Mastodon++

This commit is contained in:
Danny Bessems 2023-06-13 14:31:25 +02:00
parent 87029e56d2
commit 86378358d6
14 changed files with 275 additions and 225 deletions

View File

@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: mastodon

View File

@ -0,0 +1,93 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon
namespace: mastodon
labels:
app: mastodon
spec:
replicas: 1
selector:
matchLabels:
app: mastodon
template:
metadata:
labels:
app: mastodon
spec:
containers:
- name: web
image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon
args:
- bash
- -c
- 'rm -f /mastodon/tmp/pids/server.pid; bundle exec rails db:migrate; bundle exec rails s -p 3000'
envFrom:
- secretRef:
name: secret-mastodon
ports:
- name: web
containerPort: 3000
volumeMounts:
- mountPath: /mastodon/public/system
name: flexvolsmb-mastodon-system
- name: api
image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon
args:
- node
- ./streaming
envFrom:
- secretRef:
name: secret-mastodon
ports:
- name: api
containerPort: 4000
- name: backend
image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon
args:
- bundle
- exec
- sidekiq
envFrom:
- secretRef:
name: secret-mastodon
volumeMounts:
- mountPath: /mastodon/public/system
name: flexvolsmb-mastodon-system
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:14-alpine
env:
- name: POSTGRES_USER
value: mastodon
- name: POSTGRES_PASSWORD
value: mastodon
- name: POSTGRES_DB
value: mastodon
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-mastodon-db
- name: redis
image: bv11-cr01.bessems.eu/proxy/library/redis:alpine
# args:
# - redis-server
# - --requirepass <omitted>
# - --appendonly yes
ports:
- name: redis
containerPort: 6379
volumeMounts:
- name: flexvolsmb-mastodon-redis
mountPath: /data
volumes:
- name: flexvolsmb-mastodon-system
persistentVolumeClaim:
claimName: flexvolsmb-mastodon-system
- name: flexvolsmb-mastodon-db
persistentVolumeClaim:
claimName: flexvolsmb-mastodon-db
- name: flexvolsmb-mastodon-redis
persistentVolumeClaim:
claimName: flexvolsmb-mastodon-redis

View File

@ -0,0 +1,17 @@
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: mastodon
namespace: mastodon
spec:
entryPoints:
- websecure
routes:
- match: Host(`st.itch.fyi`)
kind: Rule
services:
- name: mastodon
port: 3000
middlewares:
- name: security-headers@file
- name: compression@file

View File

@ -0,0 +1,19 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-mastodon-db
namespace: mastodon
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/mastodon/db

View File

@ -0,0 +1,19 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-mastodon-redis
namespace: mastodon
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-redis
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=1000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/mastodon/redis

View File

@ -0,0 +1,19 @@
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-mastodon-system
namespace: mastodon
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-system
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=991,gid=991,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/mastodon/system

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-mastodon-db
namespace: mastodon
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-db
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-mastodon-redis
namespace: mastodon
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-redis
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-mastodon-system
namespace: mastodon
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-system
resources:
requests:
storage: 1Gi

