+ {{- true -}}
+ {{- end -}}
+{{- else if .Values.externalRedis.password -}}
+ {{- true -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the Redis(TM) Secret Name
+*/}}
+{{- define "mastodon.redis.secretName" -}}
+{{- if .Values.redis.enabled -}}
+ {{- print (include "mastodon.redis.fullname" .) -}}
+{{- else if .Values.externalRedis.existingSecret -}}
+ {{- print .Values.externalRedis.existingSecret -}}
+{{- else -}}
+ {{- printf "%s-externalredis" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Retrieve key of the Redis(TM) secret
+*/}}
+{{- define "mastodon.redis.passwordKey" -}}
+{{- if .Values.redis.enabled -}}
+ {{- print "redis-password" -}}
+{{- else -}}
+ {{- if .Values.externalRedis.existingSecret -}}
+ {{- if .Values.externalRedis.existingSecretPasswordKey -}}
+ {{- printf "%s" .Values.externalRedis.existingSecretPasswordKey -}}
+ {{- else -}}
+ {{- print "redis-password" -}}
+ {{- end -}}
+ {{- else -}}
+ {{- print "redis-password" -}}
+ {{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return PostgreSQL fullname
+*/}}
+{{- define "mastodon.postgresql.fullname" -}}
+{{- include "common.names.dependency.fullname" (dict "chartName" "postgresql" "chartValues" .Values.postgresql "context" $) -}}
+{{- end -}}
+
+{{/*
+Return the PostgreSQL Hostname
+*/}}
+{{- define "mastodon.database.host" -}}
+{{- if .Values.postgresql.enabled -}}
+ {{- if eq .Values.postgresql.architecture "replication" -}}
+ {{- printf "%s-%s" (include "mastodon.postgresql.fullname" .) "primary" | trunc 63 | trimSuffix "-" -}}
+ {{- else -}}
+ {{- print (include "mastodon.postgresql.fullname" .) -}}
+ {{- end -}}
+{{- else -}}
+ {{- print .Values.externalDatabase.host -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the PostgreSQL Port
+*/}}
+{{- define "mastodon.database.port" -}}
+{{- if .Values.postgresql.enabled -}}
+ {{- print .Values.postgresql.primary.service.ports.postgresql -}}
+{{- else -}}
+ {{- printf "%d" (.Values.externalDatabase.port | int ) -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the PostgreSQL User
+*/}}
+{{- define "mastodon.database.user" -}}
+{{- if .Values.postgresql.enabled -}}
+ {{- print .Values.postgresql.auth.username -}}
+{{- else -}}
+ {{- print .Values.externalDatabase.user -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return PostgreSQL database name
+*/}}
+{{- define "mastodon.database.name" -}}
+{{- if .Values.postgresql.enabled -}}
+ {{- print .Values.postgresql.auth.database -}}
+{{- else -}}
+ {{- print .Values.externalDatabase.database -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Return the PostgreSQL Secret Name
+*/}}
+{{- define "mastodon.database.secretName" -}}
+{{- if .Values.postgresql.enabled -}}
+ {{- if .Values.postgresql.auth.existingSecret -}}
+ {{- print .Values.postgresql.auth.existingSecret -}}
+ {{- else -}}
+ {{- print (include "mastodon.postgresql.fullname" .) -}}
+ {{- end -}}
+{{- else if .Values.externalDatabase.existingSecret -}}
+ {{- print .Values.externalDatabase.existingSecret -}}
+{{- else -}}
+ {{- printf "%s-%s" (include "common.names.fullname" .) "externaldb" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Retrieve key of the PostgreSQL secret
+*/}}
+{{- define "mastodon.database.passwordKey" -}}
+{{- if .Values.postgresql.enabled -}}
+ {{- print "password" -}}
+{{- else -}}
+ {{- print .Values.externalDatabase.existingSecretPasswordKey -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Init container definition for waiting for the database to be ready
+*/}}
+{{- define "mastodon.waitForDBInitContainer" -}}
+# We need to wait for the PostgreSQL database to be ready in order to start with Mastodon.
+# As it is a ReplicaSet, we need that all nodes are configured in order to start with
+# the application or race conditions can occur
+- name: wait-for-db
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.web.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.containerSecurityContext "enabled" | toYaml | nindent 4 }}
+ {{- end }}
+ command:
+ - bash
+ - -ec
+ - |
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ mastodon_wait_for_postgresql_connection "postgresql://${MASTODON_DATABASE_USER}:${MASTODON_DATABASE_PASSWORD:-}@${MASTODON_DATABASE_HOST}:${MASTODON_DATABASE_PORT_NUMBER}/${MASTODON_DATABASE_NAME}"
+ info "Database is ready"
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_DATABASE_HOST
+ value: {{ include "mastodon.database.host" . | quote }}
+ - name: MASTODON_DATABASE_PORT_NUMBER
+ value: {{ include "mastodon.database.port" . | quote }}
+ - name: MASTODON_DATABASE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.database.secretName" . }}
+ key: {{ include "mastodon.database.passwordKey" . }}
+ - name: MASTODON_DATABASE_USER
+ value: {{ include "mastodon.database.user" . }}
+ - name: MASTODON_DATABASE_NAME
+ value: {{ include "mastodon.database.name" . }}
+{{- end -}}
+
+{{/*
+Init container definition for waiting for Redis(TM) to be ready
+*/}}
+{{- define "mastodon.waitForRedisInitContainer" }}
+# We need to wait for the PostgreSQL database to be ready in order to start with Mastodon.
+# As it is a ReplicaSet, we need that all nodes are configured in order to start with
+# the application or race conditions can occur
+- name: wait-for-redis
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.web.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.containerSecurityContext "enabled" | toYaml | nindent 4 }}
+ {{- end }}
+ command:
+ - bash
+ - -ec
+ - |
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ mastodon_wait_for_redis_connection "redis://${MASTODON_REDIS_PASSWORD:-}@${MASTODON_REDIS_HOST}:${MASTODON_REDIS_PORT_NUMBER}"
+ info "Redis(TM) is ready"
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_REDIS_HOST
+ value: {{ include "mastodon.redis.host" . | quote }}
+ - name: MASTODON_REDIS_PORT_NUMBER
+ value: {{ include "mastodon.redis.port" . | quote }}
+ {{- if (include "mastodon.redis.auth.enabled" .) }}
+ - name: MASTODON_REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.redis.secretName" . }}
+ key: {{ include "mastodon.redis.passwordKey" . }}
+ {{- end }}
+{{- end -}}
+
+{{/*
+Init container definition for waiting for Elasticsearch to be ready
+*/}}
+{{- define "mastodon.waitForElasticsearchInitContainer" -}}
+- name: wait-for-elasticsearch
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.web.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.containerSecurityContext "enabled" | toYaml | nindent 4 }}
+ {{- end }}
+ command:
+ - bash
+ - -ec
+ - |
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ mastodon_wait_for_elasticsearch_connection "http://${MASTODON_ELASTICSEARCH_HOST}:${MASTODON_ELASTICSEARCH_PORT_NUMBER}"
+ info "Mastodon web is ready"
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_ELASTICSEARCH_HOST
+ value: {{ include "mastodon.elasticsearch.host" . | quote }}
+ - name: MASTODON_ELASTICSEARCH_PORT_NUMBER
+ value: {{ include "mastodon.elasticsearch.port" . | quote }}
+ {{- if (include "mastodon.elasticsearch.auth.enabled" .) }}
+ - name: MASTODON_ELASTICSEARCH_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.elasticsearch.secretName" . }}
+ key: {{ include "mastodon.elasticsearch.passwordKey" . }}
+ {{- end }}
+{{- end -}}
+
+{{/*
+Init container definition for waiting for S3 to be ready
+*/}}
+{{- define "mastodon.waitForS3InitContainer" -}}
+- name: wait-for-s3
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.web.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.containerSecurityContext "enabled" | toYaml | nindent 4 }}
+ {{- end }}
+ command:
+ - bash
+ - -ec
+ - |
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ mastodon_wait_for_s3_connection "$MASTODON_S3_HOSTNAME" "$MASTODON_S3_PORT_NUMBER"
+ info "S3 is ready"
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_S3_HOSTNAME
+ value: {{ include "mastodon.s3.host" . | quote }}
+ - name: MASTODON_S3_PORT_NUMBER
+ value: {{ include "mastodon.s3.port" . | quote }}
+{{- end -}}
+
+{{/*
+Init container definition for waiting for Mastodon Web to be ready
+*/}}
+{{- define "mastodon.waitForWebInitContainer" -}}
+- name: wait-for-web
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.web.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.containerSecurityContext "enabled" | toYaml | nindent 4 }}
+ {{- end }}
+ command:
+ - bash
+ - -ec
+ - |
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ mastodon_wait_for_web_connection "http://${MASTODON_WEB_HOST}:${MASTODON_WEB_PORT}"
+ info "Mastodon web is ready"
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_WEB_HOST
+ value: {{ include "mastodon.web.fullname" . | quote }}
+ - name: MASTODON_WEB_PORT
+ value: {{ .Values.web.service.ports.http | quote }}
+{{- end -}}
+
+{{/*
+Return Apache fullname
+*/}}
+{{- define "mastodon.apache.fullname" -}}
+ {{- include "common.names.dependency.fullname" (dict "chartName" "apache" "chartValues" .Values.apache "context" $) -}}
+{{- end -}}
+
+{{/*
+Return name of the Apache vhost configmap
+*/}}
+{{- define "mastodon.apache.vhostconfigmap" -}}
+ {{- if .Values.apache -}}
+ {{- printf "%s-mastodon-vhost" (include "mastodon.apache.fullname" .) -}}
+ {{- else -}}
+ {{- /* HACK: If this helper is called inside the Apache subchart, it won't use the Mastodon scope
+ but the Apache scope, therefore the helper mastodon.apache.fullname will fail because .Values.apache will not exist
+ that's why we need to use the common.names.fullname instead */ -}}
+ {{- printf "%s-mastodon-vhost" (include "common.names.fullname" .) -}}
+ {{- end -}}
+{{- end -}}
+
+{{/*
+Compile all warnings into a single message.
+*/}}
+{{- define "mastodon.validateValues" -}}
+{{- $messages := list -}}
+{{- $messages := append $messages (include "mastodon.validateValues.postgresql" .) -}}
+{{- $messages := append $messages (include "mastodon.validateValues.redis" .) -}}
+{{- $messages := without $messages "" -}}
+{{- $message := join "\n" $messages -}}
+
+{{- if $message -}}
+{{- printf "\nVALUES VALIDATION:\n%s" $message -}}
+{{- end -}}
+{{- end -}}
+
+{{/* Validate values of Mastodon - PostgreSQL */}}
+{{- define "mastodon.validateValues.postgresql" -}}
+{{- if and .Values.postgresql.enabled .Values.externalDatabase.host -}}
+mastodon: PostgreSQL
+ You can only use one database.
+ Please choose installing a PostgreSQL chart (--set postgresql.enabled=true) or
+ using an external database (--set externalDatabase.host)
+{{- end -}}
+{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.host) -}}
+mastodon: NoPostgreSQL
+ You did not set any database.
+ Please choose installing a PostgreSQL chart (--set postgresql.enabled=true) or
+ using an external instance (--set externalDatabase.host)
+{{- end -}}
+{{- end -}}
+
+{{/* Validate values of Mastodon - Redis(TM) */}}
+{{- define "mastodon.validateValues.redis" -}}
+{{- if and .Values.redis.enabled .Values.externalRedis.host -}}
+mastodon: Redis
+ You can only use one Redis.
+ Please choose installing a Redis(TM) chart (--set redis.enabled=true) or
+ using an external Redis(TM) (--set externalRedis.host)
+{{- end -}}
+{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.host) -}}
+mastodon: NoRedis
+ You did not set any Redis.
