apiVersion: apps/v1 kind: Deployment metadata: name: "{{ .Release.Name }}" spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: "{{ .Release.Name }}" template: metadata: labels: app: "{{ .Release.Name }}" spec: containers: - name: "{{ .Release.Name }}" image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: "{{ .Values.image.pullPolicy }}" env: - name: PHOTOPRISM_UPLOAD_NSFW value: "true" - name: PHOTOPRISM_SITE_URL value: "https://{{ .Values.subdomain }}.olsen.cloud" #TODO # - name: PHOTOPRISM_UID # value: "1000" # - name: PHOTOPRISM_GID # value: "1000" # - name: PHOTOPRISM_DISABLE_CHOWN # value: "true" - name: PHOTOPRISM_AUTH_MODE value: password - name: PHOTOPRISM_DISABLE_TLS value: "false" - name: PHOTOPRISM_READONLY value: "false" - name: PHOTOPRISM_HTTP_COMPRESSION value: "gzip" - name: PHOTOPRISM_ADMIN_PASSWORD valueFrom: secretKeyRef: name: "{{ .Release.Name }}-secrets" key: password - name: PHOTOPRISM_OIDC_SCOPES value: "openid email profile offline_access" - name: PHOTOPRISM_OIDC_PROVIDER value: Authentik - name: PHOTOPRISM_OIDC_ICON value: https://cdn.jsdelivr.net/gh/selfhst/icons/png/authentik.png - name: PHOTOPRISM_OIDC_REGISTER value: "true" - name: PHOTOPRISM_OIDC_REDIRECT value: "false" - name: PHOTOPRISM_OIDC_CLIENT valueFrom: secretKeyRef: name: "{{ .Release.Name }}-client" key: clientId - name: PHOTOPRISM_OIDC_SECRET valueFrom: secretKeyRef: name: "{{ .Release.Name }}-client" key: clientSecret - name: PHOTOPRISM_OIDC_URI valueFrom: secretKeyRef: name: "{{ .Release.Name }}-client" key: configurationIssuer ports: - name: http containerPort: 2342 protocol: TCP livenessProbe: tcpSocket: port: http readinessProbe: tcpSocket: port: http volumeMounts: - mountPath: /photoprism/storage name: data - mountPath: /photoprism/originals name: originals volumes: - name: data persistentVolumeClaim: claimName: "{{ .Release.Name }}-data" - name: originals persistentVolumeClaim: claimName: pictures