From 8818d822cff326ff443be1f24440c381d5f4858c Mon Sep 17 00:00:00 2001
From: Paul Payne <paul@payne.io>
Date: Tue, 30 Dec 2025 03:39:19 +0000
Subject: [PATCH] loomio (not yet working), and new config for postgres and
 redis

---
 loomio/db-init-job.yaml       |  64 ++++++++++++++++++
 loomio/deployment-worker.yaml | 101 +++++++++++++++++++++++++++
 loomio/deployment.yaml        | 124 ++++++++++++++++++++++++++++++++++
 loomio/ingress.yaml           |  24 +++++++
 loomio/kustomization.yaml     |  20 ++++++
 loomio/manifest.yaml          |  55 +++++++++++++++
 loomio/namespace.yaml         |   4 ++
 loomio/pvc-storage.yaml       |  11 +++
 loomio/pvc-uploads.yaml       |  11 +++
 loomio/service.yaml           |  13 ++++
 postgres/deployment.yaml      |  10 +--
 postgres/manifest.yaml        |   7 +-
 postgres/namespace.yaml       |   2 +-
 postgres/pvc.yaml             |   2 +-
 postgres/service.yaml         |   2 +-
 redis/deployment.yaml         |   8 +--
 redis/manifest.yaml           |   7 +-
 redis/namespace.yaml          |   2 +-
 redis/service.yaml            |   4 +-
 19 files changed, 452 insertions(+), 19 deletions(-)
 create mode 100644 loomio/db-init-job.yaml
 create mode 100644 loomio/deployment-worker.yaml
 create mode 100644 loomio/deployment.yaml
 create mode 100644 loomio/ingress.yaml
 create mode 100644 loomio/kustomization.yaml
 create mode 100644 loomio/manifest.yaml
 create mode 100644 loomio/namespace.yaml
 create mode 100644 loomio/pvc-storage.yaml
 create mode 100644 loomio/pvc-uploads.yaml
 create mode 100644 loomio/service.yaml

diff --git a/loomio/db-init-job.yaml b/loomio/db-init-job.yaml
new file mode 100644
index 0000000..020d9f6
--- /dev/null
+++ b/loomio/db-init-job.yaml
@@ -0,0 +1,64 @@
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: loomio-db-init
+spec:
+  template:
+    spec:
+      restartPolicy: OnFailure
+      containers:
+      - name: db-init
+        image: postgres:15-alpine
+        env:
+        - name: PGHOST
+          value: "{{ .db.host }}"
+        - name: PGPORT
+          value: "{{ .db.port }}"
+        - name: PGUSER
+          value: postgres
+        - name: PGPASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: postgres-secrets
+              key: postgres.password
+        - name: LOOMIO_DB_NAME
+          value: "{{ .db.name }}"
+        - name: LOOMIO_DB_USER
+          value: "{{ .db.user }}"
+        - name: LOOMIO_DB_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: dbPassword
+        command:
+        - sh
+        - -c
+        - |
+          echo "Creating database and user for Loomio..."
+
+          # Check if database exists, create if not
+          psql -tc "SELECT 1 FROM pg_database WHERE datname = '$LOOMIO_DB_NAME'" | grep -q 1 || \
+            psql -c "CREATE DATABASE \"$LOOMIO_DB_NAME\""
+
+          # Check if user exists, create or update password
+          psql -tc "SELECT 1 FROM pg_user WHERE usename = '$LOOMIO_DB_USER'" | grep -q 1 && \
+            psql -c "ALTER USER \"$LOOMIO_DB_USER\" WITH PASSWORD '$LOOMIO_DB_PASSWORD'" || \
+            psql -c "CREATE USER \"$LOOMIO_DB_USER\" WITH PASSWORD '$LOOMIO_DB_PASSWORD'"
+
+          # Grant all privileges
+          psql -c "GRANT ALL PRIVILEGES ON DATABASE \"$LOOMIO_DB_NAME\" TO \"$LOOMIO_DB_USER\""
+
+          # Connect to the database and grant schema permissions
+          psql -d "$LOOMIO_DB_NAME" -c "GRANT ALL ON SCHEMA public TO \"$LOOMIO_DB_USER\""
+
+          echo "Database initialization complete!"
