From cec6af34a9b53319e99b0b806ee3a58aa72bf275 Mon Sep 17 00:00:00 2001 From: jessebot Date: Mon, 21 Oct 2024 20:04:12 +0200 Subject: [PATCH 1/5] switch to valkey instead of redis --- docs/assets/images/screenshots/help_text.svg | 120 +++++++++---------- docs/k8s_apps/mastodon.md | 4 +- pyproject.toml | 2 +- smol_k8s_lab/config/default_config.yaml | 4 +- smol_k8s_lab/k8s_apps/social/mastodon.py | 26 ++-- 5 files changed, 78 insertions(+), 78 deletions(-) diff --git a/docs/assets/images/screenshots/help_text.svg b/docs/assets/images/screenshots/help_text.svg index 6b800cd8d..9361ac938 100644 --- a/docs/assets/images/screenshots/help_text.svg +++ b/docs/assets/images/screenshots/help_text.svg @@ -19,131 +19,131 @@ font-weight: 700; } - .terminal-2112459453-matrix { + .terminal-2374144702-matrix { font-family: Fira Code, monospace; font-size: 20px; line-height: 24.4px; font-variant-east-asian: full-width; } - .terminal-2112459453-title { + .terminal-2374144702-title { font-size: 18px; font-weight: bold; font-family: arial; } - .terminal-2112459453-r1 { fill: #c5c8c6 } -.terminal-2112459453-r2 { fill: #5f87ff } -.terminal-2112459453-r3 { fill: #5f87af;font-style: italic; } -.terminal-2112459453-r4 { fill: #5f87af } -.terminal-2112459453-r5 { fill: #8787ff } -.terminal-2112459453-r6 { fill: #afafff } -.terminal-2112459453-r7 { fill: #87afff } -.terminal-2112459453-r8 { fill: #afafff;font-weight: bold } -.terminal-2112459453-r9 { fill: #868887 } -.terminal-2112459453-r10 { fill: #6179a9 } -.terminal-2112459453-r11 { fill: #6161a9 } -.terminal-2112459453-r12 { fill: #7979a9;font-weight: bold } -.terminal-2112459453-r13 { fill: #4961a9 } + .terminal-2374144702-r1 { fill: #c5c8c6 } +.terminal-2374144702-r2 { fill: #5f87ff } +.terminal-2374144702-r3 { fill: #5f87af;font-style: italic; } +.terminal-2374144702-r4 { fill: #5f87af } +.terminal-2374144702-r5 { fill: #8787ff } +.terminal-2374144702-r6 { fill: #afafff } +.terminal-2374144702-r7 { fill: #87afff } +.terminal-2374144702-r8 { fill: #afafff;font-weight: bold } +.terminal-2374144702-r9 { fill: #868887 } +.terminal-2374144702-r10 { fill: #6179a9 } +.terminal-2374144702-r11 { fill: #6161a9 } +.terminal-2374144702-r12 { fill: #7979a9;font-weight: bold } +.terminal-2374144702-r13 { fill: #4961a9 } - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - + - term + term - + - -                           ๐Ÿงธsmol k8s lab - -Install slim Kubernetes distros + plus all your apps via Argo CD. - -Usage:smol-k8s-lab[OPTIONS] - -โ•ญโ”€ ส• แต”แดฅแต”ส” Options โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฎ -โ”‚โ”‚ -โ”‚-c--config CONFIG_FILEFull path and name of the YAML config file to parse.            โ”‚ -โ”‚Defaults to $XDG_CONFIG_HOME/smol-k8s-lab/config.yamlโ”‚ -โ”‚โ”‚ -โ”‚-D--delete CLUSTER_NAMEDelete an existing cluster by name.                             โ”‚ -โ”‚โ”‚ -โ”‚-i--interactiveโš™๏ธ Interactively configures smol-k8s-labโ”‚ -โ”‚โ”‚ -โ”‚-v--versionPrint the version of smol-k8s-lab (v5.17.1)                     โ”‚ -โ”‚โ”‚ -โ”‚-f--final_cmdRun command immediately after smol-k8s-lab before main cli phaseโ”‚ -โ”‚โ”‚ -โ”‚-h--helpShow this message and exit.                                     โ”‚ -โ•ฐโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€ โ™ฅ docs: https://small-hack.github.io/smol-k8s-labโ”€โ•ฏ + +                           ๐Ÿงธsmol k8s lab + +Install slim Kubernetes distros + plus all your apps via Argo CD. + +Usage:smol-k8s-lab[OPTIONS] + +โ•ญโ”€ ส• แต”แดฅแต”ส” Options โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฎ +โ”‚โ”‚ +โ”‚-c--config CONFIG_FILEFull path and name of the YAML config file to parse.            