fediblockhole-misskey/chart/values.yaml

143 lines
5.3 KiB
YAML
Raw Normal View History

2023-01-22 00:09:08 +00:00
image:
repository: ghcr.io/cunningpike/fediblockhole
2023-01-22 03:02:14 +00:00
# https://github.com/cunningpike/fediblockhole/pkgs/container/fediblockhole/versions
2023-01-22 00:09:08 +00:00
#
# alternatively, use `latest` for the latest release or `edge` for the image
# built from the most recent commit
#
# tag: latest
tag: ""
# use `Always` when using `latest` tag
pullPolicy: IfNotPresent
fediblockhole:
2023-01-22 00:18:24 +00:00
# location of the configuration file. Default is /etc/default/fediblockhole.conf.toml
2023-01-22 00:31:38 +00:00
conf_file:
path: ""
filename: ""
2023-01-22 00:09:08 +00:00
cron:
2023-01-22 00:18:24 +00:00
# -- run `fediblock-sync` every hour
2023-01-22 00:09:08 +00:00
sync:
# @ignored
enabled: false
# @ignored
schedule: "0 * * * *"
# these must be set manually; autogenerated keys are rotated on each upgrade
secrets:
secret_key_base: ""
otp_secret: ""
vapid:
private_key: ""
public_key: ""
# -- you can also specify the name of an existing Secret
# with keys SECRET_KEY_BASE and OTP_SECRET and
# VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY
existingSecret: ""
2023-01-22 00:57:48 +00:00
# List of instances to read blocklists from.
# If the instance makes its blocklist public, no authorization token is needed.
# Otherwise, `token` is a Bearer token authorised to read domain_blocks.
# If `admin` = True, use the more detailed admin API, which requires a token with a
# higher level of authorization.
# If `import_fields` are provided, only import these fields from the instance.
# Overrides the global `import_fields` setting.
blocklist_instance_sources: [
2023-01-22 03:53:10 +00:00
# { domain: 'public.blocklist'}, # an instance with a public list of domain_blocks
# { domain: 'jorts.horse', token = '<a_different_token>' }, # user accessible block list
# { domain: 'eigenmagic.net', token = '<a_token_with_read_auth>', admin = true }, # admin access required
2023-01-22 00:57:48 +00:00
]
# List of URLs to read csv blocklists from
# Format tells the parser which format to use when parsing the blocklist
# max_severity tells the parser to override any severities that are higher than this value
# import_fields tells the parser to only import that set of fields from a specific source
blocklist_url_sources: [
2023-01-22 03:53:10 +00:00
# { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' },
{ url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' },
2023-01-22 00:57:48 +00:00
]
## These global allowlists override blocks from blocklists
# These are the same format and structure as blocklists, but they take precedence
allowlist_url_sources: [
2023-01-22 03:53:10 +00:00
{ url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' },
{ url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' },
2023-01-22 00:57:48 +00:00
]
# List of instances to write blocklist to
blocklist_instance_destinations: [
2023-01-22 03:53:10 +00:00
# { domain: 'eigenmagic.net', token = '<read_write_token>', max_followed_severity = 'silence'},
2023-01-22 00:57:48 +00:00
]
## Store a local copy of the remote blocklists after we fetch them
2023-01-22 03:53:10 +00:00
#save_intermediate: true
2023-01-22 00:57:48 +00:00
## Directory to store the local blocklist copies
2023-01-22 03:53:10 +00:00
# savedir: '/tmp'
2023-01-22 00:57:48 +00:00
## File to save the fully merged blocklist into
2023-01-22 03:53:10 +00:00
# blocklist_savefile: '/tmp/merged_blocklist.csv'
2023-01-22 00:57:48 +00:00
## Don't push blocklist to instances, even if they're defined above
2023-01-22 03:53:10 +00:00
# no_push_instance: false
2023-01-22 00:57:48 +00:00
## Don't fetch blocklists from URLs, even if they're defined above
2023-01-22 03:53:10 +00:00
# no_fetch_url: false
2023-01-22 00:57:48 +00:00
## Don't fetch blocklists from instances, even if they're defined above
2023-01-22 03:53:10 +00:00
# no_fetch_instance: false
2023-01-22 00:57:48 +00:00
## Set the mergeplan to use when dealing with overlaps between blocklists
# The default 'max' mergeplan will use the harshest severity block found for a domain.
# The 'min' mergeplan will use the lightest severity block found for a domain.
2023-01-22 03:53:10 +00:00
# mergeplan: 'max'
2023-01-22 00:57:48 +00:00
## Set which fields we import
## 'domain' and 'severity' are always imported, these are additional
##
2023-01-22 03:41:01 +00:00
import_fields: ['public_comment', 'reject_media', 'reject_reports', 'obfuscate']
2023-01-22 00:57:48 +00:00
## Set which fields we export
## 'domain' and 'severity' are always exported, these are additional
##
2023-01-22 03:41:01 +00:00
export_fields: ['public_comment']
2023-01-22 00:57:48 +00:00
2023-01-22 00:09:08 +00:00
# if you manually change the UID/GID environment variables, ensure these values
# match:
podSecurityContext:
runAsUser: 991
runAsGroup: 991
fsGroup: 991
# @ignored
securityContext: {}
# -- Kubernetes manages pods for jobs and pods for deployments differently, so you might
# need to apply different annotations to the two different sets of pods. The annotations
# set with podAnnotations will be added to all deployment-managed pods.
podAnnotations: {}
# -- The annotations set with jobAnnotations will be added to all job pods.
jobAnnotations: {}
# -- Default resources for all Deployments and jobs unless overwritten
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# @ignored
nodeSelector: {}
# @ignored
tolerations: []
# -- Affinity for all pods unless overwritten
affinity: {}