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 999  # postgres user
+          runAsGroup: 999
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop: [ALL]
+          readOnlyRootFilesystem: true
+          seccompProfile:
+            type: RuntimeDefault
\ No newline at end of file
diff --git a/loomio/deployment-worker.yaml b/loomio/deployment-worker.yaml
new file mode 100644
index 0000000..cdd67b7
--- /dev/null
+++ b/loomio/deployment-worker.yaml
@@ -0,0 +1,101 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: loomio-worker
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: worker
+  template:
+    metadata:
+      labels:
+        component: worker
+    spec:
+      containers:
+      - name: worker
+        image: {{ .workerImage }}
+        env:
+        - name: TASK
+          value: worker
+        - name: RAILS_ENV
+          value: production
+        - name: SITE_NAME
+          value: {{ .appName }}
+        - name: CANONICAL_HOST
+          value: {{ .domain }}
+        - name: PUBLIC_APP_URL
+          value: https://{{ .domain }}
+        - name: SUPPORT_EMAIL
+          value: {{ .supportEmail }}
+        - name: DATABASE_URL
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: dbUrl
+        - name: REDIS_URL
+          value: {{ .redisUrl }}
+        - name: DEVISE_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: deviseSecret
+        - name: SECRET_COOKIE_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: secretCookieToken
+        - name: ACTIVE_STORAGE_SERVICE
+          value: {{ .activeStorageService }}
+        - name: SMTP_AUTH
+          value: {{ .smtp.auth }}
+        - name: SMTP_DOMAIN
+          value: {{ .smtp.domain }}
+        - name: SMTP_SERVER
+          value: {{ .smtp.host }}
+        - name: SMTP_PORT
+          value: "{{ .smtp.port }}"
+        - name: SMTP_USERNAME
+          value: {{ .smtp.user }}
+        - name: SMTP_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: smtpPassword
+        - name: SMTP_USE_SSL
+          value: "{{ .smtp.tls }}"
+        - name: REPLY_HOSTNAME
+          value: {{ .smtp.from }}
+        volumeMounts:
+        - name: uploads
+          mountPath: /loomio/public/system
+        - name: storage
+          mountPath: /loomio/storage
+        - name: tmp
+          mountPath: /loomio/tmp
+        resources:
+          requests:
+            memory: 256Mi
+            cpu: 100m
+          limits:
+            memory: 1Gi
+            cpu: 500m
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+          runAsGroup: 1000
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop: [ALL]
+          readOnlyRootFilesystem: false
+          seccompProfile:
+            type: RuntimeDefault
+      volumes:
+      - name: uploads
+        persistentVolumeClaim:
+          claimName: loomio-uploads
+      - name: storage
+        persistentVolumeClaim:
+          claimName: loomio-storage
+      - name: tmp
+        emptyDir: {}
\ No newline at end of file
diff --git a/loomio/deployment.yaml b/loomio/deployment.yaml
new file mode 100644
index 0000000..8c54136
--- /dev/null
+++ b/loomio/deployment.yaml
@@ -0,0 +1,124 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: loomio
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      component: web
+  template:
+    metadata:
+      labels:
+        component: web
+    spec:
+      containers:
+      - name: loomio
+        image: {{ .image }}
+        ports:
+        - containerPort: 3000
+          name: http
+        env:
+        - name: RAILS_ENV
+          value: production
