athens-school/Mastodon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Mastodon/manifests/deployment.yaml

216 lines
8.7 KiB
YAML
Raw Permalink Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon
namespace: mastodon
spec:
replicas: 1
selector:
matchLabels:
app: mastodon
template:
metadata:
labels:
app: mastodon
spec:
securityContext:
runAsUser: 991
runAsGroup: 991
fsGroup: 991
containers:
- name: mastodon-web
image: ghcr.io/mastodon/mastodon:v4.3.6
command: ["bundle", "exec", "puma", "-C", "config/puma.rb"]
ports:
- containerPort: 3000
- containerPort: 9394
name: web-metrics
env:
- name: LOCAL_DOMAIN
value: "halis.io"
- name: WEB_DOMAIN
value: "mastodon.halis.io"
- name: REDIS_HOST
value: "redis-svc.mastodon.svc.cluster.local"
- name: REDIS_PORT
value: "6379"
- name: DB_HOST
value: "mastodon-db-rw.mastodon.svc.cluster.local"
- name: DB_USER
valueFrom:
secretKeyRef:
name: mastodon-db
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: mastodon-db
key: password
- name: DB_NAME
value: "mastodon"
- name: DB_PORT
value: "5432"
- name: SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: SECRET_KEY_BASE
- name: OTP_SECRET
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: OTP_SECRET
- name: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
- name: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
- name: ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
- name: IP_RETENTION_PERIOD
value: "31556952"
- name: SESSION_RETENTION_PERIOD
value: "31556952"
- name: FETCH_REPLIES_ENABLED
value: "false"
- name: FETCH_REPLIES_COOLDOWN_MINUTES
value: "15"
- name: FETCH_REPLIES_INITIAL_WAIT_MINUTES
value: "5"
- name: FETCH_REPLIES_MAX_GLOBAL
value: "1000"
- name: FETCH_REPLIEX_MAX_SINGLE
value: "500"
- name: FETCH_REPLIES_MAX_PAGES
value: "500"
- name: STREAMING_API_BASE_URL
value: "http://mastodon-svc.mastodon.svc.cluster.local:4000"
- name: MASTODON_PROMETHEUS_EXPORTER_ENABLED
value: "true"
- name: MASTODON_PROMETHEUS_EXPORTER_LOCAL
value: "true"
- name: MASTODON_PROMETHEUS_EXPORTER_HOST
value: "127.0.0.1"
- name: MASTODON_PROMETHEUS_EXPORTER_PORT
value: "9394"
volumeMounts:
- mountPath: "/mastodon/public/system"
name: mastodon-data
- name: mastodon-streaming
image: ghcr.io/mastodon/mastodon-streaming:v4.3.6
command: ["node", "./streaming/index.js"]
ports:
- containerPort: 4000
name: streaming
env:
- name: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
- name: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
- name: ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
- name: REDIS_HOST
value: "redis-svc.mastodon.svc.cluster.local"
- name: REDIS_PORT
value: "6379"
- name: mastodon-sidekiq
image: ghcr.io/mastodon/mastodon:v4.3.6
command: ["bundle", "exec", "sidekiq"]
ports:
- containerPort: 9395
name: sidekiq-metrics
env:
- name: LOCAL_DOMAIN
value: "halis.io"
- name: WEB_DOMAIN
value: "mastodon.halis.io"
- name: REDIS_HOST
value: "redis-svc.mastodon.svc.cluster.local"
- name: REDIS_PORT
value: "6379"
- name: DB_HOST
value: "mastodon-db-rw.mastodon.svc.cluster.local"
- name: DB_USER
valueFrom:
secretKeyRef:
name: mastodon-db
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: mastodon-db
key: password
- name: DB_NAME
value: "mastodon"
- name: DB_PORT
value: "5432"
- name: SECRET_KEY_BASE
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: SECRET_KEY_BASE
- name: OTP_SECRET
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: OTP_SECRET
- name: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
- name: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
- name: ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
valueFrom:
secretKeyRef:
name: mastodon-secrets
key: ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
- name: STREAMING_API_BASE_URL
value: "http://mastodon-svc.mastodon.svc.cluster.local:4000"
- name: MASTODON_PROMETHEUS_EXPORTER_ENABLED
value: "true"
- name: MASTODON_PROMETHEUS_EXPORTER_LOCAL
value: "true"
- name: MASTODON_PROMETHEUS_EXPORTER_HOST
value: "0.0.0.0"
- name: MASTODON_PROMETHEUS_EXPORTER_PORT
value: "9395"
volumeMounts:
- mountPath: "/mastodon/public/system"
name: mastodon-data
- name: redis
image: redis:7.4.2
ports:
- containerPort: 6379
volumeMounts:
- mountPath: "/data"
name: redis-data
volumes:
- name: mastodon-data
persistentVolumeClaim:
claimName: mastodon-pvc
- name: redis-data
persistentVolumeClaim:
claimName: redis-pvc
Reference in New Issue View Git Blame Copy Permalink