Bitnami/charts
2
0
Fork 0
mirror of https://github.com/bitnami/charts.git synced 2026-03-02 08:05:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

[bitnami/mastodon] Move defaultConfig and defaultSecretConfig to default-configmap.yaml and default-secret.yaml respectively and add mastodon secret env vars (#19179)

Browse Source 
* Move defaultConfig and defaultSecretConfig to default-configmap.yaml and default-secret.yaml respectively

Signed-off-by: jessebot <jessebot@linux.com>

* mastodon: allow smtp.server to come from an existingSecret

Signed-off-by: jessebot <jessebot@linux.com>

* update README for mastodon after values.yaml changes to config defaults

Signed-off-by: jessebot <jessebot@linux.com>

* mastodon: web: move SMTP_SERVER out of 'if ne .Values.smtp.auth_method none' conditional

Signed-off-by: jessebot <jessebot@linux.com>

* move SMTP_SERVER to default-secrets instead of configmap

Signed-off-by: jessebot <jessebot@linux.com>

* adding secretKeyBase and otpSecret to values.yaml as parameters to be passed into mastodon default secret

Signed-off-by: jessebot <jessebot@linux.com>

* add vapidPublicKey and vapidPrivateKey as parameters for mastodon chart

Signed-off-by: jessebot <jessebot@linux.com>

* mastodon: remove SMTP_SERVER from deployment env vars, because we already pass it in with the default-secret

Signed-off-by: jessebot <jessebot@linux.com>

* Update bitnami/mastodon/templates/_helpers.tpl - remove this block as it's no longer in use

Signed-off-by: JesseBot <jessebot@linux.com>

* Update bitnami/mastodon/values.yaml - correct mastoon typo

Signed-off-by: JesseBot <jessebot@linux.com>

* Update bitnami/mastodon/values.yaml - fix mastdon typo

Signed-off-by: JesseBot <jessebot@linux.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* add SMTP_SERVER env var to web/deployment and _helpers.tpl as a viable existing secret parameter

Signed-off-by: jessebot <jessebot@linux.com>

* Update bitnami/mastodon/Chart.yaml - change chart version to 3.1.0

Signed-off-by: JesseBot <jessebot@linux.com>

* Apply suggestions from code review - fix Mastodon spelling typos

Signed-off-by: JesseBot <jessebot@linux.com>

* Update README.md with readme-generator-for-helm

Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>

* mastodon: add the smtp server to the default smtp secret

Signed-off-by: jessebot <jessebot@linux.com>

---------

Signed-off-by: jessebot <jessebot@linux.com>
Signed-off-by: JesseBot <jessebot@linux.com>
Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com>
Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
This commit is contained in:
JesseBot
2023-11-02 14:03:05 +01:00
committed by GitHub
parent 79261efe92
commit 6175b41a9f
8 changed files with 136 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
bitnami/mastodon/Chart.yaml
View File

@@ -49,4 +49,4 @@ maintainers:
name: mastodon
sources:
- https://github.com/bitnami/charts/tree/main/bitnami/mastodon
version: 3.1.0
version: 3.2.0

