fediblockhole-misskey/chart/values.yaml

143 lines
5.3 KiB
YAML

image:
repository: ghcr.io/cunningpike/fediblockhole
# https://github.com/cunningpike/fediblockhole/pkgs/container/fediblockhole/versions
#
# alternatively, use `latest` for the latest release or `edge` for the image
# built from the most recent commit
#
# tag: latest
tag: ""
# use `Always` when using `latest` tag
pullPolicy: IfNotPresent
fediblockhole:
# location of the configuration file. Default is /etc/default/fediblockhole.conf.toml
conf_file:
path: ""
filename: ""
cron:
# -- run `fediblock-sync` every hour
sync:
# @ignored
enabled: false
# @ignored
schedule: "0 * * * *"
# these must be set manually; autogenerated keys are rotated on each upgrade
secrets:
secret_key_base: ""
otp_secret: ""
vapid:
private_key: ""
public_key: ""
# -- you can also specify the name of an existing Secret
# with keys SECRET_KEY_BASE and OTP_SECRET and
# VAPID_PRIVATE_KEY and VAPID_PUBLIC_KEY
existingSecret: ""
# List of instances to read blocklists from.
# If the instance makes its blocklist public, no authorization token is needed.
# Otherwise, `token` is a Bearer token authorised to read domain_blocks.
# If `admin` = True, use the more detailed admin API, which requires a token with a
# higher level of authorization.
# If `import_fields` are provided, only import these fields from the instance.
# Overrides the global `import_fields` setting.
blocklist_instance_sources: [
# { domain: 'public.blocklist'}, # an instance with a public list of domain_blocks
# { domain: 'jorts.horse', token = '<a_different_token>' }, # user accessible block list
# { domain: 'eigenmagic.net', token = '<a_token_with_read_auth>', admin = true }, # admin access required
]
# List of URLs to read csv blocklists from
# Format tells the parser which format to use when parsing the blocklist
# max_severity tells the parser to override any severities that are higher than this value
# import_fields tells the parser to only import that set of fields from a specific source
blocklist_url_sources: [
# { url: 'file:///path/to/fediblockhole/samples/demo-blocklist-01.csv', format = 'csv' },
{ url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-blocklist-01.csv', format = 'csv' },
]
## These global allowlists override blocks from blocklists
# These are the same format and structure as blocklists, but they take precedence
allowlist_url_sources: [
{ url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-01.csv', format = 'csv' },
{ url: 'https://raw.githubusercontent.com/eigenmagic/fediblockhole/main/samples/demo-allowlist-02.csv', format = 'csv' },
]
# List of instances to write blocklist to
blocklist_instance_destinations: [
# { domain: 'eigenmagic.net', token = '<read_write_token>', max_followed_severity = 'silence'},
]
## Store a local copy of the remote blocklists after we fetch them
#save_intermediate: true
## Directory to store the local blocklist copies
# savedir: '/tmp'
## File to save the fully merged blocklist into
# blocklist_savefile: '/tmp/merged_blocklist.csv'
## Don't push blocklist to instances, even if they're defined above
# no_push_instance: false
## Don't fetch blocklists from URLs, even if they're defined above
# no_fetch_url: false
## Don't fetch blocklists from instances, even if they're defined above
# no_fetch_instance: false
## Set the mergeplan to use when dealing with overlaps between blocklists
# The default 'max' mergeplan will use the harshest severity block found for a domain.
# The 'min' mergeplan will use the lightest severity block found for a domain.
# mergeplan: 'max'
## Set which fields we import
## 'domain' and 'severity' are always imported, these are additional
##
import_fields: ['public_comment', 'reject_media', 'reject_reports', 'obfuscate']
## Set which fields we export
## 'domain' and 'severity' are always exported, these are additional
##
export_fields: ['public_comment']
# if you manually change the UID/GID environment variables, ensure these values
# match:
podSecurityContext:
runAsUser: 991
runAsGroup: 991
fsGroup: 991
# @ignored
securityContext: {}
# -- Kubernetes manages pods for jobs and pods for deployments differently, so you might
# need to apply different annotations to the two different sets of pods. The annotations
# set with podAnnotations will be added to all deployment-managed pods.
podAnnotations: {}
# -- The annotations set with jobAnnotations will be added to all job pods.
jobAnnotations: {}
# -- Default resources for all Deployments and jobs unless overwritten
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
# @ignored
nodeSelector: {}
# @ignored
tolerations: []
# -- Affinity for all pods unless overwritten
affinity: {}