cross-posted from: https://lemmy.cloudhub.social/post/347779

I am running a Kubernetes cluster for this domain, and I’m looking at more services to run (right now I have Mastodon and Lemmy).

I was considering WriteFreely and PixelFed, but they don’t seem to have an easy solution for running on Kubernetes (WriteFreely doesn’t even have a production-ready docker image).

Is anyone else running federated services in their lab? Do you run any of them on Kubernetes?

@seang96@spgrn.com
link
fedilink
English
1
edit-2
6M

Using different federation protocol, but matrix wservers ould be the other big one.

Edit you also mentioned trouble creating them. I suggest looking into operator hub and using operators for postgres and redis and auth (keycloak?). This can get you down in the rabbit hole for making everything highly available too.

@jax@lemmy.cloudhub.social
creator
link
fedilink
English
26M

Yeah, I used to host a Matrix instance - could do that for this one too.

The issue is more about setting up the Kubernetes manifests and templating them. I usually use the chart’s built-in postgres and redis config, though using an operator would make it more scalable for sure.

I’m using Authentik for auth, but I do also like Keycloak.

@seang96@spgrn.com
link
fedilink
English
26M

Yeah it’s a bit of work sometimes. Synapse matrix kinda sucks too their philosophy of no environment variables for secrets. I ended up making an init container that hijacks my config map and I jet’s the environment variables into the config

@jax@lemmy.cloudhub.social
creator
link
fedilink
English
16M

They store the secrets in a file? Gross. What a poor way of handling that. Pretty sure environment variables would be more secure. Especially in Kubernetes.

@seang96@spgrn.com
link
fedilink
English
16M

Yeah I want to switch when other implementations catch up. Unfortunately I think that will be some more time especially since you can’t migrate from synapse and have to start from fresh. One day though!

I did the same for Lemmy at one point then found out all the configs are mapped to environment variables my convention. My Lemmy setup is the most advanced, but it has HA postgres, and all of its modules separated and HA. The proxy setup for it in k8s was rough but I eventually got it working directly on ingress-nginx too.

@jax@lemmy.cloudhub.social
creator
link
fedilink
English
16M

Huh, do you have your lemmy config documented somewhere? I keep running into issues with it and I’m not sure which component exactly is failing, but it’s annoying. I’m using this helm chart currently: ananace/lemmy It works, but I don’t have pict-rs setup in HA either.

@seang96@spgrn.com
link
fedilink
English
06M

I got all my yaml files source controlled privately right now but I can share if you want them. I disabled Pictrs around the time of CSAM attacks and have yet to bother enabling it again haha

@jax@lemmy.cloudhub.social
creator
link
fedilink
English
16M

I disabled Pictrs around the time of CSAM attacks and have yet to bother enabling it again

Uhh… what?? When did that happen? I thought pictrs was a requirement also…

@seang96@spgrn.com
link
fedilink
English
06M

Nah not a requirement. I think like 3 months or so after the reddit API shutdown. Big instances got local AI models to detect it and Lemmy server now supports disabling caching other instances so I’d probably disable that if I ever enable it again haha

Create a post

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

  1. Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

  • 1 user online
  • 306 users / day
  • 532 users / week
  • 1.21K users / month
  • 3.83K users / 6 months
  • 1 subscriber
  • 3.73K Posts
  • 75.2K Comments
  • Modlog