+ Please choose installing a Redis(TM) chart (--set redis.enabled=true) or
+ using an external instance (--set externalRedis.host)
+{{- end -}}
+{{- end -}}
diff --git a/bitnami/mastodon/templates/apache-configmap.yaml b/bitnami/mastodon/templates/apache-configmap.yaml
new file mode 100644
index 0000000000..408d5e96fc
--- /dev/null
+++ b/bitnami/mastodon/templates/apache-configmap.yaml
@@ -0,0 +1,47 @@
+{{- if .Values.apache.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "mastodon.apache.vhostconfigmap" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+data:
+ mastodon-vhost.conf: |-
+
+ ServerName {{ include "mastodon.web.domain" . }}
+ ServerAlias *
+
+ ProxyPass http://{{ include "mastodon.web.fullname" . }}:{{ .Values.web.service.ports.http }}/
+ ProxyPassReverse {{ include "mastodon.web.domain" . }}
+ Order allow,deny
+ Allow from all
+
+
+ # Streaming uses normal API calls and websockets. We used this configuration
+ # based on https://stackoverflow.com/questions/27526281/websockets-and-apache-proxy-how-to-configure-mod-proxy-wstunnel
+ RewriteEngine On
+ RewriteCond %{HTTP:Upgrade} =websocket [NC]
+ RewriteRule /api/(.*) ws://{{ include "mastodon.streaming.fullname" . }}:{{ .Values.streaming.service.ports.http }}/api/$1 [P,L]
+ RewriteCond %{HTTP:Upgrade} !=websocket [NC]
+ RewriteRule /api/(.*) http://{{ include "mastodon.streaming.fullname" . }}:{{ .Values.streaming.service.ports.http }}/api/$1 [P,L]
+ ProxyPassReverse {{ include "mastodon.web.domain" . }}
+ Order allow,deny
+ Allow from all
+
+ {{- if .Values.minio.enabled }}
+
+ ProxyPass http://{{ include "mastodon.s3.host" . }}:{{ include "mastodon.s3.port" . }}/{{ include "mastodon.s3.bucket" . }}/
+ ProxyPassReverse {{ include "mastodon.web.domain" . }}
+ Order allow,deny
+ Allow from all
+
+ {{- end }}
+
+{{- end }}
diff --git a/bitnami/mastodon/templates/default-configmap.yaml b/bitnami/mastodon/templates/default-configmap.yaml
new file mode 100644
index 0000000000..eaa4f7df8a
--- /dev/null
+++ b/bitnami/mastodon/templates/default-configmap.yaml
@@ -0,0 +1,16 @@
+{{- if not .Values.existingConfigmap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ printf "%s-default" (include "common.names.fullname" .) }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+data: {{- include "common.tplvalues.render" (dict "value" .Values.defaultConfig "context" $) | nindent 2 }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/default-secret.yaml b/bitnami/mastodon/templates/default-secret.yaml
new file mode 100644
index 0000000000..5a5c517ba4
--- /dev/null
+++ b/bitnami/mastodon/templates/default-secret.yaml
@@ -0,0 +1,16 @@
+{{- if not .Values.existingSecret }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-default" (include "common.names.fullname" .) }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+data: {{- include "common.tplvalues.render" (dict "value" .Values.defaultSecretConfig "context" $) | nindent 2 }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/externaldb-secret.yaml b/bitnami/mastodon/templates/externaldb-secret.yaml
new file mode 100644
index 0000000000..662ecfe36d
--- /dev/null
+++ b/bitnami/mastodon/templates/externaldb-secret.yaml
@@ -0,0 +1,18 @@
+{{- if and (not .Values.postgresql.enabled) (not .Values.externalDatabase.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-externaldb" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+type: Opaque
+data:
+ db-password: {{ .Values.externalDatabase.password | b64enc | quote }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/externalelasticsearch-secret.yaml b/bitnami/mastodon/templates/externalelasticsearch-secret.yaml
new file mode 100644
index 0000000000..9277358831
--- /dev/null
+++ b/bitnami/mastodon/templates/externalelasticsearch-secret.yaml
@@ -0,0 +1,18 @@
+{{- if and (not .Values.elasticsearch.enabled) (not .Values.externalElasticsearch.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-externalelasticsearch" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+ namespace: {{ include "common.names.namespace" | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
+ {{- end }}
+type: Opaque
+data:
+ elasticsearch-password: {{ .Values.externalElasticsearch.password | b64enc | quote }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/externalredis-secret.yaml b/bitnami/mastodon/templates/externalredis-secret.yaml
new file mode 100644
index 0000000000..0634923628
--- /dev/null
+++ b/bitnami/mastodon/templates/externalredis-secret.yaml
@@ -0,0 +1,18 @@
+{{- if and (not .Values.redis.enabled) (not .Values.externalRedis.existingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-externalredis" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+ namespace: {{ include "common.names.namespace" | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
+ {{- end }}
+type: Opaque
+data:
+ redis-password: {{ .Values.externalRedis.password | b64enc | quote }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/externals3-secret.yaml b/bitnami/mastodon/templates/externals3-secret.yaml
new file mode 100644
index 0000000000..71f5c9b265
--- /dev/null
+++ b/bitnami/mastodon/templates/externals3-secret.yaml
@@ -0,0 +1,19 @@
+{{- if and (not .Values.minio.enabled) (not .Values.externalS3.existingSecret) .Values.enableS3 }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-externals3" (include "common.names.fullname" .) | trunc 63 | trimSuffix "-" }}
+ namespace: {{ include "common.names.namespace" | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.commonLabels "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.commonAnnotations "context" $) | nindent 4 }}
+ {{- end }}
+type: Opaque
+data:
+ {{ .Values.externalS3.existingSecretAccessKeyIDKey }}: {{ .Values.externalS3.accessKeyID | b64enc | quote }}
+ {{ .Values.externalS3.existingSecretKeySecretKey }}: {{ .Values.externalS3.accessKeySecret | b64enc | quote }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/extra-configmap.yaml b/bitnami/mastodon/templates/extra-configmap.yaml
new file mode 100644
index 0000000000..448e5cc85f
--- /dev/null
+++ b/bitnami/mastodon/templates/extra-configmap.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.extraConfig (not .Values.extraConfigExistingConfigmap) }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ printf "%s-extra" (include "common.names.fullname" .) }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+data: {{- include "common.tplvalues.render" (dict "value" .Values.extraConfig "context" $) | nindent 2 }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/extra-list.yaml b/bitnami/mastodon/templates/extra-list.yaml
new file mode 100644
index 0000000000..9ac65f9e16
--- /dev/null
+++ b/bitnami/mastodon/templates/extra-list.yaml
@@ -0,0 +1,4 @@
+{{- range .Values.extraDeploy }}
+---
+{{ include "common.tplvalues.render" (dict "value" . "context" $) }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/extra-secret.yaml b/bitnami/mastodon/templates/extra-secret.yaml
new file mode 100644
index 0000000000..2304d11e02
--- /dev/null
+++ b/bitnami/mastodon/templates/extra-secret.yaml
@@ -0,0 +1,16 @@
+{{- if and .Values.extraSecretConfig (not .Values.extraConfigExistingSecret) }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ printf "%s-extra" (include "common.names.fullname" .) }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+stringData: {{- include "common.tplvalues.render" (dict "value" .Values.extraSecretConfig "context" $) | nindent 2 }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/init-job/init-job-configmap.yaml b/bitnami/mastodon/templates/init-job/init-job-configmap.yaml
new file mode 100644
index 0000000000..010a9ca91a
--- /dev/null
+++ b/bitnami/mastodon/templates/init-job/init-job-configmap.yaml
@@ -0,0 +1,75 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ printf "%s-init-scripts" (include "common.names.fullname" .) }}
+ namespace: {{ .Release.Namespace | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+data:
+ {{- if or .Values.initJob.migrateDB .Values.initJob.createAdmin .Values.initJob.migrateElasticsearch }}
+ # All these operations require access to PostgreSQL (including Elasticsearch migration) and Redis. In order to avoid
+ # potential race conditions we include them in the same script.
+ migrate-and-create-admin.sh: |-
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ # Load libraries
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libos.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+
+ # Load Mastodon environment variables
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ {{- if .Values.initJob.migrateDB }}
+ info "Migrating database"
+ psql_connection_string="postgresql://${MASTODON_DATABASE_USERNAME}:${MASTODON_DATABASE_PASSWORD}@${MASTODON_DATABASE_HOST}:${MASTODON_DATABASE_PORT_NUMBER}/${MASTODON_DATABASE_NAME}"
+ mastodon_wait_for_postgresql_connection "$psql_connection_string"
+ mastodon_rake_execute db:migrate
+ {{- end }}
+
+ {{- if .Values.initJob.migrateElasticsearch }}
+ elasticsearch_connection_string="http://${MASTODON_ELASTICSEARCH_HOST}:${MASTODON_ELASTICSEARCH_PORT_NUMBER}"
+ mastodon_wait_for_elasticsearch_connection "$elasticsearch_connection_string"
+ info "Migrating Elasticsearch"
+ mastodon_rake_execute chewy:upgrade
+ {{- end }}
+
+ {{- if .Values.initJob.createAdmin }}
+ mastodon_ensure_admin_user_exists
+ {{- end }}
+ {{- end }}
+
+ {{- if .Values.initJob.precompileAssets }}
+ precompile-assets.sh: |-
+ #!/bin/bash
+
+ set -o errexit
+ set -o nounset
+ set -o pipefail
+
+ # Load libraries
+ . /opt/bitnami/scripts/liblog.sh
+ . /opt/bitnami/scripts/libos.sh
+ . /opt/bitnami/scripts/libvalidations.sh
+ . /opt/bitnami/scripts/libmastodon.sh
+
+ # Load Mastodon environment variables
+ . /opt/bitnami/scripts/mastodon-env.sh
+
+ {{- if .Values.enableS3 }}
+ mastodon_wait_for_s3_connection "$MASTODON_S3_HOSTNAME" "$MASTODON_S3_PORT_NUMBER"
+ {{- end }}
+ info "Precompiling assets"
+ mastodon_rake_execute assets:precompile
+ {{- end }}
diff --git a/bitnami/mastodon/templates/init-job/init-job.yaml b/bitnami/mastodon/templates/init-job/init-job.yaml
new file mode 100644
index 0000000000..3dc1aca65e
--- /dev/null
+++ b/bitnami/mastodon/templates/init-job/init-job.yaml
@@ -0,0 +1,200 @@
+{{- if and (include "mastodon.createInitJob" .) (include "mastodon.web.domain" .) (include "mastodon.s3.aliasHost" .) }}
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: {{ include "common.names.fullname" . }}-init
+ namespace: {{ .Release.Namespace }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.initJob.annotations "context" $ ) | nindent 4 }}
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+spec:
+ backoffLimit: {{ .Values.initJob.backoffLimit }}
+ template:
+ metadata:
+ labels: {{- include "common.labels.standard" . | nindent 8 }}
+ app.kubernetes.io/component: init
+ {{- if .Values.initJob.podLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.initJob.podLabels "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.initJob.podAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.initJob.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ spec:
+ {{- include "mastodon.imagePullSecrets" . | nindent 6 }}
+ restartPolicy: OnFailure
+ {{- if .Values.initJob.podSecurityContext.enabled }}
+ securityContext: {{- omit .Values.initJob.podSecurityContext "enabled" | toYaml | nindent 8 }}
+ {{- end }}
+ {{- if .Values.initJob.hostAliases }}
+ hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.initJob.hostAliases "context" $) | nindent 8 }}
+ {{- end }}
+ containers:
+ # We separate the job in multiple containers to be able to run them in parallel. We put everything on the same job
+ # as it follows the Job Pattern best practices
+ # https://kubernetes.io/docs/concepts/workloads/controllers/job/#job-patterns
+ {{- if or .Values.initJob.migrateDB .Values.initJob.createAdmin .Values.initJob.migrateElasticsearch }}
+ - name: migrate-and-create-admin
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command:
+ - /bin/bash
+ - -ec
+ args:
+ - /scripts/migrate-and-create-admin.sh
+ {{- if .Values.initJob.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.initJob.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_DATABASE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.database.secretName" . }}
+ key: {{ include "mastodon.database.passwordKey" . | quote }}
+ {{- if (include "mastodon.redis.auth.enabled" .) }}
+ # The rake db:migrate job requires access to Redis
+ - name: MASTODON_REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.redis.secretName" . }}
+ key: {{ include "mastodon.redis.passwordKey" . | quote }}
+ {{- end }}
+ {{- if (include "mastodon.elasticsearch.auth.enabled" .) }}
+ - name: MASTODON_ELASTICSEARCH_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.elasticsearch.secretName" . }}
+ key: {{ include "mastodon.elasticsearch.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.initJob.extraEnvVars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.initJob.extraEnvVars "context" $) | nindent 12 }}
+ {{- end }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "mastodon.defaultConfigmapName" . }}
+ - secretRef:
+ name: {{ include "mastodon.defaultSecretName" . }}
+ {{- if or .Values.extraConfig .Values.extraConfigExistingConfigmap }}
+ - configMapRef:
+ name: {{ include "mastodon.extraConfigmapName" . }}
+ {{- end }}
+ {{- if or .Values.extraSecretConfig .Values.extraConfigExistingSecret }}
+ - secretRef:
+ name: {{ include "mastodon.extraSecretName" . }}
+ {{- end }}
+ {{- if or .Values.initJob.extraEnvVarsCM .Values.initJob.extraEnvVarsSecret }}
+ {{- if .Values.initJob.extraEnvVarsCM }}
+ - configMapRef:
+ name: {{ .Values.initJob.extraEnvVarsCM }}
+ {{- end }}
+ {{- if .Values.initJob.extraEnvVarsSecret }}
+ - secretRef:
+ name: {{ .Values.initJob.extraEnvVarsSecret }}
+ {{- end }}
+ {{- end }}
+ volumeMounts:
+ - name: scripts
+ mountPath: /scripts
+ {{- if .Values.initJob.extraVolumeMounts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.initJob.extraVolumeMounts "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.initJob.resources }}
+ resources: {{- toYaml .Values.initJob.resources | nindent 12 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.initJob.precompileAssets }}
+ - name: mastodon-assets-precompile
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ command:
+ - /bin/bash
+ - -ec
+ args:
+ - /scripts/precompile-assets.sh
+ {{- if .Values.initJob.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.initJob.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ {{- if .Values.enableS3 }}
+ - name: MASTODON_S3_HOSTNAME
+ value: {{ include "mastodon.s3.host" . | quote }}
+ - name: MASTODON_S3_PORT_NUMBER
+ value: {{ include "mastodon.s3.port" . | quote }}
+ - name: MASTODON_AWS_ACCESS_KEY_ID
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.accessKeyIDKey" . | quote }}
+ - name: MASTODON_AWS_SECRET_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.secretAccessKeyKey" . | quote }}
+ {{- end }}
+ {{- if .Values.initJob.extraEnvVars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.initJob.extraEnvVars "context" $) | nindent 12 }}
+ {{- end }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "mastodon.defaultConfigmapName" . }}
+ - secretRef:
+ name: {{ include "mastodon.defaultSecretName" . }}
+ {{- if or .Values.extraConfig .Values.extraConfigExistingConfigmap }}
+ - configMapRef:
+ name: {{ include "mastodon.extraConfigmapName" . }}
+ {{- end }}
+ {{- if or .Values.extraSecretConfig .Values.extraConfigExistingSecret }}
+ - secretRef:
+ name: {{ include "mastodon.extraSecretName" . }}
+ {{- end }}
+ {{- if or .Values.initJob.extraEnvVarsCM .Values.initJob.extraEnvVarsSecret }}
+ {{- if .Values.initJob.extraEnvVarsCM }}
+ - configMapRef:
+ name: {{ .Values.initJob.extraEnvVarsCM }}
+ {{- end }}
+ {{- if .Values.initJob.extraEnvVarsSecret }}
+ - secretRef:
+ name: {{ .Values.initJob.extraEnvVarsSecret }}
+ {{- end }}
+ {{- end }}
+ volumeMounts:
+ - name: scripts
+ mountPath: /scripts
+ {{- if not .Values.enableS3 }}
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ {{- end }}
+ {{- if .Values.initJob.extraVolumeMounts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.initJob.extraVolumeMounts "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.initJob.resources }}
+ resources: {{- toYaml .Values.initJob.resources | nindent 12 }}
+ {{- end }}
+ {{- end }}
+ volumes:
+ - name: scripts
+ configMap:
+ name: {{ printf "%s-init-scripts" (include "common.names.fullname" .) }}
+ defaultMode: 0755
+ {{- if not .Values.enableS3 }}
+ - name: data
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "mastodon.pvc" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.extraVolumes }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.initJob.extraVolumes "context" $) | nindent 6 }}
+ {{- end }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/pvc.yaml b/bitnami/mastodon/templates/pvc.yaml
new file mode 100644
index 0000000000..1e53889681
--- /dev/null
+++ b/bitnami/mastodon/templates/pvc.yaml
@@ -0,0 +1,36 @@
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+ name: {{ include "mastodon.sidekiq.fullname" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if or .Values.persistence.annotations .Values.commonAnnotations }}
+ annotations:
+ {{- if .Values.persistence.annotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.persistence.annotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- end }}
+spec:
+ accessModes:
+ {{- range .Values.persistence.accessModes }}
+ - {{ . | quote }}