โ”‚ +โ”‚Defaults to $XDG_CONFIG_HOME/smol-k8s-lab/config.yamlโ”‚ +โ”‚โ”‚ +โ”‚-D--delete CLUSTER_NAMEDelete an existing cluster by name.                             โ”‚ +โ”‚โ”‚ +โ”‚-i--interactiveโš™๏ธ Interactively configures smol-k8s-labโ”‚ +โ”‚โ”‚ +โ”‚-v--versionPrint the version of smol-k8s-lab (v5.17.2)                     โ”‚ +โ”‚โ”‚ +โ”‚-f--final_cmdRun command immediately after smol-k8s-lab before main cli phaseโ”‚ +โ”‚โ”‚ +โ”‚-h--helpShow this message and exit.                                     โ”‚ +โ•ฐโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€ โ™ฅ docs: https://small-hack.github.io/smol-k8s-labโ”€โ•ฏ diff --git a/docs/k8s_apps/mastodon.md b/docs/k8s_apps/mastodon.md index bf7ef010f..45c1ff094 100644 --- a/docs/k8s_apps/mastodon.md +++ b/docs/k8s_apps/mastodon.md @@ -3,7 +3,7 @@ We are mostly stable for running Mastodon on Kubernetes. Check out our [Mastodon Argo CD ApplicationSet](https://github.com/small-hack/argocd-apps/tree/main/mastodon/small-hack): -screenshot of the mastodon applicationset in Argo CD's web interface using the tree mode view. the main mastodon app has 6 child apps: mastodon-redis, mastodon-app-set with child mastodon-web-app, mastodon-external-secrets-appset with child mastodon-external-secrets, mastodon-postgres-app-set with child mastodon-postgres-cluster, mastodon-s3-provider-app-set with child mastodon-seaweedfs, and mastodon-s3-pvc-appset with child mastodon-s3-pvc. +screenshot of the mastodon applicationset in Argo CD's web interface using the tree mode view. the main mastodon app has 6 child apps: mastodon-valkey, mastodon-app-set with child mastodon-web-app, mastodon-external-secrets-appset with child mastodon-external-secrets, mastodon-postgres-app-set with child mastodon-postgres-cluster, mastodon-s3-provider-app-set with child mastodon-seaweedfs, and mastodon-s3-pvc-appset with child mastodon-s3-pvc. This is the networking view in Argo CD: @@ -53,7 +53,7 @@ apps: description: | [link=https://joinmastodon.org/]Mastodon[/link] is an open source self hosted social media network. - smol-k8s-lab supports initializing mastodon, by setting up your hostname, SMTP credentials, redis credentials, postgresql credentials, and an admin user credentials. We pass all credentials as secrets in the namespace and optionally save them to Bitwarden. + smol-k8s-lab supports initializing mastodon, by setting up your hostname, SMTP credentials, valkey credentials, postgresql credentials, and an admin user credentials. We pass all credentials as secrets in the namespace and optionally save them to Bitwarden. smol-k8s-lab also creates a local s3 endpoint and as well as S3 bucket and credentials if you enable set mastodon.argo.secret_keys.s3_provider to "minio" or "seaweedfs". Both seaweedfs and minio require you to specify a remote s3 endpoint, bucket, region, and accessID/secretKey so that we can make sure you have remote backups. diff --git a/pyproject.toml b/pyproject.toml index dbeec9575..87d9cfc54 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "smol_k8s_lab" -version = "5.17.1" +version = "5.17.2" description = "CLI and TUI to quickly install slimmer Kubernetes distros and then manage apps declaratively using Argo