81
bitnami/mastodon/README.md
View File

@@ -92,45 +92,48 @@ The command removes all the Kubernetes components associated with the chart and
### Mastodon common parameters
| Name | Description | Value |
| -------------------------------- | ---------------------------------------------------------------------------------------------------------------------------- | ------------------------------------ |
| `environment` | Mastodon Rails and Node environment. Should be one of 'production', | `production` |
| `adminUser` | Mastodon admin username | `user` |
| `adminEmail` | Mastodon admin email | `user@changeme.com` |
| `adminPassword` | Mastodon admin password | `""` |
| `defaultConfig` | Default configuration for Mastodon in the form of environment variables | `""` |
| `defaultSecretConfig` | Default secret configuration for Mastodon in the form of environment variables | `""` |
| `extraConfig` | Extra configuration for Mastodon in the form of environment variables | `{}` |
| `extraSecretConfig` | Extra secret configuration for Mastodon in the form of environment variables | `{}` |
| `existingConfigmap` | The name of an existing ConfigMap with your default configuration for Mastodon | `""` |
| `existingSecret` | The name of an existing Secret with your default configuration for Mastodon | `""` |
| `extraConfigExistingConfigmap` | The name of an existing ConfigMap with your extra configuration for Mastodon | `""` |
| `extraConfigExistingSecret` | The name of an existing Secret with your extra configuration for Mastodon | `""` |
| `enableSearches` | Enable the search engine (uses Elasticsearch under the hood) | `true` |
| `enableS3` | Enable the S3 storage engine | `true` |
| `forceHttpsS3Protocol` | Force Mastodon's S3_PROTOCOL to be https (Useful when TLS is terminated using cert-manager/Ingress) | `false` |
| `useSecureWebSocket` | Set Mastodon's STREAMING_API_BASE_URL to use secure websocket (wss:// instead of ws://) | `false` |
| `local_https` | Set this instance to advertise itself to the fediverse using HTTPS rather than HTTP URLs. This should almost always be true. | `true` |
| `localDomain` | The domain name used by accounts on this instance. Unless you're using | `""` |
| `webDomain` | Optional alternate domain used when you want to host Mastodon at a | `""` |
| `defaultLocale` | Set the default locale for this instance | `en` |
| `s3AliasHost` | S3 alias host for Mastodon (will use 'http://webDomain/bucket' if not set) | `""` |
| `smtp.server` | SMTP server | `""` |
| `smtp.port` | SMTP port | `587` |
| `smtp.from_address` | From address for sent emails | `""` |
| `smtp.domain` | SMTP domain | `""` |
| `smtp.reply_to` | Reply-To value for sent emails | `""` |
| `smtp.delivery_method` | SMTP delivery method | `smtp` |
| `smtp.ca_file` | SMTP CA file location | `/etc/ssl/certs/ca-certificates.crt` |
| `smtp.openssl_verify_mode` | OpenSSL verify mode | `none` |
| `smtp.enable_starttls_auto` | Automatically enable StartTLS | `true` |
| `smtp.tls` | SMTP TLS | `false` |
| `smtp.auth_method` | SMTP auth method (set to "none" to disable SMTP auth) | `plain` |
| `smtp.login` | SMTP auth username | `""` |
| `smtp.password` | SMTP auth password | `""` |
| `smtp.existingSecret` | Name of an existing secret resource containing the SMTP | `""` |
| `smtp.existingSecretLoginKey` | Name of the key for the SMTP login credential | `""` |
| `smtp.existingSecretPasswordKey` | Name of the key for the SMTP password credential | `""` |
| Name | Description | Value |
| -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------ |
| `environment` | Mastodon Rails and Node environment. Should be one of 'production', | `production` |
| `adminUser` | Mastodon admin username | `""` |
| `adminEmail` | Mastodon admin email | `""` |
| `adminPassword` | Mastodon admin password | `""` |
| `otpSecret` | Mastodon one time password secret. Generate with rake secret. Changing it will break two-factor authentication. | `""` |
| `secretKeyBase` | Mastodon secret key base. Generate with rake secret. Changing it will break all active browser sessions. | `""` |
| `vapidPrivateKey` | Mastodon vapid private key. Generate with rake mastodon:webpush:generate_vapid_key. Changing it will break push notifications. | `""` |
| `vapidPublicKey` | Mastodon vapid public key. Generate with rake mastodon:webpush:generate_vapid_key. Changing it will break push notifications. | `""` |
| `extraConfig` | Extra configuration for Mastodon in the form of environment variables | `{}` |
| `extraSecretConfig` | Extra secret configuration for Mastodon in the form of environment variables | `{}` |
| `existingConfigmap` | The name of an existing ConfigMap with your default configuration for Mastodon | `""` |
| `existingSecret` | The name of an existing Secret with your default configuration for Mastodon | `""` |
| `extraConfigExistingConfigmap` | The name of an existing ConfigMap with your extra configuration for Mastodon | `""` |
| `extraConfigExistingSecret` | The name of an existing Secret with your extra configuration for Mastodon | `""` |
| `enableSearches` | Enable the search engine (uses Elasticsearch under the hood) | `true` |
| `enableS3` | Enable the S3 storage engine | `true` |
| `forceHttpsS3Protocol` | Force Mastodon's S3_PROTOCOL to be https (Useful when TLS is terminated using cert-manager/Ingress) | `false` |
| `useSecureWebSocket` | Set Mastodon's STREAMING_API_BASE_URL to use secure websocket (wss:// instead of ws://) | `false` |
| `local_https` | Set this instance to advertise itself to the fediverse using HTTPS rather than HTTP URLs. This should almost always be true. | `true` |
| `localDomain` | The domain name used by accounts on this instance. Unless you're using | `""` |
| `webDomain` | Optional alternate domain used when you want to host Mastodon at a | `""` |
| `defaultLocale` | Set the default locale for this instance | `en` |
| `s3AliasHost` | S3 alias host for Mastodon (will use 'http://webDomain/bucket' if not set) | `""` |
| `smtp.server` | SMTP server | `""` |
| `smtp.port` | SMTP port | `587` |
| `smtp.from_address` | From address for sent emails | `""` |
| `smtp.domain` | SMTP domain | `""` |
| `smtp.reply_to` | Reply-To value for sent emails | `""` |
| `smtp.delivery_method` | SMTP delivery method | `smtp` |
| `smtp.ca_file` | SMTP CA file location | `/etc/ssl/certs/ca-certificates.crt` |
| `smtp.openssl_verify_mode` | OpenSSL verify mode | `none` |
| `smtp.enable_starttls_auto` | Automatically enable StartTLS | `true` |
| `smtp.tls` | SMTP TLS | `false` |
| `smtp.auth_method` | SMTP auth method (set to "none" to disable SMTP auth) | `plain` |
| `smtp.login` | SMTP auth username | `""` |
| `smtp.password` | SMTP auth password | `""` |
| `smtp.existingSecret` | Name of an existing secret resource containing the SMTP | `""` |
| `smtp.existingSecretLoginKey` | Name of the key for the SMTP login credential | `""` |
| `smtp.existingSecretPasswordKey` | Name of the key for the SMTP password credential | `""` |
| `smtp.existingSecretServerKey` | Name of the key for the SMTP hostname | `""` |
### Mastodon Web Parameters