+        - name: SITE_NAME
+          value: {{ .appName }}
+        - name: CANONICAL_HOST
+          value: {{ .domain }}
+        - name: PUBLIC_APP_URL
+          value: https://{{ .domain }}
+        - name: SUPPORT_EMAIL
+          value: {{ .supportEmail }}
+        - name: DATABASE_URL
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: dbUrl
+        - name: REDIS_URL
+          value: {{ .redisUrl }}
+        - name: DEVISE_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: deviseSecret
+        - name: SECRET_COOKIE_TOKEN
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: secretCookieToken
+        - name: FORCE_SSL
+          value: "{{ .forceSSL }}"
+        - name: USE_RACK_ATTACK
+          value: "{{ .useRackAttack }}"
+        - name: PUMA_WORKERS
+          value: "{{ .pumaWorkers }}"
+        - name: MIN_THREADS
+          value: "{{ .minThreads }}"
+        - name: MAX_THREADS
+          value: "{{ .maxThreads }}"
+        - name: ACTIVE_STORAGE_SERVICE
+          value: {{ .activeStorageService }}
+        - name: SMTP_AUTH
+          value: {{ .smtp.auth }}
+        - name: SMTP_DOMAIN
+          value: {{ .smtp.domain }}
+        - name: SMTP_SERVER
+          value: {{ .smtp.host }}
+        - name: SMTP_PORT
+          value: "{{ .smtp.port }}"
+        - name: SMTP_USERNAME
+          value: {{ .smtp.user }}
+        - name: SMTP_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: loomio-secrets
+              key: smtpPassword
+        - name: SMTP_USE_SSL
+          value: "{{ .smtp.tls }}"
+        - name: REPLY_HOSTNAME
+          value: {{ .smtp.from }}
+        volumeMounts:
+        - name: uploads
+          mountPath: /loomio/public/system
+        - name: storage
+          mountPath: /loomio/storage
+        - name: tmp
+          mountPath: /loomio/tmp
+        resources:
+          requests:
+            memory: 512Mi
+            cpu: 200m
+          limits:
+            memory: 2Gi
+            cpu: 1000m
+        livenessProbe:
+          httpGet:
+            path: /health
+            port: 3000
+          initialDelaySeconds: 60
+          periodSeconds: 30
+        readinessProbe:
+          httpGet:
+            path: /health
+            port: 3000
+          initialDelaySeconds: 30
+          periodSeconds: 10
+        securityContext:
+          runAsNonRoot: true
+          runAsUser: 1000
+          runAsGroup: 1000
+          allowPrivilegeEscalation: false
+          capabilities:
+            drop: [ALL]
+          readOnlyRootFilesystem: false
+          seccompProfile:
+            type: RuntimeDefault
+      volumes:
+      - name: uploads
+        persistentVolumeClaim:
+          claimName: loomio-uploads
+      - name: storage
+        persistentVolumeClaim:
+          claimName: loomio-storage
+      - name: tmp
+        emptyDir: {}
\ No newline at end of file
diff --git a/loomio/ingress.yaml b/loomio/ingress.yaml
new file mode 100644
index 0000000..c181efd
--- /dev/null
+++ b/loomio/ingress.yaml
@@ -0,0 +1,24 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: loomio
+  annotations:
+    external-dns.alpha.kubernetes.io/target: {{ .externalDnsDomain }}
+    external-dns.alpha.kubernetes.io/cloudflare-proxied: "false"
+spec:
+  ingressClassName: traefik
+  tls:
+  - hosts:
+    - {{ .domain }}
+    secretName: {{ .tlsSecretName }}
+  rules:
+  - host: {{ .domain }}
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: loomio
+            port:
+              number: 80
\ No newline at end of file
diff --git a/loomio/kustomization.yaml b/loomio/kustomization.yaml
