feat(helm): add Temporal support and expand env coverage for v2.21.8
- Chart.yaml: bump to version 1.1.0, appVersion v2.21.8 - values.yaml: add temporal section (enabled/address/namespace/tls/apiKey/postgresql), expand env (~40 non-sensitive vars) and secrets (~60 sensitive vars) to match current Postiz documentation — covers all social providers, email SMTP, OAuth OIDC, AI/generation, analytics, MCP, payments, short-link services - postiz-config.yaml: inject TEMPORAL_ADDRESS (auto-computed or override), TEMPORAL_NAMESPACE and TEMPORAL_TLS when temporal.enabled or address is set - temporal-deployment.yaml: temporalio/auto-setup:1.28.1, postgres12 backend, ES disabled, dynamicconfig volume mount, liveness/readiness probes - temporal-service.yaml: ClusterIP on port 7233 (gRPC) - temporal-dynamicconfig.yaml: ConfigMap with development-sql.yaml content - temporal-init-job.yaml: post-install/upgrade Job that creates the temporal PostgreSQL user via the postgres superuser before Temporal starts - temporal-secret.yaml: Secret for temporal PostgreSQL credentials - NOTES.txt: post-install guidance, search-attribute creation reminder, multi-replica/local-storage warning, backup reminder Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+206
-19
@@ -26,11 +26,9 @@ service:
|
||||
additionalPorts: []
|
||||
|
||||
ingress:
|
||||
enabled: false # Disabled by default
|
||||
enabled: false
|
||||
className: ""
|
||||
annotations: {}
|
||||
# kubernetes.io/ingress.class: nginx
|
||||
# kubernetes.io/tls-acme: "true"
|
||||
hosts:
|
||||
- host: chart-example.local
|
||||
paths:
|
||||
@@ -38,9 +36,6 @@ ingress:
|
||||
pathType: Prefix
|
||||
port: 80
|
||||
tls: []
|
||||
# - secretName: chart-example-tls
|
||||
# hosts:
|
||||
# - chart-example.local
|
||||
extraRules: []
|
||||
|
||||
resources: {}
|
||||
@@ -62,18 +57,22 @@ tolerations: []
|
||||
|
||||
affinity: {}
|
||||
|
||||
# PostgreSQL configuration
|
||||
# PostgreSQL configuration (Bitnami sub-chart)
|
||||
postgresql:
|
||||
enabled: true
|
||||
auth:
|
||||
username: postiz
|
||||
password: postiz-password
|
||||
database: postiz
|
||||
# postgresPassword is used by the temporal init job to create the temporal user.
|
||||
# Set this explicitly; if left empty, Bitnami generates a random password
|
||||
# that the init job cannot retrieve.
|
||||
postgresPassword: postgres-admin-password
|
||||
service:
|
||||
ports:
|
||||
postgresql: 5432
|
||||
|
||||
# Redis configuration
|
||||
# Redis configuration (Bitnami sub-chart)
|
||||
redis:
|
||||
enabled: true
|
||||
auth:
|
||||
@@ -83,21 +82,134 @@ redis:
|
||||
ports:
|
||||
redis: 6379
|
||||
|
||||
# Environment variables
|
||||
# Temporal workflow orchestration (required since Postiz v2.12.0)
|
||||
# temporal.enabled=true → deploys Temporal alongside Postiz using the postgresql sub-chart
|
||||
# temporal.enabled=false → Temporal must be deployed separately; set temporal.address
|
||||
temporal:
|
||||
enabled: true
|
||||
# address: override auto-computed service address (<release>-temporal:7233)
|
||||
address: ""
|
||||
namespace: "default"
|
||||
tls: false
|
||||
# apiKey: only required for Temporal Cloud; leave empty for self-hosted
|
||||
apiKey: ""
|
||||
image:
|
||||
repository: temporalio/auto-setup
|
||||
tag: "1.28.1"
|
||||
pullPolicy: IfNotPresent
|
||||
postgresql:
|
||||
# Credentials for the temporal user created in the shared PostgreSQL instance.
|
||||
# The init job creates this user via the postgres superuser before Temporal starts.
|
||||
user: temporal
|
||||
password: "temporal-password"