11
bitnami/mastodon/templates/_helpers.tpl
View File

@@ -523,6 +523,17 @@ Return the SMTP Secret Name
{{- end -}}
{{- end -}}
{{/*
Retrieve SMTP server key
*/}}
{{- define "mastodon.smtp.serverKey" -}}
{{- if .Values.smtp.existingSecretServerKey -}}
{{- print .Values.smtp.existingSecretServerKey -}}
{{- else -}}
{{- print "server" -}}
{{- end -}}
{{- end -}}
{{/*
Retrieve SMTP login key
*/}}

43
bitnami/mastodon/templates/default-configmap.yaml
View File

@@ -14,5 +14,46 @@ metadata:
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data: {{- include "common.tplvalues.render" (dict "value" .Values.defaultConfig "context" $) | nindent 2 }}
data:
{{- if .Values.adminUser }}
MASTODON_ADMIN_USERNAME: {{ .Values.adminUser | quote }}
{{- end }}
{{- if .Values.adminEmail }}
MASTODON_ADMIN_EMAIL: {{ .Values.adminEmail | quote }}
{{- end }}
DB_HOST: {{ include "mastodon.database.host" . | quote }}
DB_PORT: {{ include "mastodon.database.port" . | quote }}
DB_NAME: {{ include "mastodon.database.name" . | quote }}
DB_USER: {{ include "mastodon.database.user" . | quote }}
ES_ENABLED: {{ .Values.enableSearches | quote }}
ES_HOST: {{ include "mastodon.elasticsearch.host" . | quote }}
ES_PORT: {{ include "mastodon.elasticsearch.port" . | quote }}
WEB_DOMAIN: {{ include "mastodon.web.domain" . | quote }}
LOCAL_DOMAIN: {{ .Values.localDomain | quote }}
LOCAL_HTTPS: {{ .Values.local_https | quote }}
DEFAULT_LOCALE: {{ .Values.defaultLocale | quote }}
STREAMING_API_BASE_URL: {{ include "mastodon.streaming.url" . | quote }}
REDIS_HOST: {{ include "mastodon.redis.host" . | quote }}
REDIS_PORT: {{ include "mastodon.redis.port" . | quote }}
SMTP_PORT: {{ .Values.smtp.port | quote }}
SMTP_FROM_ADDRESS: {{ .Values.smtp.from_address | quote }}
SMTP_DOMAIN: {{ .Values.smtp.domain | quote }}
SMTP_REPLY_TO: {{ .Values.smtp.reply_to | quote }}
SMTP_DELIVERY_METHOD: {{ .Values.smtp.delivery_method | quote }}
SMTP_CA_FILE: {{ .Values.smtp.ca_file | quote }}
SMTP_OPENSSL_VERIFY_MODE: {{ .Values.smtp.openssl_verify_mode | quote }}
SMTP_ENABLE_STARTTLS_AUTO: {{ .Values.smtp.enable_starttls_auto | quote }}
SMTP_TLS: {{ .Values.smtp.tls | quote }}
SMTP_AUTH_METHOD: {{ .Values.smtp.auth_method | quote }}
RAILS_ENV: {{ .Values.environment | quote }}
NODE_ENV: {{ .Values.environment | quote }}
{{- if .Values.enableS3 }}
S3_ENABLED: "true"
S3_BUCKET: {{ include "mastodon.s3.bucket" . | quote }}
S3_ENDPOINT: {{ include "mastodon.s3.endpoint" . | quote }}
S3_HOSTNAME: {{ include "mastodon.s3.host" . | quote }}
S3_REGION: {{ include "mastodon.s3.region" . | quote }}
S3_ALIAS_HOST: {{ include "mastodon.s3.aliasHost" . | quote }}
S3_PROTOCOL: {{ include "mastodon.s3.protocol.setting" . | quote }}
{{- end }}
{{- end }}

