apiVersion: apps/v1 kind: Deployment metadata: name: lemmy-pictrs namespace: {{ .namespace }} spec: replicas: {{ .pictrsReplicas }} selector: matchLabels: component: pictrs template: metadata: labels: component: pictrs spec: securityContext: runAsNonRoot: true runAsUser: 991 runAsGroup: 991 fsGroup: 991 seccompProfile: type: RuntimeDefault containers: - name: pictrs image: {{ .pictrsImage }} securityContext: allowPrivilegeEscalation: false capabilities: drop: [ALL] readOnlyRootFilesystem: false env: - name: PICTRS__SERVER__BIND value: "0.0.0.0:{{ .pictrsPort }}" - name: PICTRS__MEDIA__VIDEO_CODEC value: vp9 - name: PICTRS__MEDIA__GIF__MAX_WIDTH value: "256" - name: PICTRS__MEDIA__GIF__MAX_HEIGHT value: "256" - name: PICTRS__MEDIA__GIF__MAX_AREA value: "65536" - name: PICTRS__MEDIA__GIF__MAX_FRAME_COUNT value: "400" - name: RUST_LOG value: debug - name: RUST_BACKTRACE value: full - name: PICTRS__REPO__TYPE value: sled - name: PICTRS__REPO__PATH value: /mnt/sled-repo - name: PICTRS__STORE__TYPE value: filesystem - name: PICTRS__STORE__PATH value: /mnt/files ports: - containerPort: {{ .pictrsPort }} name: http volumeMounts: - name: storage mountPath: /mnt livenessProbe: httpGet: path: /healthz port: {{ .pictrsPort }} initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /healthz port: {{ .pictrsPort }} initialDelaySeconds: 10 periodSeconds: 5 volumes: - name: storage persistentVolumeClaim: claimName: lemmy-pictrs-storage