131 lines
3.8 KiB
YAML
131 lines
3.8 KiB
YAML
freshrss:
|
|
controllers:
|
|
main:
|
|
type: deployment
|
|
replicas: 1
|
|
strategy: Recreate
|
|
revisionHistoryLimit: 3
|
|
containers:
|
|
main:
|
|
image:
|
|
repository: freshrss/freshrss
|
|
tag: 1.24.3
|
|
pullPolicy: IfNotPresent
|
|
env:
|
|
- name: PGID
|
|
value: "568"
|
|
- name: PUID
|
|
value: "568"
|
|
- name: TZ
|
|
value: US/Central
|
|
- name: FRESHRSS_ENV
|
|
value: production
|
|
- name: CRON_MIN
|
|
value: 13,43
|
|
- name: BASE_URL
|
|
value: https://rss.alexlebens.dev
|
|
- name: DB_HOST
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: freshrss-postgresql-16-cluster-app
|
|
key: host
|
|
- name: DB_BASE
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: freshrss-postgresql-16-cluster-app
|
|
key: dbname
|
|
- name: DB_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: freshrss-postgresql-16-cluster-app
|
|
key: user
|
|
- name: DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: freshrss-postgresql-16-cluster-app
|
|
key: password
|
|
- name: FRESHRSS_INSTALL
|
|
value: |
|
|
--api-enabled
|
|
--base-url $(BASE_URL)
|
|
--db-base $(DB_BASE)
|
|
--db-host $(DB_HOST)
|
|
--db-password $(DB_PASSWORD)
|
|
--db-type pgsql
|
|
--db-user $(DB_USER)
|
|
--auth-type http_auth
|
|
--default-user admin
|
|
--language en
|
|
- name: FRESHRSS_USER
|
|
value: |
|
|
--api-password $(ADMIN_API_PASSWORD)
|
|
--email $(ADMIN_EMAIL)
|
|
--language en
|
|
--password $(ADMIN_PASSWORD)
|
|
--user admin
|
|
- name: OIDC_ENABLED
|
|
value: 1
|
|
- name: OIDC_PROVIDER_METADATA_URL
|
|
value: https://auth.alexlebens.dev/application/o/freshrss/.well-known/openid-configuration
|
|
- name: OIDC_X_FORWARDED_HEADERS
|
|
value: X-Forwarded-Port X-Forwarded-Proto X-Forwarded-Host
|
|
- name: OIDC_SCOPES
|
|
value: openid email profile
|
|
- name: OIDC_REMOTE_USER_CLAIM
|
|
value: preferred_username
|
|
envFrom:
|
|
- secretRef:
|
|
name: freshrss-oidc-secret
|
|
- secretRef:
|
|
name: freshrss-install-secret
|
|
resources:
|
|
requests:
|
|
cpu: 100m
|
|
memory: 256Mi
|
|
serviceAccount:
|
|
create: true
|
|
service:
|
|
main:
|
|
controller: main
|
|
ports:
|
|
http:
|
|
port: 80
|
|
targetPort: 80
|
|
protocol: HTTP
|
|
persistence:
|
|
config:
|
|
storageClass: ceph-block
|
|
accessMode: ReadWriteOnce
|
|
size: 5Gi
|
|
retain: true
|
|
advancedMounts:
|
|
main:
|
|
main:
|
|
- path: /config
|
|
readOnly: false
|
|
cloudflared:
|
|
existingSecretName: freshrss-cloudflared-secret
|
|
postgres-16-cluster:
|
|
mode: standalone
|
|
cluster:
|
|
walStorage:
|
|
storageClass: local-path
|
|
storage:
|
|
storageClass: local-path
|
|
monitoring:
|
|
enabled: true
|
|
prometheusRule:
|
|
enabled: false
|
|
backup:
|
|
enabled: true
|
|
endpointURL: https://s3.us-east-2.amazonaws.com
|
|
destinationPath: s3://cl01tl-postgresql-backups/freshrss
|
|
endpointCredentials: freshrss-postgresql-16-cluster-backup-secret
|
|
backupIndex: 1
|
|
tags:
|
|
backupRetentionPolicy: "expire"
|
|
user: "cl01tl-freshrss-postgresql"
|
|
historyTags:
|
|
backupRetentionPolicy: "keep"
|
|
user: "cl01tl-freshrss-postgresql"
|