+ {{- end }}
+ resources:
+ requests:
+ storage: {{ .Values.persistence.size | quote }}
+ {{- if .Values.persistence.selector }}
+ selector: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.selector "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.persistence.dataSource }}
+ dataSource: {{- include "common.tplvalues.render" (dict "value" .Values.persistence.dataSource "context" $) | nindent 4 }}
+ {{- end }}
+ {{- include "common.storage.class" (dict "persistence" .Values.persistence "global" .Values.global) | nindent 2 }}
+{{- end -}}
diff --git a/bitnami/mastodon/templates/service-account.yaml b/bitnami/mastodon/templates/service-account.yaml
new file mode 100644
index 0000000000..5279cb5e23
--- /dev/null
+++ b/bitnami/mastodon/templates/service-account.yaml
@@ -0,0 +1,22 @@
+{{- if .Values.serviceAccount.create }}
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "mastodon.serviceAccountName" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if or .Values.serviceAccount.annotations .Values.commonAnnotations }}
+ annotations:
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.serviceAccount.annotations }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.serviceAccount.annotations "context" $) | nindent 4 }}
+ {{- end }}
+ {{- end }}
+automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/sidekiq/deployment.yaml b/bitnami/mastodon/templates/sidekiq/deployment.yaml
new file mode 100644
index 0000000000..d0189a62bf
--- /dev/null
+++ b/bitnami/mastodon/templates/sidekiq/deployment.yaml
@@ -0,0 +1,221 @@
+{{- if and (include "mastodon.web.domain" .) (include "mastodon.s3.aliasHost" .) }}
+apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
+kind: Deployment
+metadata:
+ name: {{ template "mastodon.sidekiq.fullname" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ app.kubernetes.io/component: sidekiq
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.sidekiq.replicaCount }}
+ {{- if .Values.sidekiq.updateStrategy }}
+ strategy: {{- toYaml .Values.sidekiq.updateStrategy | nindent 4 }}
+ {{- end }}
+ selector:
+ matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
+ app.kubernetes.io/component: sidekiq
+ template:
+ metadata:
+ {{- if .Values.sidekiq.podAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" . | nindent 8 }}
+ app.kubernetes.io/component: sidekiq
+ {{- if .Values.sidekiq.podLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.podLabels "context" $) | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ template "mastodon.serviceAccountName" . }}
+ {{- include "mastodon.imagePullSecrets" . | nindent 6 }}
+ {{- if .Values.sidekiq.hostAliases }}
+ hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.hostAliases "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.sidekiq.affinity }}
+ affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.sidekiq.affinity "context" $) | nindent 8 }}
+ {{- else }}
+ affinity:
+ podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.sidekiq.podAffinityPreset "component" "sidekiq" "context" $) | nindent 10 }}
+ podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.sidekiq.podAntiAffinityPreset "component" "sidekiq" "context" $) | nindent 10 }}
+ nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.sidekiq.nodeAffinityPreset.type "key" .Values.sidekiq.nodeAffinityPreset.key "values" .Values.sidekiq.nodeAffinityPreset.values) | nindent 10 }}
+ {{- end }}
+ {{- if .Values.sidekiq.nodeSelector }}
+ nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.sidekiq.nodeSelector "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.sidekiq.tolerations }}
+ tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.tolerations "context" .) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.sidekiq.priorityClassName }}
+ priorityClassName: {{ .Values.sidekiq.priorityClassName | quote }}
+ {{- end }}
+ {{- if .Values.sidekiq.schedulerName }}
+ schedulerName: {{ .Values.sidekiq.schedulerName | quote }}
+ {{- end }}
+ {{- if .Values.sidekiq.topologySpreadConstraints }}
+ topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.topologySpreadConstraints "context" .) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.sidekiq.podSecurityContext.enabled }}
+ securityContext: {{- omit .Values.sidekiq.podSecurityContext "enabled" | toYaml | nindent 8 }}
+ {{- end }}
+ {{- if .Values.sidekiq.terminationGracePeriodSeconds }}
+ terminationGracePeriodSeconds: {{ .Values.sidekiq.terminationGracePeriodSeconds }}
+ {{- end }}
+ initContainers:
+ {{- if not .Values.diagnosticMode.enabled }}
+ {{- include "mastodon.waitForWebInitContainer" . | nindent 8 }}
+ {{- if .Values.enableS3 }}
+ {{- include "mastodon.waitForS3InitContainer" . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.sidekiq.initContainers }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.initContainers "context" $) | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: mastodon
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.sidekiq.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.sidekiq.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+ {{- end }}
+ {{- if .Values.diagnosticMode.enabled }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
+ {{- else if .Values.sidekiq.command }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.command "context" $) | nindent 12 }}
+ {{- else }}
+ command:
+ - /opt/bitnami/scripts/mastodon/run.sh
+ {{- end }}
+ {{- if .Values.diagnosticMode.enabled }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
+ {{- else if .Values.sidekiq.args }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.args "context" $) | nindent 12 }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_MODE
+ value: "sidekiq"
+ - name: MASTODON_DATABASE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.database.secretName" . }}
+ key: {{ include "mastodon.database.passwordKey" . | quote }}
+ {{- if (include "mastodon.redis.auth.enabled" .) }}
+ - name: MASTODON_REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.redis.secretName" . }}
+ key: {{ include "mastodon.redis.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.enableS3 }}
+ - name: MASTODON_AWS_ACCESS_KEY_ID
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.accessKeyIDKey" . | quote }}
+ - name: MASTODON_AWS_SECRET_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.secretAccessKeyKey" . | quote }}
+ {{- end }}
+ {{- if and .Values.enableSearches (include "mastodon.elasticsearch.auth.enabled" .) }}
+ - name: MASTODON_ELASTICSEARCH_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.elasticsearch.secretName" . }}
+ key: {{ include "mastodon.elasticsearch.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.sidekiq.extraEnvVars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraEnvVars "context" $) | nindent 12 }}
+ {{- end }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "mastodon.defaultConfigmapName" . }}
+ - secretRef:
+ name: {{ include "mastodon.defaultSecretName" . }}
+ {{- if or .Values.extraConfig .Values.extraConfigExistingConfigmap }}
+ - configMapRef:
+ name: {{ include "mastodon.extraConfigmapName" . }}
+ {{- end }}
+ {{- if or .Values.extraSecretConfig .Values.extraConfigExistingSecret }}
+ - secretRef:
+ name: {{ include "mastodon.extraSecretName" . }}
+ {{- end }}
+ {{- if .Values.sidekiq.extraEnvVarsCM }}
+ - configMapRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraEnvVarsCM "context" $) }}
+ {{- end }}
+ {{- if .Values.sidekiq.extraEnvVarsSecret }}
+ - secretRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraEnvVarsSecret "context" $) }}
+ {{- end }}
+ {{- if .Values.sidekiq.resources }}
+ resources: {{- toYaml .Values.sidekiq.resources | nindent 12 }}
+ {{- end }}
+ {{- if not .Values.diagnosticMode.enabled }}
+ {{- if .Values.sidekiq.customLivenessProbe }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customLivenessProbe "context" $) | nindent 12 }}
+ {{- else if .Values.sidekiq.livenessProbe.enabled }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.sidekiq.livenessProbe "enabled") "context" $) | nindent 12 }}
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - pgrep -f ^sidekiq
+ {{- end }}
+ {{- if .Values.sidekiq.customReadinessProbe }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customReadinessProbe "context" $) | nindent 12 }}
+ {{- else if .Values.sidekiq.readinessProbe.enabled }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.sidekiq.readinessProbe "enabled") "context" $) | nindent 12 }}
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - pgrep -f ^sidekiq
+ {{- end }}
+ {{- if .Values.sidekiq.customStartupProbe }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.customStartupProbe "context" $) | nindent 12 }}
+ {{- else if .Values.sidekiq.startupProbe.enabled }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.sidekiq.startupProbe "enabled") "context" $) | nindent 12 }}
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - pgrep -f ^sidekiq
+ {{- end }}
+ {{- end }}
+ {{- if .Values.sidekiq.lifecycleHooks }}
+ lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.lifecycleHooks "context" $) | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ {{- if not .Values.enableS3 }}
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ {{- end }}
+ {{- if .Values.sidekiq.extraVolumeMounts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraVolumeMounts "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.sidekiq.sidecars }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.sidekiq.sidecars "context" $) | nindent 8 }}
+ {{- end }}
+ volumes:
+ {{- if not .Values.enableS3 }}
+ - name: data
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "mastodon.pvc" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.sidekiq.extraVolumes }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.sidekiq.extraVolumes "context" $) | nindent 8 }}
+ {{- end }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/streaming/deployment.yaml b/bitnami/mastodon/templates/streaming/deployment.yaml
new file mode 100644
index 0000000000..85f4ad50ea
--- /dev/null
+++ b/bitnami/mastodon/templates/streaming/deployment.yaml
@@ -0,0 +1,218 @@
+{{- if and (include "mastodon.web.domain" .) (include "mastodon.s3.aliasHost" .) }}
+apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
+kind: Deployment
+metadata:
+ name: {{ template "mastodon.streaming.fullname" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ app.kubernetes.io/component: streaming
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.streaming.replicaCount }}
+ {{- if .Values.streaming.updateStrategy }}
+ strategy: {{- toYaml .Values.streaming.updateStrategy | nindent 4 }}
+ {{- end }}
+ selector:
+ matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
+ app.kubernetes.io/component: streaming
+ template:
+ metadata:
+ {{- if .Values.streaming.podAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" . | nindent 8 }}
+ app.kubernetes.io/component: streaming
+ {{- if .Values.streaming.podLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.podLabels "context" $) | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ template "mastodon.serviceAccountName" . }}
+ {{- include "mastodon.imagePullSecrets" . | nindent 6 }}
+ {{- if .Values.streaming.hostAliases }}
+ hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.hostAliases "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.streaming.affinity }}
+ affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.streaming.affinity "context" $) | nindent 8 }}
+ {{- else }}
+ affinity:
+ podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.streaming.podAffinityPreset "component" "streaming" "context" $) | nindent 10 }}
+ podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.streaming.podAntiAffinityPreset "component" "streaming" "context" $) | nindent 10 }}
+ nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.streaming.nodeAffinityPreset.type "key" .Values.streaming.nodeAffinityPreset.key "values" .Values.streaming.nodeAffinityPreset.values) | nindent 10 }}
+ {{- end }}
+ {{- if .Values.streaming.nodeSelector }}
+ nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.streaming.nodeSelector "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.streaming.tolerations }}
+ tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.tolerations "context" .) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.streaming.priorityClassName }}
+ priorityClassName: {{ .Values.streaming.priorityClassName | quote }}
+ {{- end }}
+ {{- if .Values.streaming.schedulerName }}
+ schedulerName: {{ .Values.streaming.schedulerName | quote }}
+ {{- end }}
+ {{- if .Values.streaming.topologySpreadConstraints }}
+ topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.topologySpreadConstraints "context" .) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.streaming.podSecurityContext.enabled }}
+ securityContext: {{- omit .Values.streaming.podSecurityContext "enabled" | toYaml | nindent 8 }}
+ {{- end }}
+ {{- if .Values.streaming.terminationGracePeriodSeconds }}
+ terminationGracePeriodSeconds: {{ .Values.streaming.terminationGracePeriodSeconds }}
+ {{- end }}
+ initContainers:
+ {{- if not .Values.diagnosticMode.enabled }}
+ {{- include "mastodon.waitForDBInitContainer" . | nindent 8 }}
+ {{- include "mastodon.waitForWebInitContainer" . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.streaming.initContainers }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.initContainers "context" $) | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: mastodon
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.streaming.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.streaming.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+ {{- end }}
+ {{- if .Values.diagnosticMode.enabled }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
+ {{- else if .Values.streaming.command }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.command "context" $) | nindent 12 }}
+ {{- else }}
+ command:
+ - /opt/bitnami/scripts/mastodon/run.sh
+ {{- end }}
+ {{- if .Values.diagnosticMode.enabled }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
+ {{- else if .Values.streaming.args }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.args "context" $) | nindent 12 }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_MODE
+ value: "streaming"
+ - name: MASTODON_STREAMING_PORT_NUMBER
+ value: {{ .Values.streaming.containerPorts.http | quote }}
+ - name: MASTODON_DATABASE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.database.secretName" . }}
+ key: {{ include "mastodon.database.passwordKey" . | quote }}
+ {{- if (include "mastodon.redis.auth.enabled" .) }}
+ - name: MASTODON_REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.redis.secretName" . }}
+ key: {{ include "mastodon.redis.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.enableS3 }}
+ - name: MASTODON_AWS_ACCESS_KEY_ID
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.accessKeyIDKey" . | quote }}
+ - name: MASTODON_AWS_SECRET_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.secretAccessKeyKey" . | quote }}
+ {{- end }}
+ {{- if and .Values.enableSearches (include "mastodon.elasticsearch.auth.enabled" .) }}
+ - name: MASTODON_ELASTICSEARCH_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.elasticsearch.secretName" . }}
+ key: {{ include "mastodon.elasticsearch.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.streaming.extraEnvVars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.extraEnvVars "context" $) | nindent 12 }}
+ {{- end }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "mastodon.defaultConfigmapName" . }}
+ - secretRef:
+ name: {{ include "mastodon.defaultSecretName" . }}
+ {{- if or .Values.extraConfig .Values.extraConfigExistingConfigmap }}
+ - configMapRef:
+ name: {{ include "mastodon.extraConfigmapName" . }}
+ {{- end }}
+ {{- if or .Values.extraSecretConfig .Values.extraConfigExistingSecret }}
+ - secretRef:
+ name: {{ include "mastodon.extraSecretName" . }}
+ {{- end }}
+ {{- if .Values.streaming.extraEnvVarsCM }}
+ - configMapRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.streaming.extraEnvVarsCM "context" $) }}
+ {{- end }}
+ {{- if .Values.streaming.extraEnvVarsSecret }}
+ - secretRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.streaming.extraEnvVarsSecret "context" $) }}
+ {{- end }}
+ {{- if .Values.streaming.resources }}
+ resources: {{- toYaml .Values.streaming.resources | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.streaming.containerPorts.http }}
+ {{- if not .Values.diagnosticMode.enabled }}
+ {{- if .Values.streaming.customLivenessProbe }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.customLivenessProbe "context" $) | nindent 12 }}
+ {{- else if .Values.streaming.livenessProbe.enabled }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.streaming.livenessProbe "enabled") "context" $) | nindent 12 }}
+ httpGet:
+ path: /api/v1/streaming/health
+ port: http
+ {{- end }}
+ {{- if .Values.streaming.customReadinessProbe }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.customReadinessProbe "context" $) | nindent 12 }}
+ {{- else if .Values.streaming.readinessProbe.enabled }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.streaming.readinessProbe "enabled") "context" $) | nindent 12 }}
+ httpGet:
+ path: /api/v1/streaming/health
+ port: http
+ {{- end }}
+ {{- if .Values.streaming.customStartupProbe }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.customStartupProbe "context" $) | nindent 12 }}
