113 lines
3.9 KiB
YAML
113 lines
3.9 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: codimd
|
|
namespace: codimd
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
component: web
|
|
template:
|
|
metadata:
|
|
labels:
|
|
component: web
|
|
spec:
|
|
securityContext:
|
|
fsGroup: 1500
|
|
runAsGroup: 1500
|
|
runAsNonRoot: true
|
|
runAsUser: 1500
|
|
containers:
|
|
- name: codimd
|
|
image: "{{ .apps.codimd.image }}"
|
|
imagePullPolicy: IfNotPresent
|
|
env:
|
|
- name: CMD_DOMAIN
|
|
value: "{{ .apps.codimd.domain }}"
|
|
- name: CMD_URL_ADDPORT
|
|
value: "false"
|
|
- name: CMD_PROTOCOL_USESSL
|
|
value: "{{ .apps.codimd.useSSL }}"
|
|
- name: CMD_USECDN
|
|
value: "{{ .apps.codimd.useCDN }}"
|
|
- name: CMD_DB_URL
|
|
value: "postgres://{{ .apps.codimd.dbUser }}:$(CMD_DB_PASSWORD)@{{ .apps.codimd.dbHost }}:{{ .apps.codimd.dbPort }}/{{ .apps.codimd.dbName }}"
|
|
- name: CMD_DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: codimd-secrets
|
|
key: apps.codimd.dbPassword
|
|
- name: CMD_SESSION_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: codimd-secrets
|
|
key: apps.codimd.sessionSecret
|
|
- name: CMD_SESSION_LIFE
|
|
value: "{{ .apps.codimd.sessionLifeTime }}"
|
|
- name: CMD_HSTS_ENABLE
|
|
value: "{{ .apps.codimd.hstsEnable }}"
|
|
- name: CMD_HSTS_MAX_AGE
|
|
value: "{{ .apps.codimd.hstsMaxAge }}"
|
|
- name: CMD_HSTS_INCLUDE_SUBDOMAINS
|
|
value: "false"
|
|
- name: CMD_HSTS_PRELOAD
|
|
value: "true"
|
|
- name: CMD_CSP_ENABLE
|
|
value: "{{ .apps.codimd.cspEnable }}"
|
|
- name: CMD_ALLOW_GRAVATAR
|
|
value: "{{ .apps.codimd.allowGravatar }}"
|
|
- name: CMD_RESPONSE_MAX_LAG
|
|
value: "70"
|
|
- name: CMD_IMAGE_UPLOAD_TYPE
|
|
value: "{{ .apps.codimd.imageUploadType }}"
|
|
- name: CMD_ALLOW_FREEURL
|
|
value: "{{ .apps.codimd.allowFreeURL }}"
|
|
- name: CMD_FORBIDDEN_NOTE_IDS
|
|
value: "robots.txt,favicon.ico,api"
|
|
- name: CMD_DEFAULT_PERMISSION
|
|
value: "{{ .apps.codimd.defaultPermission }}"
|
|
- name: CMD_ALLOW_ANONYMOUS_EDITS
|
|
value: "{{ .apps.codimd.allowAnonymousEdits }}"
|
|
- name: CMD_ALLOW_ANONYMOUS_VIEWS
|
|
value: "{{ .apps.codimd.allowAnonymousViews }}"
|
|
- name: CMD_ALLOW_PDF_EXPORT
|
|
value: "{{ .apps.codimd.allowPdfExport }}"
|
|
- name: CMD_DEFAULT_USE_HARD_BREAK
|
|
value: "{{ .apps.codimd.useHardBreak }}"
|
|
- name: CMD_LINKIFY_HEADER_STYLE
|
|
value: "{{ .apps.codimd.linkifyHeaderStyle }}"
|
|
- name: CMD_AUTO_VERSION_CHECK
|
|
value: "{{ .apps.codimd.autoVersionCheck }}"
|
|
ports:
|
|
- name: http
|
|
containerPort: {{ .apps.codimd.port }}
|
|
volumeMounts:
|
|
- mountPath: /home/hackmd/app/public/uploads
|
|
name: uploads
|
|
readinessProbe:
|
|
httpGet:
|
|
port: {{ .apps.codimd.port }}
|
|
path: /status
|
|
initialDelaySeconds: 3
|
|
failureThreshold: 2
|
|
successThreshold: 3
|
|
timeoutSeconds: 2
|
|
periodSeconds: 5
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /status
|
|
port: {{ .apps.codimd.port }}
|
|
scheme: HTTP
|
|
initialDelaySeconds: 3
|
|
periodSeconds: 5
|
|
successThreshold: 1
|
|
timeoutSeconds: 2
|
|
restartPolicy: Always
|
|
volumes:
|
|
- name: uploads
|
|
persistentVolumeClaim:
|
|
claimName: codimd-uploads |