View File

@ -0,0 +1,30 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: secret-mastodon
namespace: mastodon
spec:
encryptedData:
DB_HOST: AgDIxKNDQYb4MAnPXF8Nz3h4Uyy3B3usHDgtLOC8fYhCOS6plJTr4j3NLqe7DG35bAh0RQbNgIrn7PkmL8w4t1IdWcIHqck6PIZdYJs7Ttuu1WEe2/UBJ499kv2/F4d+6AL8/DgDftM5sWLP3G4kbbtbxbEJIPDtBPAYBxir5+gEAN/hwj/A+wdL810aa0ZIohWR7U2TdknryEXUWIPjJPzpRtwMxlmp6OZpeheBMD9wMB+XXxZBgnRduZbkxM322dS/joiMVoguGBeFyE5X77fWDuPYDj5VgQIig1+4Mr3veRBYScyopX7OKEaQsU4McCj+we6c1DsPof+mVi41cb0UmAkzZw1qtPEOYr1miw1MYHM6XRSR+TMdk8ABmSxukNN/NcijCJ+USm9dfo4snnlfS9OSoNcSqYOp81YyrOHzrBZi+Z3jVWQ5KvdCtn5PJbhIWBAslx7I6nUiCCO3bpSiVn42BMZFrbUZUU/ZXnErokEPmL/gJJZI+g2KDleC/9/RNn8FPuqXNz9SbLPUd0mo71J36BWzJW7hacS4fQxHy1gm36xXh8EhSucD9bmUjo+vINzHhdteb8Z1c5UHSsBK+G5A1QK3OBFtQk193i3ybYoXT95epIJoP0rXLZho62YsFjValnQ8pFQR4nv6rAYGCuJWql9Q8qEvwuUcCuuo7II0SjSzpRmq4Tig1kwJoh9berJw6d3FvTT+uDeTYwqEE/vMKtpwCRHHpRstW3JoHcSWRQ==
DB_NAME: AgAZyX0h2/80TFOgBPuTQkODq1VSWFhZvTUJG8Z7NhtrUC3Lda/Nxu1FIa96Nd5dYlr4HzW1E9cn0HkGzXHG+ogL6679yKtJpbhxRfyVWqsaia1r6mir4Xge6TNkj2zqOZ6Efk4L1oLH7r3ffwTnkfRXdGogpFj+pZOqYINeeT+3mi7Hws8mlSzjI+yPXNOxtMzO+gluksRAJW9f21qNmiHdXXlrB3U889A92ReECWQ0uEk28y4CqEcheACOTa2ukXkiNWUe+z5UUxjzISTvnknNtdvhxZJrFM4VtscKEumiF5Y2OrOBRhHZ22NBSsFrbiLsL82O8+OkzZKW2VPgDj+UM79EJE7jpzhDkaP083HiY0h7u/9kBQcGiiSV+7rfIyZPyyOyRzSHLg2TOl8RerF6pl7ivFZYMgwhFPcx7Q3FTMbOim8a14UB3wDK1T9cVZ3YN9OkQRa95fGkXrRDBOYZar3/YkxdBrDTWO1i22SYbnzhxsNL04+Y5gIxWew2RNKYbxt4b6XkMjeUIrwi/EtkCnHq4J+YsVTga0yLaXyhSqHYNLHD6CwapZ9S+92C1v486kZ6r+TxETnRsoieP5Qk01JA7PZLXX6Idc81S43Dsh3ynm0DOTx+C651hJT/3GMllqqdPF/eU2dtoSDfyuW5am/9Xrow5QOnTn/bOLUZpJXmTD1gN+7974ENWrMe6sC/EPG+mMc0bQ==
DB_PASS: AgASA2FdM6PTzTHtoac7CETfQgHO7zaO+eziAiiza/k+yveXSUst+H3pX0sZYwv5fSfYXQ64rHDDjkK37R+kGyIf5WWjturBXoSUX2HNM2S4pKmWivr+4Xj44A+M0FKTxPDNv6zgfiEER+z3y/Qrp0TZwNjR/judCsN4+0QlKJEkl/DfiXK/oAMvmKsSElb1NhAYy8Z/9VO8d73Utx2fPfwnipA2S8Na37SwYzsxlif1Sigrhj8SmKGfAQikR+AbxNmjcZUBl9ByJgvTLHBl+J9vv1QNnBfWV8M4yyJSAXR8FPrunnCecEeN4VpYIQ72P9K9OCra6aErV6pKUs760+rkEhvk4bI+xydqu5Fg31Poqna5+LHGz/Pvnyiv4vqbIWJ5SNhYB/rG3YL49hu4LAQ50sniRoxxbZUaSVz4ck6SuEmtbCZtOqpXJ+Oh1CINKo129AylqDKU3IjeGhuihSGcCYpPeQVmhzW4Z2mLap/2WNi3HmgVQ9CO5pKQgAED/Oayqj50iZAcqoBV0XGIx/pE8kZosdahriaeM31CPaX2nX3zu/wAGcK4S0FSIgm6CZhAq7c/CwnT3eCXAu7kxCK2KkaUM4oTd60jfxA6wMf4BgjLNinqUZkiR4pvGXEl85a6vViKGQveIlGeCpKKWTtSgJweVv+HruvkisIziBbRiH4x8E/a5iO67rDrmfgKoqmBwfPFbUjJiQ==