+ {{- else if .Values.streaming.startupProbe.enabled }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.streaming.startupProbe "enabled") "context" $) | nindent 12 }}
+ httpGet:
+ path: /api/v1/streaming/health
+ port: http
+ {{- end }}
+ {{- end }}
+ {{- if .Values.streaming.lifecycleHooks }}
+ lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.lifecycleHooks "context" $) | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ {{- if not .Values.enableS3 }}
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ {{- end }}
+ {{- if .Values.streaming.extraVolumeMounts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.extraVolumeMounts "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.streaming.sidecars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.sidecars "context" $) | nindent 8 }}
+ {{- end }}
+ volumes:
+ {{- if not .Values.enableS3 }}
+ - name: data
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "mastodon.pvc" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.streaming.extraVolumes }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.extraVolumes "context" $) | nindent 8 }}
+ {{- end }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/streaming/service.yaml b/bitnami/mastodon/templates/streaming/service.yaml
new file mode 100644
index 0000000000..331d284296
--- /dev/null
+++ b/bitnami/mastodon/templates/streaming/service.yaml
@@ -0,0 +1,55 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "mastodon.streaming.fullname" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ app.kubernetes.io/component: streaming
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if or .Values.streaming.service.annotations .Values.commonAnnotations }}
+ annotations:
+ {{- if .Values.streaming.service.annotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.streaming.service.annotations "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- end }}
+spec:
+ type: {{ .Values.streaming.service.type }}
+ {{- if and .Values.streaming.service.clusterIP (eq .Values.streaming.service.type "ClusterIP") }}
+ clusterIP: {{ .Values.streaming.service.clusterIP }}
+ {{- end }}
+ {{- if .Values.streaming.service.sessionAffinity }}
+ sessionAffinity: {{ .Values.streaming.service.sessionAffinity }}
+ {{- end }}
+ {{- if .Values.streaming.service.sessionAffinityConfig }}
+ sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.streaming.service.sessionAffinityConfig "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if or (eq .Values.streaming.service.type "LoadBalancer") (eq .Values.streaming.service.type "NodePort") }}
+ externalTrafficPolicy: {{ .Values.streaming.service.externalTrafficPolicy | quote }}
+ {{- end }}
+ {{- if and (eq .Values.streaming.service.type "LoadBalancer") (not (empty .Values.streaming.service.loadBalancerSourceRanges)) }}
+ loadBalancerSourceRanges: {{ .Values.streaming.service.loadBalancerSourceRanges }}
+ {{- end }}
+ {{- if and (eq .Values.streaming.service.type "LoadBalancer") (not (empty .Values.streaming.service.loadBalancerIP)) }}
+ loadBalancerIP: {{ .Values.streaming.service.loadBalancerIP }}
+ {{- end }}
+ ports:
+ - name: http
+ port: {{ .Values.streaming.service.ports.http }}
+ targetPort: http
+ protocol: TCP
+ {{- if and (or (eq .Values.streaming.service.type "NodePort") (eq .Values.streaming.service.type "LoadBalancer")) (not (empty .Values.streaming.service.nodePorts.http)) }}
+ nodePort: {{ .Values.streaming.service.nodePorts.http }}
+ {{- else if eq .Values.streaming.service.type "ClusterIP" }}
+ nodePort: null
+ {{- end }}
+ {{- if .Values.streaming.service.extraPorts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.streaming.service.extraPorts "context" $) | nindent 4 }}
+ {{- end }}
+ selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
+ app.kubernetes.io/component: streaming
diff --git a/bitnami/mastodon/templates/web/deployment.yaml b/bitnami/mastodon/templates/web/deployment.yaml
new file mode 100644
index 0000000000..9d86eae01e
--- /dev/null
+++ b/bitnami/mastodon/templates/web/deployment.yaml
@@ -0,0 +1,242 @@
+{{- if and (include "mastodon.web.domain" .) (include "mastodon.s3.aliasHost" .) }}
+apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }}
+kind: Deployment
+metadata:
+ name: {{ template "mastodon.web.fullname" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ app.kubernetes.io/component: web
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+spec:
+ replicas: {{ .Values.web.replicaCount }}
+ {{- if .Values.web.updateStrategy }}
+ strategy: {{- toYaml .Values.web.updateStrategy | nindent 4 }}
+ {{- end }}
+ selector:
+ matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }}
+ app.kubernetes.io/component: web
+ template:
+ metadata:
+ {{- if .Values.web.podAnnotations }}
+ annotations: {{- include "common.tplvalues.render" (dict "value" .Values.web.podAnnotations "context" $) | nindent 8 }}
+ {{- end }}
+ labels: {{- include "common.labels.standard" . | nindent 8 }}
+ app.kubernetes.io/component: web
+ {{- if .Values.web.podLabels }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.web.podLabels "context" $) | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: {{ template "mastodon.serviceAccountName" . }}
+ {{- include "mastodon.imagePullSecrets" . | nindent 6 }}
+ {{- if .Values.web.hostAliases }}
+ hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.web.hostAliases "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.web.affinity }}
+ affinity: {{- include "common.tplvalues.render" ( dict "value" .Values.web.affinity "context" $) | nindent 8 }}
+ {{- else }}
+ affinity:
+ podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.web.podAffinityPreset "component" "web" "context" $) | nindent 10 }}
+ podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.web.podAntiAffinityPreset "component" "web" "context" $) | nindent 10 }}
+ nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.web.nodeAffinityPreset.type "key" .Values.web.nodeAffinityPreset.key "values" .Values.web.nodeAffinityPreset.values) | nindent 10 }}
+ {{- end }}
+ {{- if .Values.web.nodeSelector }}
+ nodeSelector: {{- include "common.tplvalues.render" ( dict "value" .Values.web.nodeSelector "context" $) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.web.tolerations }}
+ tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.web.tolerations "context" .) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.web.priorityClassName }}
+ priorityClassName: {{ .Values.web.priorityClassName | quote }}
+ {{- end }}
+ {{- if .Values.web.schedulerName }}
+ schedulerName: {{ .Values.web.schedulerName | quote }}
+ {{- end }}
+ {{- if .Values.web.topologySpreadConstraints }}
+ topologySpreadConstraints: {{- include "common.tplvalues.render" (dict "value" .Values.web.topologySpreadConstraints "context" .) | nindent 8 }}
+ {{- end }}
+ {{- if .Values.web.podSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.podSecurityContext "enabled" | toYaml | nindent 8 }}
+ {{- end }}
+ {{- if .Values.web.terminationGracePeriodSeconds }}
+ terminationGracePeriodSeconds: {{ .Values.web.terminationGracePeriodSeconds }}
+ {{- end }}
+ initContainers:
+ {{- if not .Values.diagnosticMode.enabled }}
+ {{- if and (not .Values.enableS3) .Values.volumePermissions.enabled .Values.sidekiq.containerSecurityContext.enabled }}
+ - name: volume-permissions
+ image: {{ include "mastodon.volumePermissions.image" . }}
+ imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
+ command:
+ - sh
+ - -c
+ - |
+ mkdir -p {{ .Values.persistence.mountPath }}
+ find {{ .Values.persistence.mountPath }} -mindepth 1 -maxdepth 1 -not -name ".snapshot" -not -name "lost+found" | xargs chown -R {{ .Values.sidekiq.containerSecurityContext.runAsUser }}:{{ .Values.sidekiq.podSecurityContext.fsGroup }}
+ securityContext:
+ runAsUser: 0
+ resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
+ volumeMounts:
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ subPath: {{ .Values.persistence.subPath }}
+ {{- end }}
+ {{- include "mastodon.waitForDBInitContainer" . | nindent 8 }}
+ {{- include "mastodon.waitForRedisInitContainer" . | nindent 8 }}
+ {{- if .Values.enableSearches }}
+ {{- include "mastodon.waitForElasticsearchInitContainer" . | nindent 8 }}
+ {{- end }}
+ {{- if .Values.enableS3 }}
+ {{- include "mastodon.waitForS3InitContainer" . | nindent 8 }}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.web.initContainers }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.web.initContainers "context" $) | nindent 8 }}
+ {{- end }}
+ containers:
+ - name: mastodon
+ image: {{ template "mastodon.image" . }}
+ imagePullPolicy: {{ .Values.image.pullPolicy }}
+ {{- if .Values.web.containerSecurityContext.enabled }}
+ securityContext: {{- omit .Values.web.containerSecurityContext "enabled" | toYaml | nindent 12 }}
+ {{- end }}
+ {{- if .Values.diagnosticMode.enabled }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.command "context" $) | nindent 12 }}
+ {{- else if .Values.web.command }}
+ command: {{- include "common.tplvalues.render" (dict "value" .Values.web.command "context" $) | nindent 12 }}
+ {{- else }}
+ command:
+ - /opt/bitnami/scripts/mastodon/run.sh
+ {{- end }}
+ {{- if .Values.diagnosticMode.enabled }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.diagnosticMode.args "context" $) | nindent 12 }}
+ {{- else if .Values.web.args }}
+ args: {{- include "common.tplvalues.render" (dict "value" .Values.web.args "context" $) | nindent 12 }}
+ {{- end }}
+ env:
+ - name: BITNAMI_DEBUG
+ value: {{ ternary "true" "false" (or .Values.image.debug .Values.diagnosticMode.enabled) | quote }}
+ - name: MASTODON_MODE
+ value: "web"
+ - name: MASTODON_WEB_PORT_NUMBER
+ value: {{ .Values.web.containerPorts.http | quote }}
+ - name: MASTODON_DATABASE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.database.secretName" . }}
+ key: {{ include "mastodon.database.passwordKey" . | quote }}
+ {{- if (include "mastodon.redis.auth.enabled" .) }}
+ - name: MASTODON_REDIS_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.redis.secretName" . }}
+ key: {{ include "mastodon.redis.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.enableS3 }}
+ - name: MASTODON_AWS_ACCESS_KEY_ID
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.accessKeyIDKey" . | quote }}
+ - name: MASTODON_AWS_SECRET_ACCESS_KEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.s3.secretName" . }}
+ key: {{ include "mastodon.s3.secretAccessKeyKey" . | quote }}
+ {{- end }}
+ {{- if and .Values.enableSearches (include "mastodon.elasticsearch.auth.enabled" .) }}
+ - name: MASTODON_ELASTICSEARCH_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "mastodon.elasticsearch.secretName" . }}
+ key: {{ include "mastodon.elasticsearch.passwordKey" . | quote }}
+ {{- end }}
+ {{- if .Values.web.extraEnvVars }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.web.extraEnvVars "context" $) | nindent 12 }}
+ {{- end }}
+ envFrom:
+ - configMapRef:
+ name: {{ include "mastodon.defaultConfigmapName" . }}
+ - secretRef:
+ name: {{ include "mastodon.defaultSecretName" . }}
+ {{- if or .Values.extraConfig .Values.extraConfigExistingConfigmap }}
+ - configMapRef:
+ name: {{ include "mastodon.extraConfigmapName" . }}
+ {{- end }}
+ {{- if or .Values.extraSecretConfig .Values.extraConfigExistingSecret }}
+ - secretRef:
+ name: {{ include "mastodon.extraSecretName" . }}
+ {{- end }}
+ {{- if .Values.web.extraEnvVarsCM }}
+ - configMapRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.web.extraEnvVarsCM "context" $) }}
+ {{- end }}
+ {{- if .Values.web.extraEnvVarsSecret }}
+ - secretRef:
+ name: {{ include "common.tplvalues.render" (dict "value" .Values.web.extraEnvVarsSecret "context" $) }}
+ {{- end }}
+ {{- if .Values.web.resources }}
+ resources: {{- toYaml .Values.web.resources | nindent 12 }}
+ {{- end }}
+ ports:
+ - name: http
+ containerPort: {{ .Values.web.containerPorts.http }}
+ {{- if not .Values.diagnosticMode.enabled }}
+ {{- if .Values.web.customLivenessProbe }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.web.customLivenessProbe "context" $) | nindent 12 }}
+ {{- else if .Values.web.livenessProbe.enabled }}
+ livenessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.web.livenessProbe "enabled") "context" $) | nindent 12 }}
+ httpGet:
+ path: /health
+ port: http
+ {{- end }}
+ {{- if .Values.web.customReadinessProbe }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.web.customReadinessProbe "context" $) | nindent 12 }}
+ {{- else if .Values.web.readinessProbe.enabled }}
+ readinessProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.web.readinessProbe "enabled") "context" $) | nindent 12 }}
+ httpGet:
+ path: /health
+ port: http
+ {{- end }}
+ {{- if .Values.web.customStartupProbe }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.web.customStartupProbe "context" $) | nindent 12 }}
+ {{- else if .Values.web.startupProbe.enabled }}
+ startupProbe: {{- include "common.tplvalues.render" (dict "value" (omit .Values.web.startupProbe "enabled") "context" $) | nindent 12 }}
+ httpGet:
+ path: /health
+ port: http
+ {{- end }}
+ {{- end }}
+ {{- if .Values.web.lifecycleHooks }}
+ lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.web.lifecycleHooks "context" $) | nindent 12 }}
+ {{- end }}
+ volumeMounts:
+ {{- if not .Values.enableS3 }}
+ - name: data
+ mountPath: {{ .Values.persistence.mountPath }}
+ {{- end }}
+ {{- if .Values.web.extraVolumeMounts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.web.extraVolumeMounts "context" $) | nindent 12 }}
+ {{- end }}
+ {{- if .Values.web.sidecars }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.web.sidecars "context" $) | nindent 8 }}
+ {{- end }}
+ volumes:
+ {{- if not .Values.enableS3 }}
+ - name: data
+ {{- if .Values.persistence.enabled }}
+ persistentVolumeClaim:
+ claimName: {{ include "mastodon.pvc" . }}
+ {{- else }}
+ emptyDir: {}
+ {{- end }}
+ {{- end }}
+ {{- if .Values.web.extraVolumes }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.web.extraVolumes "context" $) | nindent 8 }}
+ {{- end }}
+{{- end }}
diff --git a/bitnami/mastodon/templates/web/service.yaml b/bitnami/mastodon/templates/web/service.yaml
new file mode 100644
index 0000000000..3166cb8d70
--- /dev/null
+++ b/bitnami/mastodon/templates/web/service.yaml
@@ -0,0 +1,55 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ template "mastodon.web.fullname" . }}
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels: {{- include "common.labels.standard" . | nindent 4 }}
+ app.kubernetes.io/part-of: mastodon
+ app.kubernetes.io/component: web
+ {{- if .Values.commonLabels }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- if or .Values.web.service.annotations .Values.commonAnnotations }}
+ annotations:
+ {{- if .Values.web.service.annotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.web.service.annotations "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if .Values.commonAnnotations }}
+ {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
+ {{- end }}
+ {{- end }}
+spec:
+ type: {{ .Values.web.service.type }}
+ {{- if and .Values.web.service.clusterIP (eq .Values.web.service.type "ClusterIP") }}
+ clusterIP: {{ .Values.web.service.clusterIP }}
+ {{- end }}
+ {{- if .Values.web.service.sessionAffinity }}
+ sessionAffinity: {{ .Values.web.service.sessionAffinity }}
+ {{- end }}
+ {{- if .Values.web.service.sessionAffinityConfig }}
+ sessionAffinityConfig: {{- include "common.tplvalues.render" (dict "value" .Values.web.service.sessionAffinityConfig "context" $) | nindent 4 }}
+ {{- end }}
+ {{- if or (eq .Values.web.service.type "LoadBalancer") (eq .Values.web.service.type "NodePort") }}
+ externalTrafficPolicy: {{ .Values.web.service.externalTrafficPolicy | quote }}
+ {{- end }}
+ {{- if and (eq .Values.web.service.type "LoadBalancer") (not (empty .Values.web.service.loadBalancerSourceRanges)) }}
+ loadBalancerSourceRanges: {{ .Values.web.service.loadBalancerSourceRanges }}
+ {{- end }}
+ {{- if and (eq .Values.web.service.type "LoadBalancer") (not (empty .Values.web.service.loadBalancerIP)) }}
+ loadBalancerIP: {{ .Values.web.service.loadBalancerIP }}
+ {{- end }}
+ ports:
+ - name: http
+ port: {{ .Values.web.service.ports.http }}
+ protocol: TCP
+ targetPort: http
+ {{- if and (or (eq .Values.web.service.type "NodePort") (eq .Values.web.service.type "LoadBalancer")) (not (empty .Values.web.service.nodePorts.http)) }}
+ nodePort: {{ .Values.web.service.nodePorts.http }}
+ {{- else if eq .Values.web.service.type "ClusterIP" }}
+ nodePort: null
+ {{- end }}
+ {{- if .Values.web.service.extraPorts }}
+ {{- include "common.tplvalues.render" (dict "value" .Values.web.service.extraPorts "context" $) | nindent 4 }}
+ {{- end }}
+ selector: {{- include "common.labels.matchLabels" . | nindent 4 }}
+ app.kubernetes.io/component: web
diff --git a/bitnami/mastodon/values.yaml b/bitnami/mastodon/values.yaml
new file mode 100644
index 0000000000..380ed6be07
--- /dev/null
+++ b/bitnami/mastodon/values.yaml
@@ -0,0 +1,1435 @@
+## @section Global parameters
+## Global Docker image parameters
+## Please, note that this will override the image parameters, including dependencies, configured to use the global value
+## Current available global Docker image parameters: imageRegistry, imagePullSecrets and storageClass
+##
+
+## @param global.imageRegistry Global Docker image registry
+## @param global.imagePullSecrets Global Docker registry secret names as an array
+## @param global.storageClass Global StorageClass for Persistent Volume(s)
+##
+global:
+ imageRegistry: ""
+ ## E.g.
+ ## imagePullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ imagePullSecrets: []
+ storageClass: ""
+
+## @section Common parameters
+##
+
+## @param kubeVersion Override Kubernetes version
+##
+kubeVersion: ""
+## @param nameOverride String to partially override common.names.name
+##
+nameOverride: ""
+## @param fullnameOverride String to fully override common.names.fullname
+##
+fullnameOverride: ""
+## @param namespaceOverride String to fully override common.names.namespace
+##
+namespaceOverride: ""
+## @param commonLabels Labels to add to all deployed objects
+##
+commonLabels: {}
+## @param commonAnnotations Annotations to add to all deployed objects
+##
+commonAnnotations: {}
+## @param clusterDomain Kubernetes cluster domain name
+##
+clusterDomain: cluster.local
+## @param extraDeploy Array of extra objects to deploy with the release
+##
+extraDeploy: []
+
+## Enable diagnostic mode in the deployment
+##
+diagnosticMode:
+ ## @param diagnosticMode.enabled Enable diagnostic mode (all probes will be disabled and the command will be overridden)
+ ##
+ enabled: false
+ ## @param diagnosticMode.command Command to override all containers in the deployment
+ ##
+ command:
+ - sleep
+ ## @param diagnosticMode.args Args to override all containers in the deployment
+ ##
+ args:
+ - infinity
+
+## Bitnami Mastodon image
+## ref: https://hub.docker.com/r/bitnami/mastodon/tags/
+## @param image.registry Mastodon image registry
+## @param image.repository Mastodon image repository
+## @param image.tag Mastodon image tag (immutable tags are recommended)
+## @param image.digest Mastodon image digest in the way sha256:aa.... Please note this parameter, if set, will override the tag image tag (immutable tags are recommended)
+## @param image.pullPolicy Mastodon image pull policy
+## @param image.pullSecrets Mastodon image pull secrets
+## @param image.debug Enable Mastodon image debug mode
+##
+image:
+ registry: docker.io
+ repository: bitnami/mastodon
+ tag: 4.0.2-debian-11-r6
+ digest: ""
+ ## Specify a imagePullPolicy
+ ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
+ ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
+ ##
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ## e.g:
+ ## pullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ pullSecrets: []
+ ## Enable debug mode
+ ##
+ debug: false
+
+## @section Mastodon common parameters
+##
+
+## @param adminUser Mastodon admin username
+##
+adminUser: "user"
+## @param adminEmail Mastodon admin email
+##
+adminEmail: "user@example.com"
+## @param adminPassword Mastodon admin password
+##
+adminPassword: ""
+
+## @param defaultConfig [string] Default configuration for Mastodon in the form of environment variables
+##
+defaultConfig: |
+ MASTODON_ADMIN_USERNAME: {{ .Values.adminUser | quote }}
+ MASTODON_ADMIN_EMAIL: {{ .Values.adminEmail | quote }}
+ DB_HOST: {{ include "mastodon.database.host" . | quote }}
+ DB_PORT: {{ include "mastodon.database.port" . | quote }}
+ DB_NAME: {{ include "mastodon.database.name" . | quote }}
+ DB_USER: {{ include "mastodon.database.user" . | quote }}
+ ES_ENABLED: {{ .Values.enableSearches | quote }}
+ ES_HOST: {{ include "mastodon.elasticsearch.host" . | quote }}
+ ES_PORT: {{ include "mastodon.elasticsearch.port" . | quote }}
+ WEB_DOMAIN: {{ include "mastodon.web.domain" . | quote }}
+ STREAMING_API_BASE_URL: {{ include "mastodon.streaming.url" . | quote }}
+ REDIS_HOST: {{ include "mastodon.redis.host" . | quote }}
+ REDIS_PORT: {{ include "mastodon.redis.port" . | quote }}
+ {{- if .Values.enableS3 }}
+ S3_ENABLED: "true"
+ S3_BUCKET: {{ include "mastodon.s3.bucket" . | quote }}
+ S3_ENDPOINT: {{ include "mastodon.s3.endpoint" . | quote }}
+ S3_HOSTNAME: {{ include "mastodon.s3.host" . | quote }}
+ S3_REGION: {{ include "mastodon.s3.region" . | quote }}
+ S3_ALIAS_HOST: {{ include "mastodon.s3.aliasHost" . | quote }}
+ S3_PROTOCOL: {{ include "mastodon.s3.protocol" . | quote }}
+ {{- end }}
+
+## @param defaultSecretConfig [string] Default secret configuration for Mastodon in the form of environment variables
+##
+defaultSecretConfig: |
+ MASTODON_ADMIN_PASSWORD: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-default" (include "common.names.fullname" .)) "key" "MASTODON_ADMIN_PASSWORD" "providedValues" (list "adminPassword") "context" $) }}
+ SECRET_KEY_BASE: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-default" (include "common.names.fullname" .)) "key" "SECRET_KEY_BASE" "providedValues" (list "secretKeyBase") "context" $) }}
+ OTP_SECRET: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-default" (include "common.names.fullname" .)) "key" "OTP_SECRET" "providedValues" (list "otpSecret") "context" $) }}
+
+## @param extraConfig Extra configuration for Mastodon in the form of environment variables
+##
+extraConfig: {}
+
+## @param extraSecretConfig Extra secret configuration for Mastodon in the form of environment variables
+##
+extraSecretConfig: {}
+
+## @param existingConfigmap The name of an existing ConfigMap with your default configuration for Mastodon
+##
+existingConfigmap: ""
+
+## @param existingSecret The name of an existing Secret with your default configuration for Mastodon
+##
+existingSecret: ""
+
+## @param extraConfigExistingConfigmap The name of an existing ConfigMap with your extra configuration for Mastodon
+##
+extraConfigExistingConfigmap: ""
+
+## @param extraConfigExistingSecret The name of an existing Secret with your extra configuration for Mastodon
+##
+extraConfigExistingSecret: ""
+
+## @param enableSearches Enable the search engine (uses Elasticsearch under the hood)
+##
+enableSearches: true
+
+## @param enableS3 Enable the S3 storage engine
+##
+enableS3: true
+
+## @param webDomain Web domain for Mastodon
+##
+webDomain: ""
+
+## @param s3AliasHost S3 alias host for Mastodon (will use http://webDomain/bucket if not set)
+##
+s3AliasHost: ""
+
+## @section Mastodon Web Parameters
+##
+web:
+ ## @param web.replicaCount Number of Mastodon web replicas to deploy
+ ##
+ replicaCount: 1
+ ## @param web.containerPorts.http Mastodon web HTTP container port
+ ##
+ containerPorts:
+ http: 3000
+ ## Configure extra options for Mastodon web containers' liveness and readiness probes
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
+ ## @param web.livenessProbe.enabled Enable livenessProbe on Mastodon web containers
+ ## @param web.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
+ ## @param web.livenessProbe.periodSeconds Period seconds for livenessProbe
+ ## @param web.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
+ ## @param web.livenessProbe.failureThreshold Failure threshold for livenessProbe
+ ## @param web.livenessProbe.successThreshold Success threshold for livenessProbe
+ ##
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param web.readinessProbe.enabled Enable readinessProbe on Mastodon web containers
+ ## @param web.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
+ ## @param web.readinessProbe.periodSeconds Period seconds for readinessProbe
+ ## @param web.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
+ ## @param web.readinessProbe.failureThreshold Failure threshold for readinessProbe
+ ## @param web.readinessProbe.successThreshold Success threshold for readinessProbe
+ ##
+ readinessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param web.startupProbe.enabled Enable startupProbe on Mastodon web containers
+ ## @param web.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
+ ## @param web.startupProbe.periodSeconds Period seconds for startupProbe
+ ## @param web.startupProbe.timeoutSeconds Timeout seconds for startupProbe
+ ## @param web.startupProbe.failureThreshold Failure threshold for startupProbe
+ ## @param web.startupProbe.successThreshold Success threshold for startupProbe
+ ##
+ startupProbe:
+ enabled: false
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param web.customLivenessProbe Custom livenessProbe that overrides the default one
+ ##
+ customLivenessProbe: {}
+ ## @param web.customReadinessProbe Custom readinessProbe that overrides the default one
+ ##
+ customReadinessProbe: {}
+ ## @param web.customStartupProbe Custom startupProbe that overrides the default one
+ ##
+ customStartupProbe: {}
+ ## Mastodon web resource requests and limits
+ ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ ## @param web.resources.limits The resources limits for the Mastodon web containers
+ ## @param web.resources.requests The requested resources for the Mastodon web containers
+ ##
+ resources:
+ limits: {}
+ requests: {}
+ ## Configure Pods Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+ ## @param web.podSecurityContext.enabled Enabled Mastodon web pods' Security Context
+ ## @param web.podSecurityContext.fsGroup Set Mastodon web pod's Security Context fsGroup
+ ## @param web.podSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
+ ##
+ podSecurityContext:
+ enabled: true
+ fsGroup: 1001
+ seccompProfile:
+ type: "RuntimeDefault"
+ ## Configure Container Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+ ## @param web.containerSecurityContext.enabled Enabled Mastodon web containers' Security Context
+ ## @param web.containerSecurityContext.runAsUser Set Mastodon web containers' Security Context runAsUser
+ ## @param web.containerSecurityContext.runAsNonRoot Set Mastodon web containers' Security Context runAsNonRoot
+ ## @param web.containerSecurityContext.readOnlyRootFilesystem Set Mastodon web containers' Security Context runAsNonRoot
+ ## @param web.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation
+ ## @param web.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot
+ ##
+ containerSecurityContext:
+ enabled: true
+ runAsUser: 1001
+ runAsNonRoot: true
+ readOnlyRootFilesystem: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop: ["ALL"]
+
+ ## @param web.command Override default container command (useful when using custom images)
+ ##
+ command: []
+ ## @param web.args Override default container args (useful when using custom images)
+ ##
+ args: []
+ ## @param web.hostAliases Mastodon web pods host aliases
+ ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+ ##
+ hostAliases: []
+ ## @param web.podLabels Extra labels for Mastodon web pods
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ ##
+ podLabels: {}
+ ## @param web.podAnnotations Annotations for Mastodon web pods
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ ##
+ podAnnotations: {}
+ ## @param web.podAffinityPreset Pod affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+ ##
+ podAffinityPreset: ""
+ ## @param web.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+ ##
+ podAntiAffinityPreset: soft
+ ## Node web.affinity preset
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
+ ##
+ nodeAffinityPreset:
+ ## @param web.nodeAffinityPreset.type Node affinity preset type. Ignored if `web.affinity` is set. Allowed values: `soft` or `hard`
+ ##
+ type: ""
+ ## @param web.nodeAffinityPreset.key Node label key to match. Ignored if `web.affinity` is set
+ ##
+ key: ""
+ ## @param web.nodeAffinityPreset.values Node label values to match. Ignored if `web.affinity` is set
+ ## E.g.
