infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity
kubernetes/paperless-ngx/paperless-ngx.yaml

390 lines
9.4 KiB
YAML
Raw Blame History

apiVersion: v1
kind: Namespace
metadata:
name: paperless-ngx
labels:
app.kubernetes.io/instance: paperless-ngx
---
apiVersion: v1
kind: ConfigMap
metadata:
name: paperless-cmd
namespace: paperless-ngx
labels:
app.kubernetes.io/name: paperless_cmd.sh
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
data:
paperless_cmd.sh: |+
#!/bin/sh
exec /usr/local/bin/supervisord -c /etc/supervisord.conf --user paperless
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: paperless-ngx
namespace: paperless-ngx
labels:
app.kubernetes.io/name: data
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: redis
app.kubernetes.io/component: redis
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
name: redis
namespace: paperless-ngx
spec:
ports:
- name: redis
port: 6379
selector:
app.kubernetes.io/name: redis
app.kubernetes.io/component: redis
app.kubernetes.io/instance: paperless-ngx
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: paperless-ngx
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
name: paperless-ngx
namespace: paperless-ngx
spec:
ports:
- name: http
port: 8000
selector:
app.kubernetes.io/name: paperless-ngx
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: gotenberg
app.kubernetes.io/component: gotenberg
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
name: gotenberg
namespace: paperless-ngx
spec:
ports:
- name: gotenberg
port: 3000
selector:
app.kubernetes.io/name: gotenberg
app.kubernetes.io/component: gotenberg
app.kubernetes.io/instance: paperless-ngx
type: ClusterIP
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/name: tika
app.kubernetes.io/component: tika
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
name: tika
namespace: paperless-ngx
spec:
ports:
- name: tika
port: 9998
selector:
app.kubernetes.io/name: tika
app.kubernetes.io/component: tika
app.kubernetes.io/instance: paperless-ngx
type: ClusterIP
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: redis
namespace: paperless-ngx
labels:
app.kubernetes.io/name: redis
app.kubernetes.io/component: redis
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
spec:
serviceName: redis
selector:
matchLabels:
app.kubernetes.io/name: redis
app.kubernetes.io/component: redis
app.kubernetes.io/instance: paperless-ngx
template:
metadata:
labels:
app.kubernetes.io/name: redis
app.kubernetes.io/component: redis
app.kubernetes.io/instance: paperless-ngx
spec:
containers:
- name: redis
image: docker.io/library/redis:7
imagePullPolicy: IfNotPresent
ports:
- name: redis
containerPort: 6379
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
runAsUser: 1000
runAsGroup: 1000
volumeMounts:
- name: data
mountPath: /data
subPath: data
- name: tmp
mountPath: /tmp
securityContext:
fsGroup: 1000
volumes:
- name: tmp
emptyDir:
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
labels:
app.kubernetes.io/name: redis
app.kubernetes.io/component: redis
app.kubernetes.io/part-of: paperless-ngx
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: paperless-ngx
namespace: paperless-ngx
labels:
app.kubernetes.io/name: paperless-ngx
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
spec:
serviceName: paperless-ngx
selector:
matchLabels:
app.kubernetes.io/name: paperless-ngx
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
template:
metadata:
labels:
app.kubernetes.io/name: paperless-ngx
app.kubernetes.io/component: paperless-ngx
app.kubernetes.io/instance: paperless-ngx
spec:
containers:
- name: paperless-ngx
image: ghcr.io/paperless-ngx/paperless-ngx:1.11.3
imagePullPolicy: IfNotPresent
env:
- name: PAPERLESS_REDIS
value: redis://redis:6379
- name: PAPERLESS_TIKA_ENABLED
value: '1'
- name: PAPERLESS_TIKA_GOTENBERG_ENDPOINT
value: http://gotenberg:3000
- name: PAPERLESS_TIKA_ENDPOINT
value: http://tika:9998
- name: PAPERLESS_ALLOWED_HOSTS
value: '*'
- name: PAPERLESS_ENABLE_HTTP_REMOTE_USER
value: '1'
- name: PAPERLESS_ENABLE_FLOWER
value: 'true'
ports:
- name: http
containerPort: 8000
- name: flower
containerPort: 5555
startupProbe:
httpGet:
port: 8000
path: /
failureThreshold: 30
timeoutSeconds: 3
periodSeconds: 3
initialDelaySeconds: 10
readinessProbe:
httpGet:
port: 8000
path: /
failureThreshold: 5
timeoutSeconds: 10
periodSeconds: 30
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
runAsUser: 1000
runAsGroup: 1000
volumeMounts:
- name: cmd
mountPath: /usr/local/bin/paperless_cmd.sh
subPath: paperless_cmd.sh
- name: data
mountPath: /usr/src/paperless/data
subPath: data
- name: data
mountPath: /usr/src/paperless/media
subPath: media
- name: data
mountPath: /usr/src/paperless/export
subPath: export
- name: data
mountPath: /usr/src/paperless/consume
subPath: consume
- name: tmp
mountPath: /tmp
- name: run
mountPath: /run/supervisord
- name: logs
mountPath: /var/log/supervisord
subPath: supervisord
securityContext:
fsGroup: 1000
volumes:
- name: cmd
configMap:
name: paperless-cmd
defaultMode: 0755
- name: data
persistentVolumeClaim:
claimName: paperless-ngx
- name: logs
empytDir:
- name: tmp
emptyDir:
medium: Memory
- name: run
emptyDir:
medium: Memory
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: gotenberg
namespace: paperless-ngx
labels:
app.kubernetes.io/name: gotenberg
app.kubernetes.io/component: gotenberg
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
spec:
selector:
matchLabels:
app.kubernetes.io/name: gotenberg
app.kubernetes.io/component: gotenberg
app.kubernetes.io/instance: paperless-ngx
template:
metadata:
labels:
app.kubernetes.io/name: gotenberg
app.kubernetes.io/component: gotenberg
app.kubernetes.io/instance: paperless-ngx
spec:
containers:
- name: gotenberg
image: docker.io/gotenberg/gotenberg:7.5.4
imagePullPolicy: IfNotPresent
command:
- gotenberg
- --chromium-disable-javascript=true
- --chromium-allow-list=file:///tmp/.*
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
runAsUser: 1000
runAsGroup: 1000
volumeMounts:
- name: tmp
mountPath: /tmp
securityContext:
fsGroup: 1000
volumes:
- name: tmp
emptyDir:
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: tika
namespace: paperless-ngx
labels:
app.kubernetes.io/name: tika
app.kubernetes.io/component: tika
app.kubernetes.io/instance: paperless-ngx
app.kubernetes.io/part-of: paperless-ngx
spec:
selector:
matchLabels:
app.kubernetes.io/name: tika
app.kubernetes.io/component: tika
app.kubernetes.io/instance: paperless-ngx
template:
metadata:
labels:
app.kubernetes.io/name: tika
app.kubernetes.io/component: tika
app.kubernetes.io/instance: paperless-ngx
spec:
containers:
- name: tika
image: ghcr.io/paperless-ngx/tika:2.5.0-minimal
imagePullPolicy: IfNotPresent
securityContext:
runAsNonRoot: true
readOnlyRootFilesystem: true
runAsUser: 1000
runAsGroup: 1000
volumeMounts:
- name: tmp
mountPath: /tmp
securityContext:
fsGroup: 1000
volumes:
- name: tmp
emptyDir:
View Git Blame Copy Permalink