DB_PORT: AgBcWLrp+m98+eQ3ujmlM/zoOpq1S1rkZ9BELOpnvRUTeBiDgbf5/dc5847IDW1XMqCZnLrSUutD06ruXOgp5kiDkJRBhLGJO+7mBitGLjyRpvJthit+G2svQ+gTex4xjUHW/wU/JeW8UMNRnsyopOa73/c25Iv7nKIrzYQjtyeMLy5RwFcnkhJENhh5u63M+o+FeL8eI1AvSzUQCJWP75FP89Q2quWnYAFTHhis8CLMmLIfWcOCJcXEX6YHFrvqn2NI6L66rhDyouw8LJGy/fQkoAoGP1sROSNmIpHalM4aztP8V4VnzdegSHxutxx/a3RqRyZ30XVKxEx7+c1Y9heVCd/hNFeLPbLgU0/JnenG4CraimN3QQ6MlAfYdOm7xyrJsgKp8j7pFXsxxlHl6gMoDvYMuO4iJoZE/SePQ0RkB1ryGaRV6Bazc+68JRA4q2jIKF97LQaI21OfCx0U3vYIsgniT4eWeZ/ctJkSbr5wC6Vkvp66CycW1EEupuuB8wIOW8r4fKXgTybc6D7t+Wl5qfB7sckUOj3adiQoEQfnDGmIjQcTiVjdAalBjl3JWSrzK6xXaerejV6AO1tC3HRPvaXHJowrI8jl1NpZUXhlBGu9kj4ywft93LaDdf8qpBpS70E9/chCxim7nc9iuVKbyK/AQSB1PN8z88X+7DBzosx3Be047gVSDA6dChiR01d1/Qiu
DB_USER: AgAXW3Bz1rJxaP44r1K1HQhoLTwHPzr2C8GdOOoPwsmhMR/4Ub5zIvR4G8ESCmwX2OUyhamqqhLJDaGxmGp94p/gQFH9BLg9421dO5f7rC52ySiN30NW7tkY33q/dE59Dbpd/SGCoRJwbqv438OH1twO06stv5twnDJ9EI86aF4w5FZUCjN8JdiYS3iZea74eRDdcjcdKKceGDq5CmL02cJ1MMg/wuO4CNz9QJEacJewblGymq625qoIQ005JN/j70vXkJH30PlQzEWzVUvHTY9AKtzbq8/M8bT8eeoF050sNFfh1dcOu2HXD0pKPnNjEvoH4rFz2hop4/Znk5N4E6bBQr8FJ6/QX8C1lzqYPQLQFJoqL9Qp/2h9Q+NxZhluqCZ/1BqenwQ2SUeaEPUQAAff1nW6lzWecltWNCXc4jlGMDxFn9TV6uHYDrDUUVYEfWn0/GaH2DYGJZkBa3JWcB5V51tKgkgkao99bp8XCaGj/MC0sprCoKsKIFul65u2HVJ1jzuzfO7tGQz+F7DY/P7YK3veRY3E4tWGifSKuCnApqDo1FDD8WXWowqVifr4zaTM8xwFGzAnoQh2bcguvkl4CikCmqw/uvmFfdVTBg1q4LZJ30d06jUqyiaDFw+0l80WV10uiac3Nk8hI1E9MU59RXs+CZMYX05+PeovW6jfbp9do2dVSaoC5npu5RdudGKjN8KKvJFoVA==
LOCAL_DOMAIN: AgAO+oTfJ6mJdFZ6UJC3ONykzHY3Evss/6d9DibR6yH4zXCyDfnaODDWy2x0VxiX2a6Cyy/DWIBnIgc/85QUMxgyF9leLdn8rflVh07zS1ipy9mM42fXDYFYkMquN3BWSB+SRQYmHetfNzdEtOwA1GQ27C+5GoBEmgxQ+GK0FTaete3wr/PzKTXGdkr1GzfDsGqiN3vPUKthhVMKz96JyUsae/dtpJilqGRdS+OX+y4GyIzP97OH+P31eMAISzE+x7qKkF577wZPhSeQIsEkWVNZxhQ4PqTw7hHXG8hLwLiw97mioMtYPHaiTkE9jsm9iqHmBuzFlSNbQQcPQ9kCyQ3Lf2HXd2ymTwMMiy9R9SIyB+zXDzHPStgAzthGF+1mmPMGg/dYXtl7PwP+Pb5HSHnslLRo/pkK9gvc3aGR8hmgOK0gj19TBRVPcAyZWVbjVVV7LjYBvH1oxrCcm6m9fuL3nGid5wW4cLbWx0hxKQa+wjgUYkgCszlFy3N16i58S+MTtOoGufg3wUaqbSLlT0JQ4DxMOaTEIuhtZt2QRl4zEe5UfVvC3YI/mownJHIHndZxpTzCyHsWKKKdQ5fVqbj+vn1TLkvgPvZEJJSYHKt4AXBZgXP1KlhLceZOXvsWIeY+x+fzOv72arvKcIY0nzEH0syt8c2Ypf63KjRLjtRUofMMotGWJUVp9ro/rGB0HVzPb0NCo8YygNOSbw==
