admin/homelab-manifests
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0b184b1c2abb7a956fa3e40e9d8d551ce606cbe2
homelab-manifests/outline-system/outline.yaml
T
kisfenyo d54e2c7d5d added outline, tandoor, uptimekuma, vaultwarden
2025-12-18 19:37:10 +01:00

544 lines
13 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: outline-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
app.kubernetes.io/version: 1.1.0
name: outline
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
app.kubernetes.io/version: 1.1.0
spec:
containers:
- name: outline
image: outlinewiki/outline:1.1.0
imagePullPolicy: IfNotPresent
env:
- name: NODE_ENV
value: production
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: outline-app
key: secret-key
- name: UTILS_SECRET
valueFrom:
secretKeyRef:
name: outline-app
key: utils-secret
- name: DB_USER
valueFrom:
secretKeyRef:
name: outline-db
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: outline-db
key: password
- name: DATABASE_URL
value: postgres://$(DB_USER):$(DB_PASS)@outline-postgres:5432/outline
- name: PGSSLMODE
value: disable
- name: REDIS_URL
value: redis://outline-redis:6379
- name: URL
value: https://outline.dooplex.hu
- name: PORT
value: "3000"
- name: FILE_STORAGE
value: s3
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: outline-minio
key: root-user
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: outline-minio
key: root-password
- name: AWS_REGION
value: us-east-1
- name: AWS_S3_UPLOAD_BUCKET_URL
value: http://outline-minio:9000
- name: AWS_S3_UPLOAD_BUCKET_NAME
value: outline
- name: AWS_S3_FORCE_PATH_STYLE
value: "true"
- name: AWS_S3_ACL
value: private
- name: OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: outline-oidc
key: client-id
- name: OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: outline-oidc
key: client-secret
- name: OIDC_AUTH_URI
value: "https://accounts.google.com/o/oauth2/v2/auth"
- name: OIDC_TOKEN_URI
value: "https://oauth2.googleapis.com/token"
- name: OIDC_USERINFO_URI
value: "https://openidconnect.googleapis.com/v1/userinfo"
- name: OIDC_USERNAME_CLAIM
value: "email"
- name: OIDC_DISPLAY_NAME
value: "Google"
- name: OIDC_SCOPES
value: "openid profile email"
# CRITICAL SECURITY SETTING (Temporary)
#- name: ALLOWED_DOMAINS
# value: "gmail.com"
# SMTP Configuration
- name: SMTP_HOST
valueFrom:
secretKeyRef:
name: smtp-credentials
key: host
- name: SMTP_PORT
valueFrom:
secretKeyRef:
name: smtp-credentials
key: port
- name: SMTP_USERNAME
valueFrom:
secretKeyRef:
name: smtp-credentials
key: username
- name: SMTP_PASSWORD
valueFrom:
secretKeyRef:
name: smtp-credentials
key: password
- name: SMTP_FROM_EMAIL
valueFrom:
secretKeyRef:
name: smtp-credentials
key: from-address
- name: SMTP_SECURE
value: "false"
- name: FORCE_HTTPS
value: "true"
- name: DEFAULT_LANGUAGE
value: en_US
ports:
- containerPort: 3000
name: http
protocol: TCP
livenessProbe:
httpGet:
path: /_health
port: http
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 5
readinessProbe:
httpGet:
path: /_health
port: http
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: "1"
memory: 1Gi
requests:
cpu: 100m
memory: 256Mi
volumes: []
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
name: outline-postgres
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
spec:
containers:
- name: postgres
image: postgres:16-alpine
imagePullPolicy: IfNotPresent
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: outline-db
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: outline-db
key: password
- name: POSTGRES_DB
value: outline
- name: PGDATA
value: /var/lib/postgresql/data/pgdata
ports:
- containerPort: 5432
name: postgres
protocol: TCP
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /var/lib/postgresql/data
subPath: data
securityContext:
fsGroup: 999
volumes:
- name: data
persistentVolumeClaim:
claimName: outline-postgres
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
name: outline-redis
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
spec:
containers:
- name: redis
image: redis:7-alpine
imagePullPolicy: IfNotPresent
command:
- redis-server
- --appendonly
- "yes"
ports:
- containerPort: 6379
name: redis
protocol: TCP
livenessProbe:
exec:
command:
- sh
- -c
- redis-cli ping | grep PONG
initialDelaySeconds: 30
periodSeconds: 10
failureThreshold: 3
timeoutSeconds: 5
readinessProbe:
exec:
command:
- sh
- -c
- redis-cli ping | grep PONG
initialDelaySeconds: 5
periodSeconds: 10
failureThreshold: 3
timeoutSeconds: 5
resources:
limits:
cpu: 250m
memory: 256Mi
requests:
cpu: 50m
memory: 64Mi
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
persistentVolumeClaim:
claimName: outline-redis
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
name: outline-minio
namespace: outline-system
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
spec:
containers:
- name: minio
image: minio/minio:latest
imagePullPolicy: IfNotPresent
command:
- minio
- server
- /data
- --console-address
- ":9001"
env:
- name: MINIO_ROOT_USER
valueFrom:
secretKeyRef:
name: outline-minio
key: root-user
- name: MINIO_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: outline-minio
key: root-password
ports:
- containerPort: 9000
name: api
protocol: TCP
- containerPort: 9001
name: console
protocol: TCP
livenessProbe:
httpGet:
path: /minio/health/live
port: api
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
readinessProbe:
httpGet:
path: /minio/health/ready
port: api
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 3
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 100m
memory: 128Mi
volumeMounts:
- name: data
mountPath: /data
volumes:
- name: data
hostPath:
path: /mnt/4_hdd/data/outline/minio
type: DirectoryOrCreate
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
app.kubernetes.io/version: 1.1.0
name: outline
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: http
port: 3000
protocol: TCP
targetPort: http
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
name: outline-postgres
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: postgres
port: 5432
protocol: TCP
targetPort: postgres
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
name: outline-redis
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: redis
port: 6379
protocol: TCP
targetPort: redis
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
---
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
name: outline-minio
namespace: outline-system
spec:
type: ClusterIP
ports:
- name: api
port: 9000
protocol: TCP
targetPort: api
- name: console
port: 9001
protocol: TCP
targetPort: console
selector:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: minio
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-prod
external-dns.alpha.kubernetes.io/hostname: outline.dooplex.hu,outline.home
nginx.ingress.kubernetes.io/proxy-body-size: 100m
nginx.ingress.kubernetes.io/ssl-redirect: "true"
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: outline
name: outline
namespace: outline-system
spec:
ingressClassName: nginx-internal
rules:
- host: outline.dooplex.hu
http:
paths:
- backend:
service:
name: outline
port:
number: 3000
path: /
pathType: Prefix
- host: outline.home
http:
paths:
- backend:
service:
name: outline
port:
number: 3000
path: /
pathType: Prefix
tls:
- hosts:
- outline.dooplex.hu
secretName: outline-tls
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: postgres
name: outline-postgres
namespace: outline-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: longhorn
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
labels:
app.kubernetes.io/instance: outline
app.kubernetes.io/name: redis
name: outline-redis
namespace: outline-system
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: longhorn
---
Reference in New Issue View Git Blame Copy Permalink