apiVersion: apps/v1 kind: Deployment metadata: name: outline namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: outline app.kubernetes.io/instance: {{ .Release.Name }} app.kubernetes.io/version: {{ .Chart.AppVersion }} app.kubernetes.io/component: web app.kubernetes.io/part-of: outline spec: revisionHistoryLimit: 3 replicas: {{ .Values.deployment.replicas }} strategy: type: {{ .Values.deployment.strategy }} selector: matchLabels: app.kubernetes.io/name: outline app.kubernetes.io/instance: {{ .Release.Name }} template: metadata: labels: app.kubernetes.io/name: outline app.kubernetes.io/instance: {{ .Release.Name }} spec: serviceAccountName: outline automountServiceAccountToken: true containers: - name: {{ .Release.Name }} image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}" imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }} ports: - name: web containerPort: {{ .Values.service.web.port }} protocol: TCP env: - name: NODE_ENV value: "{{ .Values.outline.nodeEnv }}" - name: URL value: "{{ .Values.outline.url }}" - name: PORT value: "{{ .Values.service.web.port }}" - name: SECRET_KEY valueFrom: secretKeyRef: name: "{{ .Values.outline.secretKey.existingSecretName }}" key: "{{ .Values.outline.secretKey.existingSecretKey }}" - name: UTILS_SECRET valueFrom: secretKeyRef: name: "{{ .Values.outline.utilsSecret.existingSecretName }}" key: "{{ .Values.outline.secretKey.existingSecretKey }}" - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: "{{ .Values.outline.database.passwordSecret.existingSecretName }}" key: "{{ .Values.outline.database.passwordSecret.existingSecretKey }}" - name: POSTGRES_USERNAME valueFrom: secretKeyRef: name: "{{ .Values.outline.database.usernameSecret.existingSecretName }}" key: "{{ .Values.outline.database.usernameSecret.existingSecretKey }}" - name: POSTGRES_DATABASE_NAME valueFrom: secretKeyRef: name: "{{ .Values.outline.database.databaseName.existingSecretName }}" key: "{{ .Values.outline.database.databaseName.existingSecretKey }}" - name: POSTGRES_DATABASE_HOST valueFrom: secretKeyRef: name: "{{ .Values.outline.database.databaseHost.existingSecretName }}" key: "{{ .Values.outline.database.databaseHost.existingSecretKey }}" - name: DATABASE_URL value: "postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@postgresql-{{ .Release.Name }}-cluster-rw:5432/$(POSTGRES_DATABASE_NAME)" - name: DATABASE_URL_TEST value: "postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@postgresql-{{ .Release.Name }}-cluster-rw:5432/$(POSTGRES_DATABASE_NAME)-test" - name: DATABASE_CONNECTION_POOL_MIN value: "{{ .Values.outline.database.connectionPoolMin }}" - name: DATABASE_CONNECTION_POOL_MAX value: "{{ .Values.outline.database.connectionPoolMax }}" - name: PGSSLMODE value: "{{ .Values.outline.database.sslMode }}" - name: REDIS_URL value: "redis://{{ .Release.Name }}-redis-master:6379" - name: FILE_STORAGE value: "{{ .Values.persistence.type }}" {{- if eq .Values.persistence.type "s3" }} - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: name: "{{ .Values.persistence.s3.credentialsSecret }}" key: AWS_ACCESS_KEY_ID - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: "{{ .Values.persistence.s3.credentialsSecret }}" key: AWS_SECRET_ACCESS_KEY {{- if .Values.persistence.s3.endpointConfigMap.enabled }} - name: AWS_REGION valueFrom: configMapKeyRef: name: "{{ .Values.persistence.s3.endpointConfigMap.name }}" key: BUCKET_REGION - name: AWS_S3_UPLOAD_BUCKET_NAME valueFrom: configMapKeyRef: name: "{{ .Values.persistence.s3.endpointConfigMap.name }}" key: BUCKET_NAME - name: AWS_S3_UPLOAD_BUCKET_HOST valueFrom: configMapKeyRef: name: "{{ .Values.persistence.s3.endpointConfigMap.name }}" key: BUCKET_HOST - name: AWS_S3_UPLOAD_BUCKET_PORT valueFrom: configMapKeyRef: name: "{{ .Values.persistence.s3.endpointConfigMap.name }}" key: BUCKET_PORT - name: AWS_S3_UPLOAD_BUCKET_URL value: "$(AWS_S3_UPLOAD_BUCKET_HOST):$(AWS_S3_UPLOAD_BUCKET_PORT)|" {{- else }} - name: AWS_REGION value: "{{ .Values.persistence.s3.region }}" - name: AWS_S3_UPLOAD_BUCKET_NAME value: "{{ .Values.persistence.s3.bucketName }}" - name: AWS_S3_UPLOAD_BUCKET_URL value: "{{ .Values.persistence.s3.endpoint }}" {{- end }} - name: AWS_S3_FORCE_PATH_STYLE value: "{{ .Values.persistence.s3.forcePathStyle }}" - name: AWS_S3_ACL value: "{{ .Values.persistence.s3.acl }}" - name: FILE_STORAGE_UPLOAD_MAX_SIZE value: "{{ .Values.persistence.s3.uploadMaxSize }}" {{- else if eq .Values.persistence.type "local" }} - name: FILE_STORAGE_LOCAL_ROOT_DIR value: "{{ .Values.persistence.local.localRootDir }}" - name: FILE_STORAGE_UPLOAD_MAX_SIZE value: "{{ .Values.persistence.local.uploadMaxSize }}" {{- end }} - name: FORCE_HTTPS value: "{{ .Values.outline.optional.forceHttps }}" - name: ENABLE_UPDATES value: "{{ .Values.outline.optional.enableUpdates }}" - name: WEB_CONCURRENCY value: "{{ .Values.outline.optional.webConcurrency }}" - name: FILE_STORAGE_IMPORT_MAX_SIZE value: "{{ .Values.outline.optional.maximumImportSize }}" - name: LOG_LEVEL value: "{{ .Values.outline.optional.logLevel }}" - name: DEFAULT_LANGUAGE value: "{{ .Values.outline.optional.defaultLanguage }}" - name: RATE_LIMITER_ENABLED value: "{{ .Values.outline.optional.rateLimiter.enabled }}" - name: RATE_LIMITER_REQUESTS value: "{{ .Values.outline.optional.rateLimiter.requests }}" - name: RATE_LIMITER_DURATION_WINDOW value: "{{ .Values.outline.optional.rateLimiter.durationWindow }}" - name: DEVELOPMENT_UNSAFE_INLINE_CSP value: "{{ .Values.outline.optional.developmentUnsafeInlineCsp }}" {{- if .Values.outline.auth.oidc.enabled }} - name: OIDC_CLIENT_ID valueFrom: secretKeyRef: name: "{{ .Values.outline.auth.oidc.clientId.existingSecretName }}" key: "{{ .Values.outline.auth.oidc.clientId.existingSecretKey }}" - name: OIDC_CLIENT_SECRET valueFrom: secretKeyRef: name: "{{ .Values.outline.auth.oidc.clientSecret.existingSecretName }}" key: "{{ .Values.outline.auth.oidc.clientSecret.existingSecretKey }}" - name: OIDC_AUTH_URI value: "{{ .Values.outline.auth.oidc.authUri }}" - name: OIDC_TOKEN_URI value: "{{ .Values.outline.auth.oidc.tokenUri }}" - name: OIDC_USERINFO_URI value: "{{ .Values.outline.auth.oidc.userinfoUri }}" - name: OIDC_USERNAME_CLAIM value: "{{ .Values.outline.auth.oidc.usernameClaim }}" - name: OIDC_DISPLAY_NAME value: "{{ .Values.outline.auth.oidc.displayName }}" - name: OIDC_SCOPES value: "{{ .Values.outline.auth.oidc.scopes }}" {{- end }} resources: {{- toYaml .Values.deployment.resources | nindent 12 }} {{- if eq .Values.persistence.type "local" }} volumeMounts: - name: "{{ .Release.Name }}-volume-claim" mountPath: {{ .Values.persistence.local.localRootDir }} volumes: - name: "{{ .Release.Name }}-volume-claim" persistentVolumeClaim: claimName: "{{ .Release.Name }}-volume-claim" {{- end }}