new file mode 100644
index 0000000..89cd7d3
--- /dev/null
+++ b/loomio/kustomization.yaml
@@ -0,0 +1,20 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: loomio
+
+resources:
+  - namespace.yaml
+  - pvc-uploads.yaml
+  - pvc-storage.yaml
+  - deployment.yaml
+  - deployment-worker.yaml
+  - service.yaml
+  - ingress.yaml
+  - db-init-job.yaml
+
+labels:
+  - includeSelectors: true
+    pairs:
+      app: loomio
+      managedBy: kustomize
+      partOf: wild-cloud
\ No newline at end of file
diff --git a/loomio/manifest.yaml b/loomio/manifest.yaml
new file mode 100644
index 0000000..8dbbbd0
--- /dev/null
+++ b/loomio/manifest.yaml
@@ -0,0 +1,55 @@
+name: loomio
+description: Loomio is a collaborative decision-making tool that makes it easy for groups to make decisions together
+version: 3.0.11
+icon: https://www.loomio.com/favicon.ico
+requires:
+  - name: postgres
+    installed_as: postgres
+  - name: redis
+defaultConfig:
+  namespace: loomio
+  externalDnsDomain: {{ .cloud.domain }}
+  image: loomio/loomio:v3.0.11
+  workerImage: loomio/loomio:v3.0.11
+  appName: Loomio
+  domain: loomio.{{ .cloud.domain }}
+  tlsSecretName: wildcard-wild-cloud-tls
+  port: 3000
+  storage:
+    uploads: 5Gi
+    files: 5Gi
+    plugins: 1Gi
+  redisUrl: {{ .apps.redis.uri }}
+  adminEmail: "admin@{{ .cloud.domain }}"
+  supportEmail: "support@{{ .cloud.domain }}"
+  forceSSL: "1"
+  useRackAttack: "1"
+  pumaWorkers: "2"
+  minThreads: "5"
+  maxThreads: "5"
+  activeStorageService: local
+  db:
+    name: loomio
+    user: loomio
+    host: {{ .apps.postgres.host }}
+    port: {{ .apps.postgres.port }}
+  smtp:
+    auth: plain
+    domain: "{{ .cloud.domain }}"
+    host: "{{ .cloud.smtp.host }}"
+    port: "{{ .cloud.smtp.port }}"
+    user: "{{ .cloud.smtp.user }}"
+    tls: "{{ .cloud.smtp.tls }}"
+    from: "{{ .cloud.smtp.from }}"
+defaultSecrets:
+  - key: dbPassword
+    default: "{{ random.AlphaNum 32 }}"
+  - key: dbUrl
+    default: "postgresql://{{ .app.db.user }}:{{ .secrets.dbPassword }}@{{ .app.db.host }}:{{ .app.db.port }}/{{ .app.db.name }}?pool=30"
+  - key: deviseSecret
+    default: "{{ random.AlphaNum 32 }}"
+  - key: secretCookieToken
+    default: "{{ random.AlphaNum 32 }}"
+  - key: smtpPassword
+requiredSecrets:
+  - postgres.password
diff --git a/loomio/namespace.yaml b/loomio/namespace.yaml
new file mode 100644
index 0000000..054927e
--- /dev/null
+++ b/loomio/namespace.yaml
@@ -0,0 +1,4 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+  name: {{ .namespace }}
diff --git a/loomio/pvc-storage.yaml b/loomio/pvc-storage.yaml
new file mode 100644
index 0000000..d34c554
--- /dev/null
+++ b/loomio/pvc-storage.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: loomio-storage
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .storage.files }}
+  storageClassName: longhorn
\ No newline at end of file
diff --git a/loomio/pvc-uploads.yaml b/loomio/pvc-uploads.yaml
new file mode 100644
index 0000000..33e3e6d
--- /dev/null
+++ b/loomio/pvc-uploads.yaml
@@ -0,0 +1,11 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: loomio-uploads
+spec:
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: {{ .storage.uploads }}
+  storageClassName: longhorn
\ No newline at end of file
diff --git a/loomio/service.yaml b/loomio/service.yaml
new file mode 100644
index 0000000..f618df9
--- /dev/null
+++ b/loomio/service.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: loomio
+spec:
+  type: ClusterIP
+  selector:
+    component: web
+  ports:
+  - name: http
+    port: 80
