ig-poster: pivot to Telegram-only delivery (manual IG upload)
User dropped Postiz/Instagram OAuth (Meta Business Account flagged
+ Postiz scope drift). New pipeline ends at Telegram — full-quality
JPEG delivered to the bot chat, manually uploaded to IG by the user.
- Image bumped to 25e46efd: adds /deliver/{asset_id} endpoint that
multipart-uploads to Telegram (URL-fetch fails through Cloudflare
for >5MB), then tags 'posted' in Immich.
- ESO now syncs telegram_bot_token + telegram_chat_id from Vault.
- Public ingress paths grow to ['/image', '/original'] (Authentik
bypass on /original is harmless — files are user-tagged, low blast
radius — and useful for ad-hoc browser downloads).
- Memory limit 512Mi -> 1500Mi: full-resolution Pillow HEIC decode
was OOMing on 12MP+ phone photos.
- discover.json simplified to scan -> deliver per item; approval and
post workflows already deactivated. Telegram bot webhook removed.
This commit is contained in:
parent
c2e61cdf31
commit
352586f711
3 changed files with 31 additions and 69 deletions
|
|
@ -57,31 +57,27 @@ resource "kubernetes_manifest" "external_secret" {
|
|||
data = [
|
||||
{
|
||||
secretKey = "IMMICH_API_KEY"
|
||||
remoteRef = {
|
||||
key = "instagram-poster"
|
||||
property = "immich_api_key"
|
||||
}
|
||||
remoteRef = { key = "instagram-poster", property = "immich_api_key" }
|
||||
},
|
||||
{
|
||||
secretKey = "POSTIZ_API_TOKEN"
|
||||
remoteRef = {
|
||||
key = "instagram-poster"
|
||||
property = "postiz_api_token"
|
||||
}
|
||||
remoteRef = { key = "instagram-poster", property = "postiz_api_token" }
|
||||
},
|
||||
{
|
||||
secretKey = "IMMICH_TAG_INSTAGRAM"
|
||||
remoteRef = {
|
||||
key = "instagram-poster"
|
||||
property = "immich_tag_instagram"
|
||||
}
|
||||
remoteRef = { key = "instagram-poster", property = "immich_tag_instagram" }
|
||||
},
|
||||
{
|
||||
secretKey = "IMMICH_TAG_POSTED"
|
||||
remoteRef = {
|
||||
key = "instagram-poster"
|
||||
property = "immich_tag_posted"
|
||||
}
|
||||
remoteRef = { key = "instagram-poster", property = "immich_tag_posted" }
|
||||
},
|
||||
{
|
||||
secretKey = "TELEGRAM_BOT_TOKEN"
|
||||
remoteRef = { key = "instagram-poster", property = "telegram_bot_token" }
|
||||
},
|
||||
{
|
||||
secretKey = "TELEGRAM_CHAT_ID"
|
||||
remoteRef = { key = "instagram-poster", property = "telegram_chat_id" }
|
||||
},
|
||||
]
|
||||
}
|
||||
|
|
@ -222,10 +218,12 @@ resource "kubernetes_deployment" "instagram_poster" {
|
|||
resources {
|
||||
requests = {
|
||||
cpu = "50m"
|
||||
memory = "64Mi"
|
||||
memory = "128Mi"
|
||||
}
|
||||
# Pillow full-resolution HEIC decode peaks ~600-800Mi for big phone
|
||||
# photos; 512Mi was OOMKilling on /original requests.
|
||||
limits = {
|
||||
memory = "512Mi"
|
||||
memory = "1500Mi"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -283,7 +281,7 @@ module "ingress_image_public" {
|
|||
host = "instagram-poster"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
protected = false
|
||||
ingress_path = ["/image"]
|
||||
ingress_path = ["/image", "/original"]
|
||||
port = 80
|
||||
service_name = "instagram-poster"
|
||||
}
|
||||
|
|
|
|||
|
|
@ -19,5 +19,5 @@ dependency "external-secrets" {
|
|||
|
||||
inputs = {
|
||||
# Bump per deploy. Use 8-char git SHA — :latest causes stale pull-through cache.
|
||||
image_tag = "24935ab4"
|
||||
image_tag = "25e46efd"
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue