michael_dileo/Keybard-Vagabond-Demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7327d77dcd8c3218e5be9629f8c809433ad4e260
Keybard-Vagabond-Demo/manifests/applications/picsur/README.md
Michael DiLeo 7327d77dcd redaction (#1) 
Add the redacted source file for demo purposes

Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1
Co-authored-by: Michael DiLeo <michael_dileo@proton.me>
Co-committed-by: Michael DiLeo <michael_dileo@proton.me>
2025-12-24 13:40:47 +00:00

85 lines
3.3 KiB
Markdown
Raw Blame History

# Picsur Image Hosting Service
Picsur is a self-hosted image sharing service similar to Imgur. This deployment integrates with the existing PostgreSQL cluster and provides automatic DNS/SSL setup.
## Prerequisites
### Database Setup
Before deploying, create the database and user manually. **Note**: Connect to the PRIMARY instance (check with `kubectl get cluster postgresql-shared -n postgresql-system -o jsonpath="{.status.currentPrimary}"`):
```bash
# Step 1: Create database and user (if they don't exist)
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -c "CREATE DATABASE picsur;"
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -c "CREATE USER picsur WITH ENCRYPTED PASSWORD 'your_secure_password';"
# Step 2: Grant database-level permissions
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -c "GRANT ALL PRIVILEGES ON DATABASE picsur TO picsur;"
# Step 3: Grant schema-level permissions (CRITICAL for table creation)
kubectl exec -it postgresql-shared-2 -n postgresql-system -- psql -U postgres -d picsur -c "GRANT ALL ON SCHEMA public TO picsur; GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO picsur; GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO picsur;"
```
**Troubleshooting**: If Picsur fails with "permission denied for schema public", you need to run Step 3 above. The user needs explicit permissions on the public schema to create tables.
### Secret Configuration
Update the `secret.yaml` file with proper SOPS encryption:
```bash
# Edit the secret with your actual values
sops manifests/applications/picsur/secret.yaml
# Update these values:
# - PICSUR_DB_USERNAME: picsur
# - PICSUR_DB_PASSWORD: your_secure_password
# - PICSUR_DB_DATABASE: picsur
# - PICSUR_ADMIN_PASSWORD: your_admin_password
# - PICSUR_JWT_SECRET: your_jwt_secret_key
```
## Configuration
### Environment Variables
- `PICSUR_DB_HOST`: PostgreSQL connection host
- `PICSUR_DB_PORT`: PostgreSQL port (5432)
- `PICSUR_DB_USERNAME`: Database username
- `PICSUR_DB_PASSWORD`: Database password
- `PICSUR_DB_DATABASE`: Database name
- `PICSUR_ADMIN_PASSWORD`: Admin user password
- `PICSUR_JWT_SECRET`: JWT secret for authentication
- `PICSUR_MAX_FILE_SIZE`: Maximum file size (default: 50MB)
### Storage
- Uses Longhorn persistent volume with `longhorn-retain` storage class
- 20GB initial storage allocation
- Volume labeled for S3 backup inclusion
### Resources
- **Requests**: 200m CPU, 512Mi memory
- **Limits**: 1000m CPU, 2Gi memory
- **Worker Memory**: 1024MB (configured in Picsur admin UI)
- Suitable for image hosting with large file processing (up to 50MB files, 40MP+ panoramas)
## Access
Once deployed, Picsur will be available at:
- **URL**: https://picsur.keyboardvagabond.com
- **Admin Username**: admin
- **Admin Password**: As configured in secret
## Monitoring
Basic health checks are configured. If Picsur exposes metrics, uncomment the ServiceMonitor in `monitoring.yaml`.
## Integration with WriteFreely
Picsur can be used as an image backend for WriteFreely:
1. Upload images to Picsur
2. Use the direct image URLs in WriteFreely posts
3. Images are served from your own infrastructure
## Scaling
Current deployment is single-replica. For high availability:
1. Increase replica count
2. Consider using ReadWriteMany storage if needed
3. Ensure database can handle multiple connections
Reference in New Issue View Git Blame Copy Permalink