202 lines
9.0 KiB
YAML
202 lines
9.0 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: outline
|
|
namespace: {{ .Release.Namespace }}
|
|
labels:
|
|
app.kubernetes.io/name: outline
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/version: {{ .Chart.AppVersion }}
|
|
app.kubernetes.io/component: web
|
|
app.kubernetes.io/part-of: outline
|
|
spec:
|
|
revisionHistoryLimit: 3
|
|
replicas: {{ .Values.deployment.replicas }}
|
|
strategy:
|
|
type: {{ .Values.deployment.strategy }}
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: outline
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: outline
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
spec:
|
|
serviceAccountName: outline
|
|
automountServiceAccountToken: true
|
|
containers:
|
|
- name: {{ .Release.Name }}
|
|
image: "{{ .Values.deployment.image.repository }}:{{ .Values.deployment.image.tag }}"
|
|
imagePullPolicy: {{ .Values.deployment.image.imagePullPolicy }}
|
|
ports:
|
|
- name: web
|
|
containerPort: {{ .Values.service.web.port }}
|
|
protocol: TCP
|
|
env:
|
|
- name: NODE_ENV
|
|
value: "{{ .Values.outline.nodeEnv }}"
|
|
- name: URL
|
|
value: "{{ .Values.outline.url }}"
|
|
- name: PORT
|
|
value: "{{ .Values.service.web.port }}"
|
|
- name: SECRET_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.secretKey.existingSecretName }}"
|
|
key: "{{ .Values.outline.secretKey.existingSecretKey }}"
|
|
- name: UTILS_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.utilsSecret.existingSecretName }}"
|
|
key: "{{ .Values.outline.secretKey.existingSecretKey }}"
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.database.passwordSecret.existingSecretName }}"
|
|
key: "{{ .Values.outline.database.passwordSecret.existingSecretKey }}"
|
|
- name: POSTGRES_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.database.usernameSecret.existingSecretName }}"
|
|
key: "{{ .Values.outline.database.usernameSecret.existingSecretKey }}"
|
|
- name: POSTGRES_DATABASE_NAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.database.databaseName.existingSecretName }}"
|
|
key: "{{ .Values.outline.database.databaseName.existingSecretKey }}"
|
|
- name: POSTGRES_DATABASE_HOST
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.database.databaseHost.existingSecretName }}"
|
|
key: "{{ .Values.outline.database.databaseHost.existingSecretKey }}"
|
|
- name: DATABASE_URL
|
|
value: "postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@postgresql-{{ .Release.Name }}-cluster-rw:5432/$(POSTGRES_DATABASE_NAME)"
|
|
- name: DATABASE_URL_TEST
|
|
value: "postgres://$(POSTGRES_USERNAME):$(POSTGRES_PASSWORD)@postgresql-{{ .Release.Name }}-cluster-rw:5432/$(POSTGRES_DATABASE_NAME)-test"
|
|
- name: DATABASE_CONNECTION_POOL_MIN
|
|
value: "{{ .Values.outline.database.connectionPoolMin }}"
|
|
- name: DATABASE_CONNECTION_POOL_MAX
|
|
value: "{{ .Values.outline.database.connectionPoolMax }}"
|
|
- name: PGSSLMODE
|
|
value: "{{ .Values.outline.database.sslMode }}"
|
|
- name: REDIS_URL
|
|
value: "redis://{{ .Release.Name }}-redis-master:6379"
|
|
- name: FILE_STORAGE
|
|
value: "{{ .Values.persistence.type }}"
|
|
|
|
{{- if eq .Values.persistence.type "s3" }}
|
|
- name: AWS_ACCESS_KEY_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.persistence.s3.credentialsSecret }}"
|
|
key: AWS_ACCESS_KEY_ID
|
|
- name: AWS_SECRET_ACCESS_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.persistence.s3.credentialsSecret }}"
|
|
key: AWS_SECRET_ACCESS_KEY
|
|
{{- if .Values.persistence.s3.endpointConfigMap.enabled }}
|
|
- name: AWS_REGION
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: "{{ .Values.persistence.s3.endpointConfigMap.name }}"
|
|
key: BUCKET_REGION
|
|