+ ## values:
+ ## - e2e-az1
+ ## - e2e-az2
+ ##
+ values: []
+ ## @param web.affinity Affinity for Mastodon web pods assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+ ## NOTE: `web.podAffinityPreset`, `web.podAntiAffinityPreset`, and `web.nodeAffinityPreset` will be ignored when it's set
+ ##
+ affinity: {}
+ ## @param web.nodeSelector Node labels for Mastodon web pods assignment
+ ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+ ##
+ nodeSelector: {}
+ ## @param web.tolerations Tolerations for Mastodon web pods assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+ ##
+ tolerations: []
+ ## @param web.updateStrategy.type Mastodon web statefulset strategy type
+ ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
+ ##
+ updateStrategy:
+ ## StrategyType
+ ## Can be set to RollingUpdate or OnDelete
+ ##
+ type: RollingUpdate
+
+ ## @param web.priorityClassName Mastodon web pods' priorityClassName
+ ##
+ priorityClassName: ""
+ ## @param web.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
+ ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
+ ##
+ topologySpreadConstraints: []
+ ## @param web.schedulerName Name of the k8s scheduler (other than default) for Mastodon web pods
+ ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+ ##
+ schedulerName: ""
+ ## @param web.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
+ ##
+ terminationGracePeriodSeconds: ""
+ ## @param web.lifecycleHooks for the Mastodon web container(s) to automate configuration before or after startup
+ ##
+ lifecycleHooks: {}
+ ## @param web.extraEnvVars Array with extra environment variables to add to Mastodon web nodes
+ ## e.g:
+ ## extraEnvVars:
+ ## - name: FOO
+ ## value: "bar"
+ ##
+ extraEnvVars: []
+ ## @param web.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Mastodon web nodes
+ ##
+ extraEnvVarsCM: ""
+ ## @param web.extraEnvVarsSecret Name of existing Secret containing extra env vars for Mastodon web nodes
+ ##
+ extraEnvVarsSecret: ""
+ ## @param web.extraVolumes Optionally specify extra list of additional volumes for the Mastodon web pod(s)
+ ##
+ extraVolumes: []
+ ## @param web.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Mastodon web container(s)
+ ##
+ extraVolumeMounts: []
+ ## @param web.sidecars Add additional sidecar containers to the Mastodon web pod(s)
+ ## e.g:
+ ## sidecars:
+ ## - name: your-image-name
+ ## image: your-image
+ ## imagePullPolicy: Always
+ ## ports:
+ ## - name: portname
+ ## containerPort: 1234
+ ##
+ sidecars: []
+ ## @param web.initContainers Add additional init containers to the Mastodon web pod(s)
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+ ## e.g:
+ ## initContainers:
+ ## - name: your-image-name
+ ## image: your-image
+ ## imagePullPolicy: Always
+ ## command: ['sh', '-c', 'echo "hello world"']
+ ##
+ initContainers: []
+
+ ## @section Mastodon Web Traffic Exposure Parameters
+ ##
+ service:
+ ## @param web.service.type Mastodon web service type
+ ##
+ type: ClusterIP
+ ## @param web.service.ports.http Mastodon web service HTTP port
+ ##
+ ports:
+ http: 80
+ ## Node ports to expose
+ ## @param web.service.nodePorts.http Node port for HTTP
+ ## NOTE: choose port between <30000-32767>
+ ##
+ nodePorts:
+ http: ""
+ ## @param web.service.clusterIP Mastodon web service Cluster IP
+ ## e.g.:
+ ## clusterIP: None
+ ##
+ clusterIP: ""
+ ## @param web.service.loadBalancerIP Mastodon web service Load Balancer IP
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
+ ##
+ loadBalancerIP: ""
+ ## @param web.service.loadBalancerSourceRanges Mastodon web service Load Balancer sources
+ ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
+ ## e.g:
+ ## loadBalancerSourceRanges:
+ ## - 10.10.10.0/24
+ ##
+ loadBalancerSourceRanges: []
+ ## @param web.service.externalTrafficPolicy Mastodon web service external traffic policy
+ ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-web-source-ip
+ ##
+ externalTrafficPolicy: Cluster
+ ## @param web.service.annotations Additional custom annotations for Mastodon web service
+ ##
+ annotations: {}
+ ## @param web.service.extraPorts Extra ports to expose in Mastodon web service (normally used with the `sidecars` value)
+ ##
+ extraPorts: []
+ ## @param web.service.sessionAffinity Control where web requests go, to the same pod or round-robin
+ ## Values: WebIP or None
+ ## ref: https://kubernetes.io/docs/user-guide/services/
+ ##
+ sessionAffinity: None
+ ## @param web.service.sessionAffinityConfig Additional settings for the sessionAffinity
+ ## sessionAffinityConfig:
+ ## webIP:
+ ## timeoutSeconds: 300
+ ##
+ sessionAffinityConfig: {}
+
+## @section Mastodon Sidekiq Parameters
+##
+##
+sidekiq:
+ ## @param sidekiq.replicaCount Number of Mastodon sidekiq replicas to deploy
+ ##
+ replicaCount: 1
+
+ ## Configure extra options for Mastodon sidekiq containers' liveness and readiness probes
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
+ ## @param sidekiq.livenessProbe.enabled Enable livenessProbe on Mastodon sidekiq containers
+ ## @param sidekiq.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
+ ## @param sidekiq.livenessProbe.periodSeconds Period seconds for livenessProbe
+ ## @param sidekiq.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
+ ## @param sidekiq.livenessProbe.failureThreshold Failure threshold for livenessProbe
+ ## @param sidekiq.livenessProbe.successThreshold Success threshold for livenessProbe
+ ##
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param sidekiq.readinessProbe.enabled Enable readinessProbe on Mastodon sidekiq containers
+ ## @param sidekiq.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
+ ## @param sidekiq.readinessProbe.periodSeconds Period seconds for readinessProbe
+ ## @param sidekiq.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
+ ## @param sidekiq.readinessProbe.failureThreshold Failure threshold for readinessProbe
+ ## @param sidekiq.readinessProbe.successThreshold Success threshold for readinessProbe
+ ##
+ readinessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param sidekiq.startupProbe.enabled Enable startupProbe on Mastodon sidekiq containers
+ ## @param sidekiq.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
+ ## @param sidekiq.startupProbe.periodSeconds Period seconds for startupProbe
+ ## @param sidekiq.startupProbe.timeoutSeconds Timeout seconds for startupProbe
+ ## @param sidekiq.startupProbe.failureThreshold Failure threshold for startupProbe
+ ## @param sidekiq.startupProbe.successThreshold Success threshold for startupProbe
+ ##
+ startupProbe:
+ enabled: false
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param sidekiq.customLivenessProbe Custom livenessProbe that overrides the default one
+ ##
+ customLivenessProbe: {}
+ ## @param sidekiq.customReadinessProbe Custom readinessProbe that overrides the default one
+ ##
+ customReadinessProbe: {}
+ ## @param sidekiq.customStartupProbe Custom startupProbe that overrides the default one
+ ##
+ customStartupProbe: {}
+ ## Mastodon sidekiq resource requests and limits
+ ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ ## @param sidekiq.resources.limits The resources limits for the Mastodon sidekiq containers
+ ## @param sidekiq.resources.requests The requested resources for the Mastodon sidekiq containers
+ ##
+ resources:
+ limits: {}
+ requests: {}
+ ## Configure Pods Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+ ## @param sidekiq.podSecurityContext.enabled Enabled Mastodon sidekiq pods' Security Context
+ ## @param sidekiq.podSecurityContext.fsGroup Set Mastodon sidekiq pod's Security Context fsGroup
+ ## @param sidekiq.podSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
+ ##
+ podSecurityContext:
+ enabled: true
+ fsGroup: 1001
+ seccompProfile:
+ type: "RuntimeDefault"
+ ## Configure Container Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+ ## @param sidekiq.containerSecurityContext.enabled Enabled Mastodon sidekiq containers' Security Context
+ ## @param sidekiq.containerSecurityContext.runAsUser Set Mastodon sidekiq containers' Security Context runAsUser
+ ## @param sidekiq.containerSecurityContext.runAsNonRoot Set Mastodon sidekiq containers' Security Context runAsNonRoot
+ ## @param sidekiq.containerSecurityContext.readOnlyRootFilesystem Set Mastodon sidekiq containers' Security Context runAsNonRoot
+ ## @param sidekiq.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation
+ ## @param sidekiq.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot
+ ##
+ containerSecurityContext:
+ enabled: true
+ runAsUser: 1001
+ runAsNonRoot: true
+ readOnlyRootFilesystem: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop: ["ALL"]
+
+ ## @param sidekiq.command Override default container command (useful when using custom images)
+ ##
+ command: []
+ ## @param sidekiq.args Override default container args (useful when using custom images)
+ ##
+ args: []
+ ## @param sidekiq.hostAliases Mastodon sidekiq pods host aliases
+ ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+ ##
+ hostAliases: []
+ ## @param sidekiq.podLabels Extra labels for Mastodon sidekiq pods
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ ##
+ podLabels: {}
+ ## @param sidekiq.podAnnotations Annotations for Mastodon sidekiq pods
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ ##
+ podAnnotations: {}
+ ## @param sidekiq.podAffinityPreset Pod affinity preset. Ignored if `sidekiq.affinity` is set. Allowed values: `soft` or `hard`
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+ ##
+ podAffinityPreset: ""
+ ## @param sidekiq.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `sidekiq.affinity` is set. Allowed values: `soft` or `hard`
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+ ##
+ podAntiAffinityPreset: soft
+ ## Node sidekiq.affinity preset
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
+ ##
+ nodeAffinityPreset:
+ ## @param sidekiq.nodeAffinityPreset.type Node affinity preset type. Ignored if `sidekiq.affinity` is set. Allowed values: `soft` or `hard`
+ ##
+ type: ""
+ ## @param sidekiq.nodeAffinityPreset.key Node label key to match. Ignored if `sidekiq.affinity` is set
+ ##
+ key: ""
+ ## @param sidekiq.nodeAffinityPreset.values Node label values to match. Ignored if `sidekiq.affinity` is set
+ ## E.g.
