Fix/renovate (#44)

2026-02-08 01:36:28 +01:00 · 2025-09-23 23:57:54 +02:00
parent 67e9c3bc32
commit 440328ce6b
28 changed files with 329 additions and 21 deletions
--- a/charts/apps/linkwarden/templates/deployment.yaml
+++ b/charts/apps/linkwarden/templates/deployment.yaml
@@ -0,0 +1,75 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: "{{ .Release.Name }}"
+  labels:
+    app: "{{ .Release.Name }}"
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: "{{ .Release.Name }}"
+  template:
+    metadata:
+      labels:
+        app: "{{ .Release.Name }}"
+    spec:
+      containers:
+        - name: "{{ .Release.Name }}"
+          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
+          imagePullPolicy: "{{ .Values.image.pullPolicy }}"
+          ports:
+            - containerPort: 3000
+              name: http
+          env:
+            - name: TZ
+              value: "{{ .Values.globals.timezone }}"
+            - name: NEXTAUTH_URL
+              value: "https://{{ .Values.subdomain }}.{{ .Values.globals.domain }}/api/v1/auth"
+            - name: NEXT_PUBLIC_OLLAMA_ENDPOINT_URL
+              value: "http://ollama:80"
+            - name: OLLAMA_MODEL
+              value: phi3:mini-4k
+            - name: DATABASE_URL
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-pg-connection"
+                  key: url
+            - name: NEXTAUTH_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-secrets"
+                  key: nextauth
+            - name: NEXT_PUBLIC_DISABLE_REGISTRATION
+              value: "true"
+            - name: NEXT_PUBLIC_CREDENTIALS_ENABLED
+              value: "false"
+            - name: DISABLE_NEW_SSO_USERS
+              value: "false"
+            - name: NEXT_PUBLIC_AUTHENTIK_ENABLED
+              value: "true"
+            - name: AUTHENTIK_CLIENT_ID
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-client"
+                  key: clientId
+            - name: AUTHENTIK_CLIENT_SECRET
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ .Release.Name }}-client"
+                  key: clientSecret
+            - name: AUTHENTIK_ISSUER
+              value: "https://authentik.{{ .Values.globals.domain }}/application/o/linkwarden"
+              # TODO:
+            # - name: AUTHENTIK_ISSUER
+            #   valueFrom:
+            #     secretKeyRef:
+            #       name: "{{ .Release.Name }}-client"
+            #       key: configurationIssuer
+          volumeMounts:
+            - mountPath: /data/data
+              name: data
+      volumes:
+        - name: data
+          persistentVolumeClaim:
+            claimName: "{{ .Release.Name }}-data"