87 lines
2.9 KiB
YAML
87 lines
2.9 KiB
YAML
|
---
|
||
|
apiVersion: external-secrets.io/v1beta1
|
||
|
kind: ExternalSecret
|
||
|
metadata:
|
||
|
name: mastodon
|
||
|
namespace: fediverse
|
||
|
spec:
|
||
|
secretStoreRef:
|
||
|
kind: ClusterSecretStore
|
||
|
name: onepassword-connect
|
||
|
target:
|
||
|
name: mastodon-secret
|
||
|
creationPolicy: Owner
|
||
|
template:
|
||
|
engineVersion: v2
|
||
|
data:
|
||
|
DB_SSLMODE: "require"
|
||
|
LOCAL_DOMAIN: "valinor.social"
|
||
|
SINGLE_USER_MODE: "false"
|
||
|
SECRET_KEY_BASE: "{{ .mastodon_secret_key_base }}"
|
||
|
OTP_SECRET: "{{ .mastodon_otp_secret }}"
|
||
|
VAPID_PRIVATE_KEY: "{{ .mastodon_vapid_private_key }}"
|
||
|
VAPID_PUBLIC_KEY: "{{ .mastodon_vapid_public_key }}"
|
||
|
DB_HOST: "{{ .mastodon_db_host }}"
|
||
|
DB_USER: "{{ .mastodon_db_user }}"
|
||
|
DB_PORT: "{{ .mastodon_db_port }}"
|
||
|
DB_PASS: "{{ .mastodon_db_pass }}"
|
||
|
REDIS_URL: "{{ .mastodon_redis_url }}"
|
||
|
S3_ENABLED: "true"
|
||
|
S3_PROTOCOL: "https"
|
||
|
S3_ENDPOINT: "{{ .s3_valinor_endpoint }}"
|
||
|
S3_HOSTNAME: "{{ .s3_valinor_hostname }}"
|
||
|
S3_BUCKET: "{{ .s3_valinor_bucket }}"
|
||
|
S3_ALIAS_HOST: "{{ .mastodon_s3_alias_host }}"
|
||
|
S3_PERMISSION: "private"
|
||
|
AWS_ACCESS_KEY_ID: "{{ .s3_valinor_access_key }}"
|
||
|
AWS_SECRET_ACCESS_KEY: "{{ .s3_valinor_secret_key }}"
|
||
|
SMTP_SERVER: "smtp.mailgun.org"
|
||
|
SMTP_PORT: "587"
|
||
|
SMTP_LOGIN: "{{ .mailgun_smtp_user }}"
|
||
|
SMTP_PASSWORD: "{{ .mailgun_smtp_password }}"
|
||
|
SMTP_AUTH_METHOD: "plain"
|
||
|
SMTP_OPENSSL_VERIFY_MODE: "peer"
|
||
|
SMTP_ENABLE_STARTTLS: "auto"
|
||
|
SMTP_FROM_ADDRESS: "Mastodon <notifications@valinor.social>"
|
||
|
DB_POOL: "25"
|
||
|
DEEPL_PLAN: "free"
|
||
|
DEEPL_API_KEY: "{{ .deepl_api_key }}"
|
||
|
ES_ENABLED: "{{ .mastodon_es_enabled }}"
|
||
|
ES_HOST: "{{ .mastodon_es_host }}"
|
||
|
ES_PORT: "{{ .mastodon_es_port }}"
|
||
|
STATSD_ADDR: "statsd-exporter.fediverse.svc.cluster.local:9125"
|
||
|
CP_DB_PORT: "{{ .mastodon_cp_db_port }}"
|
||
|
CP_SIDEKIQ_LOW_VOLUME: "{{ .mastodon_db_name_cp_sidekiq_low_volume }}"
|
||
|
CP_SIDEKIQ_HIGH_PRIORITY: "{{ .mastodon_db_name_cp_sidekiq_high_priority }}"
|
||
|
CP_SIDEKIQ_INGRESS: "{{ .mastodon_db_name_cp_sidekiq_ingress }}"
|
||
|
CP_SIDEKIQ_PULL: "{{ .mastodon_db_name_cp_sidekiq_pull }}"
|
||
|
CP_MASTODON_WEB: "{{ .mastodon_db_name_cp_mastodon_web }}"
|
||
|
CP_MASTODON_STREAMING: "{{ .mastodon_db_name_cp_mastodon_streaming }}"
|
||
|
|
||
|
dataFrom:
|
||
|
- extract:
|
||
|
key: s3
|
||
|
rewrite:
|
||
|
- regexp:
|
||
|
source: "(.*)"
|
||
|
target: "s3_$1"
|
||
|
- extract:
|
||
|
key: mastodon
|
||
|
rewrite:
|
||
|
- regexp:
|
||
|
source: "(.*)"
|
||
|
target: "mastodon_$1"
|
||
|
data:
|
||
|
- secretKey: mailgun_smtp_user
|
||
|
remoteRef:
|
||
|
key: mailgun
|
||
|
property: mastodon_smtp_user
|
||
|
- secretKey: mailgun_smtp_password
|
||
|
remoteRef:
|
||
|
key: mailgun
|
||
|
property: mastodon_smtp_password
|
||
|
- secretKey: deepl_api_key
|
||
|
remoteRef:
|
||
|
key: deepl
|
||
|
property: api_key
|