I disabled Pictrs around the time of CSAM attacks and have yet to bother enabling it again
Uhh… what?? When did that happen? I thought pictrs was a requirement also…
(They/Them)
This is my main lemmy account.
Admin of lemmy.cloudhub.social
I can also be found elsewhere on the fediverse at @[email protected]
I disabled Pictrs around the time of CSAM attacks and have yet to bother enabling it again
Uhh… what?? When did that happen? I thought pictrs was a requirement also…
Huh, do you have your lemmy config documented somewhere? I keep running into issues with it and I’m not sure which component exactly is failing, but it’s annoying. I’m using this helm chart currently: ananace/lemmy It works, but I don’t have pict-rs setup in HA either.
They store the secrets in a file? Gross. What a poor way of handling that. Pretty sure environment variables would be more secure. Especially in Kubernetes.
Yeah, I used to host a Matrix instance - could do that for this one too.
The issue is more about setting up the Kubernetes manifests and templating them. I usually use the chart’s built-in postgres and redis config, though using an operator would make it more scalable for sure.
I’m using Authentik for auth, but I do also like Keycloak.
I’ve seen that around, but I prefer to run my own services instead of relying on a ready-built system like that. I find they don’t offer that much customization options usually.
I think both of the ones I mentioned have docker-compose
files, which I think I can convert with kompose convert
? I guess from there I would follow your steps and then start parameterizing it once it’s running properly.
Thanks! I think I’ll start trying out PixelFed tomorrow.
That’s actually super helpful! I haven’t done much custom Helm chart-ing, and was kinda lost where to start. That really helps break the process down, and the tip about skipping state to start is very wise.
Yeah, that’s the pain point - building and maintaining the charts.
Also, I know the charts likely wouldn’t have to be super complex, but I’m used to working with Bitnami’s charts that are massively complex - I just don’t have the time to go that in-depth.
Oh, I know I could get them to run with enough work. I just don’t have that much time to spend on initial implementation and upkeep of the charts.
I’m using FluxCD, which I believe can do deployments of plain Kubernetes manifests, but that still requires a decent amount of overhead to keep up to date.
I should look into how to do that on my instance probably. Pictrs always seemed like a bit of a security nightmare.