From f5f0cdf25ae2da38bab6dc861a3710025e8d7af9 Mon Sep 17 00:00:00 2001 From: Kisske1112 Date: Tue, 28 Oct 2025 17:23:15 +0100 Subject: [PATCH] Initial manifests dump for all namespaces --- manifests/archivebox/all.yaml | 425 ++ manifests/audiobookshelf/all.yaml | 367 ++ manifests/calibre/all.yaml | 6987 +++++++++++++++++++++++++ manifests/demo/all.yaml | 5 + manifests/gitea/all.yaml | 2703 ++++++++++ manifests/graylog/all.yaml | 69 + manifests/ingress-nginx/all.yaml | 1132 ++++ manifests/jellyfin/all.yaml | 560 ++ manifests/local-path-media/all.yaml | 632 +++ manifests/local-path-storage/all.yaml | 315 ++ manifests/minecraft/all.yaml | 203 + manifests/monitoring/all.yaml | 3924 ++++++++++++++ manifests/nextcloud/all.yaml | 3043 +++++++++++ manifests/nginx-demo/all.yaml | 284 + manifests/opensearch/all.yaml | 5 + manifests/osdfir/all.yaml | 5 + manifests/registry/all.yaml | 303 ++ manifests/send/all.yaml | 774 +++ manifests/wiki/all.yaml | 644 +++ 19 files changed, 22380 insertions(+) create mode 100644 manifests/archivebox/all.yaml create mode 100644 manifests/audiobookshelf/all.yaml create mode 100644 manifests/calibre/all.yaml create mode 100644 manifests/demo/all.yaml create mode 100644 manifests/gitea/all.yaml create mode 100644 manifests/graylog/all.yaml create mode 100644 manifests/ingress-nginx/all.yaml create mode 100644 manifests/jellyfin/all.yaml create mode 100644 manifests/local-path-media/all.yaml create mode 100644 manifests/local-path-storage/all.yaml create mode 100644 manifests/minecraft/all.yaml create mode 100644 manifests/monitoring/all.yaml create mode 100644 manifests/nextcloud/all.yaml create mode 100644 manifests/nginx-demo/all.yaml create mode 100644 manifests/opensearch/all.yaml create mode 100644 manifests/osdfir/all.yaml create mode 100644 manifests/registry/all.yaml create mode 100644 manifests/send/all.yaml create mode 100644 manifests/wiki/all.yaml diff --git a/manifests/archivebox/all.yaml b/manifests/archivebox/all.yaml new file mode 100644 index 0000000..bb54e66 --- /dev/null +++ b/manifests/archivebox/all.yaml @@ -0,0 +1,425 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-07-30T14:08:20Z" + generateName: archivebox-65cb6b4494- + labels: + app: archivebox + pod-template-hash: 65cb6b4494 + name: archivebox-65cb6b4494-pw82w + namespace: archivebox + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: archivebox-65cb6b4494 + uid: f0db71e8-7219-4ead-ab70-a53c27246337 + resourceVersion: "20356604" + uid: 0d27df94-a77d-4d6f-bbd7-99c530836986 + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: PUBLIC_INDEX + value: "False" + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-2qsl2 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + - name: kube-api-access-2qsl2 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:26Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-07-30T14:08:20Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:26Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:26Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-07-30T14:08:20Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://d16f2b4d9429b667b53221d5e786c54833ce179ace81e93471faf1c57a1ce1fa + image: docker.io/archivebox/archivebox:latest + imageID: docker.io/archivebox/archivebox@sha256:fdf2936192aa1e909b0c3f286f60174efa24078555be4b6b90a07f2cef1d4909 + lastState: + terminated: + containerID: containerd://5a9e91a0b024182e5683aaa94e2e9a73291f571627faff31950a23bc7e93c8cc + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:41Z" + name: archivebox + ready: true + restartCount: 4 + started: true + state: + running: + startedAt: "2025-08-24T01:02:26Z" + volumeMounts: + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-2qsl2 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.45 + podIPs: + - ip: 10.244.0.45 + qosClass: BestEffort + startTime: "2025-07-30T14:08:20Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"archivebox","namespace":"archivebox"},"spec":{"ports":[{"port":80,"protocol":"TCP","targetPort":8000}],"selector":{"app":"archivebox"},"type":"ClusterIP"}} + creationTimestamp: "2025-07-30T10:43:06Z" + name: archivebox + namespace: archivebox + resourceVersion: "10496169" + uid: 96391171-c088-4f30-9130-dffeb949bd89 + spec: + clusterIP: 10.100.92.6 + clusterIPs: + - 10.100.92.6 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30455 + port: 80 + protocol: TCP + targetPort: 8000 + selector: + app: archivebox + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "2" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"archivebox","namespace":"archivebox"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"archivebox"}},"template":{"metadata":{"labels":{"app":"archivebox"}},"spec":{"containers":[{"args":["server","--quick-init","0.0.0.0:8000"],"env":[{"name":"ADMIN_USERNAME","value":"admin"},{"name":"ADMIN_PASSWORD","value":"password"},{"name":"PUID","value":"1000"},{"name":"PGID","value":"1000"}],"image":"archivebox/archivebox:latest","name":"archivebox","ports":[{"containerPort":8000}],"volumeMounts":[{"mountPath":"/data","name":"data"}]}],"volumes":[{"name":"data","persistentVolumeClaim":{"claimName":"archivebox-data"}}]}}}} + creationTimestamp: "2025-07-30T10:43:06Z" + generation: 2 + name: archivebox + namespace: archivebox + resourceVersion: "12273808" + uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: archivebox + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: archivebox + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: PUBLIC_INDEX + value: "False" + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-07-30T10:43:06Z" + lastUpdateTime: "2025-07-30T14:08:23Z" + message: ReplicaSet "archivebox-65cb6b4494" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:26Z" + lastUpdateTime: "2025-08-24T01:02:26Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 2 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "2" + creationTimestamp: "2025-07-30T14:08:20Z" + generation: 1 + labels: + app: archivebox + pod-template-hash: 65cb6b4494 + name: archivebox-65cb6b4494 + namespace: archivebox + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: archivebox + uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f + resourceVersion: "12273807" + uid: f0db71e8-7219-4ead-ab70-a53c27246337 + spec: + replicas: 1 + selector: + matchLabels: + app: archivebox + pod-template-hash: 65cb6b4494 + template: + metadata: + creationTimestamp: null + labels: + app: archivebox + pod-template-hash: 65cb6b4494 + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: PUBLIC_INDEX + value: "False" + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-07-30T10:43:06Z" + generation: 2 + labels: + app: archivebox + pod-template-hash: "7676465958" + name: archivebox-7676465958 + namespace: archivebox + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: archivebox + uid: fe49bebd-eb2d-469a-9650-67fb5f6fa47f + resourceVersion: "10513981" + uid: c41f43f5-be34-4534-845f-e03ad7235a4a + spec: + replicas: 0 + selector: + matchLabels: + app: archivebox + pod-template-hash: "7676465958" + template: + metadata: + creationTimestamp: null + labels: + app: archivebox + pod-template-hash: "7676465958" + spec: + containers: + - args: + - server + - --quick-init + - 0.0.0.0:8000 + env: + - name: ADMIN_USERNAME + value: admin + - name: ADMIN_PASSWORD + value: password + - name: PUID + value: "1000" + - name: PGID + value: "1000" + image: archivebox/archivebox:latest + imagePullPolicy: Always + name: archivebox + ports: + - containerPort: 8000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: data + persistentVolumeClaim: + claimName: archivebox-data + status: + observedGeneration: 2 + replicas: 0 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/audiobookshelf/all.yaml b/manifests/audiobookshelf/all.yaml new file mode 100644 index 0000000..a130500 --- /dev/null +++ b/manifests/audiobookshelf/all.yaml @@ -0,0 +1,367 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-09-10T11:36:22Z" + generateName: audiobookshelf-8dffc7697- + labels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + name: audiobookshelf-8dffc7697-52dqg + namespace: audiobookshelf + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: audiobookshelf-8dffc7697 + uid: e3a73abf-aa71-4b39-8d0f-ac2d45b60903 + resourceVersion: "20356588" + uid: 8b3c2b39-f1ec-4085-a2a9-1c1c518a5278 + spec: + containers: + - env: + - name: TZ + value: Europe/Budapest + image: ghcr.io/advplyr/audiobookshelf:latest + imagePullPolicy: Always + name: app + ports: + - containerPort: 80 + name: http + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xh72l + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: config + persistentVolumeClaim: + claimName: abs-config + - name: metadata + persistentVolumeClaim: + claimName: abs-metadata + - name: audiobooks + persistentVolumeClaim: + claimName: abs-audiobooks + - name: podcasts + persistentVolumeClaim: + claimName: abs-podcasts + - name: kube-api-access-xh72l + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-09-10T11:36:36Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-09-10T11:36:29Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-09-10T11:36:36Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-09-10T11:36:36Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-09-10T11:36:29Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://452f0be29c5d5af3007ba5052c97b62d6d033639239b366ab28f72c73708fb55 + image: ghcr.io/advplyr/audiobookshelf:latest + imageID: ghcr.io/advplyr/audiobookshelf@sha256:dd4a3079d26bfe9f0ea63de3e3eff483dfa25fef05ef850a5a9d121dca3794b2 + lastState: {} + name: app + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-09-10T11:36:36Z" + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xh72l + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.100 + podIPs: + - ip: 10.244.0.100 + qosClass: BestEffort + startTime: "2025-09-10T11:36:29Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"audiobookshelf","namespace":"audiobookshelf"},"spec":{"ports":[{"name":"http","nodePort":31378,"port":80,"targetPort":"http"}],"selector":{"app":"audiobookshelf"},"type":"NodePort"}} + creationTimestamp: "2025-09-10T11:36:22Z" + name: audiobookshelf + namespace: audiobookshelf + resourceVersion: "14471402" + uid: 400237d9-0f3a-4c2b-9fee-a66f173fe8a4 + spec: + clusterIP: 10.108.247.202 + clusterIPs: + - 10.108.247.202 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 31378 + port: 80 + protocol: TCP + targetPort: http + selector: + app: audiobookshelf + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"audiobookshelf","namespace":"audiobookshelf"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"audiobookshelf"}},"template":{"metadata":{"labels":{"app":"audiobookshelf"}},"spec":{"containers":[{"env":[{"name":"TZ","value":"Europe/Budapest"}],"image":"ghcr.io/advplyr/audiobookshelf:latest","name":"app","ports":[{"containerPort":80,"name":"http"}],"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/metadata","name":"metadata"},{"mountPath":"/audiobooks","name":"audiobooks"},{"mountPath":"/podcasts","name":"podcasts"}]}],"securityContext":{"fsGroup":1000},"volumes":[{"name":"config","persistentVolumeClaim":{"claimName":"abs-config"}},{"name":"metadata","persistentVolumeClaim":{"claimName":"abs-metadata"}},{"name":"audiobooks","persistentVolumeClaim":{"claimName":"abs-audiobooks"}},{"name":"podcasts","persistentVolumeClaim":{"claimName":"abs-podcasts"}}]}}}} + creationTimestamp: "2025-09-10T11:36:22Z" + generation: 1 + name: audiobookshelf + namespace: audiobookshelf + resourceVersion: "14471527" + uid: 03ee593f-d009-4ebd-97b7-d73cb764aedc + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: audiobookshelf + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: audiobookshelf + spec: + containers: + - env: + - name: TZ + value: Europe/Budapest + image: ghcr.io/advplyr/audiobookshelf:latest + imagePullPolicy: Always + name: app + ports: + - containerPort: 80 + name: http + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 30 + volumes: + - name: config + persistentVolumeClaim: + claimName: abs-config + - name: metadata + persistentVolumeClaim: + claimName: abs-metadata + - name: audiobooks + persistentVolumeClaim: + claimName: abs-audiobooks + - name: podcasts + persistentVolumeClaim: + claimName: abs-podcasts + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-09-10T11:36:36Z" + lastUpdateTime: "2025-09-10T11:36:36Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2025-09-10T11:36:22Z" + lastUpdateTime: "2025-09-10T11:36:36Z" + message: ReplicaSet "audiobookshelf-8dffc7697" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-09-10T11:36:22Z" + generation: 1 + labels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + name: audiobookshelf-8dffc7697 + namespace: audiobookshelf + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: audiobookshelf + uid: 03ee593f-d009-4ebd-97b7-d73cb764aedc + resourceVersion: "14471526" + uid: e3a73abf-aa71-4b39-8d0f-ac2d45b60903 + spec: + replicas: 1 + selector: + matchLabels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + template: + metadata: + creationTimestamp: null + labels: + app: audiobookshelf + pod-template-hash: 8dffc7697 + spec: + containers: + - env: + - name: TZ + value: Europe/Budapest + image: ghcr.io/advplyr/audiobookshelf:latest + imagePullPolicy: Always + name: app + ports: + - containerPort: 80 + name: http + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /metadata + name: metadata + - mountPath: /audiobooks + name: audiobooks + - mountPath: /podcasts + name: podcasts + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 30 + volumes: + - name: config + persistentVolumeClaim: + claimName: abs-config + - name: metadata + persistentVolumeClaim: + claimName: abs-metadata + - name: audiobooks + persistentVolumeClaim: + claimName: abs-audiobooks + - name: podcasts + persistentVolumeClaim: + claimName: abs-podcasts + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/calibre/all.yaml b/manifests/calibre/all.yaml new file mode 100644 index 0000000..d4797ae --- /dev/null +++ b/manifests/calibre/all.yaml @@ -0,0 +1,6987 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-06-17T13:21:57Z" + generateName: calibre-web-6b6dfc59c4- + labels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + name: calibre-web-6b6dfc59c4-h4tkw + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: calibre-web-6b6dfc59c4 + uid: b5ed681e-c167-4e4e-b932-38f2fd9d964c + resourceVersion: "20356528" + uid: a2f9dd49-868f-49b6-adbc-b644af7735a4 + spec: + containers: + - env: + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: TZ + value: Europe/Budapest + image: lscr.io/linuxserver/calibre-web:latest + imagePullPolicy: Always + name: calibre-web + ports: + - containerPort: 8083 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /books + name: books + - mountPath: /config + name: config + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-sqr4d + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - hostPath: + path: /srv/media/books + type: Directory + name: books + - emptyDir: {} + name: config + - name: kube-api-access-sqr4d + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:24Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-06-17T13:21:57Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:24Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:24Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-06-17T13:21:57Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://f51c0ddea03fc78fbbf6f793bf335a9a47200cf93949ffe881b4aa2133eac3af + image: lscr.io/linuxserver/calibre-web:latest + imageID: lscr.io/linuxserver/calibre-web@sha256:d5dbb466c743871d490bd29e1ff4ec9b8f1520fdd8154e897f297a3af3805503 + lastState: + terminated: + containerID: containerd://1edde2759fe9c15bb34394b1e0b03718f0c0f25a319237900a64bd16d2128c10 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:45Z" + name: calibre-web + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: "2025-08-24T01:02:24Z" + volumeMounts: + - mountPath: /books + name: books + - mountPath: /config + name: config + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-sqr4d + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.41 + podIPs: + - ip: 10.244.0.41 + qosClass: BestEffort + startTime: "2025-06-17T13:21:57Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:54:33+02:00" + creationTimestamp: "2025-06-18T12:55:00Z" + generateName: paperless-ngx-7f7bb6c858- + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + name: paperless-ngx-7f7bb6c858-9c2qm + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: paperless-ngx-7f7bb6c858 + uid: b2fae29f-60fb-46e2-b013-1c118b36b328 + resourceVersion: "20356635" + uid: e6123e16-bef8-4ac3-aa1a-d190fb0b65e3 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + - name: kube-api-access-9f8bk + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:03Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-06-18T12:55:02Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:38Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:38Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-06-18T12:55:00Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://ff69e05a4e231f05f2aecb3c0e26dad26cbe268eddfd7b02fbf067102ccfbb63 + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://4bf24af896bb394c69e304f062d347285a2ff5de03fa46a9ce55bc119aba88f4 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:32Z" + name: paperless-ngx-celery + ready: true + restartCount: 10 + started: true + state: + running: + startedAt: "2025-08-24T01:02:04Z" + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://60d758399ca2e7045fec526ec48837792900c512560d66c32910ee8235133b89 + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://0758b74c41e2b5427445e4e1a6c525b2933b4068d846efc13af66522abd16849 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:32Z" + name: paperless-ngx-celery-beat + ready: true + restartCount: 11 + started: true + state: + running: + startedAt: "2025-08-24T01:02:04Z" + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://7b476c9d289eeffd299e6ac48ec5b1fdf1cd9cb48b122d15cec91037ff450e87 + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://23f642c6369c3eba923591b6080a3cb058ace018d4bad571f9d61edfb286ee82 + exitCode: 1 + finishedAt: "2025-08-24T01:02:17Z" + reason: Error + startedAt: "2025-08-24T01:02:04Z" + name: paperless-ngx-consumer + ready: true + restartCount: 14 + started: true + state: + running: + startedAt: "2025-08-24T01:02:37Z" + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://7fc020382df8b34e3138dd4d6003974f3bf9693eba9469af22ecda9cdc88f682 + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imageID: ghcr.io/paperless-ngx/paperless-ngx@sha256:275b8ef0b0d9026cff6f04fbf79b28077fb08fe7f33c52bd73531cfc692b361a + lastState: + terminated: + containerID: containerd://6022a31e28b743c7dd23ac798bade801b3474eed9f934218a4af35ab9839d54f + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:31Z" + name: paperless-ngx-webserver + ready: true + restartCount: 33 + started: true + state: + running: + startedAt: "2025-08-24T01:02:03Z" + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://1bac12759b6ae87c7334d94d4f964e7cccae93c34ca76c84c99ea35c9834fbc2 + image: docker.io/library/busybox:latest + imageID: docker.io/library/busybox@sha256:ab33eacc8251e3807b85bb6dba570e4698c3998eca6f0fc2ccb60575a563ea74 + lastState: {} + name: init-consume-dir + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://1bac12759b6ae87c7334d94d4f964e7cccae93c34ca76c84c99ea35c9834fbc2 + exitCode: 0 + finishedAt: "2025-08-24T01:02:02Z" + reason: Completed + startedAt: "2025-08-24T01:02:02Z" + volumeMounts: + - mountPath: /mnt/library + name: library + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9f8bk + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.30 + podIPs: + - ip: 10.244.0.30 + qosClass: BestEffort + startTime: "2025-06-18T12:55:00Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-06-04T22:00:28Z" + generateName: paperless-ngx-postgresql- + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: paperless-ngx-postgresql-5f5df87cb9 + helm.sh/chart: postgresql-16.1.0 + statefulset.kubernetes.io/pod-name: paperless-ngx-postgresql-0 + name: paperless-ngx-postgresql-0 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: paperless-ngx-postgresql + uid: c0cda9fd-6512-472c-9175-d068c9f75227 + resourceVersion: "20356495" + uid: 6054f99a-25b9-4cc1-a25d-5952feacd02f + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: paperless + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: POSTGRES_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: paperless-ngx-postgresql + - name: POSTGRES_DATABASE + value: paperless + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: paperless-ngx-postgresql-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-postgresql + serviceAccountName: paperless-ngx-postgresql + subdomain: paperless-ngx-postgresql-hl + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: data + persistentVolumeClaim: + claimName: data-paperless-ngx-postgresql-0 + - emptyDir: {} + name: empty-dir + - emptyDir: + medium: Memory + name: dshm + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:00Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-06-04T22:00:28Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:10Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:10Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-06-04T22:00:28Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://fd595ed9adecc2b01fb2b4229c7507a0949dccfb4f37c489260ec987997b33ec + image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 + imageID: docker.io/bitnami/postgresql@sha256:d885ac2771636b2bdf0ee8595f8e1d2f9b5290505cabebb25c55c63f51e67841 + lastState: + terminated: + containerID: containerd://275486108e945dedbfa2b48bdede508b5c883b2d304ba75f68fa66cc84797380 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:35Z" + name: postgresql + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: "2025-08-24T01:01:59Z" + volumeMounts: + - mountPath: /tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.31 + podIPs: + - ip: 10.244.0.31 + qosClass: Burstable + startTime: "2025-06-04T22:00:28Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 + checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 + checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5 + checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff + creationTimestamp: "2025-06-04T22:00:28Z" + generateName: paperless-ngx-redis-master- + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: paperless-ngx-redis-master-7b59b75674 + helm.sh/chart: redis-20.2.1 + statefulset.kubernetes.io/pod-name: paperless-ngx-redis-master-0 + name: paperless-ngx-redis-master-0 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: paperless-ngx-redis-master + uid: 20083127-788c-4add-8cf4-bf0c0b561d9f + resourceVersion: "20356598" + uid: 3de39093-839a-4b14-8b07-6d0d505881fe + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-master.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: "false" + - name: REDIS_REPLICATION_MODE + value: master + - name: ALLOW_EMPTY_PASSWORD + value: "no" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_TLS_ENABLED + value: "no" + - name: REDIS_PORT + value: "6379" + image: docker.io/bitnami/redis:7.4.1-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: redis + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: paperless-ngx-redis-master-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-redis-master + serviceAccountName: paperless-ngx-redis-master + subdomain: paperless-ngx-redis-headless + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: redis-data + persistentVolumeClaim: + claimName: redis-data-paperless-ngx-redis-master-0 + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-health + name: health + - configMap: + defaultMode: 420 + name: paperless-ngx-redis-configuration + name: config + - emptyDir: {} + name: empty-dir + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:10Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-06-04T22:00:28Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:32Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:32Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-06-04T22:00:28Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://87fe6b7f1b27643d8d65b79fbf1d143e629c53aedaf470a891721a62ab1a0902 + image: docker.io/bitnami/redis:7.4.1-debian-12-r0 + imageID: docker.io/bitnami/redis@sha256:df8d9405ab4ec7fc2e6aa6c0f0bed55ccf863dc15128b53b98ab90b9663f7ff0 + lastState: + terminated: + containerID: containerd://d0b755060f452610a9f7ce2bef7fc2160b155138c917bd7ad84d7415c2e7b3c6 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:42Z" + name: redis + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: "2025-08-24T01:02:10Z" + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc/ + name: empty-dir + - mountPath: /tmp + name: empty-dir + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.51 + podIPs: + - ip: 10.244.0.51 + qosClass: Burstable + startTime: "2025-06-04T22:00:28Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"calibre-web","namespace":"calibre"},"spec":{"ports":[{"nodePort":31083,"port":8083,"protocol":"TCP","targetPort":8083}],"selector":{"app":"calibre-web"},"type":"NodePort"}} + creationTimestamp: "2025-05-28T21:16:28Z" + name: calibre-web + namespace: calibre + resourceVersion: "3793614" + uid: c0f62125-34e4-41f7-9e99-a8932a72ba6d + spec: + clusterIP: 10.100.190.211 + clusterIPs: + - 10.100.190.211 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 31083 + port: 8083 + protocol: TCP + targetPort: 8083 + selector: + app: calibre-web + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: paperless-ngx + app.kubernetes.io/version: 2.13.4 + helm.sh/chart: paperless-ngx-0.2.23 + name: paperless-ngx + namespace: calibre + resourceVersion: "4703842" + uid: 8ef42926-63b1-443b-892e-34c435e01af2 + spec: + clusterIP: 10.103.117.13 + clusterIPs: + - 10.103.117.13 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 30505 + port: 8000 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql + namespace: calibre + resourceVersion: "4703843" + uid: a787f724-d7b1-4b07-819a-293558a75a10 + spec: + clusterIP: 10.98.55.52 + clusterIPs: + - 10.98.55.52 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql-hl + namespace: calibre + resourceVersion: "4703834" + uid: 0f23d612-07b8-41d7-8955-e4d1c5ad1ce4 + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + name: paperless-ngx-redis-headless + namespace: calibre + resourceVersion: "4703832" + uid: 1c6c5013-228a-439b-9f6c-36b6903803ea + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + name: paperless-ngx-redis-master + namespace: calibre + resourceVersion: "4703849" + uid: d668cfe9-3cfe-49c1-aefe-b550e2bbf4cc + spec: + clusterIP: 10.96.179.197 + clusterIPs: + - 10.96.179.197 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-05-31T17:40:23Z" + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.2 + helm.sh/chart: redis-20.7.0 + name: paperless-ngx-redis-replicas + namespace: calibre + resourceVersion: "4157276" + uid: b79067eb-619d-4b2b-8d46-dfca0e5513c2 + spec: + clusterIP: 10.105.127.173 + clusterIPs: + - 10.105.127.173 