20
bitnami/mastodon/templates/default-secret.yaml
View File

@@ -14,5 +14,23 @@ metadata:
{{- if .Values.commonAnnotations }}
annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }}
{{- end }}
data: {{- include "common.tplvalues.render" (dict "value" .Values.defaultSecretConfig "context" $) | nindent 2 }}
data:
{{- if .Values.adminPassword }}
MASTODON_ADMIN_PASSWORD: {{ .Values.adminPassword | b64enc | quote }}
{{- end }}
{{- if .Values.secretKeyBase }}
SECRET_KEY_BASE: {{ .Values.secretKeyBase | b64enc | quote}}
{{- end }}
{{- if .Values.otpSecret}}
OTP_SECRET: {{ .Values.otpSecret | b64enc | quote}}
{{- end }}
{{- if .Values.vapidPrivateKey}}
VAPID_PRIVATE_KEY: {{ .Values.vapidPrivateKey | b64enc | quote }}
{{- end }}
{{- if .Values.vapidPublicKey}}
VAPID_PUBLIC_KEY: {{ .Values.vapidPublicKey | b64enc | quote }}
{{- end }}
{{- if .Values.smtp.server }}
SMTP_SERVER: {{ .Values.smtp.server | b64enc | quote }}
{{- end }}
{{- end }}

1
bitnami/mastodon/templates/smtp-secret.yaml
View File

@@ -17,4 +17,5 @@ metadata:
data:
login: {{ .Values.smtp.login | b64enc | quote }}
password: {{ .Values.smtp.password | b64enc | quote }}
server: {{ .Values.smtp.server | b64enc | quote }}
{{- end }}

5
bitnami/mastodon/templates/web/deployment.yaml
View File

@@ -157,6 +157,11 @@ spec:
key: {{ include "mastodon.elasticsearch.passwordKey" . | quote }}
{{- end }}
{{- if ne .Values.smtp.auth_method "none" }}
- name: SMTP_SERVER
valueFrom:
secretKeyRef:
name: {{ include "mastodon.smtp.secretName" . }}
key: {{ include "mastodon.smtp.serverKey" . | quote }}
- name: SMTP_LOGIN
valueFrom:
secretKeyRef:

64
bitnami/mastodon/values.yaml
View File

@@ -104,62 +104,25 @@ image:
environment: production
## @param adminUser Mastodon admin username
##
adminUser: user
adminUser: ""
## @param adminEmail Mastodon admin email
##
adminEmail: user@changeme.com
adminEmail: ""
## @param adminPassword Mastodon admin password
##
adminPassword: ""
## @param defaultConfig [string] Default configuration for Mastodon in the form of environment variables
## @param otpSecret Mastodon one time password secret. Generate with rake secret. Changing it will break two-factor authentication.
##
defaultConfig: |
MASTODON_ADMIN_USERNAME: {{ .Values.adminUser | quote }}
MASTODON_ADMIN_EMAIL: {{ .Values.adminEmail | quote }}
DB_HOST: {{ include "mastodon.database.host" . | quote }}
DB_PORT: {{ include "mastodon.database.port" . | quote }}
DB_NAME: {{ include "mastodon.database.name" . | quote }}
DB_USER: {{ include "mastodon.database.user" . | quote }}
ES_ENABLED: {{ .Values.enableSearches | quote }}
ES_HOST: {{ include "mastodon.elasticsearch.host" . | quote }}
ES_PORT: {{ include "mastodon.elasticsearch.port" . | quote }}
WEB_DOMAIN: {{ include "mastodon.web.domain" . | quote }}
LOCAL_DOMAIN: {{ .Values.localDomain | quote }}
LOCAL_HTTPS: {{ .Values.local_https | quote }}
DEFAULT_LOCALE: {{ .Values.defaultLocale | quote }}
STREAMING_API_BASE_URL: {{ include "mastodon.streaming.url" . | quote }}
REDIS_HOST: {{ include "mastodon.redis.host" . | quote }}
REDIS_PORT: {{ include "mastodon.redis.port" . | quote }}
SMTP_SERVER: {{ .Values.smtp.server | quote }}
SMTP_PORT: {{ .Values.smtp.port | quote }}
SMTP_FROM_ADDRESS: {{ .Values.smtp.from_address | quote }}
SMTP_DOMAIN: {{ .Values.smtp.domain | quote }}
SMTP_REPLY_TO: {{ .Values.smtp.reply_to | quote }}
SMTP_DELIVERY_METHOD: {{ .Values.smtp.delivery_method | quote }}
SMTP_CA_FILE: {{ .Values.smtp.ca_file | quote }}
SMTP_OPENSSL_VERIFY_MODE: {{ .Values.smtp.openssl_verify_mode | quote }}
SMTP_ENABLE_STARTTLS_AUTO: {{ .Values.smtp.enable_starttls_auto | quote }}
SMTP_TLS: {{ .Values.smtp.tls | quote }}
SMTP_AUTH_METHOD: {{ .Values.smtp.auth_method | quote }}
RAILS_ENV: {{ .Values.environment | quote }}
NODE_ENV: {{ .Values.environment | quote }}
{{- if .Values.enableS3 }}
S3_ENABLED: "true"
S3_BUCKET: {{ include "mastodon.s3.bucket" . | quote }}
S3_ENDPOINT: {{ include "mastodon.s3.endpoint" . | quote }}
S3_HOSTNAME: {{ include "mastodon.s3.host" . | quote }}
S3_REGION: {{ include "mastodon.s3.region" . | quote }}
S3_ALIAS_HOST: {{ include "mastodon.s3.aliasHost" . | quote }}
S3_PROTOCOL: {{ include "mastodon.s3.protocol.setting" . | quote }}
{{- end }}
## @param defaultSecretConfig [string] Default secret configuration for Mastodon in the form of environment variables
otpSecret: ""
## @param secretKeyBase Mastodon secret key base. Generate with rake secret. Changing it will break all active browser sessions.
##
defaultSecretConfig: |
MASTODON_ADMIN_PASSWORD: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-default" (include "common.names.fullname" .)) "key" "MASTODON_ADMIN_PASSWORD" "providedValues" (list "adminPassword") "context" $) }}
SECRET_KEY_BASE: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-default" (include "common.names.fullname" .)) "key" "SECRET_KEY_BASE" "providedValues" (list "secretKeyBase") "context" $) }}
OTP_SECRET: {{ include "common.secrets.passwords.manage" (dict "secret" (printf "%s-default" (include "common.names.fullname" .)) "key" "OTP_SECRET" "providedValues" (list "otpSecret") "context" $) }}
secretKeyBase: ""
## @param vapidPrivateKey Mastodon vapid private key. Generate with rake mastodon:webpush:generate_vapid_key. Changing it will break push notifications.
##
vapidPrivateKey: ""
## @param vapidPublicKey Mastodon vapid public key. Generate with rake mastodon:webpush:generate_vapid_key. Changing it will break push notifications.
##
vapidPublicKey: ""
## @param extraConfig Extra configuration for Mastodon in the form of environment variables
##
@@ -273,6 +236,9 @@ smtp:
## @param smtp.existingSecretPasswordKey Name of the key for the SMTP password credential
## stored in the existingSecret resource
existingSecretPasswordKey: ""
## @param smtp.existingSecretServerKey Name of the key for the SMTP hostname
## stored in the existingSecret resource
existingSecretServerKey: ""
## @section Mastodon Web Parameters
##