OTP_SECRET: AgAbCdxbWq9m/Yi7nzRy09an8WPKtIhY1aVKeDcjVb1ip1tLJRmU+v2QTgt/hu1AKIxlt/ZG7eAi5j0tHBix9pvbtoPqdgmeDZj2s2sT7n8a4+e7mLBrVmigbLrttbvNFYWdvXgbNyhz/lxpY0+DAmE80l65LP1oQiPE3Y/WxmKut6f/fWdLdzZxSTBu5+0dBfkMSIF6U/pGAfB8MnyjatNW5HdqmwGpW0TSzPo3jKw0ukdhT9va3eM13W0Sqq3C1QrkYzRVefINilb9BRj/PqAWMouE0+HgsvuQ7KlzdMrtsUT7eYnIOY3gFf6OL+iGTudgPN5nkvCdcUZoJSEnPf5hQrU1tPbMlHV7t2YIDwB95O5EaiNgAcZZD6iiWXxBdERkfuBS7BdrBkQBcsZz5fsWaNzsXkYM9gTk3laiUT7VeeCs0JAV0hK5P2UDc6zxVzOsX+lZUs4bFNVKqwTnVnhA/ywrLvGy5r+A/9UAwNaymUYTfhnhT1H7sYw1iorulLM5SOvaSL1Y/toVuLMvN+YpTlfNOGFST08jrXEu3iiHYOup0BzRBX4BxfSvETdzgPX5SSMqXmk61Z3jc0LEbh3yGVKFEWCkORi84WQlFvUwFr4zcEKUq99aF1O4nADvWu2evzOy9oRm+i0AyI/KFMRM78y+cT8oTzTP0yziinwbaqQDoJnnk5Hu9pXWF2HQh/Jq4JLq1wYOdZczjGBOiKb1RMx8NDUaQ2cHPoPaRr7VDQ==
REDIS_HOST: AgC94swqxJTF0BmkwtiTf/nHDQifNGjB3t9aEWMjIy3E5by+Fa/cnc4nu9vjF4IrL9IRyoowi22qovr1PapPTpW8QDL64FZ35ekhdCYAeHjvRX8eYs9YOLz1lu4UqLdpt96Bhjdla7wVP+Yi+d/uriGOzBZv+iDCx4mw3cRwry7a08CBEwoiT8c0zHdqaykgk2HXompEVLuWpa7Nq+JpMVa9fhPK5zovV8FcBeUn0qeMSN8fx9dyr31PTYNFOVVUeg0yp80xA8nPQH0VxB3PFdF97JppZUGr64Cesi1vmwOCldCub1Y59RSL78QLDz+afAGJg5yb5pdco+ghenna89c76O2s6j1+/2xHLuANoGV5MKvdSRv5GFnq6o/BRJ+JdDQO9DCVJvcM2K5ezFwrcCXdEDmsarG9y20nvxForFnlqN/l3HqxuMc/r49FZU3zt0m6C9+NYCcpZ+4G/XcmMK/cfKYqmkUD3/9JTfZF5gaRuLoqT3bavylQJoqxm6eR2EHCN/2vvYunVs/28p46Z+N/qg8S6NRD5ZG3/HzFUPes8qTJ1j3WeT60o3cWAQlpKXHnJVzWj+11B3DeuJV4TleeAOAx47CYWBTGgDIv8likLFGz+EKce/T7DN7cJv752PNeIrG62CUIx70MlbONDgCYk3HDGl30tH4QU2Cf/i52ayJkwn4MDIvHM6phflHAoxdOd1PJ6yvNMf0JBxYFMjNDhfS+vQ0WwdwaQo/hhOxFwR6xxw==
REDIS_PORT: AgBkak0jNU2DYiysYWiUzNCRUTRxqSBizXIp+is1pUfYOP2Hnu6henEDA+Ggl6G2VSAAz6Z/wOh+CYYrfoEghr1VBcLrjYmKqsIlOZNujK6ZZ0Rw5iYgZvZla901O2zB+QVEASv3/Qz/k2VRwe2uqomliCs23JK8s3LwoNWWikrryjY9UTl656FeFKit//dRocdET+xsCrWcUBLgzcjo2Q/fN91zS6/HIuS3HNR7fEzfuNzGEqg8CgiN0Jp10HNM11lX9OBBSOPEzQMl5LxruPHYi2oq6xEXJ2cloHSUlq7s0ekCsFV8UOlEQigEx/Z4n1xbKRWcbEpAgNMSrEBbZAYUzht+6ApCBwSbOa15GqCjX7yxpvi0S6mxg1MfqUVH9ZRusCjVJNZCw6fak/nXIYqcpgnxN61SFqVZfNp5gB/l+rUVT/aVa4FD8iG1AgEnlZkIN8FswPXpcrA0blKpNUhfU0SB2w+mUYvoaheE2X6prYVmtVIyp26R/P8p/Jx72lvZMavrC299tcQp0lXgCrIKb4p358lIUiTzISzA5cWGmj1C4ZTY+IzvnOqtCvlVCbXuMp5Ei9wW9B5DD7EqI06JYIgTCl/vnY3DcLGVC7B5aI5e87WqJFxAIIRRW1NEujaENAb+xokZbKnAV/cZfAMl3YgmxxkqEHCGQM45d7t9pziPuhczzjTsF8Lld2P8xsh1EkkQ
