billisdead
fc931e4707
- Chart.yaml: bump to version 1.1.0, appVersion v2.21.8 - values.yaml: add temporal section (enabled/address/namespace/tls/apiKey/postgresql), expand env (~40 non-sensitive vars) and secrets (~60 sensitive vars) to match current Postiz documentation — covers all social providers, email SMTP, OAuth OIDC, AI/generation, analytics, MCP, payments, short-link services - postiz-config.yaml: inject TEMPORAL_ADDRESS (auto-computed or override), TEMPORAL_NAMESPACE and TEMPORAL_TLS when temporal.enabled or address is set - temporal-deployment.yaml: temporalio/auto-setup:1.28.1, postgres12 backend, ES disabled, dynamicconfig volume mount, liveness/readiness probes - temporal-service.yaml: ClusterIP on port 7233 (gRPC) - temporal-dynamicconfig.yaml: ConfigMap with development-sql.yaml content - temporal-init-job.yaml: post-install/upgrade Job that creates the temporal PostgreSQL user via the postgres superuser before Temporal starts - temporal-secret.yaml: Secret for temporal PostgreSQL credentials - NOTES.txt: post-install guidance, search-attribute creation reminder, multi-replica/local-storage warning, backup reminder Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
302 lines
6.7 KiB
YAML
302 lines
6.7 KiB
YAML
replicaCount: 1
|
|
|
|
image:
|
|
repository: ghcr.io/gitroomhq/postiz-app
|
|
pullPolicy: IfNotPresent
|
|
tag: "latest"
|
|
|
|
imagePullSecrets: []
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
serviceAccount:
|
|
create: true
|
|
annotations: {}
|
|
name: ""
|
|
|
|
podAnnotations: {}
|
|
|
|
podSecurityContext: {}
|
|
|
|
securityContext: {}
|
|
|
|
service:
|
|
type: ClusterIP
|
|
port: 80
|
|
additionalPorts: []
|
|
|
|
ingress:
|
|
enabled: false
|
|
className: ""
|
|
annotations: {}
|
|
hosts:
|
|
- host: chart-example.local
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
port: 80
|
|
tls: []
|
|
extraRules: []
|
|
|
|
resources: {}
|
|
|
|
extraContainers: []
|
|
|
|
extraVolumes: []
|
|
extraVolumeMounts: []
|
|
|
|
autoscaling:
|
|
enabled: false
|
|
minReplicas: 1
|
|
maxReplicas: 100
|
|
targetCPUUtilizationPercentage: 80
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
# PostgreSQL configuration (Bitnami sub-chart)
|
|
postgresql:
|
|
enabled: true
|
|
auth:
|
|
username: postiz
|
|
password: postiz-password
|
|
database: postiz
|
|
# postgresPassword is used by the temporal init job to create the temporal user.
|
|
# Set this explicitly; if left empty, Bitnami generates a random password
|
|
# that the init job cannot retrieve.
|
|
postgresPassword: postgres-admin-password
|
|
service:
|
|
ports:
|
|
postgresql: 5432
|
|
|
|
# Redis configuration (Bitnami sub-chart)
|
|
redis:
|
|
enabled: true
|
|
auth:
|
|
password: postiz-redis-password
|
|
master:
|
|
service:
|
|
ports:
|
|
redis: 6379
|
|
|
|
# Temporal workflow orchestration (required since Postiz v2.12.0)
|
|
# temporal.enabled=true → deploys Temporal alongside Postiz using the postgresql sub-chart
|
|
# temporal.enabled=false → Temporal must be deployed separately; set temporal.address
|
|
temporal:
|
|
enabled: true
|
|
# address: override auto-computed service address (<release>-temporal:7233)
|
|
address: ""
|
|
namespace: "default"
|
|
tls: false
|
|
# apiKey: only required for Temporal Cloud; leave empty for self-hosted
|
|
apiKey: ""
|
|
image:
|
|
repository: temporalio/auto-setup
|
|
tag: "1.28.1"
|
|
pullPolicy: IfNotPresent
|
|
postgresql:
|
|
# Credentials for the temporal user created in the shared PostgreSQL instance.
|
|
# The init job creates this user via the postgres superuser before Temporal starts.
|
|
user: temporal
|
|
password: "temporal-password"
