147 lines
5.4 KiB
YAML
147 lines
5.4 KiB
YAML
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: {{ include "gotosocial.fullname" . }}
|
|
annotations:
|
|
"confighash": {{ toYaml .Values.gotosocial | sha256sum | trunc 32 }}
|
|
labels:
|
|
{{- include "gotosocial.labels" . | nindent 4 }}
|
|
data:
|
|
{{- with .Values.gotosocial }}
|
|
TZ: {{ .tz | b64enc }}
|
|
|
|
GTS_APPLICATION_NAME: {{ .applicationName | b64enc }}
|
|
{{- with .landingPageUser }}
|
|
GTS_LANDING_PAGE_USER: {{ . | b64enc }}
|
|
{{- end }}
|
|
GTS_HOST: {{ .host | b64enc }}
|
|
GTS_ACCOUNT_DOMAIN: {{ .accountDomain | b64enc }}
|
|
GTS_TRUSTED_PROXIES: {{ .trustedProxies | join "," | b64enc }}
|
|
{{- with .advancedRateLimitExceptions }}
|
|
GTS_ADVANCED_RATE_LIMIT_EXCEPTIONS: {{ . | join "," | b64enc }}
|
|
{{- end }}
|
|
GTS_ADVANCED_RATE_LIMIT_REQUESTS: {{ .advancedRateLimitRequests | b64enc }}
|
|
|
|
GTS_DB_TYPE: {{ .database.type | b64enc }}
|
|
{{- if (eq .database.type "sqlite") }}
|
|
{{- if (eq .storage.backend "local") }}
|
|
GTS_DB_ADDRESS: {{ "/gotosocial/storage/sqlite.db" | b64enc }}
|
|
GTS_DB_SQLITE_JOURNAL_MODE: {{ "WAL" | b64enc }}
|
|
GTS_DB_SQLITE_SYNCHRONOUS: {{ "NORMAL" | b64enc }}
|
|
GTS_DB_SQLITE_CACHE_SIZE: {{ "8MiB" | b64enc }}
|
|
GTS_DB_SQLITE_BUSY_TIMEOUT: {{ "30m" | b64enc }}
|
|
{{- else }}
|
|
{{- fail "sqlite needs storage-backend is local" }}
|
|
{{- end }}{{/* end-else-if local */}}
|
|
{{- else }}{{/* else-if sqlite */}}
|
|
{{- with .database }}
|
|
GTS_DB_ADDRESS: {{ .address | b64enc }}
|
|
GTS_DB_PORT: {{ toYaml .port | b64enc }}
|
|
GTS_DB_USER: {{ .username | b64enc }}
|
|
GTS_DB_PASSWORD: {{ .password | b64enc }}
|
|
GTS_DB_DATABASE: {{ .database | b64enc }}
|
|
GTS_DB_TLS_MODE: {{ .tlsMode | b64enc }}
|
|
{{- with .tlsCACert }}
|
|
GTS_DB_TLS_CA_CERT: {{ . | b64enc }}
|
|
{{- end }}
|
|
GTS_DB_MAX_OPEN_CONNS_MULTIPLIER: {{ "8" | b64enc }}
|
|
{{- end }}{{/* end-with .database */}}
|
|
{{- end }}{{/* end-else-if sqlite */}}
|
|
|
|
{{- with .instance }}
|
|
{{- with .languages }}
|
|
GTS_INSTANCE_LANGUAGES: {{ . | join "," | b64enc }}
|
|
{{- end }}
|
|
{{- with .federation }}
|
|
GTS_INSTANCE_FEDERATION_MODE: {{ .mode | b64enc }}
|
|
GTS_INSTANCE_FEDERATION_SPAM_FILTER: {{ toYaml .spamFilter | b64enc }}
|
|
{{- end }}{{/* end-with federation */}}
|
|
{{- with .expose }}
|
|
GTS_INSTANCE_EXPOSE_PEERS: {{ toYaml .peers | b64enc }}
|
|
GTS_INSTANCE_EXPOSE_SUSPENDED: {{ toYaml .suspended | b64enc }}
|
|
GTS_INSTANCE_EXPOSE_SUSPENDED_WEB: {{ toYaml .suspendedWeb | b64enc }}
|
|
GTS_INSTANCE_EXPOSE_PUBLIC_TIMELINE: {{ toYaml .publicTimeline | b64enc }}
|
|
{{- end }}{{/* end-with expose */}}
|
|
GTS_INSTANCE_DELIVER_TO_SHARED_INBOXES: {{ toYaml .deliverToSharedInboxes | b64enc }}
|
|
GTS_INSTANCE_INJECT_MASTODON_VERSION: {{ toYaml .injectMastodonVersion | b64enc }}
|
|
{{- end }}{{/* end-with instance */}}
|
|
|
|
{{- with .accounts }}
|
|
GTS_ACCOUNTS_REGISTRATION_OPEN: {{ toYaml .registrationOpen | b64enc }}