|
||||
# seeds: PostgreSQL hostname. Defaults to the Bitnami postgresql sub-chart service.
|
||||
seeds: ""
|
||||
|
||||
# Non-sensitive environment variables (injected via ConfigMap)
|
||||
env:
|
||||
# === Required ===
|
||||
FRONTEND_URL: "http://localhost:4200"
|
||||
NEXT_PUBLIC_BACKEND_URL: "http://localhost:3000"
|
||||
BACKEND_INTERNAL_URL: "http://backend:3000"
|
||||
BACKEND_INTERNAL_URL: "http://localhost:3000"
|
||||
|
||||
# === Application behaviour ===
|
||||
IS_GENERAL: "true"
|
||||
NX_ADD_PLUGINS: "false"
|
||||
MAIN_URL: ""
|
||||
DISABLE_REGISTRATION: "false"
|
||||
RUN_CRON: ""
|
||||
API_LIMIT: "90"
|
||||
RESTRICT_UPLOAD_DOMAINS: ""
|
||||
DISALLOW_PLUS: ""
|
||||
DISABLE_IMAGE_COMPRESSION: "false"
|
||||
MOBILE_APP_SCHEME: ""
|
||||
NOT_SECURED: "false"
|
||||
|
||||
# === Storage ===
|
||||
STORAGE_PROVIDER: "local"
|
||||
UPLOAD_DIRECTORY: ""
|
||||
NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY: ""
|
||||
NX_ADD_PLUGINS: "false"
|
||||
IS_GENERAL: "true"
|
||||
CLOUDFLARE_REGION: "auto"
|
||||
|
||||
# Sensitive environment variables (to be stored in Secrets)
|
||||
# === Email ===
|
||||
EMAIL_PROVIDER: "resend"
|
||||
EMAIL_HOST: ""
|
||||
EMAIL_PORT: ""
|
||||
EMAIL_SECURE: "false"
|
||||
EMAIL_FROM_ADDRESS: ""
|
||||
EMAIL_FROM_NAME: ""
|
||||
|
||||
# === OAuth / OIDC sign-in ===
|
||||
POSTIZ_GENERIC_OAUTH: "false"
|
||||
POSTIZ_OAUTH_URL: ""
|
||||
POSTIZ_OAUTH_AUTH_URL: ""
|
||||
POSTIZ_OAUTH_TOKEN_URL: ""
|
||||
POSTIZ_OAUTH_USERINFO_URL: ""
|
||||
POSTIZ_OAUTH_SCOPE: "openid profile email"
|
||||
NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME: ""
|
||||
NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL: ""
|
||||
|
||||
# === Social providers — non-sensitive settings ===
|
||||
X_URL: ""
|
||||
DISABLE_X_ANALYTICS: ""
|
||||
STRIP_LINKS_FROM_X_POSTS: ""
|
||||
MASTODON_URL: "https://mastodon.social"
|
||||
NEYNAR_LOGIN_URL: ""
|
||||
MEWE_HOST: ""
|
||||
|
||||
# === MCP / Agent ===
|
||||
MCP_URL: ""
|
||||
BACKEND_URL: ""
|
||||
|
||||
# === Payments ===
|
||||
FEE_AMOUNT: "0.05"
|
||||
|
||||
# === Analytics & tracking (frontend) ===
|
||||
NEXT_PUBLIC_SENTRY_DSN: ""
|
||||
NEXT_PUBLIC_GTM_ID: ""
|
||||
NEXT_PUBLIC_FACEBOOK_PIXEL: ""
|
||||
NEXT_PUBLIC_POSTHOG_HOST: ""
|
||||
NEXT_PUBLIC_POSTHOG_KEY: ""
|
||||
SENTRY_ORG: ""
|
||||
SENTRY_PROJECT: ""
|
||||
SENTRY_SPOTLIGHT: "false"
|
||||
|
||||
# === Misc frontend ===
|
||||
NEXT_PUBLIC_DISCORD_SUPPORT: ""
|
||||
NEXT_PUBLIC_POLOTNO: ""
|
||||
NEXT_PUBLIC_VERSION: ""
|
||||
NEXT_PUBLIC_APP_VERSION: ""
|
||||
NEXT_PUBLIC_OVERRIDE_BACKEND_URL: ""
|
||||
|
||||
# === Runtime ===
|
||||
PORT: "3000"
|
||||
TZ: "UTC"
|
||||
NODE_ENV: "production"
|
||||
|
||||
# Sensitive environment variables (injected via Secret)
|
||||
secrets:
|
||||
# === Required ===
|
||||
DATABASE_URL: ""
|
||||
REDIS_URL: ""
|
||||
JWT_SECRET: ""
|
||||
|
||||
# === Storage — Cloudflare R2 ===
|
||||
CLOUDFLARE_ACCOUNT_ID: ""
|
||||
CLOUDFLARE_ACCESS_KEY: ""
|
||||
CLOUDFLARE_SECRET_ACCESS_KEY: ""
