--- apiVersion: apps/v1 kind: Deployment metadata: name: vikunja-api spec: replicas: 2 selector: matchLabels: app.kubernetes.io/name: vikunja app.kubernetes.io/component: api app.kubernetes.io/part-of: vikunja template: metadata: labels: app.kubernetes.io/name: vikunja app.kubernetes.io/component: api app.kubernetes.io/part-of: vikunja spec: containers: - name: vikunja-api image: vikunja-api command: - /app/vikunja/vikunja env: - name: VIKUNJA_DATABASE_TYPE value: postgres - name: VIKUNJA_SERVICE_FRONTENDURL value: https://todo.icb4dc0.de - name: VIKUNJA_DATABASE_SSLMODE value: require - name: VIKUNJA_DATABASE_HOST valueFrom: secretKeyRef: name: db-credentials-vikunja key: HOST - name: VIKUNJA_DATABASE_DATABASE valueFrom: secretKeyRef: name: db-credentials-vikunja key: DATABASE_NAME - name: VIKUNJA_DATABASE_USER valueFrom: secretKeyRef: name: db-credentials-vikunja key: LOGIN - name: VIKUNJA_DATABASE_PASSWORD valueFrom: secretKeyRef: name: db-credentials-vikunja key: PASSWORD - name: GOMEMLIMIT valueFrom: resourceFieldRef: resource: limits.memory ports: - containerPort: 3456 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: drop: - ALL privileged: false resources: requests: memory: 30Mi cpu: 20m limits: memory: "100Mi" cpu: "50m" volumeMounts: - name: vikunja-config mountPath: /etc/vikunja - name: vikunja-content mountPath: /app/vikunja/files securityContext: fsGroup: 1000 runAsGroup: 1000 runAsUser: 1000 runAsNonRoot: false affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 100 preference: matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 volumes: - name: vikunja-config secret: secretName: vikunja-api-config - name: vikunja-content persistentVolumeClaim: claimName: vikunja-content