SECRET_KEY_BASE: AgCnrVN8zn4OnEvgs/5v9ymZpQPInfRzpnTCSSqzV4SJfw8Wnhm+Pwl8rSbQmSoHj36EADnas07u/5sXPHnzsbxyXx8KCM2rRdsRMVrn1iEs/sF0VRvjQ86bNMXiuM09tfsVVcH4yL3nqv+x8h+FsFizigflQ34paYXSdp5zzYO5oxJNdHaUL4scD7cE3E/Mcu1ZvxiZfliGWBCgWhipssYnmVnV1b5au7yjp2Js3TxW8RnGndByn8JtLGt2jrWc577F4j/KTiizhZ7x4Kn7TnQw4c6U/WBl149Z6ENyrhy+IwDH1g+YbOnQMsgr4P5hl2Q4+swWVNwb5jU7rNFxLetgQuhExpNvcmOju6cttTWZqLddOstMpr6INaOIpQYuTdEUAOjdXj9eXwiWrfyFtgJXLx16V9LAijMPPkWCYQu6/gY+GPuCaxi74HQCKpKQ5WSmc0/RDQAKz9ttWRRDx6Afl9ov2fDvYJG29LjLq+8ko+0oVCj7xV0uBFpyPqvApGHeA75080YyhcJPH8w3LKFS2gqlOh3ve3oSK5d91MUPZPJKymA3wrCa2Q+0rc8BYKor7jFkZy8kfSeS9u7mpRK4XR8VbNKEAE4FYT0mh/q3T+6tMM/0r7TJBCPBOpmu1OKROmi92G2BFKQEgvMCUDUHDyA/J3MwjxjS3egp6rWFLU62WLudpX183xtmW39RLHrcPJxJjkxoUfpnA43O2JkbqH9evybN7MbKWMSSxhDlVA==
SMTP_FROM_ADDRESS: AgBG1HDftpjE7c5LZnCAVwp+4r3dp5flpYK6evg1udggbBbk59C0NFBF3C7QBILzRhQz0VCavn5XgneZaygsYApFWkkwylsG7fc3hSus4Gt+3RG/Z1XJZx5ur0fzb27Y4utZf7yhn8tosvlmrGDQ3/2LkXC2S9fxCBrosF69ATqC+w5NgdNpr7OVm1BT6VIQIscdStNrjBc+5QA+PeMn//PEafqviZ580XLMVziHna3bZgnlO7oR9hbC2PhnNFtFKUH2c7TCx8EfrEnsKgYbFEjGGheLDqqVELpt0a2jcnLE33aeWn2qgjNKXwbVB8f/3ne2dIEPh3QLux3Kd2LzmeVP8rSLZ/CYir/nDwSG8osxELL2PwXx44NKj0fDzxQ+6gxJpbbz/Q79QUdE+20jRRHqVkLxUkzFunrbpFtdwnS15QzfaDIsY7tBTQYTO7ziT95sW/ZXOX390FwBIP8QPA8ImxpQ9/SCdaSD45DzGljgKuKwqjl9x03IDe4ApLmODYW12BgQT5fCweZLAw/niKI77bfjXWMUsj0uWojasOpUTsCaQMi4KAM/hEBzuzSNg9Kgup2gWdyrd0EFXg7gC/ioECH2IEO0dvybU+Mg6KixJleKJIPEe3bbL/b3n0MLOBYgK5KRtWE55km0E/X4ZipEqwhMn5+95AhepjB4viAhWpTZ6sviPbTvWIh3M/cmrWGw8byYCT+XBd0KSHNXQduVTAiEdBo4O/V8cw8uN2U=
SMTP_LOGIN: AgAXrOTanJPxa+FXard7uXCB8WImMhSht1SbFnUfQ8P/QLcBEuPqFh1UAqapzaLRM6YgZLv5ZM9jsCMPIue6QXry2JZL/+qn5z4nw2HurI2CyGhEusK8EM6u5isBzXlUspvjL8Yp89zMbUuHBgzln7xzSDgll8tK3rvtRpHUYvkqQOrzFaSlmG5c+d0uJamKiGy9+ztLV0Fuxq9OEfjKJ/Id1TQA2jNuLjsC9rnHDXfODTDnYWskNMuzxRTOATU7HpI94tLDHXwYd2e9W8hOFV6/bOMDfHRxfRfHTguVDQKVmi5h9mPlp9wjD6VaoLlUrOawjDbpgXhL83jKlO8IV/HLZaSFpSe4X5Whs2tvjVspO9w50bwWyVoJPkrHnRMjn95ITqSIoyovynuFjyzELBXaiOPLNr12DFTTYDvlnvBKDGlgUpqs275pGMKddHbcVE59ST4Z/kl5Cyfoit1BjDYGe7sftAaAPtlwkC0l+1UhOblqKINrdcDXS/jsUePVVFRoNPYXqtCe2MlXG6zwhRDYwiHdkoUu5UpC+s0BsbobBKH9pU0wT/rZ8egxXARMh8DQ4lh0bNk/G0QE9T8jylL2aJSlEs/gUW54z/ovRwKludcXiqmVOZ3jnfcLB5i3typ9F+hJ5ZF+iKlbiP14++jVfsjOQ08TLeDfOlDk+nhBL1EBO6kEIK0e7y70aCtqwg/5dMSwe+Q=
