michael_dileo/Keybard-Vagabond-Demo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
7327d77dcd8c3218e5be9629f8c809433ad4e260
Keybard-Vagabond-Demo/manifests/applications/piefed/README.md
Michael DiLeo 7327d77dcd redaction (#1) 
Add the redacted source file for demo purposes

Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1
Co-authored-by: Michael DiLeo <michael_dileo@proton.me>
Co-committed-by: Michael DiLeo <michael_dileo@proton.me>
2025-12-24 13:40:47 +00:00

206 lines
6.5 KiB
Markdown
Raw Blame History

# PieFed - Reddit-like Fediverse Platform
PieFed is a Reddit-like platform that implements the ActivityPub protocol for federation. This deployment provides a complete PieFed instance optimized for the Keyboard Vagabond community.
## 🎯 **Access Information**
- **URL**: `https://piefed.keyboardvagabond.com`
- **Federation**: ActivityPub enabled, federated with other fediverse instances
- **Estimate User Limit**: 200 Monthly Active Users
## 🏗️ **Architecture**
### **Multi-Container Design**
- **Web Container**: Nginx + Django/uWSGI for HTTP requests
- **Worker Container**: Celery + Beat for background jobs
- **Database**: PostgreSQL (shared cluster with HA)
- **Cache**: Redis (shared cluster)
- **Storage**: Backblaze B2 S3 + Cloudflare CDN
- **Mail**: SMTP
### **Resource Allocation**
- **Web**: 2 CPU cores, 4GB RAM with auto-scaling (2-6 replicas)
- **Worker**: 1 CPU core, 2GB RAM with auto-scaling (1-4 replicas)
- **Storage**: 10GB app storage + 5GB cache
## 📁 **File Structure**
```
manifests/applications/piefed/
├── namespace.yaml # piefed-application namespace
├── secret.yaml # Environment variables and credentials
├── harbor-pull-secret.yaml # Harbor registry authentication
├── storage.yaml # Persistent volumes for app and cache
├── deployment-web.yaml # Web server deployment with HPA
├── deployment-worker.yaml # Background worker deployment with HPA
├── service.yaml # Internal service for web pods
├── ingress.yaml # External access with SSL
├── cronjobs.yaml # Maintenance CronJobs
├── monitoring.yaml # OpenObserve metrics collection
├── kustomization.yaml # Kustomize configuration
└── README.md # This documentation
```
## 🔧 **Configuration**
### **Database Configuration**
- **Primary**: `postgresql-shared-rw.postgresql-system.svc.cluster.local`
- **Database**: `piefed`
- **User**: `piefed_user`
### **Redis Configuration**
- **Primary**: `redis-ha-haproxy.redis-system.svc.cluster.local`
- **Port**: `6379`
- **Usage**: Sessions, cache, queues
### **S3 Media Storage**
- **Provider**: Backblaze B2
- **Bucket**: `piefed-bucket`
- **CDN**: `https://pfm.keyboardvagabond.com`
- **Region**: `eu-central-003`
### **SMTP Configuration**
- **Provider**: SMTP
- **Host**: `<YOUR_SMTP_SERVER>`
- **User**: `piefed@mail.keyboardvagabond.com`
- **Encryption**: TLS (port 587)
## 🚀 **Deployment**
### **Prerequisites**
1. **Database Setup**: ✅ Database and user already created
2. **Secrets**: Update `secret.yaml` with:
- Django SECRET_KEY (generate with `python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'`)
- Admin password
### **Generate Required Secrets**
```bash
# Generate Django secret key
python -c 'from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())'
# Edit the secret with actual values
sops manifests/applications/piefed/secret.yaml
```
### **Deploy PieFed**
```bash
# Add piefed to applications kustomization
# manifests/applications/kustomization.yaml:
# resources:
# - piefed/
# Deploy all manifests
kubectl apply -k manifests/applications/piefed/
# Monitor deployment
kubectl get pods -n piefed-application -w
# Check ingress and certificates
kubectl get ingress,certificates -n piefed-application
```
### **Post-Deployment Setup**
```bash
# Check deployment status
kubectl get pods -n piefed-application
# Check web container logs
kubectl logs -f deployment/piefed-web -n piefed-application
# Check worker container logs
kubectl logs -f deployment/piefed-worker -n piefed-application
# Access admin interface (if configured)
open https://piefed.keyboardvagabond.com/admin/
```
## 🔄 **Maintenance**
### **Automated CronJobs**
- **Daily Maintenance**: Session cleanup, upload cleanup (2 AM UTC daily)
- **Orphan File Removal**: Clean up orphaned media files (3 AM UTC Sunday)
- **Queue Processing**: Send queued notifications (every 10 minutes)
### **Manual Maintenance**
```bash
# Access web container for manual tasks
kubectl exec -it deployment/piefed-web -n piefed-application -- /bin/sh
# Run Django management commands
python manage.py migrate
python manage.py collectstatic
python manage.py createsuperuser
```
## 🔍 **Monitoring & Troubleshooting**
### **Check Application Status**
```bash
# Pod status
kubectl get pods -n piefed-application
kubectl describe pods -n piefed-application
# Application logs
kubectl logs -f deployment/piefed-web -n piefed-application
kubectl logs -f deployment/piefed-worker -n piefed-application
# Check services and ingress
kubectl get svc,ingress -n piefed-application
# Check auto-scaling
kubectl get hpa -n piefed-application
```
# Check celery queue length
```
kubectl exec -n redis-system redis-master-0 -- redis-cli -a <redis password> -n 0 llen celery
```
### **Database Connectivity**
```bash
# Test database connection
kubectl exec -it deployment/piefed-web -n piefed-application -- python manage.py dbshell
```
### **OpenObserve Integration**
- **ServiceMonitor**: Automatically configures metrics collection
- **Dashboards**: Available at `https://obs.keyboardvagabond.com`
- **Metrics**: Application performance, request rates, error rates
## 🎯 **Federation & Features**
### **ActivityPub Federation**
- Compatible with Mastodon, Lemmy, and other ActivityPub platforms
- Automatic content federation and user discovery
- Local and federated timelines
### **Reddit-like Features**
- Communities (similar to subreddits)
- Voting system (upvotes/downvotes)
- Threaded comments
- Moderation tools
## 📊 **Performance Optimization**
### **Auto-Scaling Configuration**
- **Web HPA**: 2-6 replicas based on CPU (70%) and memory (80%)
- **Worker HPA**: 1-4 replicas based on CPU (75%) and memory (85%)
### **Storage Optimization**
- **Longhorn Storage**: 2-replica redundancy with S3 backup
- **CDN**: Cloudflare CDN for static assets and media
## 🔗 **Integration with Infrastructure**
### **Perfect Fit For Your Setup**
-**PostgreSQL**: Uses your CloudNativePG cluster
-**Redis**: Integrates with your Redis cluster
-**S3 Storage**: Leverages Backblaze B2 + Cloudflare CDN
-**Monitoring**: Ready for OpenObserve metrics collection
-**SSL**: Works with your cert-manager + Let's Encrypt setup
-**DNS**: Compatible with external-dns + Cloudflare
-**Container Registry**: Uses Harbor for private image storage
---
**Built with ❤️ for your sophisticated Kubernetes infrastructure**
Reference in New Issue View Git Blame Copy Permalink