mirror of
https://github.com/morten-olsen/homelab-operator.git
synced 2026-02-08 01:36:28 +01:00
64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
apiVersion: apps/v1
|
|
kind: StatefulSet
|
|
metadata:
|
|
name: '{{ .Release.Name }}'
|
|
labels:
|
|
app: '{{ .Release.Name }}'
|
|
spec:
|
|
serviceName: '{{ .Release.Name }}-headless'
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: '{{ .Release.Name }}'
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: '{{ .Release.Name }}'
|
|
spec:
|
|
containers:
|
|
- name: '{{ .Release.Name }}'
|
|
image: ghcr.io/jordan-dalby/bytestash:latest
|
|
ports:
|
|
- containerPort: 5000
|
|
name: http
|
|
env:
|
|
- name: OIDC_ENABLED
|
|
value: 'true'
|
|
- name: OIDC_DISPLAY_NAME
|
|
value: OIDC
|
|
- name: OIDC_CLIENT_ID
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: '{{ .Release.Name }}-client'
|
|
key: clientId
|
|
- name: OIDC_CLIENT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: '{{ .Release.Name }}-client'
|
|
key: clientSecret
|
|
- name: OIDC_ISSUER_URL
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: '{{ .Release.Name }}-client'
|
|
key: configuration
|
|
|
|
volumeMounts:
|
|
- mountPath: /data/snippets
|
|
name: bytestash-data
|
|
|
|
# Defines security context for the pod to avoid running as root.
|
|
# securityContext:
|
|
# runAsUser: 1000
|
|
# runAsGroup: 1000
|
|
# fsGroup: 1000
|
|
|
|
volumeClaimTemplates:
|
|
- metadata:
|
|
name: bytestash-data
|
|
spec:
|
|
accessModes: ['ReadWriteOnce']
|
|
storageClassName: '{{ .Values.environment }}'
|
|
resources:
|
|
requests:
|
|
storage: 5Gi
|