directus: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: directus/directus tag: 11.9.3 pullPolicy: IfNotPresent env: - name: PUBLIC_URL value: https://directus.alexlebens.dev - name: WEBSOCKETS_ENABLED value: true - name: ADMIN_EMAIL valueFrom: secretKeyRef: name: directus-config key: admin-email - name: ADMIN_PASSWORD valueFrom: secretKeyRef: name: directus-config key: admin-password - name: SECRET valueFrom: secretKeyRef: name: directus-config key: secret - name: KEY valueFrom: secretKeyRef: name: directus-config key: key - name: DB_CLIENT value: postgres - name: DB_HOST valueFrom: secretKeyRef: name: directus-postgresql-17-cluster-app key: host - name: DB_DATABASE valueFrom: secretKeyRef: name: directus-postgresql-17-cluster-app key: dbname - name: DB_PORT valueFrom: secretKeyRef: name: directus-postgresql-17-cluster-app key: port - name: DB_USER valueFrom: secretKeyRef: name: directus-postgresql-17-cluster-app key: user - name: DB_PASSWORD valueFrom: secretKeyRef: name: directus-postgresql-17-cluster-app key: password - name: REDIS_ENABLED value: true - name: REDIS_HOST value: directus-valkey-primary - name: REDIS_PORT value: 6379 - name: REDIS_USERNAME valueFrom: secretKeyRef: name: directus-valkey-config key: user - name: REDIS_PASSWORD valueFrom: secretKeyRef: name: directus-valkey-config key: password - name: STORAGE_LOCATIONS value: s3 - name: STORAGE_S3_DRIVER value: s3 - name: STORAGE_S3_KEY valueFrom: secretKeyRef: name: ceph-bucket-directus key: AWS_ACCESS_KEY_ID - name: STORAGE_S3_SECRET valueFrom: secretKeyRef: name: ceph-bucket-directus key: AWS_SECRET_ACCESS_KEY - name: STORAGE_S3_BUCKET valueFrom: configMapKeyRef: name: ceph-bucket-directus key: BUCKET_NAME - name: STORAGE_S3_REGION value: us-east-1 - name: STORAGE_S3_ENDPOINT value: http://rook-ceph-rgw-ceph-objectstore.rook-ceph.svc:80 - name: STORAGE_S3_FORCE_PATH_STYLE value: true - name: AUTH_PROVIDERS value: AUTHENTIK - name: AUTH_AUTHENTIK_DRIVER value: openid - name: AUTH_AUTHENTIK_CLIENT_ID valueFrom: secretKeyRef: name: directus-oidc-secret key: OIDC_CLIENT_ID - name: AUTH_AUTHENTIK_CLIENT_SECRET valueFrom: secretKeyRef: name: directus-oidc-secret key: OIDC_CLIENT_SECRET - name: AUTH_AUTHENTIK_SCOPE value: openid profile email - name: AUTH_AUTHENTIK_ISSUER_URL value: https://auth.alexlebens.dev/application/o/directus/.well-known/openid-configuration - name: AUTH_AUTHENTIK_IDENTIFIER_KEY value: email - name: AUTH_AUTHENTIK_ALLOW_PUBLIC_REGISTRATION value: true - name: AUTH_AUTHENTIK_LABEL value: Authentik - name: TELEMETRY value: false - name: METRICS_ENABLED value: true - name: METRICS_TOKENS valueFrom: secretKeyRef: name: directus-metric-token key: metric-token resources: requests: cpu: 10m memory: 256Mi service: main: controller: main ports: http: port: 80 targetPort: 8055 protocol: TCP valkey: architecture: replication auth: enabled: true existingSecret: directus-valkey-config existingSecretPasswordKey: password usePasswordFiles: false primary: resources: requests: cpu: 100m memory: 64Mi persistence: enabled: true size: 1Gi replica: replicaCount: 1 resources: requests: cpu: 100m memory: 64Mi persistence: enabled: true size: 1Gi cloudflared-directus: name: cloudflared-directus existingSecretName: directus-cloudflared-secret postgres-17-cluster: mode: standalone cluster: storage: storageClass: local-path walStorage: storageClass: local-path monitoring: enabled: true prometheusRule: enabled: true recovery: method: objectStore objectStore: endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster endpointCredentials: directus-postgresql-17-cluster-backup-secret recoveryIndex: 2 backup: enabled: true endpointURL: https://nyc3.digitaloceanspaces.com destinationPath: s3://postgres-backups-ce540ddf106d186bbddca68a/cl01tl/directus/directus-postgresql-17-cluster endpointCredentials: directus-postgresql-17-cluster-backup-secret backupIndex: 2 retentionPolicy: "7d"