michael_dileo/Keybard-Vagabond-Demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
redaction
Keybard-Vagabond-Demo/manifests/applications/picsur/README.md

3.3 KiB
Raw Permalink Blame History

Picsur Image Hosting Service

Picsur is a self-hosted image sharing service similar to Imgur. This deployment integrates with the existing PostgreSQL cluster and provides automatic DNS/SSL setup.

Prerequisites

Database Setup

Before deploying, create the database and user manually. Note: Connect to the PRIMARY instance (check with kubectl get cluster postgresql-shared -n postgresql-system -o jsonpath="{.status.currentPrimary}"):

# Step 1: Create database and user (if they don't exist)
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -c "CREATE DATABASE picsur;"
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -c "CREATE USER picsur WITH ENCRYPTED PASSWORD 'your_secure_password';"

# Step 2: Grant database-level permissions
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE picsur TO picsur;"

# Step 3: Grant schema-level permissions (CRITICAL for table creation)
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -d picsur -c "GRANT ALL ON SCHEMA public TO picsur; GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO picsur; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO picsur;"

Troubleshooting: If Picsur fails with "permission denied for schema public", you need to run Step 3 above. The user needs explicit permissions on the public schema to create tables.

Secret Configuration

Update the secret.yaml file with proper SOPS encryption:

# Edit the secret with your actual values
sops manifests/applications/picsur/secret.yaml

# Update these values:
# - PICSUR_DB_USERNAME: picsur
# - PICSUR_DB_PASSWORD: your_secure_password
# - PICSUR_DB_DATABASE: picsur
# - PICSUR_ADMIN_PASSWORD: your_admin_password
# - PICSUR_JWT_SECRET: your_jwt_secret_key

Configuration

Environment Variables

  • PICSUR_DB_HOST: PostgreSQL connection host
  • PICSUR_DB_PORT: PostgreSQL port (5432)
  • PICSUR_DB_USERNAME: Database username
  • PICSUR_DB_PASSWORD: Database password
  • PICSUR_DB_DATABASE: Database name
  • PICSUR_ADMIN_PASSWORD: Admin user password
  • PICSUR_JWT_SECRET: JWT secret for authentication
  • PICSUR_MAX_FILE_SIZE: Maximum file size (default: 50MB)

Storage

  • Uses Longhorn persistent volume with longhorn-retain storage class
  • 20GB initial storage allocation
  • Volume labeled for S3 backup inclusion

Resources

  • Requests: 200m CPU, 512Mi memory
  • Limits: 1000m CPU, 2Gi memory
  • Worker Memory: 1024MB (configured in Picsur admin UI)
  • Suitable for image hosting with large file processing (up to 50MB files, 40MP+ panoramas)

Access

Once deployed, Picsur will be available at:

Monitoring

Basic health checks are configured. If Picsur exposes metrics, uncomment the ServiceMonitor in monitoring.yaml.

Integration with WriteFreely

Picsur can be used as an image backend for WriteFreely:

  1. Upload images to Picsur
  2. Use the direct image URLs in WriteFreely posts
  3. Images are served from your own infrastructure

Scaling

Current deployment is single-replica. For high availability:

  1. Increase replica count
  2. Consider using ReadWriteMany storage if needed
  3. Ensure database can handle multiple connections
Reference in New Issue View Git Blame Copy Permalink