manifests/applications/mastodon/ingress.yaml

---
# Main Mastodon Web Ingress
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mastodon-web-ingress
  namespace: mastodon-application
  annotations:
    # Basic NGINX Configuration only - no cert-manager or external-dns
    kubernetes.io/ingress.class: nginx
    
    # Basic NGINX Configuration
    nginx.ingress.kubernetes.io/proxy-body-size: "100m"
    nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
    
    # ActivityPub rate limiting - compatible with Cloudflare tunnels
    # Uses real client IPs from CF-Connecting-IP header (configured in nginx ingress controller)  
    nginx.ingress.kubernetes.io/limit-rps: "30"
    nginx.ingress.kubernetes.io/limit-burst-multiplier: "5"
    
spec:
  ingressClassName: nginx
  tls: []
  rules:
  - host: mastodon.keyboardvagabond.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: mastodon-web
            port:
              number: 3000
---
# Separate Streaming Ingress with WebSocket support
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: mastodon-streaming-ingress
  namespace: mastodon-application
  annotations:
    # Basic NGINX Configuration only - no cert-manager or external-dns
    kubernetes.io/ingress.class: nginx
    
    # WebSocket timeout configuration for long-lived streaming connections  
    nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
    nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
    nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
    
spec:
  ingressClassName: nginx
  tls: []
  rules:
  - host: streamingmastodon.keyboardvagabond.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: mastodon-streaming
            port:
              number: 4000
redaction (#1) Add the redacted source file for demo purposes Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1 Co-authored-by: Michael DiLeo <michael_dileo@proton.me> Co-committed-by: Michael DiLeo <michael_dileo@proton.me> 2025-12-24 13:40:47 +00:00			`---`
			`# Main Mastodon Web Ingress`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: mastodon-web-ingress`
			`namespace: mastodon-application`
			`annotations:`
			`# Basic NGINX Configuration only - no cert-manager or external-dns`
			`kubernetes.io/ingress.class: nginx`

			`# Basic NGINX Configuration`
			`nginx.ingress.kubernetes.io/proxy-body-size: "100m"`
			`nginx.ingress.kubernetes.io/proxy-read-timeout: "300"`
			`nginx.ingress.kubernetes.io/proxy-send-timeout: "300"`
			`nginx.ingress.kubernetes.io/backend-protocol: "HTTP"`

			`# ActivityPub rate limiting - compatible with Cloudflare tunnels`
			`# Uses real client IPs from CF-Connecting-IP header (configured in nginx ingress controller)`
			`nginx.ingress.kubernetes.io/limit-rps: "30"`
			`nginx.ingress.kubernetes.io/limit-burst-multiplier: "5"`

			`spec:`
			`ingressClassName: nginx`
			`tls: []`
			`rules:`
			`- host: mastodon.keyboardvagabond.com`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: mastodon-web`
			`port:`
			`number: 3000`
			`---`
			`# Separate Streaming Ingress with WebSocket support`
			`apiVersion: networking.k8s.io/v1`
			`kind: Ingress`
			`metadata:`
			`name: mastodon-streaming-ingress`
			`namespace: mastodon-application`
			`annotations:`
			`# Basic NGINX Configuration only - no cert-manager or external-dns`
			`kubernetes.io/ingress.class: nginx`

			`# WebSocket timeout configuration for long-lived streaming connections`
			`nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"`
			`nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"`
			`nginx.ingress.kubernetes.io/backend-protocol: "HTTP"`

			`spec:`
			`ingressClassName: nginx`
			`tls: []`
			`rules:`
			`- host: streamingmastodon.keyboardvagabond.com`
			`http:`
			`paths:`
			`- path: /`
			`pathType: Prefix`
			`backend:`
			`service:`
			`name: mastodon-streaming`
			`port:`
			`number: 4000`