CD" authors = ["Jesse Hitch ", "Max Roby "] diff --git a/smol_k8s_lab/config/default_config.yaml b/smol_k8s_lab/config/default_config.yaml index a8cd57d38..501c6f7f4 100644 --- a/smol_k8s_lab/config/default_config.yaml +++ b/smol_k8s_lab/config/default_config.yaml @@ -784,7 +784,7 @@ apps: description: | [link=https://joinmastodon.org/]Mastodon[/link] is an open source self hosted social media network. - smol-k8s-lab supports initializing mastodon, by setting up your hostname, SMTP credentials, redis credentials, postgresql credentials, and an admin user credentials. We pass all credentials as secrets in the namespace and optionally save them to Bitwarden. + smol-k8s-lab supports initializing mastodon, by setting up your hostname, SMTP credentials, valkey credentials, postgresql credentials, and an admin user credentials. We pass all credentials as secrets in the namespace and optionally save them to Bitwarden. smol-k8s-lab also creates a local s3 endpoint and as well as S3 bucket and credentials if you enable set mastodon.argo.secret_keys.s3_provider to "minio" or "seaweedfs". Both seaweedfs and minio require you to specify a remote s3 endpoint, bucket, region, and accessID/secretKey so that we can make sure you have remote backups. @@ -1195,7 +1195,7 @@ apps: description: | [link=https://nextcloud.com/]Nextcloud Hub[/link] is the industry-leading, fully open-source, on-premises content collaboration platform. Teams access, share and edit their documents, chat and participate in video calls and manage their mail and calendar and projects across mobile, desktop and web interfaces - smol-k8s-lab supports initialization by setting up your admin username, password, and SMTP username and password, as well as your redis and postgresql credentials. + smol-k8s-lab supports initialization by setting up your admin username, password, and SMTP username and password, as well as your redis (or valkey) and postgresql credentials. To avoid providing sensitive values everytime you run smol-k8s-lab, consider exporting the following environment variables before running smol-k8s-lab: - NEXTCLOUD_SMTP_PASSWORD diff --git a/smol_k8s_lab/k8s_apps/social/mastodon.py b/smol_k8s_lab/k8s_apps/social/mastodon.py index 914ee89a7..a4dbfb09b 100644 --- a/smol_k8s_lab/k8s_apps/social/mastodon.py +++ b/smol_k8s_lab/k8s_apps/social/mastodon.py @@ -125,10 +125,10 @@ def configure_mastodon(argocd: ArgoCD, {"password": mastodon_pgsql_password, 'postrgesPassword': mastodon_pgsql_password}) - # redis creds k8s secret - mastodon_redis_password = create_password() - argocd.k8s.create_secret('mastodon-redis-credentials', 'mastodon', - {"password": mastodon_redis_password}) + # valkey creds k8s secret + mastodon_valkey_password = create_password() + argocd.k8s.create_secret('mastodon-valkey-credentials', 'mastodon', + {"password": mastodon_valkey_password}) # mastodon rake secrets argocd.k8s.create_secret('mastodon-server-secrets', 'mastodon', @@ -226,8 +226,8 @@ def refresh_bweso(argocd: ArgoCD, f"mastodon-elasticsearch-credentials-{mastodon_hostname}", False )[0]['id'] - redis_id = bitwarden.get_item( - f"mastodon-redis-credentials-{mastodon_hostname}", False + valkey_id = bitwarden.get_item( + f"mastodon-valkey-credentials-{mastodon_hostname}", False )[0]['id'] smtp_id = bitwarden.get_item( @@ -258,7 +258,7 @@ def refresh_bweso(argocd: ArgoCD, argocd.update_appset_secret( {'mastodon_smtp_credentials_bitwarden_id': smtp_id, 