SMTP_PASSWORD: AgCocp+me+sFU5MSv3cVLnBQOEy885j+oamI6c1o278qncuc9jNA5FU4aHD0OMRJoHqyWkIAut+rcZSVEpasak7nAIOYRMMtXSDpEOcoCfaHONtVA4dY8aTP1ckfYS+Mn2NZ+7KNHgIKdESf6TOIcxgnL7lcCmLP6gLFgWqpWE5v/48X8TFpCr01XABkxz/ccQG3EU26Es633tPDU5gFySNmkhao2EVNyDkMTjWPgD5cHUlPgP6UDcqO/4R4BzdDDpUsqhyueGnZHweNcgtR82oY4fL9UYG29mwRyschlI/Vs78GiVP/fDUfyo1k3fc0qwt3BM2RDjyD9bvGfzWj9dAS8xS/+FPT87+eSrPXz5kXS3hg0dNM8OFhAdj5+LBXYj/O6z4o8tcktgTBC8EL00CvCDCfi2cFIw+pLYDWsM2aWpkws6QHnQeszUbDvxuDzvyDXPGFd3fHCozOvPSFC6xczSypv7FohUiuwJKhP9xDZkEK4+k670XrYaDkdW754gxxtJM7dcsUWHZ0q0OiR+gCrictuA24KhOyUInYT4gSxnuHRzx7RVHHyU1HGpOMLQa+lawHbLiCpPt8IV+Q7MSmZrelvy3u6SdVlUGh1Fx+nvIQl2oOVU6UOSXZEeSOI8/iNmKn43Xqu3lm2iEmiWJtmmrCofTuWaXKeGBs4uzQz9IyQ/y/1M4ANR/pYtMZXWLKXlYIVkGGC8yejgDuHyYvbeK2UwoXQyNf9BMANSWVmKOK+0qu1vthIOjGCThctTOgdtQCIouaHJSlhq79gjOvZnekjp0=
SMTP_PORT: AgCDfTFY0C3NRfP4sasLGJoVyUyiReuSHKDn3/w8auIGS+D+0A7msaVTjP1zMA1DxYo1ZMd/0OmBB7JJlSqNJP9NKaIBWYRV4h7897JbKvPuzcixGtcF/pUKsfuao2awOwVHB7ukTDNr1jGFQFcs5ixLGvVb/wCMlR1onak0Swq5oNrWQJjMQSprTcs9iWB4NyGt2zONlhCoE5gYqXY3Md4ERlhk82OXIGhz02hGQTQ8HR6U8P25IjQ5R/NuoKmjE/NMNOAtPmZTaA67FcmuzbJKZUch+Kweqig7FTi7pQV9thXdC/aLXhVcKc5GGUiABz2pRXV2BCefGa2IgvcN+on2aRzuM3SASTC0eBFv0K/HiqL4vB2z5/WKxSvEyARny8cqPZGQ/ZmA5lp90Nei2NYUTP5xjkyV9PhpuWu0g7vjeaZNm/jM+fEaZ3wgWrw3iMsE854G1EX7PzbAoejVtK7T27TQbjxPbfgUiqB2mOW5clOnq6Nush+mLN+gKdsajuWeK8qM+UsBzPH1jpVt0Rgdb4Zr+C9zjIG1w6aTq9NfLrlhsd9iepYaKjfWgX+oyaQMk2Hn3DBT47kZsQArzBeFQVePhcS9T7F0SvL2LfBWuiGAmMvvljUATNryO4fp/6YPVeigFDEZ1Eoob2Es/uhxWiZ+6mKP85UbgcndBQnGo3kOgsBhKzxFgsVKmtFPDY+D6Vg=
SMTP_SERVER: AgBxNbDvUQFy3JSKFFC8F/A40UUQFrxchsOR5zpFeD7NQ7BG/IY+imJX0wO/cp+0P/6yHE85Abm24iNPM1CdgaVCaay3OJer2K1aps6Jv3KeQ2dE0bQdQ1FzQEpQsvThsljn+VBJKl774DVvwipk2cWlDDJn2PkMpvNa0muilcBFKv/HSx6/NZkCd1ZdrwCO3wgkzddvPevfnsXqSdLC+i9PlB9Ss2b/XBviCeYrKhI0D+M0sPIZKHlou9WHP7/vz9T8/X6188eZEDijEsTxxDPZr6Sq1P9S56GIzCb1A1aOsKfnvcXrvMZiPz5WpSS+2BzWTN8QWbno+FMhwV8xm0AfwQ0sLeOiV5DAs9CReWpHbr6EEucKdFDBM04FzUzWFfqxNu+4C2ahDUt1JW0HwyfWWD9t5ObfH6UbJY4iIbDUbG6pnyndzQyvdrXh3yU9ZTwbub45SAwYiPIwdw2KI8hBWs+Gj8ThR4fzNSLtiRdJRfoVuuIXjemFUV0N6pr0l4EE3jMp7X9VGmNf0rK7d7+cuBS6EoRaz9TwR1sWjOs3QswMJEPJsIVPOlxVMvZ78fnbvWT84HTyAYw+dYvjxszt6IUh1YZHW3K73eeu9t4Aa5X0qvLUpleaxWl7HNLK5i12/hUOV9t6VSx52JnzCtEOAnLg0Vhcf+Aoj4M3yC7WRSEFySHoG9DnTH51q1YYmKoG9Uk9FmCguCjMkuTWfDK47w==
template:
data: null
metadata:
creationTimestamp: null
name: secret-mastodon
namespace: mastodon
type: Opaque