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"calibre-web"},"name":"calibre-web","namespace":"calibre"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"calibre-web"}},"template":{"metadata":{"labels":{"app":"calibre-web"}},"spec":{"containers":[{"env":[{"name":"PUID","value":"1000"},{"name":"PGID","value":"1000"},{"name":"TZ","value":"Europe/Budapest"}],"image":"lscr.io/linuxserver/calibre-web:latest","name":"calibre-web","ports":[{"containerPort":8083}],"volumeMounts":[{"mountPath":"/books","name":"books"},{"mountPath":"/config","name":"config"}]}],"volumes":[{"hostPath":{"path":"/srv/media/books","type":"Directory"},"name":"books"},{"emptyDir":{},"name":"config"}]}}}} + creationTimestamp: "2025-05-28T21:34:10Z" + generation: 1 + labels: + app: calibre-web + name: calibre-web + namespace: calibre + resourceVersion: "12273790" + uid: 49a7c5c1-a366-4360-9b8c-dcf5c69168f8 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: calibre-web + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: calibre-web + spec: + containers: + - env: + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: TZ + value: Europe/Budapest + image: lscr.io/linuxserver/calibre-web:latest + imagePullPolicy: Always + name: calibre-web + ports: + - containerPort: 8083 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /books + name: books + - mountPath: /config + name: config + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /srv/media/books + type: Directory + name: books + - emptyDir: {} + name: config + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-05-28T21:34:10Z" + lastUpdateTime: "2025-05-28T21:34:12Z" + message: ReplicaSet "calibre-web-6b6dfc59c4" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:24Z" + lastUpdateTime: "2025-08-24T01:02:24Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "9" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + generation: 20 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: paperless-ngx + app.kubernetes.io/version: 2.13.4 + helm.sh/chart: paperless-ngx-0.2.23 + name: paperless-ngx + namespace: calibre + resourceVersion: "12273859" + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + strategy: + type: Recreate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:54:33+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-06-04T22:00:28Z" + lastUpdateTime: "2025-06-18T12:55:15Z" + message: ReplicaSet "paperless-ngx-7f7bb6c858" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:38Z" + lastUpdateTime: "2025-08-24T01:02:38Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 20 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-05-28T21:34:10Z" + generation: 1 + labels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + name: calibre-web-6b6dfc59c4 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: calibre-web + uid: 49a7c5c1-a366-4360-9b8c-dcf5c69168f8 + resourceVersion: "12273788" + uid: b5ed681e-c167-4e4e-b932-38f2fd9d964c + spec: + replicas: 1 + selector: + matchLabels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + template: + metadata: + creationTimestamp: null + labels: + app: calibre-web + pod-template-hash: 6b6dfc59c4 + spec: + containers: + - env: + - name: PUID + value: "1000" + - name: PGID + value: "1000" + - name: TZ + value: Europe/Budapest + image: lscr.io/linuxserver/calibre-web:latest + imagePullPolicy: Always + name: calibre-web + ports: + - containerPort: 8083 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /books + name: books + - mountPath: /config + name: config + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /srv/media/books + type: Directory + name: books + - emptyDir: {} + name: config + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "2" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:04:49Z" + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 547f4c4777 + name: paperless-ngx-547f4c4777 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6503593" + uid: 0cb3e0c1-0a40-4f80-8cb6-d3198822fe25 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 547f4c4777 + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 547f4c4777 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + generation: 4 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: "5658985667" + name: paperless-ngx-5658985667 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6503023" + uid: 071da3de-78bb-43c8-96e8-2703590ca706 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: "5658985667" + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: "5658985667" + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://paperless.domain + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + status: + observedGeneration: 4 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "4" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:16:45Z" + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 56f96586d4 + name: paperless-ngx-56f96586d4 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6504569" + uid: 48deb1fa-df94-46ab-8c39-832aa5f2f8fa + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 56f96586d4 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:16:20+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 56f96586d4 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "6" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:23:21Z" + generation: 6 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 58cd75b45 + name: paperless-ngx-58cd75b45 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6507047" + uid: ea3bf2dc-e653-4fde-9f2c-3a6eeb01a25a + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 58cd75b45 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:22:54+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 58cd75b45 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 6 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "7" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:44:36Z" + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 6b76f4744f + name: paperless-ngx-6b76f4744f + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6507297" + uid: 6facac65-3ad8-4a93-805d-cb2fdfe6ec07 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 6b76f4744f + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:22:54+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 6b76f4744f + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "9" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:55:00Z" + generation: 1 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + name: paperless-ngx-7f7bb6c858 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "12273858" + uid: b2fae29f-60fb-46e2-b013-1c118b36b328 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:54:33+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 7f7bb6c858 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "8" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:46:41Z" + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 986f9c689 + name: paperless-ngx-986f9c689 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6508111" + uid: b52186c4-c7f2-462a-bd8d-f420d42e1907 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 986f9c689 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:22:54+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: 986f9c689 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /mnt/library/consume/paperless + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "3" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:10:57Z" + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: bf69f45c6 + name: paperless-ngx-bf69f45c6 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6504180" + uid: 7cccb155-8bc0-44aa-9033-b038c7222c79 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: bf69f45c6 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:10:32+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: bf69f45c6 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "5" + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-18T12:20:11Z" + generation: 2 + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: c569cf5c9 + name: paperless-ngx-c569cf5c9 + namespace: calibre + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: paperless-ngx + uid: 1cf6ebab-dfbf-48b6-9f5f-fe9613303e8d + resourceVersion: "6504926" + uid: 9e756219-7100-4e9d-aaba-1876d030cf88 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: c569cf5c9 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-06-18T14:19:44+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: paperless-ngx + pod-template-hash: c569cf5c9 + spec: + containers: + - command: + - gunicorn + - -c + - /usr/src/paperless/gunicorn.conf.py + - paperless.asgi:application + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-webserver + ports: + - containerPort: 8000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: http + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - command: + - python3 + - manage.py + - document_consumer + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-consumer + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: data + - mountPath: /mnt/library/consume + name: books + - command: + - celery + - --app + - paperless + - worker + - --loglevel + - INFO + - -f + - /dev/stdout + - --without-mingle + - --without-gossip + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + - command: + - celery + - --app + - paperless + - beat + - --loglevel + - INFO + - -f + - /dev/stdout + env: + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379 + - name: PAPERLESS_ADMIN_USER + value: admin + - name: PAPERLESS_ADMIN_PASSWORD + value: admin + - name: PAPERLESS_ADMIN_MAIL + value: no@mail.cf + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_OCR_LANGUAGES + value: deu+eng + - name: PAPERLESS_CONSUMER_RECURSIVE + value: "true" + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_LOGGING_DIR + value: /var/log/paperless + - name: PAPERLESS_URL + value: https://search.experlab.xyz + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: paperless-ngx-celery-beat + readinessProbe: + exec: + command: + - cat + - /proc/1/cmdline + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/paperless/consume + name: consume + - mountPath: /mnt/library + name: library + - mountPath: /tmp/ + name: temp + - mountPath: /var/log/paperless + name: log + - mountPath: /var/paperless/data + name: celerydata + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - mkdir -p /mnt/library/consume + env: + - name: PAPERLESS_URL + value: https://search.experlab.xyz + - name: PAPERLESS_CONSUMPTION_DIR + value: /mnt/library/consume/incoming + image: busybox + imagePullPolicy: Always + name: init-consume-dir + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: library + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + fsGroupChangePolicy: OnRootMismatch + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: consume + - name: log + persistentVolumeClaim: + claimName: paperless-ngx-log + - emptyDir: {} + name: library + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - emptyDir: {} + name: celerydata + - emptyDir: {} + name: temp + - configMap: + defaultMode: 420 + items: + - key: pureftpd.conf + path: pureftpd.conf + name: paperless-ngx-config + name: ftpd-config + - hostPath: + path: /home/server/books + type: Directory + name: books + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + generation: 1 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql + namespace: calibre + resourceVersion: "12151547" + uid: c0cda9fd-6512-472c-9175-d068c9f75227 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + serviceName: paperless-ngx-postgresql-hl + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.0.0 + helm.sh/chart: postgresql-16.1.0 + name: paperless-ngx-postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: paperless + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: POSTGRES_POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: postgres-password + name: paperless-ngx-postgresql + - name: POSTGRES_DATABASE + value: paperless + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.0.0-debian-12-r9 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 + -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "paperless" -d "dbname=paperless" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-postgresql + serviceAccountName: paperless-ngx-postgresql + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: empty-dir + - emptyDir: + medium: Memory + name: dshm + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: paperless-ngx-postgresql-5f5df87cb9 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: paperless-ngx-postgresql-5f5df87cb9 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-06-04T22:00:28Z" + generation: 1 + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + name: paperless-ngx-redis-master + namespace: calibre + resourceVersion: "12273833" + uid: 20083127-788c-4add-8cf4-bf0c0b561d9f + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + serviceName: paperless-ngx-redis-headless + template: + metadata: + annotations: + checksum/configmap: 86bcc953bb473748a3d3dc60b7c11f34e60c93519234d4c37f42e22ada559d47 + checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 + checksum/scripts: 560c33ff34d845009b51830c332aa05fa211444d1877d3526d3599be7543aaa5 + checksum/secret: 1e28e5ae561812b3504142ef19d3676b5a8439e7ca16e5a6481316fd591f1fff + creationTimestamp: null + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.1 + helm.sh/chart: redis-20.2.1 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-master.