freshrss: controllers: main: type: deployment replicas: 1 strategy: Recreate revisionHistoryLimit: 3 containers: main: image: repository: freshrss/freshrss tag: 1.23.1 pullPolicy: IfNotPresent env: - name: PGID value: "568" - name: PUID value: "568" - name: TZ value: US/Central - name: FRESHRSS_ENV value: production - name: CRON_MIN value: 13,43 - name: OIDC_ENABLED value: 1 - name: OIDC_PROVIDER_METADATA_URL value: https://auth.alexlebens.dev/application/o/freshrss/.well-known/openid-configuration - name: OIDC_X_FORWARDED_HEADERS value: X-Forwarded-Port X-Forwarded-Proto X-Forwarded-Host - name: OIDC_SCOPES value: openid email profile - name: OIDC_REMOTE_USER_CLAIM value: preferred_username envFrom: - secretRef: name: freshrss-oidc-secret resources: requests: cpu: 100m memory: 256Mi serviceAccount: create: true service: main: controller: main ports: http: port: 80 targetPort: 80 protocol: HTTP persistence: config: storageClass: ceph-block accessMode: ReadWriteOnce size: 5Gi retain: true advancedMounts: main: main: - path: /config readOnly: false cloudflared: global: nameOverride: cloudflared controllers: main: type: deployment strategy: Recreate containers: main: image: repository: cloudflare/cloudflared tag: "2024.5.0" pullPolicy: IfNotPresent args: - tunnel - --no-autoupdate - run - --token - $(CF_MANAGED_TUNNEL_TOKEN) env: - name: CF_MANAGED_TUNNEL_TOKEN valueFrom: secretKeyRef: name: freshrss-cloudflared-secret key: cf-tunnel-token resources: requests: cpu: 100m memory: 256Mi postgres-16-cluster: mode: standalone kubernetesClusterName: cl01tl cluster: walStorage: storageClass: local-path storage: storageClass: local-path monitoring: enabled: true backup: enabled: true endpointURL: https://s3.us-east-2.amazonaws.com destinationPath: s3://cl01tl-postgresql-backups/freshrss endpointCredentials: freshrss-postgresql-16-cluster-backup-secret backupIndex: 1 retentionPolicy: 14d