View File

@ -0,0 +1,17 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
creationTimestamp: null
name: smb-secret
namespace: mastodon
spec:
encryptedData:
password: AgBZSPIydfdGcXrQAOaLR7TfVaKz31G7/SSPQJAbM3mojZS43HqyFlqb3+J0MHdRsf9tSCAm8fORzl1fxXOE41GhfeBHK2spGiS+Vi46oviMiPflkypR2Vj4S6CL3BnH731DzqtnvlvvHwzOy7DeF5Ol28XrwuUVJRd4YYN29y5Tb7aKjLyGCCNFlPAb5jJaCJI4kiRmpU/Bv/De1AZE+kUu1Bcb+fdkRBNSsjK1iWcn7orE16SkLVdonZdY+p7VBhrtK1p5reKe71YE6zDPuQQSvholTsT8puq9tBff8ceCsllYIW7K2nMpO8bgtSV5PN6Lh85UEEExDuCuJ8+5DBtV+46bGUdKcIS1M1VvlhC4eGgOv/dswp3DMRtqU6hWoPdU+ed6lCSF9e+3HguAKEj+dq+ZO7Zi6IDHOyGqtNrXh17LuCUTeJKuFkdTdGQTgVW+4qv8l5Zig8h/iOleeqq4EqSYr57lJ000OKVSNSblo2DscVcC+yQuVezBD4RSZrjBl3B2QHkjq4mQjjEYmSN1QWNOb58rWZ23qV86TXaw5ndT2Wg5eIJzDD904dIoMtqXkCnCRaZo1yOc+7n5hdjZzl70JcB6YXEA+nwpv54ax9BLsWkh8N81n2CNPwdLU/agD4hHeo0Sh+woMx8rA9R1gLCvQ3V+RLNnnWZwn6YFvFJhyGfr5G4XJRlVrqhnjGx39MfVd+ODHFwwcF4yTmi9
username: AgCa/tvefVNuiukzvdQpXbLfECL6bslEBg3pYVIDAh/jalNv/eTtihk/E/KSN0ZxJSpcn7GgFDSoL28p+xM1AMiaWus1iuEj7kXVJrqtIpj3AQ5xqjT/d+0YYdz6hsvNNyW3tPzWFJ0Kg9wyxCaxvJGDbblWnvpzjRFfuapruKUzyeuhsnUDZkI+KA+k4cNY3TROt7G+eDus3edkd/hUYwr+XH23+dCb8qXN8vD7rAZFgBP7QBT48nDzWLWSLRLFsgS9KuqmlQCfGnE5BCYRVPtc0DACrOaPjvyeQJMmdZEbIMwlUBXOrx/faAgV+40uSw/4fhNIv0WxJ3cpC3n/PwkrBBHOR5nAkLBgIOvPzTcLEasQ27wOkvhXnRnfROGub35bHZ0amMb4ciaSOTCdIQNDI6IBoLlbauRKZZIbUshk8LqQIYOr/fVg5s9xUf2K3WLVjLtiiLIO9Zv999PO3ZUcjXov+btFjQximbkUXBWloaVJnp4dsw6RKh3D9c5K6wwldPTyDSu5etfC+QJuemeAVLfX2mlE+zI7K/9U7ZJZzcSbUdAObiR9lH4pG+to8x8g+6XTJPOxTctDfmK8ItHTHECRH+cTiMQPCVw/lN3zJHrZ74rch3Gneq5pf89evYEH3oF+gd4ey5V5yUjPx1v9+rtGi4gz4AleT2af49xBasRcCJ8RYI+HHqFuEaB+JAcvUeBRWWs=
template:
data: null
metadata:
creationTimestamp: null
name: smb-secret
namespace: mastodon
type: mount/smb