+ ## values:
+ ## - e2e-az1
+ ## - e2e-az2
+ ##
+ values: []
+ ## @param sidekiq.affinity Affinity for Mastodon sidekiq pods assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+ ## NOTE: `sidekiq.podAffinityPreset`, `sidekiq.podAntiAffinityPreset`, and `sidekiq.nodeAffinityPreset` will be ignored when it's set
+ ##
+ affinity: {}
+ ## @param sidekiq.nodeSelector Node labels for Mastodon sidekiq pods assignment
+ ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+ ##
+ nodeSelector: {}
+ ## @param sidekiq.tolerations Tolerations for Mastodon sidekiq pods assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+ ##
+ tolerations: []
+ ## @param sidekiq.updateStrategy.type Mastodon sidekiq statefulset strategy type
+ ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
+ ##
+ updateStrategy:
+ ## StrategyType
+ ## Can be set to RollingUpdate or OnDelete
+ ##
+ type: RollingUpdate
+
+ ## @param sidekiq.priorityClassName Mastodon sidekiq pods' priorityClassName
+ ##
+ priorityClassName: ""
+ ## @param sidekiq.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
+ ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
+ ##
+ topologySpreadConstraints: []
+ ## @param sidekiq.schedulerName Name of the k8s scheduler (other than default) for Mastodon sidekiq pods
+ ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+ ##
+ schedulerName: ""
+ ## @param sidekiq.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
+ ##
+ terminationGracePeriodSeconds: ""
+ ## @param sidekiq.lifecycleHooks for the Mastodon sidekiq container(s) to automate configuration before or after startup
+ ##
+ lifecycleHooks: {}
+ ## @param sidekiq.extraEnvVars Array with extra environment variables to add to Mastodon sidekiq nodes
+ ## e.g:
+ ## extraEnvVars:
+ ## - name: FOO
+ ## value: "bar"
+ ##
+ extraEnvVars: []
+ ## @param sidekiq.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Mastodon sidekiq nodes
+ ##
+ extraEnvVarsCM: ""
+ ## @param sidekiq.extraEnvVarsSecret Name of existing Secret containing extra env vars for Mastodon sidekiq nodes
+ ##
+ extraEnvVarsSecret: ""
+ ## @param sidekiq.extraVolumes Optionally specify extra list of additional volumes for the Mastodon sidekiq pod(s)
+ ##
+ extraVolumes: []
+ ## @param sidekiq.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Mastodon sidekiq container(s)
+ ##
+ extraVolumeMounts: []
+ ## @param sidekiq.sidecars Add additional sidecar containers to the Mastodon sidekiq pod(s)
+ ## e.g:
+ ## sidecars:
+ ## - name: your-image-name
+ ## image: your-image
+ ## imagePullPolicy: Always
+ ## ports:
+ ## - name: portname
+ ## containerPort: 1234
+ ##
+ sidecars: []
+ ## @param sidekiq.initContainers Add additional init containers to the Mastodon sidekiq pod(s)
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+ ## e.g:
+ ## initContainers:
+ ## - name: your-image-name
+ ## image: your-image
+ ## imagePullPolicy: Always
+ ## command: ['sh', '-c', 'echo "hello world"']
+ ##
+ initContainers: []
+
+## @section Mastodon Streaming Parameters
+##
+##
+streaming:
+ ## @param streaming.replicaCount Number of Mastodon streaming replicas to deploy
+ ##
+ replicaCount: 1
+
+ ## @param streaming.containerPorts.http Mastodon streaming HTTP container port
+ ##
+ containerPorts:
+ http: 8080
+ ## Configure extra options for Mastodon streaming containers' liveness and readiness probes
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/#configure-probes
+ ## @param streaming.livenessProbe.enabled Enable livenessProbe on Mastodon streaming containers
+ ## @param streaming.livenessProbe.initialDelaySeconds Initial delay seconds for livenessProbe
+ ## @param streaming.livenessProbe.periodSeconds Period seconds for livenessProbe
+ ## @param streaming.livenessProbe.timeoutSeconds Timeout seconds for livenessProbe
+ ## @param streaming.livenessProbe.failureThreshold Failure threshold for livenessProbe
+ ## @param streaming.livenessProbe.successThreshold Success threshold for livenessProbe
+ ##
+ livenessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param streaming.readinessProbe.enabled Enable readinessProbe on Mastodon streaming containers
+ ## @param streaming.readinessProbe.initialDelaySeconds Initial delay seconds for readinessProbe
+ ## @param streaming.readinessProbe.periodSeconds Period seconds for readinessProbe
+ ## @param streaming.readinessProbe.timeoutSeconds Timeout seconds for readinessProbe
+ ## @param streaming.readinessProbe.failureThreshold Failure threshold for readinessProbe
+ ## @param streaming.readinessProbe.successThreshold Success threshold for readinessProbe
+ ##
+ readinessProbe:
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param streaming.startupProbe.enabled Enable startupProbe on Mastodon streaming containers
+ ## @param streaming.startupProbe.initialDelaySeconds Initial delay seconds for startupProbe
+ ## @param streaming.startupProbe.periodSeconds Period seconds for startupProbe
+ ## @param streaming.startupProbe.timeoutSeconds Timeout seconds for startupProbe
+ ## @param streaming.startupProbe.failureThreshold Failure threshold for startupProbe
+ ## @param streaming.startupProbe.successThreshold Success threshold for startupProbe
+ ##
+ startupProbe:
+ enabled: false
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 5
+ failureThreshold: 6
+ successThreshold: 1
+ ## @param streaming.customLivenessProbe Custom livenessProbe that overrides the default one
+ ##
+ customLivenessProbe: {}
+ ## @param streaming.customReadinessProbe Custom readinessProbe that overrides the default one
+ ##
+ customReadinessProbe: {}
+ ## @param streaming.customStartupProbe Custom startupProbe that overrides the default one
+ ##
+ customStartupProbe: {}
+ ## Mastodon streaming resource requests and limits
+ ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ ## @param streaming.resources.limits The resources limits for the Mastodon streaming containers
+ ## @param streaming.resources.requests The requested resources for the Mastodon streaming containers
+ ##
+ resources:
+ limits: {}
+ requests: {}
+ ## Configure Pods Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+ ## @param streaming.podSecurityContext.enabled Enabled Mastodon streaming pods' Security Context
+ ## @param streaming.podSecurityContext.fsGroup Set Mastodon streaming pod's Security Context fsGroup
+ ## @param streaming.podSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
+ ##
+ podSecurityContext:
+ enabled: true
+ fsGroup: 1001
+ seccompProfile:
+ type: "RuntimeDefault"
+ ## Configure Container Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+ ## @param streaming.containerSecurityContext.enabled Enabled Mastodon streaming containers' Security Context
+ ## @param streaming.containerSecurityContext.runAsUser Set Mastodon streaming containers' Security Context runAsUser
+ ## @param streaming.containerSecurityContext.runAsNonRoot Set Mastodon streaming containers' Security Context runAsNonRoot
+ ## @param streaming.containerSecurityContext.readOnlyRootFilesystem Set Mastodon streaming containers' Security Context runAsNonRoot
+ ## @param streaming.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation
+ ## @param streaming.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot
+ ##
+ containerSecurityContext:
+ enabled: true
+ runAsUser: 1001
+ runAsNonRoot: true
+ readOnlyRootFilesystem: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop: ["ALL"]
+
+ ## @param streaming.command Override default container command (useful when using custom images)
+ ##
+ command: []
+ ## @param streaming.args Override default container args (useful when using custom images)
+ ##
+ args: []
+ ## @param streaming.hostAliases Mastodon streaming pods host aliases
+ ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+ ##
+ hostAliases: []
+ ## @param streaming.podLabels Extra labels for Mastodon streaming pods
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ ##
+ podLabels: {}
+ ## @param streaming.podAnnotations Annotations for Mastodon streaming pods
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ ##
+ podAnnotations: {}
+ ## @param streaming.podAffinityPreset Pod affinity preset. Ignored if `streaming.affinity` is set. Allowed values: `soft` or `hard`
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+ ##
+ podAffinityPreset: ""
+ ## @param streaming.podAntiAffinityPreset Pod anti-affinity preset. Ignored if `streaming.affinity` is set. Allowed values: `soft` or `hard`
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#inter-pod-affinity-and-anti-affinity
+ ##
+ podAntiAffinityPreset: soft
+ ## Node streaming.affinity preset
+ ## ref: https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#node-affinity
+ ##
+ nodeAffinityPreset:
+ ## @param streaming.nodeAffinityPreset.type Node affinity preset type. Ignored if `streaming.affinity` is set. Allowed values: `soft` or `hard`
+ ##
+ type: ""
+ ## @param streaming.nodeAffinityPreset.key Node label key to match. Ignored if `streaming.affinity` is set
+ ##
+ key: ""
+ ## @param streaming.nodeAffinityPreset.values Node label values to match. Ignored if `streaming.affinity` is set
+ ## E.g.
+ ## values:
+ ## - e2e-az1
+ ## - e2e-az2
+ ##
+ values: []
+ ## @param streaming.affinity Affinity for Mastodon streaming pods assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
+ ## NOTE: `streaming.podAffinityPreset`, `streaming.podAntiAffinityPreset`, and `streaming.nodeAffinityPreset` will be ignored when it's set
+ ##
+ affinity: {}
+ ## @param streaming.nodeSelector Node labels for Mastodon streaming pods assignment
+ ## ref: https://kubernetes.io/docs/user-guide/node-selection/
+ ##
+ nodeSelector: {}
+ ## @param streaming.tolerations Tolerations for Mastodon streaming pods assignment
+ ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+ ##
+ tolerations: []
+ ## @param streaming.updateStrategy.type Mastodon streaming statefulset strategy type
+ ## ref: https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#update-strategies
+ ##
+ updateStrategy:
+ ## StrategyType
+ ## Can be set to RollingUpdate or OnDelete
+ ##
+ type: RollingUpdate
+
+ ## @param streaming.priorityClassName Mastodon streaming pods' priorityClassName
+ ##
+ priorityClassName: ""
+ ## @param streaming.topologySpreadConstraints Topology Spread Constraints for pod assignment spread across your cluster among failure-domains. Evaluated as a template
+ ## Ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-topology-spread-constraints/#spread-constraints-for-pods
+ ##
+ topologySpreadConstraints: []
+ ## @param streaming.schedulerName Name of the k8s scheduler (other than default) for Mastodon streaming pods
+ ## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/
+ ##
+ schedulerName: ""
+ ## @param streaming.terminationGracePeriodSeconds Seconds Redmine pod needs to terminate gracefully
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods
+ ##
+ terminationGracePeriodSeconds: ""
+ ## @param streaming.lifecycleHooks for the Mastodon streaming container(s) to automate configuration before or after startup
+ ##
+ lifecycleHooks: {}
+ ## @param streaming.extraEnvVars Array with extra environment variables to add to Mastodon streaming nodes
+ ## e.g:
+ ## extraEnvVars:
+ ## - name: FOO
+ ## value: "bar"
+ ##
+ extraEnvVars: []
+ ## @param streaming.extraEnvVarsCM Name of existing ConfigMap containing extra env vars for Mastodon streaming nodes
+ ##
+ extraEnvVarsCM: ""
+ ## @param streaming.extraEnvVarsSecret Name of existing Secret containing extra env vars for Mastodon streaming nodes
+ ##
+ extraEnvVarsSecret: ""
+ ## @param streaming.extraVolumes Optionally specify extra list of additional volumes for the Mastodon streaming pod(s)
+ ##
+ extraVolumes: []
+ ## @param streaming.extraVolumeMounts Optionally specify extra list of additional volumeMounts for the Mastodon streaming container(s)
+ ##
+ extraVolumeMounts: []
+ ## @param streaming.sidecars Add additional sidecar containers to the Mastodon streaming pod(s)
+ ## e.g:
+ ## sidecars:
+ ## - name: your-image-name
+ ## image: your-image
+ ## imagePullPolicy: Always
+ ## ports:
+ ## - name: portname
+ ## containerPort: 1234
+ ##
+ sidecars: []
+ ## @param streaming.initContainers Add additional init containers to the Mastodon streaming pod(s)
+ ## ref: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/
+ ## e.g:
+ ## initContainers:
+ ## - name: your-image-name
+ ## image: your-image
+ ## imagePullPolicy: Always
+ ## command: ['sh', '-c', 'echo "hello world"']
+ ##
+ initContainers: []
+
+ ## @section Mastodon Streaming Traffic Exposure Parameters
+ ##
+ service:
+ ## @param streaming.service.type Mastodon streaming service type
+ ##
+ type: ClusterIP
+ ## @param streaming.service.ports.http Mastodon streaming service HTTP port
+ ##
+ ports:
+ http: 80
+ ## Node ports to expose
+ ## @param streaming.service.nodePorts.http Node port for HTTP
+ ## NOTE: choose port between <30000-32767>
+ ##
+ nodePorts:
+ http: ""
+ ## @param streaming.service.clusterIP Mastodon streaming service Cluster IP
+ ## e.g.:
+ ## clusterIP: None
+ ##
+ clusterIP: ""
+ ## @param streaming.service.loadBalancerIP Mastodon streaming service Load Balancer IP
+ ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-loadbalancer
+ ##
+ loadBalancerIP: ""
+ ## @param streaming.service.loadBalancerSourceRanges Mastodon streaming service Load Balancer sources
+ ## ref: https://kubernetes.io/docs/tasks/access-application-cluster/configure-cloud-provider-firewall/#restrict-access-for-loadbalancer-service
+ ## e.g:
+ ## loadBalancerSourceRanges:
+ ## - 10.10.10.0/24
+ ##
+ loadBalancerSourceRanges: []
+ ## @param streaming.service.externalTrafficPolicy Mastodon streaming service external traffic policy
+ ## ref http://kubernetes.io/docs/tasks/access-application-cluster/create-external-load-balancer/#preserving-the-streaming-source-ip
+ ##
+ externalTrafficPolicy: Cluster
+ ## @param streaming.service.annotations Additional custom annotations for Mastodon streaming service
+ ##
+ annotations: {}
+ ## @param streaming.service.extraPorts Extra ports to expose in Mastodon streaming service (normally used with the `sidecars` value)
+ ##
+ extraPorts: []
+ ## @param streaming.service.sessionAffinity Control where streaming requests go, to the same pod or round-robin
+ ## Values: StreamingIP or None
+ ## ref: https://kubernetes.io/docs/user-guide/services/
+ ##
+ sessionAffinity: None
+ ## @param streaming.service.sessionAffinityConfig Additional settings for the sessionAffinity
+ ## sessionAffinityConfig:
+ ## rtsIP:
+ ## timeoutSeconds: 300
+ ##
+ sessionAffinityConfig: {}
+
+## @section Mastodon Migration job Parameters
+##
+
+initJob:
+ ## @param initJob.precompileAssets Execute rake assets:precompile as part of the job
+ ##
+ precompileAssets: true
+ ## @param initJob.migrateDB Execute rake db:migrate as part of the job
+ ##
+ migrateDB: true
+ ## @param initJob.migrateElasticsearch Execute rake chewy:upgrade as part of the job
+ ##
+ migrateElasticsearch: true
+ ## @param initJob.createAdmin Create admin user as part of the job
+ ##
+ createAdmin: true
+ ## @param initJob.backoffLimit set backoff limit of the job
+ ##
+ backoffLimit: 10
+ ## @param initJob.extraVolumes Optionally specify extra list of additional volumes for the Mastodon init job
+ ##
+ extraVolumes: []
+
+ ## Configure Container Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+ ## @param initJob.containerSecurityContext.enabled Enabled Mastodon init job containers' Security Context
+ ## @param initJob.containerSecurityContext.runAsUser Set Mastodon init job containers' Security Context runAsUser
+ ## @param initJob.containerSecurityContext.runAsNonRoot Set Mastodon init job containers' Security Context runAsNonRoot
+ ## @param initJob.containerSecurityContext.readOnlyRootFilesystem Set Mastodon init job containers' Security Context runAsNonRoot
+ ## @param initJob.containerSecurityContext.allowPrivilegeEscalation Set container's privilege escalation
+ ## @param initJob.containerSecurityContext.capabilities.drop Set container's Security Context runAsNonRoot
+ ##
+ containerSecurityContext:
+ enabled: true
+ runAsUser: 1001
+ runAsNonRoot: true
+ readOnlyRootFilesystem: false
+ allowPrivilegeEscalation: false
+ capabilities:
+ drop: ["ALL"]
+ ## Configure Pods Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
+ ## @param initJob.podSecurityContext.enabled Enabled Mastodon init job pods' Security Context
+ ## @param initJob.podSecurityContext.fsGroup Set Mastodon init job pod's Security Context fsGroup
+ ## @param initJob.podSecurityContext.seccompProfile.type Set container's Security Context seccomp profile
+ ##
+ podSecurityContext:
+ enabled: true
+ fsGroup: 1001
+ seccompProfile:
+ type: "RuntimeDefault"
+ ## @param initJob.extraEnvVars Array containing extra env vars to configure the Mastodon init job
+ ## For example:
+ ## extraEnvVars:
+ ## - name: GF_DEFAULT_INSTANCE_NAME
+ ## value: my-instance
+ ##
+ extraEnvVars: []
+ ## @param initJob.extraEnvVarsCM ConfigMap containing extra env vars to configure the Mastodon init job
+ ##
+ extraEnvVarsCM: ""
+ ## @param initJob.extraEnvVarsSecret Secret containing extra env vars to configure the Mastodon init job (in case of sensitive data)
+ ##
+ extraEnvVarsSecret: ""
+ ## @param initJob.extraVolumeMounts Array of extra volume mounts to be added to the Mastodon Container (evaluated as template). Normally used with `extraVolumes`.
+ ##
+ extraVolumeMounts: []
+ ## Container resource requests and limits
+ ## ref: https://kubernetes.io/docs/user-guide/compute-resources/
+ ## @param initJob.resources.limits The resources limits for the container
+ ## @param initJob.resources.requests The requested resources for the container
+ ##
+ resources:
+ limits: {}
+ requests: {}
+ ## @param initJob.hostAliases Add deployment host aliases
+ ## https://kubernetes.io/docs/concepts/services-networking/add-entries-to-pod-etc-hosts-with-host-aliases/
+ ##
+ hostAliases: []
+ ## @param initJob.annotations [object] Add annotations to the job
+ ##
+ annotations:
+ helm.sh/hook: post-install, pre-upgrade
+ helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
+ # This should be executed after the minio provisioning job
+ helm.sh/hook-weight: "10"
+
+ ## @param initJob.podLabels Additional pod labels
+ ## Ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
+ ##
+ podLabels: {}
+ ## @param initJob.podAnnotations Additional pod annotations
+ ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+ ##
+ podAnnotations: {}
+
+## @section Persistence Parameters (only when S3 is disabled)
+## Enable persistence using Persistent Volume Claims
+## ref: https://kubernetes.io/docs/user-guide/persistent-volumes/
+##
+persistence:
+ ## @param persistence.enabled Enable persistence using Persistent Volume Claims
+ ##
+ enabled: false
+ ## @param persistence.mountPath Path to mount the volume at.