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: "false" + - name: REDIS_REPLICATION_MODE + value: master + - name: ALLOW_EMPTY_PASSWORD + value: "no" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_TLS_ENABLED + value: "no" + - name: REDIS_PORT + value: "6379" + image: docker.io/bitnami/redis:7.4.1-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: redis + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-redis-master + serviceAccountName: paperless-ngx-redis-master + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-health + name: health + - configMap: + defaultMode: 420 + name: paperless-ngx-redis-configuration + name: config + - emptyDir: {} + name: empty-dir + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: master + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + name: redis-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: paperless-ngx-redis-master-7b59b75674 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: paperless-ngx-redis-master-7b59b75674 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: paperless-ngx + meta.helm.sh/release-namespace: calibre + creationTimestamp: "2025-05-31T17:40:23Z" + generation: 2 + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.2 + helm.sh/chart: redis-20.7.0 + name: paperless-ngx-redis-replicas + namespace: calibre + resourceVersion: "4158124" + uid: b5466b45-c24a-480f-9b05-7f2c783b1e51 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 0 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + serviceName: paperless-ngx-redis-headless + template: + metadata: + annotations: + checksum/configmap: 2a9ab4a5432825504d910f022638674ce88eaefe9f9f595ad8bc107377d104fb + checksum/health: aff24913d801436ea469d8d374b2ddb3ec4c43ee7ab24663d5f8ff1a1b6991a9 + checksum/scripts: 88b08bb17a6fc68de6bb7ca8e132b5d9ed1ef6ff30ba3ef79b2d6a20e2e51f89 + checksum/secret: a884a56b53cb20a6fda4f0220d11d862227b453b59adc3efa6dac54106e578cf + creationTimestamp: null + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: redis + app.kubernetes.io/version: 7.4.2 + helm.sh/chart: redis-20.7.0 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-replica.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: "false" + - name: REDIS_REPLICATION_MODE + value: replica + - name: REDIS_MASTER_HOST + value: paperless-ngx-redis-master-0.paperless-ngx-redis-headless.calibre.svc.cluster.local + - name: REDIS_MASTER_PORT_NUMBER + value: "6379" + - name: ALLOW_EMPTY_PASSWORD + value: "no" + - name: REDIS_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_MASTER_PASSWORD + valueFrom: + secretKeyRef: + key: redis-password + name: paperless-ngx-redis + - name: REDIS_TLS_ENABLED + value: "no" + - name: REDIS_PORT + value: "6379" + image: docker.io/bitnami/redis:7.4.2-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local_and_master.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: redis + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local_and_master.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + startupProbe: + failureThreshold: 22 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: redis + timeoutSeconds: 5 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /data + name: redis-data + - mountPath: /opt/bitnami/redis/mounted-etc + name: config + - mountPath: /opt/bitnami/redis/etc + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: paperless-ngx-redis-replica + serviceAccountName: paperless-ngx-redis-replica + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: paperless-ngx-redis-health + name: health + - configMap: + defaultMode: 420 + name: paperless-ngx-redis-configuration + name: config + - emptyDir: {} + name: empty-dir + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: replica + app.kubernetes.io/instance: paperless-ngx + app.kubernetes.io/name: redis + name: redis-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 0 + collisionCount: 0 + currentRevision: paperless-ngx-redis-replicas-65c5bb7f74 + observedGeneration: 2 + replicas: 0 + updateRevision: paperless-ngx-redis-replicas-65c5bb7f74 +- apiVersion: batch/v1 + kind: Job + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"name":"paperless-ngx-migrate-debug","namespace":"calibre"},"spec":{"template":{"spec":{"containers":[{"command":["sh","-c","python3 manage.py migrate \u0026\u0026 echo \"MIGRATE_SUCCEEDED\" \u0026\u0026 sleep 300\n"],"env":[{"name":"PAPERLESS_DBENGINE","value":"postgresql"},{"name":"PAPERLESS_DBHOST","value":"paperless-ngx-postgresql"},{"name":"PAPERLESS_DBPORT","value":"5432"},{"name":"DB_USER","value":"paperless"},{"name":"PAPERLESS_DBNAME","value":"paperless"},{"name":"PAPERLESS_DBPASS","valueFrom":{"secretKeyRef":{"key":"password","name":"paperless-ngx-postgresql"}}},{"name":"PAPERLESS_REDIS","value":"redis://:changeme@paperless-ngx-redis-headless:6379/0"},{"name":"PAPERLESS_MEDIA_ROOT","value":"/mnt/library"},{"name":"PAPERLESS_DATA_DIR","value":"/var/paperless/data"},{"name":"PAPERLESS_CONSUMPTION_DIR","value":"/var/paperless/consume"}],"image":"ghcr.io/paperless-ngx/paperless-ngx:2.13.4","name":"migrate","volumeMounts":[{"mountPath":"/mnt/library","name":"media"},{"mountPath":"/var/paperless/data","name":"data"},{"mountPath":"/var/paperless/consume","name":"consume"}]}],"restartPolicy":"Never","volumes":[{"name":"media","persistentVolumeClaim":{"claimName":"paperless-ngx-media"}},{"name":"data","persistentVolumeClaim":{"claimName":"paperless-ngx-data"}},{"name":"consume","persistentVolumeClaim":{"claimName":"paperless-ngx-consumption"}}]}}}} + creationTimestamp: "2025-06-04T22:05:44Z" + generation: 1 + labels: + batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + batch.kubernetes.io/job-name: paperless-ngx-migrate-debug + controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + job-name: paperless-ngx-migrate-debug + name: paperless-ngx-migrate-debug + namespace: calibre + resourceVersion: "4705040" + uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + spec: + backoffLimit: 6 + completionMode: NonIndexed + completions: 1 + manualSelector: false + parallelism: 1 + podReplacementPolicy: TerminatingOrFailed + selector: + matchLabels: + batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + suspend: false + template: + metadata: + creationTimestamp: null + labels: + batch.kubernetes.io/controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + batch.kubernetes.io/job-name: paperless-ngx-migrate-debug + controller-uid: 365f0456-4706-48fc-8fcd-cfb001cadf2a + job-name: paperless-ngx-migrate-debug + spec: + containers: + - command: + - sh + - -c + - | + python3 manage.py migrate && echo "MIGRATE_SUCCEEDED" && sleep 300 + env: + - name: PAPERLESS_DBENGINE + value: postgresql + - name: PAPERLESS_DBHOST + value: paperless-ngx-postgresql + - name: PAPERLESS_DBPORT + value: "5432" + - name: DB_USER + value: paperless + - name: PAPERLESS_DBNAME + value: paperless + - name: PAPERLESS_DBPASS + valueFrom: + secretKeyRef: + key: password + name: paperless-ngx-postgresql + - name: PAPERLESS_REDIS + value: redis://:changeme@paperless-ngx-redis-headless:6379/0 + - name: PAPERLESS_MEDIA_ROOT + value: /mnt/library + - name: PAPERLESS_DATA_DIR + value: /var/paperless/data + - name: PAPERLESS_CONSUMPTION_DIR + value: /var/paperless/consume + image: ghcr.io/paperless-ngx/paperless-ngx:2.13.4 + imagePullPolicy: IfNotPresent + name: migrate + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /mnt/library + name: media + - mountPath: /var/paperless/data + name: data + - mountPath: /var/paperless/consume + name: consume + dnsPolicy: ClusterFirst + restartPolicy: Never + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: media + persistentVolumeClaim: + claimName: paperless-ngx-media + - name: data + persistentVolumeClaim: + claimName: paperless-ngx-data + - name: consume + persistentVolumeClaim: + claimName: paperless-ngx-consumption + status: + completionTime: "2025-06-04T22:10:51Z" + conditions: + - lastProbeTime: "2025-06-04T22:10:51Z" + lastTransitionTime: "2025-06-04T22:10:51Z" + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: "True" + type: SuccessCriteriaMet + - lastProbeTime: "2025-06-04T22:10:51Z" + lastTransitionTime: "2025-06-04T22:10:51Z" + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: "True" + type: Complete + ready: 0 + startTime: "2025-06-04T22:05:44Z" + succeeded: 1 + terminating: 0 + uncountedTerminatedPods: {} +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/demo/all.yaml b/manifests/demo/all.yaml new file mode 100644 index 0000000..ded9522 --- /dev/null +++ b/manifests/demo/all.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +items: [] +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/gitea/all.yaml b/manifests/gitea/all.yaml new file mode 100644 index 0000000..a2be15e --- /dev/null +++ b/manifests/gitea/all.yaml @@ -0,0 +1,2703 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc + creationTimestamp: "2025-10-27T21:04:07Z" + generateName: gitea-58df85bccc- + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + pod-template-hash: 58df85bccc + version: 1.24.6 + name: gitea-58df85bccc-7kcln + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: gitea-58df85bccc + uid: 03ab4ff6-6209-41d4-a909-2917160eb74f + resourceVersion: "20406217" + uid: e37fa9e6-400d-4a1c-87da-9e00a971cb59 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: "22" + - name: SSH_PORT + value: "22" + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 22 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 60 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + - name: kube-api-access-9mvwz + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:15Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:05:14Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:05:36Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:05:36Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:07Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://35892078e5216d9936f94563209c8bb8e71d3de7cafa9d5a7090b09670080d2c + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} + name: gitea + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-10-27T21:05:14Z" + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://70fe58eaf134c7d5ee60dd62e425eae04043fa18d30b337892f4d9f6bfd60de7 + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} + name: init-directories + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://70fe58eaf134c7d5ee60dd62e425eae04043fa18d30b337892f4d9f6bfd60de7 + exitCode: 0 + finishedAt: "2025-10-27T21:04:15Z" + reason: Completed + startedAt: "2025-10-27T21:04:15Z" + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://126062f79f43c7068b8b8dbf5046fd97fe58254a4c94e2c24e9049835c22d149 + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} + name: init-app-ini + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://126062f79f43c7068b8b8dbf5046fd97fe58254a4c94e2c24e9049835c22d149 + exitCode: 0 + finishedAt: "2025-10-27T21:04:18Z" + reason: Completed + startedAt: "2025-10-27T21:04:17Z" + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://60f9696c64cc4cea04a1de70f306511209af7d84bbda8c76142db877a58ccbe1 + image: docker.gitea.com/gitea:1.24.6-rootless + imageID: docker.gitea.com/gitea@sha256:91f2b27e080739f0d19dba716c3214f17257c632cf762e545b44ca577e37052c + lastState: {} + name: configure-gitea + ready: true + restartCount: 3 + started: false + state: + terminated: + containerID: containerd://60f9696c64cc4cea04a1de70f306511209af7d84bbda8c76142db877a58ccbe1 + exitCode: 0 + finishedAt: "2025-10-27T21:05:14Z" + reason: Completed + startedAt: "2025-10-27T21:05:01Z" + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9mvwz + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.150 + podIPs: + - ip: 10.244.0.150 + qosClass: Burstable + startTime: "2025-10-27T21:04:07Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-10-27T21:04:38Z" + generateName: gitea-postgresql- + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: gitea-postgresql-57587479cf + helm.sh/chart: postgresql-16.7.27 + statefulset.kubernetes.io/pod-name: gitea-postgresql-0 + name: gitea-postgresql-0 + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: gitea-postgresql + uid: 8d3cecd0-9602-45f4-b97b-a003b102f43d + resourceVersion: "20406135" + uid: 37fa35f8-7b3d-4a22-ab1a-c1414da34072 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: gitea + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: gitea + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: gitea-postgresql-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-postgresql + serviceAccountName: gitea-postgresql + subdomain: gitea-postgresql-hl + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: data + persistentVolumeClaim: + claimName: data-gitea-postgresql-0 + - emptyDir: {} + name: empty-dir + - name: postgresql-password + secret: + defaultMode: 420 + secretName: gitea-postgresql + - emptyDir: + medium: Memory + name: dshm + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:39Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:38Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:50Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:50Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:38Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://cec8de025f81b2b58d146b25d29ed923a34dd4b98f2c47c0b2c3fcce8e6ecce3 + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f + lastState: {} + name: postgresql + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-10-27T21:04:39Z" + volumeMounts: + - mountPath: /tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.152 + podIPs: + - ip: 10.244.0.152 + qosClass: Burstable + startTime: "2025-10-27T21:04:38Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/configmap: c8cdc0c4c772ac3192446a08bf401c29f1e39f33614657d36e4bb1692e34b39f + checksum/health: e3a0f06458110f02986bb8df4391c43567355d3582dd02f25447184391196fbc + checksum/scripts: 791de9ea7b477455268cda3e85c8e58a1505e8d19ff8e851d78a246cb185a0f7 + checksum/secret: 4b8cbd9693e7e45452b3b3213bc382ab02b9fb0a82991bfb0fec1e5e1193b9cd + creationTimestamp: "2025-10-27T21:04:08Z" + generateName: gitea-valkey-primary- + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/version: 8.1.3 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: gitea-valkey-primary-7d55f7b7b9 + helm.sh/chart: valkey-3.0.31 + statefulset.kubernetes.io/pod-name: gitea-valkey-primary-0 + name: gitea-valkey-primary-0 + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: gitea-valkey-primary + uid: 40481ba9-b808-4215-b738-4a9a7f5dffb6 + resourceVersion: "20406063" + uid: f19d18c6-f00e-4e70-a071-fb1499eb4f58 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-primary.