- name: AWS_S3_UPLOAD_BUCKET_NAME
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: "{{ .Values.persistence.s3.endpointConfigMap.name }}"
|
|
key: BUCKET_NAME
|
|
- name: AWS_S3_UPLOAD_BUCKET_HOST
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: "{{ .Values.persistence.s3.endpointConfigMap.name }}"
|
|
key: BUCKET_HOST
|
|
- name: AWS_S3_UPLOAD_BUCKET_PORT
|
|
valueFrom:
|
|
configMapKeyRef:
|
|
name: "{{ .Values.persistence.s3.endpointConfigMap.name }}"
|
|
key: BUCKET_PORT
|
|
- name: AWS_S3_UPLOAD_BUCKET_URL
|
|
value: "$(AWS_S3_UPLOAD_BUCKET_HOST):$(AWS_S3_UPLOAD_BUCKET_PORT)|"
|
|
{{- else }}
|
|
- name: AWS_REGION
|
|
value: "{{ .Values.persistence.s3.region }}"
|
|
- name: AWS_S3_UPLOAD_BUCKET_NAME
|
|
value: "{{ .Values.persistence.s3.bucketName }}"
|
|
- name: AWS_S3_UPLOAD_BUCKET_URL
|
|
value: "{{ .Values.persistence.s3.endpoint }}"
|
|
{{- end }}
|
|
- name: AWS_S3_FORCE_PATH_STYLE
|
|
value: "{{ .Values.persistence.s3.forcePathStyle }}"
|
|
- name: AWS_S3_ACL
|
|
value: "{{ .Values.persistence.s3.acl }}"
|
|
- name: FILE_STORAGE_UPLOAD_MAX_SIZE
|
|
value: "{{ .Values.persistence.s3.uploadMaxSize }}"
|
|
{{- else if eq .Values.persistence.type "local" }}
|
|
- name: FILE_STORAGE_LOCAL_ROOT_DIR
|
|
value: "{{ .Values.persistence.local.localRootDir }}"
|
|
- name: FILE_STORAGE_UPLOAD_MAX_SIZE
|
|
value: "{{ .Values.persistence.local.uploadMaxSize }}"
|
|
{{- end }}
|
|
|
|
- name: FORCE_HTTPS
|
|
value: "{{ .Values.outline.optional.forceHttps }}"
|
|
- name: ENABLE_UPDATES
|
|
value: "{{ .Values.outline.optional.enableUpdates }}"
|
|
- name: WEB_CONCURRENCY
|
|
value: "{{ .Values.outline.optional.webConcurrency }}"
|
|
- name: FILE_STORAGE_IMPORT_MAX_SIZE
|
|
value: "{{ .Values.outline.optional.maximumImportSize }}"
|
|
- name: LOG_LEVEL
|
|
value: "{{ .Values.outline.optional.logLevel }}"
|
|
- name: DEFAULT_LANGUAGE
|
|
value: "{{ .Values.outline.optional.defaultLanguage }}"
|
|
- name: RATE_LIMITER_ENABLED
|
|
value: "{{ .Values.outline.optional.rateLimiter.enabled }}"
|
|
- name: RATE_LIMITER_REQUESTS
|
|
value: "{{ .Values.outline.optional.rateLimiter.requests }}"
|
|
- name: RATE_LIMITER_DURATION_WINDOW
|
|
value: "{{ .Values.outline.optional.rateLimiter.durationWindow }}"
|
|
- name: DEVELOPMENT_UNSAFE_INLINE_CSP
|
|
value: "{{ .Values.outline.optional.developmentUnsafeInlineCsp }}"
|
|
|
|
{{- if .Values.outline.auth.oidc.enabled }}
|
|
- name: OIDC_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.auth.oidc.clientId.existingSecretName }}"
|
|
key: "{{ .Values.outline.auth.oidc.clientId.existingSecretKey }}"
|
|
- name: OIDC_CLIENT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: "{{ .Values.outline.auth.oidc.clientSecret.existingSecretName }}"
|
|
key: "{{ .Values.outline.auth.oidc.clientSecret.existingSecretKey }}"
|
|
- name: OIDC_AUTH_URI
|
|
value: "{{ .Values.outline.auth.oidc.authUri }}"
|
|
- name: OIDC_TOKEN_URI
|
|
value: "{{ .Values.outline.auth.oidc.tokenUri }}"
|
|
- name: OIDC_USERINFO_URI
|
|
value: "{{ .Values.outline.auth.oidc.userinfoUri }}"
|
|
- name: OIDC_USERNAME_CLAIM
|
|
value: "{{ .Values.outline.auth.oidc.usernameClaim }}"
|
|
- name: OIDC_DISPLAY_NAME
|
|
value: "{{ .Values.outline.auth.oidc.displayName }}"
|
|
- name: OIDC_SCOPES
|
|
value: "{{ .Values.outline.auth.oidc.scopes }}"
|
|
{{- end }}
|
|
|
|
resources:
|
|
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
|
|
|
{{- if eq .Values.persistence.type "local" }}
|
|
volumeMounts:
|
|
- name: "{{ .Release.Name }}-volume-claim"
|
|
mountPath: {{ .Values.persistence.local.localRootDir }}
|
|
volumes:
|
|
- name: "{{ .Release.Name }}-volume-claim"
|
|
persistentVolumeClaim:
|
|
claimName: "{{ .Release.Name }}-volume-claim"
|
|
{{- end }}
|