+ ##
+ mountPath: /bitnami/mastodon
+ ## @param persistence.subPath The subdirectory of the volume to mount to, useful in dev environments and one PV for multiple services
+ ##
+ subPath: ""
+ ## @param persistence.storageClass Storage class of backing PVC
+ ## If defined, storageClassName:
+ ## If set to "-", storageClassName: "", which disables dynamic provisioning
+ ## If undefined (the default) or set to null, no storageClassName spec is
+ ## set, choosing the default provisioner. (gp2 on AWS, standard on
+ ## GKE, AWS & OpenStack)
+ ##
+ storageClass: ""
+ ## @param persistence.annotations Persistent Volume Claim annotations
+ ##
+ annotations: {}
+ ## @param persistence.accessModes Persistent Volume Access Modes
+ ##
+ accessModes:
+ - ReadWriteOnce
+ ## @param persistence.size Size of data volume
+ ##
+ size: 8Gi
+ ## @param persistence.existingClaim The name of an existing PVC to use for persistence
+ ##
+ existingClaim: ""
+ ## @param persistence.selector Selector to match an existing Persistent Volume for WordPress data PVC
+ ## If set, the PVC can't have a PV dynamically provisioned for it
+ ## E.g.
+ ## selector:
+ ## matchLabels:
+ ## app: my-app
+ ##
+ selector: {}
+ ## @param persistence.dataSource Custom PVC data source
+ ##
+ dataSource: {}
+
+## @section Init Container Parameters
+##
+## 'volumePermissions' init container parameters
+## Changes the owner and group of the persistent volume mount point to runAsUser:fsGroup values
+## based on the *podSecurityContext/*containerSecurityContext parameters
+##
+volumePermissions:
+ ## @param volumePermissions.enabled Enable init container that changes the owner/group of the PV mount point to `runAsUser:fsGroup`
+ ##
+ enabled: false
+ ## Bitnami Shell image
+ ## ref: https://hub.docker.com/r/bitnami/bitnami-shell/tags/
+ ## @param volumePermissions.image.registry Bitnami Shell image registry
+ ## @param volumePermissions.image.repository Bitnami Shell image repository
+ ## @param volumePermissions.image.tag Bitnami Shell image tag (immutable tags are recommended)
+ ## @param volumePermissions.image.pullPolicy Bitnami Shell image pull policy
+ ## @param volumePermissions.image.pullSecrets Bitnami Shell image pull secrets
+ ##
+ image:
+ registry: docker.io
+ repository: bitnami/bitnami-shell
+ tag: 11-debian-11-r57
+ pullPolicy: IfNotPresent
+ ## Optionally specify an array of imagePullSecrets.
+ ## Secrets must be manually created in the namespace.
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+ ## e.g:
+ ## pullSecrets:
+ ## - myRegistryKeySecretName
+ ##
+ pullSecrets: []
+ ## Init container's resource requests and limits
+ ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ ## @param volumePermissions.resources.limits The resources limits for the init container
+ ## @param volumePermissions.resources.requests The requested resources for the init container
+ ##
+ resources:
+ limits: {}
+ requests: {}
+ ## Init container Container Security Context
+ ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container
+ ## @param volumePermissions.containerSecurityContext.runAsUser Set init container's Security Context runAsUser
+ ## NOTE: when runAsUser is set to special value "auto", init container will try to chown the
+ ## data folder to auto-determined user&group, using commands: `id -u`:`id -G | cut -d" " -f2`
+ ## "auto" is especially useful for OpenShift which has scc with dynamic user ids (and 0 is not allowed)
+ ##
+ containerSecurityContext:
+ runAsUser: 0
+
+## @section Other Parameters
+##
+
+## ServiceAccount configuration
+##
+serviceAccount:
+ ## @param serviceAccount.create Specifies whether a ServiceAccount should be created
+ ##
+ create: true
+ ## @param serviceAccount.name The name of the ServiceAccount to use.
+ ## If not set and create is true, a name is generated using the common.names.fullname template
+ ##
+ name: ""
+ ## @param serviceAccount.annotations Additional Service Account annotations (evaluated as a template)
+ ##
+ annotations: {}
+ ## @param serviceAccount.automountServiceAccountToken Automount service account token for the server service account
+ ##
+ automountServiceAccountToken: true
+
+## External PostgreSQL configuration
+## All of these values are only used when postgresql.enabled is set to false
+## @param externalDatabase.host Database host
+## @param externalDatabase.port Database port number
+## @param externalDatabase.user Non-root username for JupyterHub
+## @param externalDatabase.password Password for the non-root username for JupyterHub
+## @param externalDatabase.database JupyterHub database name
+## @param externalDatabase.existingSecret Name of an existing secret resource containing the database credentials
+## @param externalDatabase.existingSecretPasswordKey Name of an existing secret key containing the database credentials
+##
+externalDatabase:
+ host: ""
+ port: 5432
+ user: postgres
+ database: mastodon
+ password: ""
+ existingSecret: ""
+ existingSecretPasswordKey: "db-password"
+
+## @section External Redis parameters
+## All of these values are only used when redis.enabled is set to false
+## @param externalRedis.host Redis host
+## @param externalRedis.port Redis port number
+## @param externalRedis.password Password for the Redis
+## @param externalRedis.existingSecret Name of an existing secret resource containing the Redis credentials
+## @param externalRedis.existingSecretPasswordKey Name of an existing secret key containing the Redis credentials
+##
+externalRedis:
+ host: ""
+ port: 6379
+ password: ""
+ existingSecret: ""
+ existingSecretPasswordKey: ""
+
+## @section External S3 parameters
+## All of these values are only used when redis.enabled is set to false
+## @param externalS3.host External S3 host
+## @param externalS3.port External S3 port number
+## @param externalS3.accessKeyID External S3 access key ID
+## @param externalS3.accessKeySecret External S3 access key secret
+## @param externalS3.existingSecret Name of an existing secret resource containing the S3 credentials
+## @param externalS3.existingSecretAccessKeyIDKey Name of an existing secret key containing the S3 access key ID
+## @param externalS3.existingSecretKeySecretKey Name of an existing secret key containing the S3 access key secret
+## @param externalS3.protocol External S3 protocol
+## @param externalS3.bucket External S3 bucket
+## @param externalS3.region External S3 region
+##
+externalS3:
+ host: ""
+ port: 443
+ accessKeyID: ""
+ accessKeySecret: ""
+ existingSecret: ""
+ existingSecretAccessKeyIDKey: "root-user"
+ existingSecretKeySecretKey: "root-password"
+ protocol: "https"
+ bucket: "mastodon"
+ region: "us-east-1"
+
+## @section External elasticsearch configuration
+##
+## @param externalElasticsearch.host Host of the external elasticsearch server
+## @param externalElasticsearch.port Port of the external elasticsearch server
+## @param externalElasticsearch.password Password for the external elasticsearch server
+## @param externalElasticsearch.existingSecret Name of an existing secret resource containing the elasticsearch credentials
+## @param externalElasticsearch.existingSecretPasswordKey Name of an existing secret key containing the elasticsearch credentials
+##
+externalElasticsearch:
+ host: ""
+ port: ""
+ password: ""
+ existingSecret: ""
+ existingSecretPasswordKey: "elasticsearch-password"
+
+## @section Redis sub-chart parameters
+##
+redis:
+ ## @param redis.enabled Deploy Redis subchart
+ ##
+ enabled: true
+ ## @param redis.architecture Set Redis architecture
+ ##
+ architecture: standalone
+ ## @param redis.existingSecret Name of a secret containing redis credentials
+ ##
+ existingSecret: ""
+ ## @param redis.master.service.ports.redis Redis port
+ ##
+ master:
+ service:
+ ports:
+ redis: 6379
+
+ ## @param redis.auth.enabled Enable Redis auth
+ ## @param redis.auth.password Redis password
+ ## @param redis.auth.existingSecret Name of a secret containing the Redis password
+ ##
+ auth:
+ enabled: true
+ password: ""
+ existingSecret: ""
+
+## @section PostgreSQL chart configuration
+## ref: https://github.com/bitnami/charts/blob/main/bitnami/postgresql/values.yaml
+## @param postgresql.enabled Switch to enable or disable the PostgreSQL helm chart
+## @param postgresql.auth.username Name for a custom user to create
+## @param postgresql.auth.password Password for the custom user to create
+## @param postgresql.auth.database Name for a custom database to create
+## @param postgresql.auth.existingSecret Name of existing secret to use for PostgreSQL credentials
+## @param postgresql.architecture PostgreSQL architecture (`standalone` or `replication`)
+## @param postgresql.primary.service.ports.postgresql PostgreSQL service port
+##
+postgresql:
+ enabled: true
+ auth:
+ username: bn_mastodon
+ password: ""
+ database: bitnami_mastodon
+ existingSecret: ""
+ architecture: standalone
+ primary:
+ service:
+ ports:
+ postgresql: 5432
+
+## @section MinIO® chart parameters
+## @extra minio For full list of MinIO® values configurations please refere [here](https://github.com/bitnami/charts/tree/main/bitnami/minio)
+##
+minio:
+ ## @param minio.enabled Enable/disable MinIO® chart installation
+ ## to be used as an objstore for Mastodon
+ ##
+ enabled: true
+ ## MinIO® authentication parameters
+ ##
+ auth:
+ ## @param minio.auth.rootUser MinIO® root username
+ ##
+ rootUser: admin
+ ## @param minio.auth.rootPassword Password for MinIO® root user
+ ##
+ rootPassword: ""
+ ## @param minio.auth.existingSecret Name of an existing secret containing the MinIO® credentials
+ ##
+ existingSecret: ""
+ ## @param minio.defaultBuckets Comma, semi-colon or space separated list of MinIO® buckets to create
+ ##
+ defaultBuckets: "s3storage"
+
+ ## @param minio.provisioning.enabled Enable/disable MinIO® provisioning job
+ ## @param minio.provisioning.extraCommands Extra commands to run on MinIO® provisioning job
+ ##
+ provisioning:
+ enabled: true
+ # We need to allow downloads in order for the UI to work
+ extraCommands: ["mc anonymous set download provisioning/s3storage"]
+
+ ## @param minio.tls.enabled Enable/disable MinIO® TLS support
+ ##
+ tls:
+ enabled: false
+ ## @param minio.service.type MinIO® service type
+ ## @param minio.service.loadBalancerIP MinIO® service LoadBalancer IP
+ ## @param minio.service.ports.api MinIO® service port
+ ##
+ service:
+ type: ClusterIP
+ loadBalancerIP: ""
+ ports:
+ api: 80
+
+## @section Elasticsearch chart configuration
+## https://github.com/bitnami/charts/blob/main/bitnami/elasticsearch/values.yaml
+##
+elasticsearch:
+ ## @param elasticsearch.enabled Whether to deploy a elasticsearch server to use as Mastodon's search engine
+ ## To use an external server set this to false and configure the externalElasticsearch parameters
+ ##
+ enabled: true
+ ## @param elasticsearch.sysctlImage.enabled Enable kernel settings modifier image for Elasticsearch
+ ##
+ sysctlImage:
+ enabled: true
+
+ ## @param elasticsearch.security.enabled Enable security settings for Elasticsearch
+ ## @param elasticsearch.security.existingSecret Name of an existing secret containing the elasticsearch credentials
+ ## @param elasticsearch.security.tls.restEncryption Enable TLS encryption for REST API
+ ##
+ security:
+ enabled: false
+ existingSecret: ""
+ tls:
+ restEncryption: false
+ ## Elasticsearch master-eligible node parameters
+ ## @param elasticsearch.master.replicaCount Desired number of Elasticsearch master-eligible nodes
+ ##
+ master:
+ replicaCount: 1
+ ## Elasticsearch coordinating-only node parameters
+ ## @param elasticsearch.coordinating.replicaCount Desired number of Elasticsearch coordinating-only nodes
+ ##
+ coordinating:
+ replicaCount: 1
+ ## Elasticsearch data node parameters
+ ## @param elasticsearch.data.replicaCount Desired number of Elasticsearch data nodes
+ ##
+ data:
+ replicaCount: 1
+ ## Elasticsearch ingest node parameters
+ ## @param elasticsearch.ingest.replicaCount Desired number of Elasticsearch ingest nodes
+ ##
+ ingest:
+ replicaCount: 1
+ ## @param elasticsearch.service.ports.restAPI Elasticsearch REST API port
+ ##
+ service:
+ ports:
+ restAPI: 9200
+
+## @section Apache chart configuration
+##
+apache:
+ ## @param apache.enabled Enable Apache chart
+ ##
+ enabled: true
+
+ ## @param apache.containerPorts.http Apache container port
+ ##
+ containerPorts:
+ http: 8080
+ ## @param apache.service.type Apache service type
+ ## @param apache.service.loadBalancerIP Apache service LoadBalancer IP
+ ## @param apache.service.ports.http Apache service port
+ ##
+ service:
+ type: LoadBalancer
+ loadBalancerIP: ""
+ ports:
+ http: 80
+ ## @param apache.vhostsConfigMap [string] Name of the ConfigMap containing the Apache vhost configuration
+ ##
+ vhostsConfigMap: '{{ include "mastodon.apache.vhostconfigmap" . }}'
+ # We need to change the liveness probe to use the Mastodon streaming health checkpoint
+ # We use the streaming because it is the last service to be initialized together with
+ # sidekiq
+ ## @param apache.livenessProbe.path Apache liveness probe path
+ ##
+ livenessProbe:
+ path: "/api/v1/streaming/health"
+ ## @param apache.readinessProbe.path Apache readiness probe path
+ ##
+ readinessProbe:
+ path: "/api/v1/streaming/health"
+ ## @param apache.startupProbe.path Apache startup probe path
+ ##
+ startupProbe:
+ path: "/api/v1/streaming/health"
+ ## @param apache.ingress.enabled Enable ingress
+ ## @param apache.ingress.hostname Ingress hostname
+ ##
+ ingress:
+ enabled: false
+ hostname: "mastodon.local"