+    targetPort: 3000
+    protocol: TCP
\ No newline at end of file
diff --git a/postgres/deployment.yaml b/postgres/deployment.yaml
index d14151f..9b677d0 100644
--- a/postgres/deployment.yaml
+++ b/postgres/deployment.yaml
@@ -15,7 +15,7 @@ spec:
     spec:
       containers:
         - name: postgres
-          image: "{{ .apps.postgres.image }}"
+          image: "{{ .image }}"
           args:
             [
               "-c",
@@ -35,16 +35,16 @@ spec:
             - name: PGDATA
               value: /var/lib/postgresql/data/pgdata
             - name: TZ
-              value: "{{ .apps.postgres.timezone }}"
+              value: "{{ .timezone }}"
             - name: POSTGRES_DB
-              value: "{{ .apps.postgres.database }}"
+              value: "{{ .database }}"
             - name: POSTGRES_USER
-              value: "{{ .apps.postgres.user }}"
+              value: "{{ .user }}"
             - name: POSTGRES_PASSWORD
               valueFrom:
                 secretKeyRef:
                   name: postgres-secrets
-                  key: apps.postgres.password
+                  key: password
           volumeMounts:
             - name: postgres-data
               mountPath: /var/lib/postgresql/data
diff --git a/postgres/manifest.yaml b/postgres/manifest.yaml
index 53d7113..2095c69 100644
--- a/postgres/manifest.yaml
+++ b/postgres/manifest.yaml
@@ -4,10 +4,13 @@ description: PostgreSQL is a powerful, open source object-relational database sy
 version: 1.0.0
 icon: https://www.postgresql.org/media/img/about/press/elephant.png
 defaultConfig:
+  namespace: postgres
+  host: postgres.postgres.svc.cluster.local
+  port: 5432
   database: postgres
   user: postgres
   storage: 10Gi
   image: pgvector/pgvector:pg15
   timezone: UTC
-requiredSecrets:
-  - apps.postgres.password
+defaultSecrets:
+  - key: password
diff --git a/postgres/namespace.yaml b/postgres/namespace.yaml
index 427794c..054927e 100644
--- a/postgres/namespace.yaml
+++ b/postgres/namespace.yaml
@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: postgres
+  name: {{ .namespace }}
diff --git a/postgres/pvc.yaml b/postgres/pvc.yaml
index 822353a..08624ec 100644
--- a/postgres/pvc.yaml
+++ b/postgres/pvc.yaml
@@ -9,4 +9,4 @@ spec:
   storageClassName: longhorn
   resources:
     requests:
-      storage: {{ .apps.postgres.storage | default "10Gi" }}
+      storage: {{ .storage }}
diff --git a/postgres/service.yaml b/postgres/service.yaml
index 4628dde..61d5219 100644
--- a/postgres/service.yaml
+++ b/postgres/service.yaml
@@ -5,6 +5,6 @@ metadata:
   name: postgres
 spec:
   ports:
-    - port: 5432
+    - port: {{ .port }}
   selector:
     app: postgres
diff --git a/redis/deployment.yaml b/redis/deployment.yaml
index c0dba06..e8e6ebe 100644
--- a/redis/deployment.yaml
+++ b/redis/deployment.yaml
@@ -14,18 +14,18 @@ spec:
         app: redis
     spec:
       containers:
-        - image: "{{ .apps.redis.image }}"
+        - image: "{{ .image }}"
           name: redis
           ports:
-            - containerPort: {{ .apps.redis.port }}
+            - containerPort: {{ .port }}
           env:
             - name: TZ
-              value: "{{ .apps.redis.timezone }}"
+              value: "{{ .timezone }}"
             - name: REDIS_PASSWORD
               valueFrom:
                 secretKeyRef:
                   name: redis-secrets
-                  key: apps.redis.password
+                  key: password
           command:
             - redis-server
             - --requirepass
diff --git a/redis/manifest.yaml b/redis/manifest.yaml
