111 lines
2.4 KiB
YAML

apiVersion: v1
kind: Secret
metadata:
name: outline
namespace: outline
annotations:
kube-1password: maouivotrbgydslnsukbjrwgja
kube-1password/vault: Kubernetes
kube-1password/secret-text-key: .env
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
name: outline
namespace: outline
spec:
type: ClusterIP
ports:
- port: 80
targetPort: web
name: web
selector:
app.kubernetes.io/name: outline
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: outline
namespace: outline
labels:
app.kubernetes.io/name: outline
annotations:
secret.reloader.stakater.com/reload: "outline"
spec:
revisionHistoryLimit: 3
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: outline
template:
metadata:
labels:
app.kubernetes.io/name: outline
spec:
containers:
- name: outline
image: outlinewiki/outline:0.81.1
imagePullPolicy: IfNotPresent
env:
- name: ALLOWED_DOMAINS
value: marcusnoble.co.uk,namelessplanet.com,paradoxfox.shop
- name: OIDC_SCOPES
value: "openid profile email"
- name: PGSSLMODE
value: "disable"
ports:
- containerPort: 3000
name: web
livenessProbe:
httpGet:
path: /_health
port: web
initialDelaySeconds: 10
startupProbe:
httpGet:
path: /_health
port: web
failureThreshold: 30
timeoutSeconds: 1
periodSeconds: 5
resources:
requests:
cpu: 8m
memory: 800Mi
volumeMounts:
- mountPath: /opt/outline/.env
subPath: .env
name: outline-env
readOnly: true
volumes:
- name: outline-env
secret:
secretName: outline
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: outline
namespace: outline
annotations:
cert-manager.io/cluster-issuer: letsencrypt
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
spec:
ingressClassName: nginx
tls:
- hosts:
- outline.cluster.fun
secretName: outline-ingress
rules:
- host: outline.cluster.fun
http:
paths:
- path: /
pathType: ImplementationSpecific
backend:
service:
name: outline
port:
number: 80