kubernetes/invoice-ninja/mariadb.yaml

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: invoice-ninja-db
  labels:
    app.kubernetes.io/name: invoice-ninja-db
    app.kubernetes.io/component: mysql
    app.kubernetes.io/part-of: invoice-ninja
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi

---
apiVersion: v1
kind: Service
metadata:
  name: invoice-ninja-db
  labels:
    app.kubernetes.io/name: invoice-ninja-db
    app.kubernetes.io/component: mysql
    app.kubernetes.io/part-of: invoice-ninja
spec:
  ports:
  - port: 3306
    targetPort: mysql
  selector:
    app.kubernetes.io/name: invoice-ninja-db
    app.kubernetes.io/component: mysql
  type: ClusterIP

---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: invoice-ninja-db
  labels:
    app.kubernetes.io/name: invoice-ninja-db
    app.kubernetes.io/component: mysql
    app.kubernetes.io/part-of: invoice-ninja
spec:
  serviceName: invoice-ninja-db
  selector:
    matchLabels:
      app.kubernetes.io/name: invoice-ninja-db
      app.kubernetes.io/component: mysql
  template:
    metadata:
      labels:
        app.kubernetes.io/name: invoice-ninja-db
        app.kubernetes.io/component: mysql
        app.kubernetes.io/part-of: invoice-ninja
    spec:
      containers:
      - name: mariadb
        image: docker.io/library/mariadb:10.11.6
        env:
        - name: MARIADB_ROOT_PASSWORD
          valueFrom:
            secretKeyRef:
              name: mysql-root
              key: password
        - name: MARIADB_DATABASE
          value: ninja
        - name: MARIADB_USER
          value: ninja
        - name: MARIADB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: invoice-ninja
              key: db.password
        ports:
        - containerPort: 3306
          name: mysql
        readinessProbe: &probe
          tcpSocket:
            port: mysql
          periodSeconds: 60
        startupProbe:
          <<: *probe
          periodSeconds: 1
          failureThreshold: 60
        securityContext:
          readOnlyRootFilesystem: true
        volumeMounts:
        - mountPath: /run/mysqld
          name: run
          subPath: mysqld
        - mountPath: /tmp
          name: tmp
          subPath: tmp
        - mountPath: /var/lib/mysql
          name: data
          subPath: mysql
      enableServiceLinks: false
      securityContext:
        runAsNonRoot: true
        runAsUser: 3306
        runAsGroup: 3306
        fsGroup: 3306
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: invoice-ninja-db
      - name: run
        emptyDir:
          medium: Memory
      - name: tmp
        emptyDir: {}