This repository has been archived on 2024-02-11. You can view files and clone it, but cannot push or open issues or pull requests.
valinor/kubernetes/apps/fediverse/peertube/app/externalsecret.yaml

67 lines
2.3 KiB
YAML

---
# yaml-language-server: $schema=https://ks.hsn.dev/external-secrets.io/externalsecret_v1beta1.json
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
name: peertube
namespace: fediverse
spec:
secretStoreRef:
kind: ClusterSecretStore
name: onepassword-connect
target:
name: peertube-secret
creationPolicy: Owner
template:
engineVersion: v2
data:
PEERTUBE_DB_SSLMODE: "false"
PEERTUBE_WEBSERVER_HOSTNAME: "khazadtube.tv"
PEERTUBE_TRUST_PROXY: "['127.0.0.1', 'loopback', '10.2.0.0/16']"
PEERTUBE_SECRET: "{{ .peertube_secret }}"
PEERTUBE_SMTP_HOSTNAME: "{{ .mailgun_smtp_hostname }}"
PEERTUBE_SMTP_USERNAME: "{{ .mailgun_smtp_user }}"
PEERTUBE_SMTP_PASSWORD: "{{ .mailgun_smtp_password }}"
PEERTUBE_SMTP_PORT: "587"
PEERTUBE_SMTP_FROM: "noreply@khazadtube.tv"
PEERTUBE_SMTP_TLS: "false"
PEERTUBE_SMTP_DISABLE_STARTTLS: "false"
PEERTUBE_ADMIN_EMAIL: "joe@veri.dev"
PEERTUBE_REDIS_HOSTNAME: "redis-peertube.fediverse.svc.cluster.local"
PEERTUBE_REDIS_PORT: "6379"
PEERTUBE_OBJECT_STORAGE_ENABLED: "true"
PEERTUBE_OBJECT_STORAGE_ENDPOINT: "{{ .minio_s3_host }}"
PEERTUBE_OBJECT_STORAGE_REGION: "us-east-1"
PEERTUBE_OBJECT_STORAGE_CREDENTIALS_ACCESS_KEY_ID: "{{ .minio_khazadtube_access_key }}"
PEERTUBE_OBJECT_STORAGE_CREDENTIALS_SECRET_ACCESS_KEY: "{{ .minio_khazadtube_secret_key }}"
PEERTUBE_OBJECT_STORAGE_STREAMING_PLAYLISTS_BUCKET_NAME: "khazadtube-streaming"
PEERTUBE_OBJECT_STORAGE_STREAMING_PLAYLISTS_PREFIX: ""
PEERTUBE_OBJECT_STORAGE_VIDEOS_BUCKET_NAME: "khazadtube-videos"
PEERTUBE_OBJECT_STORAGE_VIDEOS_PREFIX: ""
dataFrom:
- extract:
key: minio
rewrite:
- regexp:
source: "(.*)"
target: "minio_$1"
- extract:
key: peertube
rewrite:
- regexp:
source: "(.*)"
target: "peertube_$1"
data:
- secretKey: mailgun_smtp_user
remoteRef:
key: mailgun
property: peertube_smtp_user
- secretKey: mailgun_smtp_password
remoteRef:
key: mailgun
property: peertube_smtp_password
- secretKey: mailgun_smtp_hostname
remoteRef:
key: mailgun
property: smtp_hostname