Skip to content

Mastodon image compatible with OpenShift and APPUiO Cloud

Notifications You must be signed in to change notification settings

appuio/mastodon-openshift

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Mastodon Image for OpenShift

This repository contains a Dockerfile which modifies the upstream image to be compatible with OpenShift. As usual, it's a file permission thingy.

Read more here about why this is needed on OpenShift.

Get the image on ghcr.io.

Image Maintenance

The image is automatically rebuilt once a new upstream Mastodon image gets available. Thanks to renovate.json and the GitHub Action pipeline.

Helm Values

Here is an example for the upstream Chart which works on OpenShift. It's neither optimized nor perfect, but it works:

replicaCount: 1

image:
  repository: ghcr.io/appuio/mastodon-openshift/mastodon
  tag: v4.0.2
  pullPolicy: IfNotPresent

mastodon:
  createAdmin:
    enabled: true
    username: theadmin
    email: admin@mastodon.local
  local_domain: mastodon.local
  persistence:
    assets:
      accessMode: ReadWriteMany
      storageClassName: cephfs-fspool-cluster
      resources:
        requests:
          storage: 10Gi
    system:
      accessMode: ReadWriteMany
      storageClassName: cephfs-fspool-cluster
      resources:
        requests:
          storage: 10Gi
  secrets:
    secret_key_base: CHANGEME
    otp_secret: CHANGEME
    vapid:
      private_key: CHANGEME
      public_key: CHANGEME
  smtp:
    auth_method: plain
    delivery_method: smtp
    domain: mastodon.local
    enable_starttls: 'auto'
    from_address: notifications@mastodon.local
    openssl_verify_mode: peer
    port: 587
    reply_to: admin@mastodon.local
    server: CHANGEME
    tls: false
    login: CHANGEME
    password: CHANGEME

ingress:
  enabled: true
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-production
  hosts:
    - host: mastodon.local
      paths:
        - path: '/'
  tls:
    - secretName: ingress-tls
      hosts:
        - mastodon.local

podSecurityContext: null
securityContext: null

## Services
elasticsearch:
  enabled: false

postgresql:
  enabled: true
  auth:
    database: mastodon_production
    username: mastodon
    password: CHANGEME
  primary:
    podSecurityContext:
      enabled: false
    containerSecurityContext:
      enabled: false

redis:
  password: CHANGEME
  architecture: standalone
  master:
    persistence:
      size: "1Gi"
    podSecurityContext:
      enabled: false
    containerSecurityContext:
      enabled: false