ryot: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: ghcr.io/ignisda/ryot tag: v6.11.0 pullPolicy: IfNotPresent env: - name: TZ value: US/Central - name: AUDIO_BOOKS_AUDIBLE_LOCAL value: us - name: BOOKS_GOOGLE_BOOKS_API_KEY valueFrom: secretKeyRef: name: ryot-key-secret key: google_books - name: BOOKS_OPENLIBRARY_COVER_IMAGE_SIZE value: "M" - name: DATABASE_URL valueFrom: secretKeyRef: name: ryot-postgresql-16-cluster-app key: uri - name: DISABLE_TELEMETRY value: true - name: FILE_STORAGE_S3_ACCESS_KEY_ID valueFrom: secretKeyRef: name: ryot-minio-user-secret key: AWS_ACCESS_KEY_ID - name: FILE_STORAGE_S3_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: ryot-minio-user-secret key: AWS_SECRET_ACCESS_KEY - name: FILE_STORAGE_S3_BUCKET_NAME value: ryot - name: FILE_STORAGE_S3_REGION value: us-east-1 - name: FILE_STORAGE_S3_URL value: https://ryot-storage-cl01tl.boreal-beaufort.ts.net - name: FRONTEND_DASHBOARD_MESSAGE value: Ryot - name: FRONTEND_OIDC_BUTTON_LABEL value: Authentik Login - name: FRONTEND_URL value: https://ryot-cl01tl.boreal-beaufort.ts.net - name: INTEGRATION_SYNC_EVERY_MINUTES value: 5 - name: MEDIA_MONITORING_REMOVE_AFTER_DAYS value: 30 - name: MOVIES_AND_SHOWS_TMDB_ACCESS_TOKEN valueFrom: secretKeyRef: name: ryot-key-secret key: tmdb - name: MOVIES_AND_SHOWS_TMDB_LOCALE value: en - name: PODCASTS_ITUNES_LOCALE value: en_us - name: PODCASTS_LISTENNOTES_API_TOKEN valueFrom: secretKeyRef: name: ryot-key-secret key: listennotes - name: SCHEDULER_RATE_LIMIT_NUM value: 5 - name: SERVER_ADMIN_ACCESS_TOKEN valueFrom: secretKeyRef: name: ryot-key-secret key: admin_token - name: SERVER_OIDC_CLIENT_ID valueFrom: secretKeyRef: name: ryot-oidc-secret key: client_id - name: SERVER_OIDC_CLIENT_SECRET valueFrom: secretKeyRef: name: ryot-oidc-secret key: client_secret - name: SERVER_OIDC_ISSUER_URL valueFrom: secretKeyRef: name: ryot-oidc-secret key: issuer_url - name: SERVER_DISABLE_BACKGROUND_JOBS value: false - name: SERVER_GRAPHQL_PLAYGROUND_ENABLED value: true - name: SERVER_MAX_FILE_SIZE value: 70 - name: SERVER_PROGRESS_UPDATE_THRESHOLD value: 2 - name: SERVER_SLEEP_BEFORE_STARTUP_SECONDS value: 0 - name: USERS_ALLOW_REGISTRATION value: true - name: USERS_DISABLE_LOCAL_AUTH value: false - name: USERS_JWT_SECRET valueFrom: secretKeyRef: name: ryot-key-secret key: jwt_secret - name: USERS_TOKEN_VALID_FOR_DAYS value: 90 - name: VIDEO_GAMES_IGDB_IMAGE_SIZE value: t_original - name: VIDEO_GAMES_TWITCH_CLIENT_ID valueFrom: secretKeyRef: name: ryot-key-secret key: twitch_client_id - name: VIDEO_GAMES_TWITCH_CLIENT_SECRET valueFrom: secretKeyRef: name: ryot-key-secret key: twitch_client_secret resources: requests: cpu: 100m memory: 256Mi serviceAccount: create: true service: main: controller: main ports: http: port: 80 targetPort: 8000 protocol: HTTP ingress: tailscale: enabled: true className: tailscale hosts: - host: ryot-cl01tl paths: - path: / pathType: Prefix service: name: ryot port: 80 tls: - hosts: - ryot-cl01tl minio: existingSecret: name: ryot-minio-root-secret tenant: name: minio-ryot configuration: name: ryot-minio-config-secret pools: - servers: 3 name: pool volumesPerServer: 2 size: 10Gi storageClassName: ceph-block mountPath: /export subPath: /data metrics: enabled: true port: 9000 protocol: http certificate: requestAutoCert: false ingress: api: enabled: true ingressClassName: tailscale annotations: tailscale.com/experimental-forward-cluster-traffic-via-ingress: "true" tls: - secretName: ryot-storage-cl01tl hosts: - ryot-storage-cl01tl host: ryot-storage-cl01tl path: / pathType: Prefix console: enabled: true ingressClassName: tailscale tls: - secretName: minio-ryot-cl01tl hosts: - minio-ryot-cl01tl host: minio-ryot-cl01tl path: / pathType: Prefix postgres-16-cluster: mode: standalone cluster: walStorage: storageClass: local-path storage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: false backup: enabled: true endpointURL: https://s3.us-east-2.amazonaws.com destinationPath: s3://cl01tl-postgresql-backups/ryot endpointCredentials: ryot-postgresql-16-cluster-backup-secret backupIndex: 1 retentionPolicy: 14d