apiVersion: v1 kind: Secret metadata: name: outline namespace: outline annotations: kube-1password: maouivotrbgydslnsukbjrwgja kube-1password/vault: Kubernetes kube-1password/secret-text-key: .env type: Opaque --- apiVersion: v1 kind: Service metadata: name: outline namespace: outline spec: type: ClusterIP ports: - port: 80 targetPort: web name: web selector: app.kubernetes.io/name: outline --- apiVersion: apps/v1 kind: Deployment metadata: name: outline namespace: outline labels: app.kubernetes.io/name: outline annotations: secret.reloader.stakater.com/reload: "outline" spec: revisionHistoryLimit: 3 replicas: 1 selector: matchLabels: app.kubernetes.io/name: outline template: metadata: labels: app.kubernetes.io/name: outline spec: containers: - name: outline image: outlinewiki/outline:0.66.3 imagePullPolicy: IfNotPresent command: - sh - -c - | sleep 10 yarn db:migrate --env=production-ssl-disabled yarn start env: - name: ALLOWED_DOMAINS value: marcusnoble.co.uk,namelessplanet.com,paradoxfox.shop - name: OIDC_SCOPES value: "openid profile email" ports: - containerPort: 3000 name: web livenessProbe: httpGet: path: /_health port: web initialDelaySeconds: 10 startupProbe: httpGet: path: /_health port: web failureThreshold: 30 timeoutSeconds: 1 periodSeconds: 5 volumeMounts: - mountPath: /opt/outline/.env subPath: .env name: outline-env readOnly: true volumes: - name: outline-env secret: secretName: outline --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: outline namespace: outline annotations: cert-manager.io/cluster-issuer: letsencrypt nginx.ingress.kubernetes.io/force-ssl-redirect: "true" spec: ingressClassName: nginx tls: - hosts: - outline.cluster.fun secretName: outline-ingress rules: - host: outline.cluster.fun http: paths: - path: / pathType: ImplementationSpecific backend: service: name: outline port: number: 80