|
|
# seeds: PostgreSQL hostname. Defaults to the Bitnami postgresql sub-chart service.
|
|
seeds: ""
|
|
|
|
# Non-sensitive environment variables (injected via ConfigMap)
|
|
env:
|
|
# === Required ===
|
|
FRONTEND_URL: "http://localhost:4200"
|
|
NEXT_PUBLIC_BACKEND_URL: "http://localhost:3000"
|
|
BACKEND_INTERNAL_URL: "http://localhost:3000"
|
|
|
|
# === Application behaviour ===
|
|
IS_GENERAL: "true"
|
|
NX_ADD_PLUGINS: "false"
|
|
MAIN_URL: ""
|
|
DISABLE_REGISTRATION: "false"
|
|
RUN_CRON: ""
|
|
API_LIMIT: "90"
|
|
RESTRICT_UPLOAD_DOMAINS: ""
|
|
DISALLOW_PLUS: ""
|
|
DISABLE_IMAGE_COMPRESSION: "false"
|
|
MOBILE_APP_SCHEME: ""
|
|
NOT_SECURED: "false"
|
|
|
|
# === Storage ===
|
|
STORAGE_PROVIDER: "local"
|
|
UPLOAD_DIRECTORY: ""
|
|
NEXT_PUBLIC_UPLOAD_STATIC_DIRECTORY: ""
|
|
CLOUDFLARE_REGION: "auto"
|
|
|
|
# === Email ===
|
|
EMAIL_PROVIDER: "resend"
|
|
EMAIL_HOST: ""
|
|
EMAIL_PORT: ""
|
|
EMAIL_SECURE: "false"
|
|
EMAIL_FROM_ADDRESS: ""
|
|
EMAIL_FROM_NAME: ""
|
|
|
|
# === OAuth / OIDC sign-in ===
|
|
POSTIZ_GENERIC_OAUTH: "false"
|
|
POSTIZ_OAUTH_URL: ""
|
|
POSTIZ_OAUTH_AUTH_URL: ""
|
|
POSTIZ_OAUTH_TOKEN_URL: ""
|
|
POSTIZ_OAUTH_USERINFO_URL: ""
|
|
POSTIZ_OAUTH_SCOPE: "openid profile email"
|
|
NEXT_PUBLIC_POSTIZ_OAUTH_DISPLAY_NAME: ""
|
|
NEXT_PUBLIC_POSTIZ_OAUTH_LOGO_URL: ""
|
|
|
|
# === Social providers — non-sensitive settings ===
|
|
X_URL: ""
|
|
DISABLE_X_ANALYTICS: ""
|
|
STRIP_LINKS_FROM_X_POSTS: ""
|
|
MASTODON_URL: "https://mastodon.social"
|
|
NEYNAR_LOGIN_URL: ""
|
|
MEWE_HOST: ""
|
|
|
|
# === MCP / Agent ===
|
|
MCP_URL: ""
|
|
BACKEND_URL: ""
|
|
|
|
# === Payments ===
|
|
FEE_AMOUNT: "0.05"
|
|
|
|
# === Analytics & tracking (frontend) ===
|
|
NEXT_PUBLIC_SENTRY_DSN: ""
|
|
NEXT_PUBLIC_GTM_ID: ""
|
|
NEXT_PUBLIC_FACEBOOK_PIXEL: ""
|
|
NEXT_PUBLIC_POSTHOG_HOST: ""
|
|
NEXT_PUBLIC_POSTHOG_KEY: ""
|
|
SENTRY_ORG: ""
|
|
SENTRY_PROJECT: ""
|
|
SENTRY_SPOTLIGHT: "false"
|
|
|
|
# === Misc frontend ===
|
|
NEXT_PUBLIC_DISCORD_SUPPORT: ""
|
|
NEXT_PUBLIC_POLOTNO: ""
|
|
NEXT_PUBLIC_VERSION: ""
|
|
NEXT_PUBLIC_APP_VERSION: ""
|
|
NEXT_PUBLIC_OVERRIDE_BACKEND_URL: ""
|
|
|
|
# === Runtime ===
|
|
PORT: "3000"
|
|
TZ: "UTC"
|
|
NODE_ENV: "production"
|
|
|
|
# Sensitive environment variables (injected via Secret)
|
|
secrets:
|
|
# === Required ===
|
|
DATABASE_URL: ""
|
|
REDIS_URL: ""
|
|
JWT_SECRET: ""
|
|
|
|
# === Storage — Cloudflare R2 ===
|
|
CLOUDFLARE_ACCOUNT_ID: ""
|
|
CLOUDFLARE_ACCESS_KEY: ""
|
|
CLOUDFLARE_SECRET_ACCESS_KEY: ""
