forked from catalin/fukuops
84 lines
No EOL
2.3 KiB
YAML
84 lines
No EOL
2.3 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: miniflux-deployment
|
|
namespace: apps-roboces
|
|
labels:
|
|
app.kubernetes.io/name: miniflux
|
|
app.kubernetes.io/managed-by: argo
|
|
app.kubernetes.io/version: 2.1.0
|
|
annotations:
|
|
kube-score/ignore: pod-networkpolicy,deployment-has-host-podantiaffinity
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: miniflux
|
|
app.kubernetes.io/version: 2.1.0
|
|
replicas: 3
|
|
strategy:
|
|
rollingUpdate:
|
|
maxSurge: 50%
|
|
maxUnavailable: 50%
|
|
type: RollingUpdate
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: miniflux
|
|
app.kubernetes.io/version: 2.1.0
|
|
spec:
|
|
containers:
|
|
- name: miniflux
|
|
image: miniflux/miniflux:2.1.0
|
|
imagePullPolicy: Always
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: true
|
|
runAsUser: 10000
|
|
runAsGroup: 10000
|
|
capabilities:
|
|
drop:
|
|
- all
|
|
resources:
|
|
requests:
|
|
cpu: 300m
|
|
memory: 300Mi
|
|
ephemeral-storage: 2Gi
|
|
limits:
|
|
cpu: 400m
|
|
memory: 500Mi
|
|
ephemeral-storage: 4Gi
|
|
livenessProbe:
|
|
tcpSocket:
|
|
port: 8080
|
|
initialDelaySeconds: 5
|
|
timeoutSeconds: 15
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 10
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 8080
|
|
initialDelaySeconds: 15
|
|
timeoutSeconds: 2
|
|
successThreshold: 1
|
|
failureThreshold: 3
|
|
periodSeconds: 10
|
|
envFrom:
|
|
- secretRef:
|
|
name: miniflux
|
|
env:
|
|
- name: RUN_MIGRATIONS
|
|
value: "1"
|
|
- name: CREATE_ADMIN
|
|
value: "1"
|
|
- name: OAUTH2_PROVIDER
|
|
value: "oidc"
|
|
- name: OAUTH2_REDIRECT_URL
|
|
value: "https://feeds.roboces.dev/oauth2/oidc/callback"
|
|
- name: OAUTH2_OIDC_DISCOVERY_ENDPOINT
|
|
value: "https://auth.fukurokuju.dev/application/o/miniflux/"
|
|
- name: OAUTH2_USER_CREATION
|
|
value: "1"
|
|
restartPolicy: Always
|
|
automountServiceAccountToken: false |