mirror of
https://github.com/Thumbscrew/k8s-charts.git
synced 2025-04-04 14:23:38 +00:00
169 lines
6.2 KiB
YAML
169 lines
6.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "freshrss.fullname" . }}
|
|
labels:
|
|
{{- include "freshrss.labels" . | nindent 4 }}
|
|
spec:
|
|
replicas: {{ .Values.replicaCount }}
|
|
strategy:
|
|
{{ toYaml .Values.strategy | indent 4 }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "freshrss.selectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
{{- with .Values.podAnnotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "freshrss.selectorLabels" . | nindent 8 }}
|
|
spec:
|
|
{{- with .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "freshrss.serviceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml .Values.podSecurityContext | nindent 8 }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
securityContext:
|
|
{{- toYaml .Values.securityContext | nindent 12 }}
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
ports:
|
|
- name: http
|
|
containerPort: {{ .Values.service.port }}
|
|
protocol: TCP
|
|
env:
|
|
- name: TZ
|
|
value: {{ .Values.freshrss.timezone }}
|
|
- name: FRESHRSS_ENV
|
|
value: {{ .Values.freshrss.freshEnv }}
|
|
{{- if .Values.freshrss.cron.enabled }}
|
|
- name: CRON_MIN
|
|
value: {{ .Values.freshrss.cron.cronMin }}
|
|
{{- end }}
|
|
{{- if .Values.freshrss.autoInstall.enabled }}
|
|
- name: FRESHRSS_INSTALL
|
|
value: |-
|
|
{{- if .Values.freshrss.autoInstall.apiEnabled }}
|
|
--api_enabled
|
|
{{- end }}
|
|
--language {{ .Values.freshrss.autoInstall.language }}
|
|
--default_user {{ .Values.freshrss.autoInstall.defaultUser.user }}
|
|
{{- if ne .Values.freshrss.autoInstall.db.type "sqlite" }}
|
|
--db-base {{ .Values.freshrss.autoInstall.db.name }}
|
|
--db-host {{ .Values.freshrss.autoInstall.db.host }}
|
|
--db-password {{ .Values.freshrss.autoInstall.db.password }}
|
|
--db-type {{ .Values.freshrss.autoInstall.db.type }}
|
|
--db-user {{ .Values.freshrss.autoInstall.db.user }}
|
|
{{- end }}
|
|
- name: FRESHRSS_USER
|
|
value: |-
|
|
{{- with .Values.freshrss.autoInstall.defaultUser }}
|
|
--email {{ .email }}
|
|
--password {{ .password }}
|
|
--user {{ .user }}
|
|
{{- end }}
|
|
--language {{ .Values.freshrss.autoInstall.language }}
|
|
{{- end }}
|
|
{{- if .Values.freshrss.oidc.enabled }}
|
|
- name: OIDC_ENABLED
|
|
value: "1"
|
|
{{- with .Values.freshrss.oidc }}
|
|
- name: OIDC_PROVIDER_METADATA_URL
|
|
value: {{ .providerMetadataUrl }}
|
|
{{- if .existingClientSecret.name }}
|
|
- name: OIDC_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .existingClientSecret.name }}
|
|
key: {{ .existingClientSecret.clientIdKey }}
|
|
- name: OIDC_CLIENT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .existingClientSecret.name }}
|
|
key: {{ .existingClientSecret.clientSecretKey }}
|
|
- name: OIDC_CLIENT_CRYPTO_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .existingClientSecret.name }}
|
|
key: {{ .existingClientSecret.clientCryptoKeyKey }}
|
|
{{- else }}
|
|
- name: OIDC_CLIENT_ID
|
|
value: {{ .clientId }}
|
|
- name: OIDC_CLIENT_SECRET
|
|
value: {{ .clientSecretKey }}
|
|
- name: OIDC_CLIENT_CRYPTO_KEY
|
|
value: {{ .clientCryptoKey }}
|
|
{{- end }}
|
|
{{- if .remoteUserClaim }}
|
|
- name: OIDC_REMOTE_USER_CLAIM
|
|
value: {{ .remoteUserClaim }}
|
|
{{- end }}
|
|
{{- if .scopes }}
|
|
- name: OIDC_SCOPES
|
|
value: {{ printf "%s" (join " " .scopes) }}
|
|
{{- end }}
|
|
{{- if .xForwardedHeaders }}
|
|
- name: OIDC_X_FORWARDED_HEADERS
|
|
value: {{ printf "%s" (join " " .xForwardedHeaders) }}
|
|
{{- end }}
|
|
- name: OIDC_SESSION_INACTIVITY_TIMEOUT
|
|
value: "{{ .session.inactivityTimeout }}"
|
|
{{- if ge .session.maxDuration 0.0 }}
|
|
- name: OIDC_SESSION_MAX_DURATION
|
|
value: "{{ .session.maxDuration }}"
|
|
{{- end }}
|
|
{{- if .session.type }}
|
|
- name: OIDC_SESSION_TYPE
|
|
value: {{ .session.type }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
livenessProbe:
|
|
httpGet:
|
|
{{- if .Values.freshrss.oidc.enabled }}
|
|
path: /i/oidc/
|
|
{{- else }}
|
|
path: /i/
|
|
{{- end }}
|
|
port: http
|
|
initialDelaySeconds: 30
|
|
readinessProbe:
|
|
httpGet:
|
|
{{- if .Values.freshrss.oidc.enabled }}
|
|
path: /i/oidc/
|
|
{{- else }}
|
|
path: /i/
|
|
{{- end }}
|
|
port: http
|
|
resources:
|
|
{{- toYaml .Values.resources | nindent 12 }}
|
|
volumeMounts:
|
|
- name: freshrss-data
|
|
mountPath: /var/www/FreshRSS/data
|
|
volumes:
|
|
- name: freshrss-data
|
|
{{- if .Values.persistence.enabled }}
|
|
persistentVolumeClaim:
|
|
claimName: {{ if .Values.persistence.existingClaim }}{{ .Values.persistence.existingClaim }}{{- else }}{{ template "freshrss.fullname" . }}-pvc{{- end }}
|
|
{{- else }}
|
|
emptyDir: {}
|
|
{{- end }}
|
|
{{- with .Values.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|