index d3e7c06..b0bf720 100644
--- a/redis/manifest.yaml
+++ b/redis/manifest.yaml
@@ -4,8 +4,11 @@ description: Redis is an open source, in-memory data structure store, used as a
 version: 1.0.0
 icon: <svg xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 85 27"><path fill="#FF4438" fill-rule="evenodd" d="M75.29 13.813c0-2.968 2.2-4.69 4.947-4.69 2.052 0 3.884.99 4.763 3.444-.257 1.245-1.795 2.638-2.455 2.858-.55-1.173-1.172-1.869-1.758-1.869-.733 0-.77.513-.77 1.172 0 .467.134 1.155.295 1.983.243 1.25.548 2.82.548 4.43 0 2.93-2.052 5.092-5.203 5.092-2.885 0-4.48-1.892-5.19-4.913-1.885 3.377-4.641 4.913-6.754 4.913-3.302 0-4.08-2.441-4-4.917-1.328 2.345-3.882 4.917-6.331 4.917-2.501 0-3.384-2.177-3.182-4.712-1.498 2.791-4.208 4.712-6.82 4.712-2.836 0-4.239-2.252-3.785-5.044-1.907 2.344-5.458 5.044-9.149 5.044-4.209 0-6.04-2.27-6.258-5.114-2.031 3.256-4.77 5.224-8.03 5.224-4.709 0-6.393-4.187-6.638-7.611a111 111 0 0 1-6.113 7.464c-.256.257-.476.403-.732.403C1.832 26.6.11 22.862 0 21.47c.723-1.121 5.281-6.13 8.95-10.161 1.29-1.417 2.471-2.714 3.336-3.679-2.247.678-4.564 2.03-7.486 4.132-.513.366-1.942-2.968-1.906-5.533 3.371-2.49 8.5-4.066 12.64-4.066 5.79 0 9.123 3.224 9.123 7.694 0 3.737-3.114 7.84-7.657 7.987-2.362.061-3.876-1.265-4.65-2.902.092 2.532 1.409 5.65 4.943 5.65 3.853 0 5.704-2.326 8.463-5.795q.269-.339.55-.69c2.345-2.895 5.056-5.46 9.013-5.46 2.418 0 4.067 1.503 4.067 3.774 0 2.748-3.224 6.558-7.73 6.558-.77 0-1.472-.101-2.064-.301q-.024.173-.025.338c0 1.282.476 2.052 2.565 2.052 3.077 0 5.971-1.832 9.489-6.119 3.444-4.213 6.045-6.045 8.793-6.045 1.855 0 3.262 1.005 3.883 2.698C57.98 6.283 61.104 2.514 63.75 0c2.601 1.1 4.47 3.26 3.957 3.7-1.942 1.76-8.427 8.83-10.991 13.044-.66 1.099-1.283 2.308-1.283 2.894 0 .55.33.733.696.733 1.76 0 5.289-4.156 8.336-7.746 1.138-1.34 2.209-2.602 3.095-3.539 2.052.843 4.14 2.638 3.627 3.261-2.71 3.224-4.762 5.862-4.762 7.364 0 .403.146.66.696.66 1.026 0 1.978-.916 3.554-2.858.33-.403.732-.403.989.22.696 1.685 1.722 2.601 2.528 2.601.952 0 1.429-.843 1.429-2.125 0-.876-.107-1.895-.2-2.772-.069-.664-.13-1.246-.13-1.624m-59.096-.477c1.942 0 4.067-1.062 4.067-3.224 0-1.312-.814-2.521-2.99-2.89l-.342.535c-1.106 1.729-2.149 3.359-3.2 4.953.63.354 1.427.626 2.465.626m19.638.66c0-.587-.367-.99-.953-.99-1.47 0-3.687 2.063-4.73 4.055.385.15.837.232 1.323.232 2.601 0 4.36-1.978 4.36-3.297m9.636 5.312c0 .66.366 1.1 1.135 1.1 2.382 0 5.35-4.324 5.35-6.083 0-.732-.403-1.172-1.063-1.172-2.162 0-5.422 4.103-5.422 6.155M76.06 6.082c-.843 1.392-2.125 2.968-2.601 3.444-2.199-.916-4.25-2.748-3.957-3.26.806-1.43 2.125-2.968 2.601-3.445 2.198.916 4.25 2.785 3.957 3.261" clip-rule="evenodd"></path></svg>
 defaultConfig:
+  namespace: redis
   image: redis:alpine
   timezone: UTC
+  host: redis.redis.svc.cluster.local
   port: 6379
-requiredSecrets:
-  - apps.redis.password
+  uri: redis://{{ .app.host }}:{{ .app.port }}/0
+defaultSecrets:
+  - key: password
diff --git a/redis/namespace.yaml b/redis/namespace.yaml
index 188bfc8..6990999 100644
--- a/redis/namespace.yaml
+++ b/redis/namespace.yaml
@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: redis
\ No newline at end of file
+  name: {{ .namespace }}
\ No newline at end of file
diff --git a/redis/service.yaml b/redis/service.yaml
index 9c75149..9740f0e 100644
--- a/redis/service.yaml
+++ b/redis/service.yaml
@@ -7,7 +7,7 @@ metadata:
     app: redis
 spec:
   ports:
-    - port: {{ .apps.redis.port }}
-      targetPort: {{ .apps.redis.port }}
+    - port: {{ .port }}
+      targetPort: {{ .port }}
   selector:
     app: redis