|
||||
CLOUDFLARE_BUCKETNAME: ""
|
||||
CLOUDFLARE_BUCKET_URL: ""
|
||||
|
||||
# === Email ===
|
||||
RESEND_API_KEY: ""
|
||||
EMAIL_USER: ""
|
||||
EMAIL_PASS: ""
|
||||
|
||||
# === OAuth / OIDC sign-in ===
|
||||
POSTIZ_OAUTH_CLIENT_ID: ""
|
||||
POSTIZ_OAUTH_CLIENT_SECRET: ""
|
||||
|
||||
# === Social providers ===
|
||||
X_API_KEY: ""
|
||||
X_API_SECRET: ""
|
||||
LINKEDIN_CLIENT_ID: ""
|
||||
@@ -106,9 +218,84 @@ secrets:
|
||||
REDDIT_CLIENT_SECRET: ""
|
||||
GITHUB_CLIENT_ID: ""
|
||||
GITHUB_CLIENT_SECRET: ""
|
||||
RESEND_API_KEY: ""
|
||||
CLOUDFLARE_ACCOUNT_ID: ""
|
||||
CLOUDFLARE_ACCESS_KEY: ""
|
||||
CLOUDFLARE_SECRET_ACCESS_KEY: ""
|
||||
CLOUDFLARE_BUCKETNAME: ""
|
||||
CLOUDFLARE_BUCKET_URL: ""
|
||||
FACEBOOK_APP_ID: ""
|
||||
FACEBOOK_APP_SECRET: ""
|
||||
INSTAGRAM_APP_ID: ""
|
||||
INSTAGRAM_APP_SECRET: ""
|
||||
THREADS_APP_ID: ""
|
||||
THREADS_APP_SECRET: ""
|
||||
YOUTUBE_CLIENT_ID: ""
|
||||
YOUTUBE_CLIENT_SECRET: ""
|
||||
GOOGLE_GMB_CLIENT_ID: ""
|
||||
GOOGLE_GMB_CLIENT_SECRET: ""
|
||||
TIKTOK_CLIENT_ID: ""
|
||||
TIKTOK_CLIENT_SECRET: ""
|
||||
PINTEREST_CLIENT_ID: ""
|
||||
PINTEREST_CLIENT_SECRET: ""
|
||||
DRIBBBLE_CLIENT_ID: ""
|
||||
DRIBBBLE_CLIENT_SECRET: ""
|
||||
DISCORD_CLIENT_ID: ""
|
||||
DISCORD_CLIENT_SECRET: ""
|
||||
DISCORD_BOT_TOKEN_ID: ""
|
||||
SLACK_ID: ""
|
||||
SLACK_SECRET: ""
|
||||
SLACK_SIGNING_SECRET: ""
|
||||
TELEGRAM_TOKEN: ""
|
||||
TELEGRAM_BOT_NAME: ""
|
||||
MASTODON_CLIENT_ID: ""
|
||||
MASTODON_CLIENT_SECRET: ""
|
||||
NEYNAR_CLIENT_ID: ""
|
||||
NEYNAR_SECRET_KEY: ""
|
||||
MEWE_APP_ID: ""
|
||||
MEWE_API_KEY: ""
|
||||
TWITCH_CLIENT_ID: ""
|
||||
TWITCH_CLIENT_SECRET: ""
|
||||
KICK_CLIENT_ID: ""
|
||||
KICK_SECRET: ""
|
||||
VK_ID: ""
|
||||
WHOP_CLIENT_ID: ""
|
||||
BEEHIIVE_API_KEY: ""
|
||||
BEEHIIVE_PUBLICATION_ID: ""
|
||||
LISTMONK_DOMAIN: ""
|
||||
LISTMONK_USER: ""
|
||||
LISTMONK_API_KEY: ""
|
||||
LISTMONK_LIST_ID: ""
|
||||
LISTMONK_WELCOME_TEMPLATE_ID: ""
|
||||
EXTENSION_ID: ""
|
||||
|
||||
# === AI / Generation ===
|
||||
OPENAI_API_KEY: ""
|
||||
OPENAI_APP_CHALLANGE: ""
|
||||
ELEVENSLABS_API_KEY: ""
|
||||
FAL_KEY: ""
|
||||
TAVILY_API_KEY: ""
|
||||
KIEAI_API_KEY: ""
|
||||
TRANSLOADIT_AUTH: ""
|
||||
TRANSLOADIT_SECRET: ""
|
||||
TRANSLOADIT_TEMPLATE: ""
|
||||
|
||||
# === Payments ===
|
||||
STRIPE_PUBLISHABLE_KEY: ""
|
||||
STRIPE_SECRET_KEY: ""
|
||||
STRIPE_SIGNING_KEY: ""
|
||||
STRIPE_SIGNING_KEY_CONNECT: ""
|
||||
STRIPE_DISCOUNT_ID: ""
|
||||
NOWPAYMENTS_API_KEY: ""
|
||||
NOWPAYMENTS_AMOUNT: ""
|
||||
|
||||
# === Analytics secrets ===
|
||||
FACEBOOK_PIXEL_ACCESS_TOKEN: ""
|
||||
NEXT_PUBLIC_TRACKING_TRIAL: ""
|
||||
DATAFAST_API_KEY: ""
|
||||
DATAFAST_WEBSITE_ID: ""
|
||||
SENTRY_AUTH_TOKEN: ""
|
||||
|
||||
# === MCP / Agent ===
|
||||
AGENT_API_KEY: ""
|
||||
AGENT_MEDIA_SSO_KEY: ""
|
||||
|
||||
# === Short-link providers ===
|
||||
DUB_TOKEN: ""
|
||||
SHORT_IO_SECRET_KEY: ""
|
||||
KUTT_API_KEY: ""
|
||||
LINK_DRIP_API_KEY: ""
|
||||
|
||||
Reference in New Issue
Block a user