|
|
CLOUDFLARE_BUCKETNAME: ""
|
|
CLOUDFLARE_BUCKET_URL: ""
|
|
|
|
# === Email ===
|
|
RESEND_API_KEY: ""
|
|
EMAIL_USER: ""
|
|
EMAIL_PASS: ""
|
|
|
|
# === OAuth / OIDC sign-in ===
|
|
POSTIZ_OAUTH_CLIENT_ID: ""
|
|
POSTIZ_OAUTH_CLIENT_SECRET: ""
|
|
|
|
# === Social providers ===
|
|
X_API_KEY: ""
|
|
X_API_SECRET: ""
|
|
LINKEDIN_CLIENT_ID: ""
|
|
LINKEDIN_CLIENT_SECRET: ""
|
|
REDDIT_CLIENT_ID: ""
|
|
REDDIT_CLIENT_SECRET: ""
|
|
GITHUB_CLIENT_ID: ""
|
|
GITHUB_CLIENT_SECRET: ""
|
|
FACEBOOK_APP_ID: ""
|
|
FACEBOOK_APP_SECRET: ""
|
|
INSTAGRAM_APP_ID: ""
|
|
INSTAGRAM_APP_SECRET: ""
|
|
THREADS_APP_ID: ""
|
|
THREADS_APP_SECRET: ""
|
|
YOUTUBE_CLIENT_ID: ""
|
|
YOUTUBE_CLIENT_SECRET: ""
|
|
GOOGLE_GMB_CLIENT_ID: ""
|
|
GOOGLE_GMB_CLIENT_SECRET: ""
|
|
TIKTOK_CLIENT_ID: ""
|
|
TIKTOK_CLIENT_SECRET: ""
|
|
PINTEREST_CLIENT_ID: ""
|
|
PINTEREST_CLIENT_SECRET: ""
|
|
DRIBBBLE_CLIENT_ID: ""
|
|
DRIBBBLE_CLIENT_SECRET: ""
|
|
DISCORD_CLIENT_ID: ""
|
|
DISCORD_CLIENT_SECRET: ""
|
|
DISCORD_BOT_TOKEN_ID: ""
|
|
SLACK_ID: ""
|
|
SLACK_SECRET: ""
|
|
SLACK_SIGNING_SECRET: ""
|
|
TELEGRAM_TOKEN: ""
|
|
TELEGRAM_BOT_NAME: ""
|
|
MASTODON_CLIENT_ID: ""
|
|
MASTODON_CLIENT_SECRET: ""
|
|
NEYNAR_CLIENT_ID: ""
|
|
NEYNAR_SECRET_KEY: ""
|
|
MEWE_APP_ID: ""
|
|
MEWE_API_KEY: ""
|
|
TWITCH_CLIENT_ID: ""
|
|
TWITCH_CLIENT_SECRET: ""
|
|
KICK_CLIENT_ID: ""
|
|
KICK_SECRET: ""
|
|
VK_ID: ""
|
|
WHOP_CLIENT_ID: ""
|
|
BEEHIIVE_API_KEY: ""
|
|
BEEHIIVE_PUBLICATION_ID: ""
|
|
LISTMONK_DOMAIN: ""
|
|
LISTMONK_USER: ""
|
|
LISTMONK_API_KEY: ""
|
|
LISTMONK_LIST_ID: ""
|
|
LISTMONK_WELCOME_TEMPLATE_ID: ""
|
|
EXTENSION_ID: ""
|
|
|
|
# === AI / Generation ===
|
|
OPENAI_API_KEY: ""
|
|
OPENAI_APP_CHALLANGE: ""
|
|
ELEVENSLABS_API_KEY: ""
|
|
FAL_KEY: ""
|
|
TAVILY_API_KEY: ""
|
|
KIEAI_API_KEY: ""
|
|
TRANSLOADIT_AUTH: ""
|
|
TRANSLOADIT_SECRET: ""
|
|
TRANSLOADIT_TEMPLATE: ""
|
|
|
|
# === Payments ===
|
|
STRIPE_PUBLISHABLE_KEY: ""
|
|
STRIPE_SECRET_KEY: ""
|
|
STRIPE_SIGNING_KEY: ""
|
|
STRIPE_SIGNING_KEY_CONNECT: ""
|
|
STRIPE_DISCOUNT_ID: ""
|
|
NOWPAYMENTS_API_KEY: ""
|
|
NOWPAYMENTS_AMOUNT: ""
|
|
|
|
# === Analytics secrets ===
|
|
FACEBOOK_PIXEL_ACCESS_TOKEN: ""
|
|
NEXT_PUBLIC_TRACKING_TRIAL: ""
|
|
DATAFAST_API_KEY: ""
|
|
DATAFAST_WEBSITE_ID: ""
|
|
SENTRY_AUTH_TOKEN: ""
|
|
|
|
# === MCP / Agent ===
|
|
AGENT_API_KEY: ""
|
|
AGENT_MEDIA_SSO_KEY: ""
|
|
|
|
# === Short-link providers ===
|
|
DUB_TOKEN: ""
|
|
SHORT_IO_SECRET_KEY: ""
|
|
KUTT_API_KEY: ""
|
|
LINK_DRIP_API_KEY: ""
|