# S3 Storage Configuration Templates # Framework-specific S3 integration patterns with dedicated bucket approach # Laravel/Pixelfed S3 Configuration --- apiVersion: v1 kind: ConfigMap metadata: name: pixelfed-s3-config data: # Critical Laravel S3 Configuration FILESYSTEM_DRIVER: "s3" DANGEROUSLY_SET_FILESYSTEM_DRIVER: "s3" # Required for S3 default disk PF_ENABLE_CLOUD: "true" FILESYSTEM_CLOUD: "s3" FILESYSTEM_DISK: "s3" # Backblaze B2 S3-Compatible Storage AWS_BUCKET: "pixelfed-bucket" # Dedicated bucket approach AWS_URL: "" # CDN URL AWS_ENDPOINT: "" AWS_ROOT: "" # Empty - no prefix needed with dedicated bucket AWS_USE_PATH_STYLE_ENDPOINT: "false" AWS_VISIBILITY: "public" # Flask/PieFed S3 Configuration --- apiVersion: v1 kind: ConfigMap metadata: name: piefed-s3-config data: # S3 Storage (Backblaze B2) S3_BUCKET: "piefed-bucket" S3_REGION: "" S3_ENDPOINT_URL: "" S3_PUBLIC_URL: "" # Django/BookWyrm S3 Configuration --- apiVersion: v1 kind: ConfigMap metadata: name: bookwyrm-s3-config data: # S3 Storage (Backblaze B2) USE_S3: "true" AWS_STORAGE_BUCKET_NAME: "bookwyrm-bucket" AWS_S3_REGION_NAME: "" AWS_S3_ENDPOINT_URL: "" AWS_S3_CUSTOM_DOMAIN: "" AWS_DEFAULT_ACL: "" # Backblaze B2 doesn't support ACLs # Ruby/Mastodon S3 Configuration --- apiVersion: v1 kind: ConfigMap metadata: name: mastodon-s3-config data: # S3 Object Storage S3_ENABLED: "true" S3_BUCKET: "mastodon-bucket" S3_REGION: "" S3_ENDPOINT: "" S3_HOSTNAME: "" S3_ALIAS_HOST: "" # Generic S3 Secret Template --- apiVersion: v1 kind: Secret metadata: name: s3-credentials type: Opaque data: # Base64 encoded values (will be encrypted by SOPS) # Replace with actual base64-encoded values before encryption AWS_ACCESS_KEY_ID: AWS_SECRET_ACCESS_KEY: S3_KEY: # Flask apps use this naming S3_SECRET: # Flask apps use this naming # CDN Mapping Reference # | Application | CDN Subdomain | S3 Bucket | Purpose | # |------------|---------------|-----------|---------| # | Pixelfed | pm.keyboardvagabond.com | pixelfed-bucket | Photo/media sharing | # | PieFed | pfm.keyboardvagabond.com | piefed-bucket | Forum content/uploads | # | Mastodon | mm.keyboardvagabond.com | mastodon-bucket | Social media/attachments | # | BookWyrm | bm.keyboardvagabond.com | bookwyrm-bucket | Book covers/user uploads | # Redis Connection Pattern (HAProxy-based): # - HAProxy (Read/Write): redis-ha-haproxy.redis-system.svc.cluster.local:6379 # - Managed by 3 HAProxy pods providing unified endpoint # - Redis HA cluster: 3 Redis replicas with Sentinel for HA # - Helm Chart: redis-ha from dandydeveloper/charts (replaced deprecated Bitnami) # Redis Usage Examples: # Mastodon - Redis for caching and Sidekiq job queue --- apiVersion: v1 kind: ConfigMap metadata: name: mastodon-redis-config data: REDIS_HOST: "redis-ha-haproxy.redis-system.svc.cluster.local" # HAProxy endpoint REDIS_PORT: "6379" # PieFed - Flask with Redis for cache and Celery broker --- apiVersion: v1 kind: ConfigMap metadata: name: piefed-redis-config data: # All Redis connections use HAProxy endpoint CACHE_REDIS_URL: "redis://:@redis-ha-haproxy.redis-system.svc.cluster.local:6379/1" CELERY_BROKER_URL: "redis://:@redis-ha-haproxy.redis-system.svc.cluster.local:6379/2" # BookWyrm - Django with Redis for broker and activity streams --- apiVersion: v1 kind: ConfigMap metadata: name: bookwyrm-redis-config data: # All Redis connections use HAProxy endpoint REDIS_BROKER_HOST: "redis-ha-haproxy.redis-system.svc.cluster.local:6379" REDIS_ACTIVITY_HOST: "redis-ha-haproxy.redis-system.svc.cluster.local:6379" REDIS_BROKER_DB_INDEX: "3" REDIS_ACTIVITY_DB: "4"