apiVersion: apps/v1 kind: Deployment metadata: name: "{{ .Release.Name }}" labels: app: "{{ .Release.Name }}" spec: replicas: 1 selector: matchLabels: app: "{{ .Release.Name }}" template: metadata: labels: app: "{{ .Release.Name }}" spec: containers: - name: "{{ .Release.Name }}" image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: "{{ .Values.image.pullPolicy }}" ports: - containerPort: 3000 name: http env: - name: TZ value: "{{ .Values.globals.timezone }}" - name: NEXTAUTH_URL value: "https://{{ .Values.subdomain }}.{{ .Values.globals.domain }}/api/v1/auth" - name: NEXT_PUBLIC_OLLAMA_ENDPOINT_URL value: "http://ollama:80" - name: OLLAMA_MODEL value: phi3:mini-4k - name: DATABASE_URL valueFrom: secretKeyRef: name: "{{ .Release.Name }}-pg-connection" key: url - name: NEXTAUTH_SECRET valueFrom: secretKeyRef: name: "{{ .Release.Name }}-secrets" key: nextauth - name: NEXT_PUBLIC_DISABLE_REGISTRATION value: "true" - name: NEXT_PUBLIC_CREDENTIALS_ENABLED value: "false" - name: DISABLE_NEW_SSO_USERS value: "false" - name: NEXT_PUBLIC_AUTHENTIK_ENABLED value: "true" - name: AUTHENTIK_CLIENT_ID valueFrom: secretKeyRef: name: "{{ .Release.Name }}-client" key: clientId - name: AUTHENTIK_CLIENT_SECRET valueFrom: secretKeyRef: name: "{{ .Release.Name }}-client" key: clientSecret - name: AUTHENTIK_ISSUER value: "https://authentik.{{ .Values.globals.domain }}/application/o/linkwarden" # TODO: # - name: AUTHENTIK_ISSUER # valueFrom: # secretKeyRef: # name: "{{ .Release.Name }}-client" # key: configurationIssuer volumeMounts: - mountPath: /data/data name: data volumes: - name: data persistentVolumeClaim: claimName: "{{ .Release.Name }}-data"