View File

@ -0,0 +1,21 @@
apiVersion: v1
kind: Service
metadata:
name: mastodon
namespace: mastodon
spec:
ports:
- protocol: TCP
name: web
port: 3000
- protocol: TCP
name: api
port: 4000
- protocol: TCP
name: db
port: 5432
- protocol: TCP
name: redis
port: 6379
selector:
app: mastodon

View File

@ -1,225 +0,0 @@
apiVersion: v1
kind: Service
metadata:
name: mastodon
spec:
ports:
- protocol: TCP
name: web
port: 3000
- protocol: TCP
name: api
port: 4000
- protocol: TCP
name: db
port: 5432
- protocol: TCP
name: redis
port: 6379
selector:
app: mastodon
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mastodon
labels:
app: mastodon
spec:
replicas: 1
selector:
matchLabels:
app: mastodon
template:
metadata:
labels:
app: mastodon
spec:
containers:
- name: web
image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon
args:
- bash
- -c
- 'rm -f /mastodon/tmp/pids/server.pid; bundle exec rails db:migrate; bundle exec rails s -p 3000'
envFrom:
- configMapRef:
name: configmap-mastodon
ports:
- name: web
containerPort: 3000
volumeMounts:
- mountPath: /mastodon/public/system
name: flexvolsmb-mastodon-system
- name: api
image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon
args:
- node
- ./streaming
envFrom:
- configMapRef:
name: configmap-mastodon
ports:
- name: api
containerPort: 4000
- name: backend
image: bv11-cr01.bessems.eu/proxy/tootsuite/mastodon
args:
- bundle
- exec
- sidekiq
envFrom:
- configMapRef:
name: configmap-mastodon
volumeMounts:
- mountPath: /mastodon/public/system
name: flexvolsmb-mastodon-system
- name: postgres
image: bv11-cr01.bessems.eu/proxy/library/postgres:14-alpine
env:
- name: POSTGRES_USER
value: mastodon
- name: POSTGRES_PASSWORD
value: mastodon
- name: POSTGRES_DB
value: mastodon
ports:
- name: db
containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: flexvolsmb-mastodon-db
- name: redis
image: bv11-cr01.bessems.eu/proxy/library/redis:alpine
# args:
# - redis-server
# - --requirepass mastodon
# - --appendonly yes
ports:
- name: redis
containerPort: 6379
volumeMounts:
- name: flexvolsmb-mastodon-redis
mountPath: /data
volumes:
- name: flexvolsmb-mastodon-system
persistentVolumeClaim:
claimName: flexvolsmb-mastodon-system
- name: flexvolsmb-mastodon-db
persistentVolumeClaim:
claimName: flexvolsmb-mastodon-db
- name: flexvolsmb-mastodon-redis
persistentVolumeClaim:
claimName: flexvolsmb-mastodon-redis
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
name: mastodon
spec:
entryPoints:
- websecure
routes:
- match: Host(`st.itch.fyi`)
kind: Rule
services:
- name: mastodon
port: 3000
middlewares:
- name: security-headers@file
- name: compression@file
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-mastodon-db
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-db
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0600,dir_mode=0700,uid=70,gid=70,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/mastodon/db
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-mastodon-db
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-db
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-mastodon-redis
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-redis
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0700,dir_mode=0700,uid=999,gid=1000,iocharset=utf8,nobrl
server: 192.168.11.225
share: /K3s.Volumes/mastodon/redis
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-mastodon-redis
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-redis
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: flexvolsmb-mastodon-system
spec:
capacity:
storage: 1Gi
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-system
flexVolume:
driver: mount/smb
secretRef:
name: smb-secret
options:
opts: domain=bessems.eu,file_mode=0755,dir_mode=0755,uid=991,gid=991,iocharset=utf8
server: 192.168.11.225
share: /K3s.Volumes/mastodon/system
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: flexvolsmb-mastodon-system
namespace: default
spec:
accessModes:
- ReadWriteMany
storageClassName: flexvolsmb-mastodon-system
resources:
requests:
storage: 1Gi