'mastodon_postgres_credentials_bitwarden_id': db_id, - 'mastodon_redis_bitwarden_id': redis_id, + 'mastodon_valkey_bitwarden_id': valkey_id, 'mastodon_s3_admin_credentials_bitwarden_id': s3_admin_id, 'mastodon_s3_postgres_credentials_bitwarden_id': s3_db_id, 'mastodon_s3_mastodon_credentials_bitwarden_id': s3_id, @@ -353,13 +353,13 @@ def setup_bitwarden_items(argocd: ArgoCD, fields=[postrges_pass_obj] ) - # Redis credentials - mastodon_redis_password = bitwarden.generate() - redis_id = bitwarden.create_login( - name='mastodon-redis-credentials', + # valkey credentials + mastodon_valkey_password = bitwarden.generate() + valkey_id = bitwarden.create_login( + name='mastodon-valkey-credentials', item_url=mastodon_hostname, user='mastodon', - password=mastodon_redis_password + password=mastodon_valkey_password ) # SMTP credentials @@ -419,7 +419,7 @@ def setup_bitwarden_items(argocd: ArgoCD, argocd.update_appset_secret( {'mastodon_smtp_credentials_bitwarden_id': smtp_id, 'mastodon_postgres_credentials_bitwarden_id': db_id, - 'mastodon_redis_bitwarden_id': redis_id, + 'mastodon_valkey_bitwarden_id': valkey_id, 'mastodon_s3_admin_credentials_bitwarden_id': s3_admin_id, 'mastodon_s3_postgres_credentials_bitwarden_id': s3_db_id, 'mastodon_s3_mastodon_credentials_bitwarden_id': s3_id, From f7dc834439d3cb032a8dc39186cfa52099f493c1 Mon Sep 17 00:00:00 2001 From: jessebot Date: Mon, 21 Oct 2024 20:26:58 +0200 Subject: [PATCH 2/5] fix restic password for mastodon --- smol_k8s_lab/config/default_config.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/smol_k8s_lab/config/default_config.yaml b/smol_k8s_lab/config/default_config.yaml index 501c6f7f4..383dfd746 100644 --- a/smol_k8s_lab/config/default_config.yaml +++ b/smol_k8s_lab/config/default_config.yaml @@ -834,9 +834,9 @@ apps: access_key_id: value_from: env: MASTODON_S3_BACKUP_ACCESS_ID - restic_repo_password: - value_from: - env: MASTODON_RESTIC_REPO_PASSWORD + restic_repo_password: + value_from: + env: MASTODON_RESTIC_REPO_PASSWORD argo: # secrets keys to make available to Argo CD ApplicationSets secret_keys: @@ -851,6 +851,10 @@ apps: # local s3 endpoint for postgresql backups, backed up constantly s3_endpoint: "" s3_region: eu-west-1 + # size of valkey pvc storage + valkey_storage: 3Gi + valkey_storage_class: local-path + valkey_access_mode: ReadWriteOnce # git repo to install the Argo CD app from repo: https://github.com/small-hack/argocd-apps # path in the argo repo to point to. Trailing slash very important! From 1aa0ca1a00943fc6ac70809c17f207d95eeb8bb6 Mon Sep 17 00:00:00 2001 From: jessebot Date: Mon, 21 Oct 2024 20:29:02 +0200 Subject: [PATCH 3/5] update mastodon doc example --- docs/k8s_apps/mastodon.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/k8s_apps/mastodon.md b/docs/k8s_apps/mastodon.md index 45c1ff094..b7edc4025 100644 --- a/docs/k8s_apps/mastodon.md +++ b/docs/k8s_apps/mastodon.md @@ -102,9 +102,9 @@ apps: access_key_id: value_from: env: MASTODON_S3_BACKUP_ACCESS_ID - restic_repo_password: - value_from: - env: MASTODON_RESTIC_REPO_PASSWORD + restic_repo_password: + value_from: + env: MASTODON_RESTIC_REPO_PASSWORD argo: # secrets keys to make available to Argo CD ApplicationSets secret_keys: @@ -119,6 +119,10 @@ apps: # local s3 endpoint for postgresql backups, backed up constantly s3_endpoint: "" s3_region: eu-west-1 + # size of valkey pvc storage settings + valkey_storage: 3Gi + valkey_storage_class: local-path + valkey_access_mode: ReadWriteOnce # git repo to install the Argo CD app from repo: https://github.com/small-hack/argocd-apps # path in the argo repo to point to. Trailing slash very important! From 998687afef92bd60790f33323111536cfebc0b7a Mon Sep 17 00:00:00 2001 From: jessebot Date: Mon, 21 Oct 2024 22:42:47 +0200 Subject: [PATCH 4/5] now we generate active record encyption keys for the database for mastodon --- smol_k8s_lab/k8s_apps/social/mastodon.py | 17 ++++++++++++++++- smol_k8s_lab/k8s_apps/social/mastodon_rake.py | 19 +++++++++++++++++-- 2 files changed, 33 insertions(+), 3 deletions(-) diff --git a/smol_k8s_lab/k8s_apps/social/mastodon.py b/smol_k8s_lab/k8s_apps/social/mastodon.py index a4dbfb09b..09587c1f7 100644 --- a/smol_k8s_lab/k8s_apps/social/mastodon.py +++ b/smol_k8s_lab/k8s_apps/social/mastodon.py @@ -400,6 +400,18 @@ def setup_bitwarden_items(argocd: ArgoCD, "VAPID_PRIVATE_KEY", rake_secrets['VAPID_PRIVATE_KEY'] ) + active_record_encryption_deterministic_obj = create_custom_field( + "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY", + rake_secrets['ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY'] + ) + active_record_encryption_derivation_obj = create_custom_field( + "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT", + rake_secrets['ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT'] + ) + active_record_encryption_primary_obj = create_custom_field( + "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY", + rake_secrets['ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY'] + ) secrets_id = bitwarden.create_login( name='mastodon-server-secrets', @@ -410,7 +422,10 @@ def setup_bitwarden_items(argocd: ArgoCD, secret_key_base_obj, otp_secret_obj, vapid_priv_key_obj, - vapid_pub_key_obj + vapid_pub_key_obj, + active_record_encryption_primary_obj, + active_record_encryption_derivation_obj, + active_record_encryption_deterministic_obj ] ) diff --git a/smol_k8s_lab/k8s_apps/social/mastodon_rake.py b/smol_k8s_lab/k8s_apps/social/mastodon_rake.py index 2533e02f1..69e2f2288 100755 --- a/smol_k8s_lab/k8s_apps/social/mastodon_rake.py +++ b/smol_k8s_lab/k8s_apps/social/mastodon_rake.py @@ -1,5 +1,5 @@ #!/usr/bin/env python -""" +""" This is just for generating mastodon rake secrets and testing on the cli """ from smol_k8s_lab.utils.run.subproc import subproc @@ -21,11 +21,20 @@ def generate_rake_secrets() -> None: VAPID_PUBLIC_KEY Generate with rake mastodon:webpush:generate_vapid_key. Changing it will break push notifications. + + these are all generated with rails db:encryption:init + ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY + ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT + ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY """ final_dict = {"SECRET_KEY_BASE": "", "OTP_SECRET": "", "VAPID_PRIVATE_KEY": "", - "VAPID_PUBLIC_KEY": ""} + "VAPID_PUBLIC_KEY": "", + "ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY": "", + "ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT": "", + "ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY": "" + } # we use docker to generate all of these base_cmd = "docker run docker.io/tootsuite/mastodon:latest rake" @@ -42,6 +51,12 @@ def generate_rake_secrets() -> None: final_dict['VAPID_PRIVATE_KEY'] = vapid_keys[0].split("=")[1] final_dict['VAPID_PUBLIC_KEY'] = vapid_keys[1].split("=")[1] + db_crypt_cmd = "docker run docker.io/tootsuite/mastodon:latest