|
|
GTS_ACCOUNTS_APPROVAL_REQUIRED: {{ toYaml .approvalRequired | b64enc }}
|
|
GTS_ACCOUNTS_REASON_REQUIRED: {{ toYaml .reasonRequired | b64enc }}
|
|
GTS_ACCOUNTS_ALLOW_CUSTOM_CSS: {{ toYaml .allowCustomCSS | b64enc }}
|
|
GTS_ACCOUNTS_CUSTOM_CSS_LENGTH: {{ toYaml .customCSSLength | b64enc }}
|
|
{{- end }}{{/* end-with accounts */}}
|
|
|
|
GTS_STORAGE_BACKEND: {{ .storage.backend | b64enc }}
|
|
{{- if (eq .storage.backend "local") }}
|
|
GTS_STORAGE_LOCAL_BASE_PATH: {{ "/gotosocial/storage" | b64enc }}
|
|
{{- end }}
|
|
{{- if (eq .storage.backend "s3") }}
|
|
{{- with .storage.s3 }}
|
|
{{- with .endpoint }}
|
|
GTS_STORAGE_S3_ENDPOINT: {{ toYaml . | b64enc }}
|
|
{{- end }}
|
|
{{- with .proxy }}
|
|
GTS_STORAGE_S3_PROXY: {{ toYaml . | b64enc }}
|
|
{{- end }}
|
|
{{- with .useSSL }}
|
|
GTS_STORAGE_S3_USE_SSL: {{ toYaml . | b64enc }}
|
|
{{- end }}
|
|
{{- with .bucket }}
|
|
GTS_STORAGE_S3_BUCKET: {{ toYaml . | b64enc }}
|
|
{{- end }}
|
|
{{- with .accessKey }}
|
|
GTS_STORAGE_S3_ACCESS_KEY: {{ toYaml . | b64enc }}
|
|
{{- end }}
|
|
{{- with .secretKey }}
|
|
GTS_STORAGE_S3_SECRET_KEY: {{ toYaml . | b64enc }}
|
|
{{- end }}
|
|
{{- end }}{{/* end-with .storage.s3 */}}
|
|
{{- end }}{{/* end-if .storage.backed == s3 */}}
|
|
|
|
{{- with .oidc }}
|
|
GTS_OIDC_ENABLED: {{ toYaml .enabled | b64enc }}
|
|
GTS_OIDC_IDP_NAME: {{ .idpName | b64enc }}
|
|
GTS_OIDC_SKIP_VERIFICATION: {{ toYaml .skipVerification | b64enc }}
|
|
GTS_OIDC_ISSUER: {{ .issuer | b64enc }}
|
|
GTS_OIDC_CLIENT_ID: {{ .clientID | b64enc }}
|
|
GTS_OIDC_CLIENT_SECRET: {{ .clientSecret | b64enc }}
|
|
GTS_OIDC_SCOPES: {{ .scopes | join "," | b64enc }}
|
|
GTS_OIDC_LINK_EXISTING: {{ toYaml .linkExisting | b64enc }}
|
|
GTS_OIDC_ADMIN_GROUPS: {{ .adminGroups | join "," | b64enc }}
|
|
{{- end }}{{/* end-with oidc */}}
|
|
|
|
{{- with .smtp }}
|
|
{{- with .host }}
|
|
GTS_SMTP_HOST: {{ . | b64enc }}
|
|
{{- end }}
|
|
GTS_SMTP_PORT: {{ toYaml .port | b64enc }}
|
|
{{- with .username }}
|
|
GTS_SMTP_USERNAME: {{ . | b64enc }}
|
|
{{- end }}
|
|
{{- with .password }}
|
|
GTS_SMTP_PASSWORD: {{ . | b64enc }}
|
|
{{- end }}
|
|
{{- with .from }}
|
|
GTS_SMTP_FROM: {{ . | b64enc }}
|
|
{{- end }}
|
|
GTS_SMTP_DISCLOSE_RECIPIENTS: {{ toYaml .discloseRecipients | b64enc }}
|
|
{{- end }}{{/* end-with smtp */}}
|
|
|
|
GTS_METRICS_ENABLED: {{ toYaml .metrics.enabled | b64enc }}
|
|
|
|
# https://www.w3.org/TR/trace-context/#traceparent-header
|
|
GTS_REQUEST_ID_HEADER: {{ "Traceparent" | b64enc }}
|
|
{{- with .tracing }}
|
|
{{- if .enabled }}
|
|
GTS_TRACING_ENABLED: {{ "true" | b64enc}}
|
|
GTS_TRACING_TRANSPORT: {{ .transport | b64enc }}
|
|
GTS_TRACING_ENDPOINT: {{ .endpoint | b64enc }}
|
|
GTS_TRACING_INSECURE_TRANSPORT: {{ toYaml .insecureTransport | b64enc }}
|
|
{{- end }}{{/* end-if .tracing.enabled */}}
|
|
{{- end }}{{/* end-with .tracing */}}
|
|
|
|
{{- end }}{{/* end-with .gotosocial */}}
|