rails db:encryption:init" + crypt_env = subproc([db_crypt_cmd]).split('\n') + final_dict['ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY'] = crypt_env[0].split("=")[1] + final_dict['ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT'] = crypt_env[1].split("=")[1] + final_dict['ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY'] = crypt_env[2].split("=")[1] + return final_dict if __name__ == '__main__': From 7d0db676070fd066789a620f674193391a2e457d Mon Sep 17 00:00:00 2001 From: jessebot Date: Tue, 22 Oct 2024 09:54:30 +0200 Subject: [PATCH 5/5] update mastodon_rake to be mastodon_secrets to accomadate the new generated secrets --- smol_k8s_lab/k8s_apps/social/mastodon.py | 4 ++-- .../social/{mastodon_rake.py => mastodon_secrets.py} | 9 +++++---- 2 files changed, 7 insertions(+), 6 deletions(-) rename smol_k8s_lab/k8s_apps/social/{mastodon_rake.py => mastodon_secrets.py} (94%) diff --git a/smol_k8s_lab/k8s_apps/social/mastodon.py b/smol_k8s_lab/k8s_apps/social/mastodon.py index 09587c1f7..9435206e3 100644 --- a/smol_k8s_lab/k8s_apps/social/mastodon.py +++ b/smol_k8s_lab/k8s_apps/social/mastodon.py @@ -1,7 +1,7 @@ # internal libraries from smol_k8s_lab.bitwarden.bw_cli import BwCLI, create_custom_field from smol_k8s_lab.k8s_apps.operators.minio import create_minio_alias, BetterMinio -from smol_k8s_lab.k8s_apps.social.mastodon_rake import generate_rake_secrets +from smol_k8s_lab.k8s_apps.social.mastodon_secrets import generate_mastodon_secrets from smol_k8s_lab.k8s_tools.argocd_util import ArgoCD from smol_k8s_lab.k8s_tools.restores import restore_seaweedfs, restore_cnpg_cluster from smol_k8s_lab.utils.passwords import create_password @@ -81,7 +81,7 @@ def configure_mastodon(argocd: ArgoCD, mail_pass = extract_secret(init_values.get('smtp_password')) # main mastodon rake secrets - rake_secrets = generate_rake_secrets() + rake_secrets = generate_mastodon_secrets() # configure s3 credentials s3_access_id = 'mastodon' diff --git a/smol_k8s_lab/k8s_apps/social/mastodon_rake.py b/smol_k8s_lab/k8s_apps/social/mastodon_secrets.py similarity index 94% rename from smol_k8s_lab/k8s_apps/social/mastodon_rake.py rename to smol_k8s_lab/k8s_apps/social/mastodon_secrets.py index 69e2f2288..8d76ce2fc 100755 --- a/smol_k8s_lab/k8s_apps/social/mastodon_rake.py +++ b/smol_k8s_lab/k8s_apps/social/mastodon_secrets.py @@ -5,7 +5,7 @@ from smol_k8s_lab.utils.run.subproc import subproc -def generate_rake_secrets() -> None: +def generate_mastodon_secrets() -> None: """ These are required for mastodon: https://docs.joinmastodon.org/admin/config/#secrets @@ -53,9 +53,10 @@ def generate_rake_secrets() -> None: db_crypt_cmd = "docker run docker.io/tootsuite/mastodon:latest rails db:encryption:init" crypt_env = subproc([db_crypt_cmd]).split('\n') - final_dict['ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY'] = crypt_env[0].split("=")[1] - final_dict['ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT'] = crypt_env[1].split("=")[1] - final_dict['ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY'] = crypt_env[2].split("=")[1] + print(crypt_env) + final_dict['ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY'] = crypt_env[2].split("=")[1] + final_dict['ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT'] = crypt_env[3].split("=")[1] + final_dict['ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY'] = crypt_env[4].split("=")[1] return final_dict