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: "false" + - name: VALKEY_REPLICATION_MODE + value: primary + - name: ALLOW_EMPTY_PASSWORD + value: "no" + - name: VALKEY_PASSWORD_FILE + value: /opt/bitnami/valkey/secrets/valkey-password + - name: VALKEY_TLS_ENABLED + value: "no" + - name: VALKEY_PORT + value: "6379" + image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: valkey + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /opt/bitnami/valkey/secrets/ + name: valkey-password + - mountPath: /data + name: valkey-data + - mountPath: /opt/bitnami/valkey/mounted-etc + name: config + - mountPath: /opt/bitnami/valkey/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: gitea-valkey-primary-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-valkey-primary + serviceAccountName: gitea-valkey-primary + subdomain: gitea-valkey-headless + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: valkey-data + persistentVolumeClaim: + claimName: valkey-data-gitea-valkey-primary-0 + - configMap: + defaultMode: 493 + name: gitea-valkey-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: gitea-valkey-health + name: health + - name: valkey-password + secret: + defaultMode: 420 + items: + - key: valkey-password + path: valkey-password + secretName: gitea-valkey + - configMap: + defaultMode: 420 + name: gitea-valkey-configuration + name: config + - emptyDir: {} + name: empty-dir + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:09Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:08Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:30Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:30Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:04:08Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://a8530f8b9c5dc9905955c60edec435613cce624c29ad8aa703313b9f3609797e + image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 + imageID: docker.io/bitnami/valkey@sha256:b6b1c4944b12dc6d644bb553695350138f63172232d9d323486136aded59e5b6 + lastState: {} + name: valkey + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-10-27T21:04:09Z" + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /opt/bitnami/valkey/secrets/ + name: valkey-password + - mountPath: /data + name: valkey-data + - mountPath: /opt/bitnami/valkey/mounted-etc + name: config + - mountPath: /opt/bitnami/valkey/etc/ + name: empty-dir + - mountPath: /tmp + name: empty-dir + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.151 + podIPs: + - ip: 10.244.0.151 + qosClass: Burstable + startTime: "2025-10-27T21:04:08Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + name: gitea-http + namespace: gitea + resourceVersion: "20405938" + uid: 0777d7be-068b-42c6-a59f-3264c0fdfc4a + spec: + clusterIP: 10.101.238.182 + clusterIPs: + - 10.101.238.182 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 30081 + port: 3000 + protocol: TCP + targetPort: 3000 + selector: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + namespace: gitea + resourceVersion: "20405929" + uid: c1d52177-9299-462d-a487-b48b506f8f8d + spec: + clusterIP: 10.105.180.86 + clusterIPs: + - 10.105.180.86 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql-hl + namespace: gitea + resourceVersion: "20405926" + uid: 5dc925e4-afd5-44ea-b5d7-d8c19fe5432a + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + name: gitea-ssh + namespace: gitea + resourceVersion: "20405941" + uid: 398bb2ce-1748-41ef-8391-418b5292b6a8 + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: ssh + port: 22 + protocol: TCP + targetPort: 22 + selector: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + labels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/part-of: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + name: gitea-valkey-headless + namespace: gitea + resourceVersion: "20405932" + uid: 9feead00-753c-404d-b777-560ab2c374ad + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/part-of: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + name: gitea-valkey-primary + namespace: gitea + resourceVersion: "20405935" + uid: 0645d25e-19c2-4cc7-b861-a5953f3eb68b + spec: + clusterIP: 10.98.74.122 + clusterIPs: + - 10.98.74.122 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-redis + port: 6379 + protocol: TCP + targetPort: redis + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "4" + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + generation: 4 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + name: gitea + namespace: gitea + resourceVersion: "20406235" + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + strategy: + rollingUpdate: + maxSurge: 100% + maxUnavailable: 0 + type: RollingUpdate + template: + metadata: + annotations: + checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + version: 1.24.6 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: "22" + - name: SSH_PORT + value: "22" + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 22 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-08-24T01:03:10Z" + lastUpdateTime: "2025-08-24T01:03:10Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2025-05-23T19:53:33Z" + lastUpdateTime: "2025-10-27T21:05:36Z" + message: ReplicaSet "gitea-58df85bccc" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 4 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "4" + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-10-27T21:04:07Z" + generation: 1 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + pod-template-hash: 58df85bccc + version: 1.24.6 + name: gitea-58df85bccc + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: "20406222" + uid: 03ab4ff6-6209-41d4-a909-2917160eb74f + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 58df85bccc + template: + metadata: + annotations: + checksum/config: 0b2c10182d51aa707a84b0fdf2c72cbb3d71ff230d325aa9ff22a49e8ce21ffc + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.24.6 + helm.sh/chart: gitea-12.4.0 + pod-template-hash: 58df85bccc + version: 1.24.6 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: "22" + - name: SSH_PORT + value: "22" + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 22 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.24.6-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "2" + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T20:12:30Z" + generation: 2 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 59f49bbd77 + version: 1.23.8 + name: gitea-59f49bbd77 + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: "3159329" + uid: 9b250d58-9f3e-4b82-872f-78ab196dc1cd + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 59f49bbd77 + template: + metadata: + annotations: + checksum/config: 153514c0c27436c85f9e699b6dabd2b261144631eb1d02dcab43c14b4b08eacd + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 59f49bbd77 + version: 1.23.8 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: "2222" + - name: SSH_PORT + value: "22" + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + generation: 2 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 654b4569cd + version: 1.23.8 + name: gitea-654b4569cd + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: "3157886" + uid: 6831c5b8-0793-4130-891d-4f84e7ecddbf + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 654b4569cd + template: + metadata: + annotations: + checksum/config: 153514c0c27436c85f9e699b6dabd2b261144631eb1d02dcab43c14b4b08eacd + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 654b4569cd + version: 1.23.8 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: "2222" + - name: SSH_PORT + value: "22" + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: gitea_admin + - name: GITEA_ADMIN_PASSWORD + value: r8sA8CPHD9!bt6d + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "3" + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T20:28:18Z" + generation: 2 + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 66659b5cdc + version: 1.23.8 + name: gitea-66659b5cdc + namespace: gitea + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: gitea + uid: a95418e5-ec60-4e9a-a542-bf95ac8a3973 + resourceVersion: "20406234" + uid: 822d6eb2-737e-46e7-9026-23b875b67975 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: gitea + pod-template-hash: 66659b5cdc + template: + metadata: + annotations: + checksum/config: 2c0b9173c0047e498a8a3785346fe018224f68e0caa1b8354fbb7f82cdfa522f + creationTimestamp: null + labels: + app: gitea + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: gitea + app.kubernetes.io/version: 1.23.8 + helm.sh/chart: gitea-0.0.0 + pod-template-hash: 66659b5cdc + version: 1.23.8 + spec: + containers: + - env: + - name: SSH_LISTEN_PORT + value: "2222" + - name: SSH_PORT + value: "22" + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMPDIR + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + initialDelaySeconds: 200 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + name: gitea + ports: + - containerPort: 2222 + name: ssh + protocol: TCP + - containerPort: 3000 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: http + timeoutSeconds: 1 + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + dnsPolicy: ClusterFirst + initContainers: + - command: + - /usr/sbinx/init_directory_structure.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-directories + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - command: + - /usr/sbinx/config_environment.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: TMP_EXISTING_ENVS_FILE + value: /tmp/existing-envs + - name: ENV_TO_INI_MOUNT_POINT + value: /env-to-ini-mounts + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: init-app-ini + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: config + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + - mountPath: /env-to-ini-mounts/inlines/ + name: inline-config-sources + - command: + - /usr/sbinx/configure_gitea.sh + env: + - name: GITEA_APP_INI + value: /data/gitea/conf/app.ini + - name: GITEA_CUSTOM + value: /data/gitea + - name: GITEA_WORK_DIR + value: /data + - name: GITEA_TEMP + value: /tmp/gitea + - name: HOME + value: /data/gitea/git + - name: GITEA_ADMIN_USERNAME + value: admin + - name: GITEA_ADMIN_PASSWORD + value: Kalapszar222& + - name: GITEA_ADMIN_PASSWORD_MODE + value: keepUpdated + image: docker.gitea.com/gitea:1.23.8-rootless + imagePullPolicy: IfNotPresent + name: configure-gitea + resources: + requests: + cpu: 100m + memory: 128Mi + securityContext: + runAsUser: 1000 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/sbinx + name: init + - mountPath: /tmp + name: temp + - mountPath: /data + name: data + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1000 + terminationGracePeriodSeconds: 60 + volumes: + - name: init + secret: + defaultMode: 110 + secretName: gitea-init + - name: config + secret: + defaultMode: 110 + secretName: gitea + - name: inline-config-sources + secret: + defaultMode: 420 + secretName: gitea-inline-config + - emptyDir: {} + name: temp + - name: data + persistentVolumeClaim: + claimName: gitea-shared-storage + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + generation: 2 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + namespace: gitea + resourceVersion: "20406140" + uid: 8d3cecd0-9602-45f4-b97b-a003b102f43d + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + serviceName: gitea-postgresql-hl + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.6.0 + helm.sh/chart: postgresql-16.7.27 + name: gitea-postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: gitea + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: gitea + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "gitea" -d "dbname=gitea" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-postgresql + serviceAccountName: gitea-postgresql + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: empty-dir + - name: postgresql-password + secret: + defaultMode: 420 + secretName: gitea-postgresql + - emptyDir: + medium: Memory + name: dshm + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + name: data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 10Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: gitea-postgresql-57587479cf + observedGeneration: 2 + readyReplicas: 1 + replicas: 1 + updateRevision: gitea-postgresql-57587479cf + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: gitea + meta.helm.sh/release-namespace: gitea + creationTimestamp: "2025-05-23T19:53:33Z" + generation: 2 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/part-of: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + name: gitea-valkey-primary + namespace: gitea + resourceVersion: "20406069" + uid: 40481ba9-b808-4215-b738-4a9a7f5dffb6 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + serviceName: gitea-valkey-headless + template: + metadata: + annotations: + checksum/configmap: c8cdc0c4c772ac3192446a08bf401c29f1e39f33614657d36e4bb1692e34b39f + checksum/health: e3a0f06458110f02986bb8df4391c43567355d3582dd02f25447184391196fbc + checksum/scripts: 791de9ea7b477455268cda3e85c8e58a1505e8d19ff8e851d78a246cb185a0f7 + checksum/secret: 4b8cbd9693e7e45452b3b3213bc382ab02b9fb0a82991bfb0fec1e5e1193b9cd + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: valkey + app.kubernetes.io/version: 8.1.3 + helm.sh/chart: valkey-3.0.31 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - args: + - -c + - /opt/bitnami/scripts/start-scripts/start-primary.sh + command: + - /bin/bash + env: + - name: BITNAMI_DEBUG + value: "false" + - name: VALKEY_REPLICATION_MODE + value: primary + - name: ALLOW_EMPTY_PASSWORD + value: "no" + - name: VALKEY_PASSWORD_FILE + value: /opt/bitnami/valkey/secrets/valkey-password + - name: VALKEY_TLS_ENABLED + value: "no" + - name: VALKEY_PORT + value: "6379" + image: docker.io/bitnami/valkey:8.1.1-debian-12-r0 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - sh + - -c + - /health/ping_liveness_local.sh 5 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 6 + name: valkey + ports: + - containerPort: 6379 + name: redis + protocol: TCP + readinessProbe: + exec: + command: + - sh + - -c + - /health/ping_readiness_local.sh 1 + failureThreshold: 5 + initialDelaySeconds: 20 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 2 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /opt/bitnami/scripts/start-scripts + name: start-scripts + - mountPath: /health + name: health + - mountPath: /opt/bitnami/valkey/secrets/ + name: valkey-password + - mountPath: /data + name: valkey-data + - mountPath: /opt/bitnami/valkey/mounted-etc + name: config + - mountPath: /opt/bitnami/valkey/etc/ + name: empty-dir + subPath: app-conf-dir + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: gitea-valkey-primary + serviceAccountName: gitea-valkey-primary + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 493 + name: gitea-valkey-scripts + name: start-scripts + - configMap: + defaultMode: 493 + name: gitea-valkey-health + name: health + - name: valkey-password + secret: + defaultMode: 420 + items: + - key: valkey-password + path: valkey-password + secretName: gitea-valkey + - configMap: + defaultMode: 420 + name: gitea-valkey-configuration + name: config + - emptyDir: {} + name: empty-dir + updateStrategy: + type: RollingUpdate + volumeClaimTemplates: + - apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: gitea + app.kubernetes.io/name: valkey + name: valkey-data + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 8Gi + volumeMode: Filesystem + status: + phase: Pending + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: gitea-valkey-primary-7d55f7b7b9 + observedGeneration: 2 + readyReplicas: 1 + replicas: 1 + updateRevision: gitea-valkey-primary-7d55f7b7b9 + updatedReplicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/graylog/all.yaml b/manifests/graylog/all.yaml new file mode 100644 index 0000000..43d5fa9 --- /dev/null +++ b/manifests/graylog/all.yaml @@ -0,0 +1,69 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"graylog-input-beats","namespace":"graylog"},"spec":{"ports":[{"name":"beats","nodePort":31544,"port":5044,"targetPort":5044}],"selector":{"statefulset.kubernetes.io/pod-name":"graylog-0"},"type":"NodePort"}} + creationTimestamp: "2025-05-20T11:27:45Z" + name: graylog-input-beats + namespace: graylog + resourceVersion: "2732995" + uid: d5629799-2d61-4125-822c-ea73b34ae304 + spec: + clusterIP: 10.108.193.18 + clusterIPs: + - 10.108.193.18 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: beats + nodePort: 31544 + port: 5044 + protocol: TCP + targetPort: 5044 + selector: + statefulset.kubernetes.io/pod-name: graylog-0 + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"graylog-input-tcp","namespace":"graylog"},"spec":{"ports":[{"name":"raw-tcp","nodePort":31555,"port":5555,"protocol":"TCP","targetPort":5555}],"selector":{"statefulset.kubernetes.io/pod-name":"graylog-0"},"type":"NodePort"}} + creationTimestamp: "2025-05-14T13:08:58Z" + name: graylog-input-tcp + namespace: graylog + resourceVersion: "1987935" + uid: e19b29f0-e1a9-476f-be59-fd08e78f45d5 + spec: + clusterIP: 10.97.208.205 + clusterIPs: + - 10.97.208.205 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: raw-tcp + nodePort: 31555 + port: 5555 + protocol: TCP + targetPort: 5555 + selector: + statefulset.kubernetes.io/pod-name: graylog-0 + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/ingress-nginx/all.yaml b/manifests/ingress-nginx/all.yaml new file mode 100644 index 0000000..a1daa63 --- /dev/null +++ b/manifests/ingress-nginx/all.yaml @@ -0,0 +1,1132 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-04-28T15:36:50Z" + generateName: ingress-nginx-admission-create- + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + batch.kubernetes.io/job-name: ingress-nginx-admission-create + controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + job-name: ingress-nginx-admission-create + name: ingress-nginx-admission-create-npzkk + namespace: ingress-nginx + ownerReferences: + - apiVersion: batch/v1 + blockOwnerDeletion: true + controller: true + kind: Job + name: ingress-nginx-admission-create + uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + resourceVersion: "12273257" + uid: a4558234-ae4f-471d-a1f0-54d7a409cd88 + spec: + containers: + - args: + - create + - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name=ingress-nginx-admission + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + imagePullPolicy: IfNotPresent + name: create + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kgll7 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-kgll7 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:56Z" + status: "False" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + reason: PodCompleted + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + reason: PodCompleted + status: "False" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + reason: PodCompleted + status: "False" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://a6c6d92bf9be7028e8a0bb98787afb7ab3cce4bd0a9ee14c3a6e146fd651bcc4 + image: sha256:aea50de662ab9fa143158df4b59095301b8b135c5da186f02c9592c80c05b13a + imageID: registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + lastState: {} + name: create + ready: false + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://a6c6d92bf9be7028e8a0bb98787afb7ab3cce4bd0a9ee14c3a6e146fd651bcc4 + exitCode: 0 + finishedAt: "2025-04-28T15:36:54Z" + reason: Completed + startedAt: "2025-04-28T15:36:54Z" + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kgll7 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.173 + hostIPs: + - ip: 192.168.31.173 + phase: Succeeded + qosClass: BestEffort + startTime: "2025-04-28T15:36:50Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-04-28T15:36:50Z" + generateName: ingress-nginx-admission-patch- + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + batch.kubernetes.io/job-name: ingress-nginx-admission-patch + controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + job-name: ingress-nginx-admission-patch + name: ingress-nginx-admission-patch-grvbz + namespace: ingress-nginx + ownerReferences: + - apiVersion: batch/v1 + blockOwnerDeletion: true + controller: true + kind: Job + name: ingress-nginx-admission-patch + uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + resourceVersion: "12273262" + uid: 1fdb3ff9-09bb-46d8-b6fe-81961b8006f9 + spec: + containers: + - args: + - patch + - --webhook-name=ingress-nginx-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name=ingress-nginx-admission + - --patch-failure-policy=Fail + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + imagePullPolicy: IfNotPresent + name: patch + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9jbmc + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-9jbmc + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:56Z" + status: "False" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + reason: PodCompleted + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + reason: PodCompleted + status: "False" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + reason: PodCompleted + status: "False" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://14a7fddb173daa8b28be1a3bdb51b28e2a67171ca56dffa647815c28bd9ffc08 + image: sha256:aea50de662ab9fa143158df4b59095301b8b135c5da186f02c9592c80c05b13a + imageID: registry.k8s.io/ingress-nginx/kube-webhook-certgen@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + lastState: {} + name: patch + ready: false + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://14a7fddb173daa8b28be1a3bdb51b28e2a67171ca56dffa647815c28bd9ffc08 + exitCode: 0 + finishedAt: "2025-04-28T15:36:54Z" + reason: Completed + startedAt: "2025-04-28T15:36:54Z" + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9jbmc + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.173 + hostIPs: + - ip: 192.168.31.173 + phase: Succeeded + qosClass: BestEffort + startTime: "2025-04-28T15:36:50Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-04-28T15:36:50Z" + generateName: ingress-nginx-controller-665b599bc5- + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + pod-template-hash: 665b599bc5 + name: ingress-nginx-controller-665b599bc5-wzj88 + namespace: ingress-nginx + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: ingress-nginx-controller-665b599bc5 + uid: c0882270-c953-4732-8126-bec666da185d + resourceVersion: "20356548" + uid: c0bcc1f1-00b0-4c0f-8f1d-84a39c774486 + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 82 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-7bbd2 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: webhook-cert + secret: + defaultMode: 420 + secretName: ingress-nginx-admission + - name: kube-api-access-7bbd2 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:03Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:13Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:13Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-04-28T15:36:50Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://0705d81899dfee90c05bfc06965a43f80312910606da7747793c64f6a25cdf40 + image: sha256:78e25eaa557d48a19963cbe751b91dc1d53e1c82aad6cd36c20e1c11eb04cd13 + imageID: registry.k8s.io/ingress-nginx/controller@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + lastState: + terminated: + containerID: containerd://6bbf8a67b813dc8c153fc4c8c274dd60e378cf25483370f7b4062ffa053cbc33 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:32Z" + name: controller + ready: true + restartCount: 18 + started: true + state: + running: + startedAt: "2025-08-24T01:02:03Z" + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-7bbd2 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.38 + podIPs: + - ip: 10.244.0.38 + qosClass: Burstable + startTime: "2025-04-28T15:36:50Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"externalTrafficPolicy":"Local","ipFamilies":["IPv4"],"ipFamilyPolicy":"SingleStack","ports":[{"appProtocol":"http","name":"http","port":80,"protocol":"TCP","targetPort":"http"},{"appProtocol":"https","name":"https","port":443,"protocol":"TCP","targetPort":"https"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"LoadBalancer"}} + creationTimestamp: "2025-04-28T15:36:50Z" + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-controller + namespace: ingress-nginx + resourceVersion: "540241" + uid: be891d4d-b00f-4b23-b0b5-28135dad560f + spec: + clusterIP: 10.105.59.125 + clusterIPs: + - 10.105.59.125 + externalTrafficPolicy: Local + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - appProtocol: http + name: http + nodePort: 31395 + port: 80 + protocol: TCP + targetPort: http + - appProtocol: https + name: https + nodePort: 32153 + port: 443 + protocol: TCP + targetPort: https + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller-admission","namespace":"ingress-nginx"},"spec":{"ports":[{"appProtocol":"https","name":"https-webhook","port":443,"targetPort":"webhook"}],"selector":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"},"type":"ClusterIP"}} + creationTimestamp: "2025-04-28T15:36:50Z" + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-controller-admission + namespace: ingress-nginx + resourceVersion: "539419" + uid: 32e3914f-47fe-4b18-b3ba-73560027382a + spec: + clusterIP: 10.105.239.16 + clusterIPs: + - 10.105.239.16 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - appProtocol: https + name: https-webhook + port: 443 + protocol: TCP + targetPort: webhook + selector: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-controller","namespace":"ingress-nginx"},"spec":{"minReadySeconds":0,"revisionHistoryLimit":10,"selector":{"matchLabels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx"}},"strategy":{"rollingUpdate":{"maxUnavailable":1},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app.kubernetes.io/component":"controller","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"}},"spec":{"containers":[{"args":["/nginx-ingress-controller","--publish-service=$(POD_NAMESPACE)/ingress-nginx-controller","--election-id=ingress-nginx-leader","--controller-class=k8s.io/ingress-nginx","--ingress-class=nginx","--configmap=$(POD_NAMESPACE)/ingress-nginx-controller","--validating-webhook=:8443","--validating-webhook-certificate=/usr/local/certificates/cert","--validating-webhook-key=/usr/local/certificates/key"],"env":[{"name":"POD_NAME","valueFrom":{"fieldRef":{"fieldPath":"metadata.name"}}},{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"LD_PRELOAD","value":"/usr/local/lib/libmimalloc.so"}],"image":"registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b","imagePullPolicy":"IfNotPresent","lifecycle":{"preStop":{"exec":{"command":["/wait-shutdown"]}}},"livenessProbe":{"failureThreshold":5,"httpGet":{"path":"/healthz","port":10254,"scheme":"HTTP"},"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1},"name":"controller","ports":[{"containerPort":80,"name":"http","protocol":"TCP"},{"containerPort":443,"name":"https","protocol":"TCP"},{"containerPort":8443,"name":"webhook","protocol":"TCP"}],"readinessProbe":{"failureThreshold":3,"httpGet":{"path":"/healthz","port":10254,"scheme":"HTTP"},"initialDelaySeconds":10,"periodSeconds":10,"successThreshold":1,"timeoutSeconds":1},"resources":{"requests":{"cpu":"100m","memory":"90Mi"}},"securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"add":["NET_BIND_SERVICE"],"drop":["ALL"]},"readOnlyRootFilesystem":false,"runAsGroup":82,"runAsNonRoot":true,"runAsUser":101,"seccompProfile":{"type":"RuntimeDefault"}},"volumeMounts":[{"mountPath":"/usr/local/certificates/","name":"webhook-cert","readOnly":true}]}],"dnsPolicy":"ClusterFirst","nodeSelector":{"kubernetes.io/os":"linux"},"serviceAccountName":"ingress-nginx","terminationGracePeriodSeconds":300,"volumes":[{"name":"webhook-cert","secret":{"secretName":"ingress-nginx-admission"}}]}}}} + creationTimestamp: "2025-04-28T15:36:50Z" + generation: 1 + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-controller + namespace: ingress-nginx + resourceVersion: "12273732" + uid: 7e03d935-5c17-47a5-a8e5-eb395a35e9a8 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 1 + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 82 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + volumes: + - name: webhook-cert + secret: + defaultMode: 420 + secretName: ingress-nginx-admission + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-04-28T15:36:50Z" + lastUpdateTime: "2025-04-28T15:36:50Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2025-04-28T15:36:50Z" + lastUpdateTime: "2025-04-28T15:37:16Z" + message: ReplicaSet "ingress-nginx-controller-665b599bc5" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-04-28T15:36:50Z" + generation: 1 + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + pod-template-hash: 665b599bc5 + name: ingress-nginx-controller-665b599bc5 + namespace: ingress-nginx + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: ingress-nginx-controller + uid: 7e03d935-5c17-47a5-a8e5-eb395a35e9a8 + resourceVersion: "12273715" + uid: c0882270-c953-4732-8126-bec666da185d + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + pod-template-hash: 665b599bc5 + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: controller + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + pod-template-hash: 665b599bc5 + spec: + containers: + - args: + - /nginx-ingress-controller + - --publish-service=$(POD_NAMESPACE)/ingress-nginx-controller + - --election-id=ingress-nginx-leader + - --controller-class=k8s.io/ingress-nginx + - --ingress-class=nginx + - --configmap=$(POD_NAMESPACE)/ingress-nginx-controller + - --validating-webhook=:8443 + - --validating-webhook-certificate=/usr/local/certificates/cert + - --validating-webhook-key=/usr/local/certificates/key + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: LD_PRELOAD + value: /usr/local/lib/libmimalloc.so + image: registry.k8s.io/ingress-nginx/controller:v1.12.1@sha256:d2fbc4ec70d8aa2050dd91a91506e998765e86c96f32cffb56c503c9c34eed5b + imagePullPolicy: IfNotPresent + lifecycle: + preStop: + exec: + command: + - /wait-shutdown + livenessProbe: + failureThreshold: 5 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: controller + ports: + - containerPort: 80 + name: http + protocol: TCP + - containerPort: 443 + name: https + protocol: TCP + - containerPort: 8443 + name: webhook + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: 10254 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: + requests: + cpu: 100m + memory: 90Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + add: + - NET_BIND_SERVICE + drop: + - ALL + readOnlyRootFilesystem: false + runAsGroup: 82 + runAsNonRoot: true + runAsUser: 101 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/local/certificates/ + name: webhook-cert + readOnly: true + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx + serviceAccountName: ingress-nginx + terminationGracePeriodSeconds: 300 + volumes: + - name: webhook-cert + secret: + defaultMode: 420 + secretName: ingress-nginx-admission + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: batch/v1 + kind: Job + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-create","namespace":"ingress-nginx"},"spec":{"template":{"metadata":{"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-create"},"spec":{"containers":[{"args":["create","--host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc","--namespace=$(POD_NAMESPACE)","--secret-name=ingress-nginx-admission"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea","imagePullPolicy":"IfNotPresent","name":"create","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}}],"nodeSelector":{"kubernetes.io/os":"linux"},"restartPolicy":"OnFailure","serviceAccountName":"ingress-nginx-admission"}}}} + creationTimestamp: "2025-04-28T15:36:50Z" + generation: 1 + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-admission-create + namespace: ingress-nginx + resourceVersion: "539484" + uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + spec: + backoffLimit: 6 + completionMode: NonIndexed + completions: 1 + manualSelector: false + parallelism: 1 + podReplacementPolicy: TerminatingOrFailed + selector: + matchLabels: + batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + suspend: false + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + batch.kubernetes.io/controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + batch.kubernetes.io/job-name: ingress-nginx-admission-create + controller-uid: 8fcf7fdf-921d-4bd5-b42f-0f0869f5e832 + job-name: ingress-nginx-admission-create + name: ingress-nginx-admission-create + spec: + containers: + - args: + - create + - --host=ingress-nginx-controller-admission,ingress-nginx-controller-admission.$(POD_NAMESPACE).svc + - --namespace=$(POD_NAMESPACE) + - --secret-name=ingress-nginx-admission + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + imagePullPolicy: IfNotPresent + name: create + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + status: + completionTime: "2025-04-28T15:36:57Z" + conditions: + - lastProbeTime: "2025-04-28T15:36:57Z" + lastTransitionTime: "2025-04-28T15:36:57Z" + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: "True" + type: SuccessCriteriaMet + - lastProbeTime: "2025-04-28T15:36:57Z" + lastTransitionTime: "2025-04-28T15:36:57Z" + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: "True" + type: Complete + ready: 0 + startTime: "2025-04-28T15:36:50Z" + succeeded: 1 + terminating: 0 + uncountedTerminatedPods: {} +- apiVersion: batch/v1 + kind: Job + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"batch/v1","kind":"Job","metadata":{"annotations":{},"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-patch","namespace":"ingress-nginx"},"spec":{"template":{"metadata":{"labels":{"app.kubernetes.io/component":"admission-webhook","app.kubernetes.io/instance":"ingress-nginx","app.kubernetes.io/name":"ingress-nginx","app.kubernetes.io/part-of":"ingress-nginx","app.kubernetes.io/version":"1.12.1"},"name":"ingress-nginx-admission-patch"},"spec":{"containers":[{"args":["patch","--webhook-name=ingress-nginx-admission","--namespace=$(POD_NAMESPACE)","--patch-mutating=false","--secret-name=ingress-nginx-admission","--patch-failure-policy=Fail"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}}],"image":"registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea","imagePullPolicy":"IfNotPresent","name":"patch","securityContext":{"allowPrivilegeEscalation":false,"capabilities":{"drop":["ALL"]},"readOnlyRootFilesystem":true,"runAsGroup":65532,"runAsNonRoot":true,"runAsUser":65532,"seccompProfile":{"type":"RuntimeDefault"}}}],"nodeSelector":{"kubernetes.io/os":"linux"},"restartPolicy":"OnFailure","serviceAccountName":"ingress-nginx-admission"}}}} + creationTimestamp: "2025-04-28T15:36:50Z" + generation: 1 + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + name: ingress-nginx-admission-patch + namespace: ingress-nginx + resourceVersion: "539481" + uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + spec: + backoffLimit: 6 + completionMode: NonIndexed + completions: 1 + manualSelector: false + parallelism: 1 + podReplacementPolicy: TerminatingOrFailed + selector: + matchLabels: + batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + suspend: false + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: admission-webhook + app.kubernetes.io/instance: ingress-nginx + app.kubernetes.io/name: ingress-nginx + app.kubernetes.io/part-of: ingress-nginx + app.kubernetes.io/version: 1.12.1 + batch.kubernetes.io/controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + batch.kubernetes.io/job-name: ingress-nginx-admission-patch + controller-uid: abde6d32-68e5-4dff-973d-c5924fd290b9 + job-name: ingress-nginx-admission-patch + name: ingress-nginx-admission-patch + spec: + containers: + - args: + - patch + - --webhook-name=ingress-nginx-admission + - --namespace=$(POD_NAMESPACE) + - --patch-mutating=false + - --secret-name=ingress-nginx-admission + - --patch-failure-policy=Fail + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2@sha256:e8825994b7a2c7497375a9b945f386506ca6a3eda80b89b74ef2db743f66a5ea + imagePullPolicy: IfNotPresent + name: patch + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsGroup: 65532 + runAsNonRoot: true + runAsUser: 65532 + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/os: linux + restartPolicy: OnFailure + schedulerName: default-scheduler + securityContext: {} + serviceAccount: ingress-nginx-admission + serviceAccountName: ingress-nginx-admission + terminationGracePeriodSeconds: 30 + status: + completionTime: "2025-04-28T15:36:57Z" + conditions: + - lastProbeTime: "2025-04-28T15:36:57Z" + lastTransitionTime: "2025-04-28T15:36:57Z" + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: "True" + type: SuccessCriteriaMet + - lastProbeTime: "2025-04-28T15:36:57Z" + lastTransitionTime: "2025-04-28T15:36:57Z" + message: Reached expected number of succeeded pods + reason: CompletionsReached + status: "True" + type: Complete + ready: 0 + startTime: "2025-04-28T15:36:50Z" + succeeded: 1 + terminating: 0 + uncountedTerminatedPods: {} +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/jellyfin/all.yaml b/manifests/jellyfin/all.yaml new file mode 100644 index 0000000..506161a --- /dev/null +++ b/manifests/jellyfin/all.yaml @@ -0,0 +1,560 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-09-09T23:38:04Z" + generateName: jellyfin-latest-78977b5658- + labels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + name: jellyfin-latest-78977b5658-67nbg + namespace: jellyfin + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: jellyfin-latest-78977b5658 + uid: efd86e40-b059-4b41-8813-c54d2593f571 + resourceVersion: "20356654" + uid: bfaeb5b7-08d5-430c-bac6-f7b1a37e0592 + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin:10.11.0-rc5 + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9twg4 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + - name: kube-api-access-9twg4 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-09-09T23:38:06Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-09-09T23:38:04Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-09-09T23:38:06Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-09-09T23:38:06Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-09-09T23:38:04Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://81c7eb3ce500fda3a8df4dbf7c1652d9c3785f755e6f12621a47cbf398a67741 + image: docker.io/jellyfin/jellyfin:10.11.0-rc5 + imageID: docker.io/jellyfin/jellyfin@sha256:1bcdcb5da6e41ff570ebe903eb19dac106e4589e506814d665465ed3a302d57e + lastState: {} + name: jellyfin + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-09-09T23:38:06Z" + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-9twg4 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.95 + podIPs: + - ip: 10.244.0.95 + qosClass: BestEffort + startTime: "2025-09-09T23:38:04Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"jellyfin","namespace":"jellyfin"},"spec":{"ports":[{"name":"http","nodePort":30097,"port":8096,"targetPort":8096}],"selector":{"app":"jellyfin"},"type":"NodePort"}} + creationTimestamp: "2025-05-12T22:56:40Z" + name: jellyfin + namespace: jellyfin + resourceVersion: "13271824" + uid: 3c979733-1a5a-43c9-9569-7978ee42718a + spec: + clusterIP: 10.101.109.247 + clusterIPs: + - 10.101.109.247 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 30097 + port: 8096 + protocol: TCP + targetPort: 8096 + selector: + app: jellyfin-latest + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"jellyfin"},"name":"jellyfin","namespace":"jellyfin"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"jellyfin"}},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app":"jellyfin"}},"spec":{"containers":[{"env":[{"name":"LIBVA_DRIVER_NAME","value":"iHD"}],"image":"jellyfin/jellyfin","imagePullPolicy":"Always","name":"jellyfin","ports":[{"containerPort":8096,"protocol":"TCP"}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/cache","name":"cache"},{"mountPath":"/media","name":"media"},{"mountPath":"/dev/dri","name":"vaapi"}]}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always","schedulerName":"default-scheduler","securityContext":{},"terminationGracePeriodSeconds":30,"volumes":[{"hostPath":{"path":"/opt/jellyfin/config","type":"DirectoryOrCreate"},"name":"config"},{"hostPath":{"path":"/opt/jellyfin/cache","type":"DirectoryOrCreate"},"name":"cache"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media"},{"hostPath":{"path":"/dev/dri","type":"Directory"},"name":"vaapi"}]}}}} + creationTimestamp: "2025-05-13T17:06:42Z" + generation: 2 + labels: + app: jellyfin + name: jellyfin + namespace: jellyfin + resourceVersion: "13271340" + uid: 0d2577d6-c082-417a-90e6-9a229e7ef84f + spec: + progressDeadlineSeconds: 600 + replicas: 0 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: jellyfin + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + conditions: + - lastTransitionTime: "2025-05-13T17:06:42Z" + lastUpdateTime: "2025-05-13T17:06:44Z" + message: ReplicaSet "jellyfin-5d9bbccdd" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:25Z" + lastUpdateTime: "2025-08-24T01:02:25Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 2 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"jellyfin-latest"},"name":"jellyfin-latest","namespace":"jellyfin"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"jellyfin-latest"}},"strategy":{"rollingUpdate":{"maxSurge":"25%","maxUnavailable":"25%"},"type":"RollingUpdate"},"template":{"metadata":{"labels":{"app":"jellyfin-latest"}},"spec":{"containers":[{"env":[{"name":"LIBVA_DRIVER_NAME","value":"iHD"}],"image":"jellyfin/jellyfin:10.11.0-rc5","imagePullPolicy":"Always","name":"jellyfin","ports":[{"containerPort":8096,"protocol":"TCP"}],"securityContext":{"privileged":true},"volumeMounts":[{"mountPath":"/config","name":"config"},{"mountPath":"/cache","name":"cache"},{"mountPath":"/media","name":"media"},{"mountPath":"/dev/dri","name":"vaapi"}]}],"dnsPolicy":"ClusterFirst","restartPolicy":"Always","schedulerName":"default-scheduler","securityContext":{},"terminationGracePeriodSeconds":30,"volumes":[{"hostPath":{"path":"/opt/jellyfin/config","type":"DirectoryOrCreate"},"name":"config"},{"hostPath":{"path":"/opt/jellyfin/cache","type":"DirectoryOrCreate"},"name":"cache"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media"},{"hostPath":{"path":"/dev/dri","type":"Directory"},"name":"vaapi"}]}}}} + creationTimestamp: "2025-08-31T22:45:19Z" + generation: 1 + labels: + app: jellyfin-latest + name: jellyfin-latest + namespace: jellyfin + resourceVersion: "14408637" + uid: 5b496147-c143-4f9e-bb30-f20a4936cae3 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: jellyfin-latest + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin-latest + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin:10.11.0-rc5 + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-08-31T22:45:19Z" + lastUpdateTime: "2025-08-31T22:45:42Z" + message: ReplicaSet "jellyfin-latest-78977b5658" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-09-09T23:38:06Z" + lastUpdateTime: "2025-09-09T23:38:06Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "0" + deployment.kubernetes.io/max-replicas: "0" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-05-13T17:06:42Z" + generation: 2 + labels: + app: jellyfin + pod-template-hash: 5d9bbccdd + name: jellyfin-5d9bbccdd + namespace: jellyfin + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: jellyfin + uid: 0d2577d6-c082-417a-90e6-9a229e7ef84f + resourceVersion: "13271337" + uid: 4e268daa-5472-4f53-b2fd-43d709777350 + spec: + replicas: 0 + selector: + matchLabels: + app: jellyfin + pod-template-hash: 5d9bbccdd + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin + pod-template-hash: 5d9bbccdd + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-08-31T22:45:19Z" + generation: 1 + labels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + name: jellyfin-latest-78977b5658 + namespace: jellyfin + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: jellyfin-latest + uid: 5b496147-c143-4f9e-bb30-f20a4936cae3 + resourceVersion: "14408636" + uid: efd86e40-b059-4b41-8813-c54d2593f571 + spec: + replicas: 1 + selector: + matchLabels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + template: + metadata: + creationTimestamp: null + labels: + app: jellyfin-latest + pod-template-hash: 78977b5658 + spec: + containers: + - env: + - name: LIBVA_DRIVER_NAME + value: iHD + image: jellyfin/jellyfin:10.11.0-rc5 + imagePullPolicy: Always + name: jellyfin + ports: + - containerPort: 8096 + protocol: TCP + resources: {} + securityContext: + privileged: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /config + name: config + - mountPath: /cache + name: cache + - mountPath: /media + name: media + - mountPath: /dev/dri + name: vaapi + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - hostPath: + path: /opt/jellyfin/config + type: DirectoryOrCreate + name: config + - hostPath: + path: /opt/jellyfin/cache + type: DirectoryOrCreate + name: cache + - hostPath: + path: /mnt/media + type: Directory + name: media + - hostPath: + path: /dev/dri + type: Directory + name: vaapi + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/local-path-media/all.yaml b/manifests/local-path-media/all.yaml new file mode 100644 index 0000000..7bbb25d --- /dev/null +++ b/manifests/local-path-media/all.yaml @@ -0,0 +1,632 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T11:22:01+02:00" + creationTimestamp: "2025-08-12T09:22:01Z" + generateName: local-path-provisioner-5dbf77846f- + labels: + app: local-path-provisioner + pod-template-hash: 5dbf77846f + name: local-path-provisioner-5dbf77846f-p6w8k + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: local-path-provisioner-5dbf77846f + uid: f5e2809e-cbd9-4fee-94f8-9bd65d7f1c68 + resourceVersion: "20356622" + uid: ddf563c9-c0d5-4c52-af09-4cdfa46ec2a5 + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xwt8k + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + - name: kube-api-access-xwt8k + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-08-12T09:22:01Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-08-12T09:22:01Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://10b91cc2845ee88bc45c6436beaff5f177517a7aacc2cc28161c10fa9b5c054a + image: docker.io/rancher/local-path-provisioner:v0.0.31 + imageID: docker.io/rancher/local-path-provisioner@sha256:80496fdeb307541007621959aa13aed41d31db9cd2dc4167c19833e0bfa3878c + lastState: + terminated: + containerID: containerd://e6b725711ffe78093f5a1e7f7a139fd540cb6aa1a9cd430aed393d2abc780f53 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:37Z" + name: local-path-provisioner + ready: true + restartCount: 4 + started: true + state: + running: + startedAt: "2025-08-24T01:02:09Z" + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-xwt8k + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.48 + podIPs: + - ip: 10.244.0.48 + qosClass: BestEffort + startTime: "2025-08-12T09:22:01Z" +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "4" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"local-path-provisioner","namespace":"local-path-media"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"local-path-provisioner"}},"template":{"metadata":{"labels":{"app":"local-path-provisioner"}},"spec":{"containers":[{"command":["local-path-provisioner","--debug","start","--config","/etc/config/config.json","--provisioner-name","rancher.io/local-path-media","--namespace","local-path-media"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_MOUNT_PATH","value":"/etc/config/"}],"image":"rancher/local-path-provisioner:v0.0.31","imagePullPolicy":"IfNotPresent","name":"local-path-provisioner","volumeMounts":[{"mountPath":"/etc/config/","name":"config-volume"},{"mountPath":"/mnt/media","name":"media-disk"}]}],"nodeSelector":{"kubernetes.io/hostname":"server-thinkcentre-e73"},"serviceAccountName":"local-path-provisioner","volumes":[{"configMap":{"name":"local-path-config"},"name":"config-volume"},{"hostPath":{"path":"/mnt/media","type":"Directory"},"name":"media-disk"}]}}}} + creationTimestamp: "2025-08-12T09:15:33Z" + generation: 4 + name: local-path-provisioner + namespace: local-path-media + resourceVersion: "12125163" + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: local-path-provisioner + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T11:22:01+02:00" + creationTimestamp: null + labels: + app: local-path-provisioner + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-08-12T09:17:01Z" + lastUpdateTime: "2025-08-12T09:17:01Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2025-08-12T09:15:33Z" + lastUpdateTime: "2025-08-12T09:22:02Z" + message: ReplicaSet "local-path-provisioner-5dbf77846f" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 4 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "3" + creationTimestamp: "2025-08-12T09:21:55Z" + generation: 2 + labels: + app: local-path-provisioner + pod-template-hash: 5d9b85d4c4 + name: local-path-provisioner-5d9b85d4c4 + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: "12125162" + uid: def87e16-f05c-432a-829d-60c89632726d + spec: + replicas: 0 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 5d9b85d4c4 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T11:17:00+02:00" + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 5d9b85d4c4 + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "4" + creationTimestamp: "2025-08-12T09:22:01Z" + generation: 1 + labels: + app: local-path-provisioner + pod-template-hash: 5dbf77846f + name: local-path-provisioner-5dbf77846f + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: "12125154" + uid: f5e2809e-cbd9-4fee-94f8-9bd65d7f1c68 + spec: + replicas: 1 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 5dbf77846f + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T11:22:01+02:00" + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 5dbf77846f + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + - --service-account-name + - local-path-provisioner-service-account + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-08-12T09:15:33Z" + generation: 2 + labels: + app: local-path-provisioner + pod-template-hash: 797b486f9c + name: local-path-provisioner-797b486f9c + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: "12124635" + uid: 44877f9a-1bf1-4cef-b2cb-c4a185fea5e6 + spec: + replicas: 0 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 797b486f9c + template: + metadata: + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 797b486f9c + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "2" + creationTimestamp: "2025-08-12T09:17:00Z" + generation: 2 + labels: + app: local-path-provisioner + pod-template-hash: 7f78f86fdc + name: local-path-provisioner-7f78f86fdc + namespace: local-path-media + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 3f4a593d-6157-4df2-a4ff-34a5989624b5 + resourceVersion: "12125123" + uid: 3ef06e44-2df6-44fd-807f-dabccde75267 + spec: + replicas: 0 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 7f78f86fdc + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T11:17:00+02:00" + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 7f78f86fdc + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + - --provisioner-name + - rancher.io/local-path-media + - --namespace + - local-path-media + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /mnt/media + name: media-disk + dnsPolicy: ClusterFirst + nodeSelector: + kubernetes.io/hostname: server-thinkcentre-e73 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner + serviceAccountName: local-path-provisioner + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - hostPath: + path: /mnt/media + type: Directory + name: media-disk + status: + observedGeneration: 2 + replicas: 0 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/local-path-storage/all.yaml b/manifests/local-path-storage/all.yaml new file mode 100644 index 0000000..5141887 --- /dev/null +++ b/manifests/local-path-storage/all.yaml @@ -0,0 +1,315 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-04-25T14:43:53Z" + generateName: local-path-provisioner-74f9666bc9- + labels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + name: local-path-provisioner-74f9666bc9-vlcws + namespace: local-path-storage + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: local-path-provisioner-74f9666bc9 + uid: 27ff0826-5993-4a1a-8637-0c5907344c44 + resourceVersion: "20356658" + uid: ec4a0930-eb65-429d-92a2-aa949b6ae67c + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-vshsr + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner-service-account + serviceAccountName: local-path-provisioner-service-account + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + - name: kube-api-access-vshsr + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:07Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-04-25T14:43:53Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:07Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:07Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-04-25T14:43:53Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://87f279b36b89fec215617f9bf39fa653485802522cf195e2a304e10626fd79c4 + image: docker.io/rancher/local-path-provisioner:v0.0.31 + imageID: docker.io/rancher/local-path-provisioner@sha256:80496fdeb307541007621959aa13aed41d31db9cd2dc4167c19833e0bfa3878c + lastState: + terminated: + containerID: containerd://915a3371a1a4f29a28dbc046fedd0beb20af0edf26683b9f6b75164535879ecb + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:37Z" + name: local-path-provisioner + ready: true + restartCount: 12 + started: true + state: + running: + startedAt: "2025-08-24T01:02:07Z" + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-vshsr + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.42 + podIPs: + - ip: 10.244.0.42 + qosClass: BestEffort + startTime: "2025-04-25T14:43:53Z" +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"local-path-provisioner","namespace":"local-path-storage"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"local-path-provisioner"}},"template":{"metadata":{"labels":{"app":"local-path-provisioner"}},"spec":{"containers":[{"command":["local-path-provisioner","--debug","start","--config","/etc/config/config.json"],"env":[{"name":"POD_NAMESPACE","valueFrom":{"fieldRef":{"fieldPath":"metadata.namespace"}}},{"name":"CONFIG_MOUNT_PATH","value":"/etc/config/"}],"image":"rancher/local-path-provisioner:v0.0.31","imagePullPolicy":"IfNotPresent","name":"local-path-provisioner","volumeMounts":[{"mountPath":"/etc/config/","name":"config-volume"}]}],"serviceAccountName":"local-path-provisioner-service-account","volumes":[{"configMap":{"name":"local-path-config"},"name":"config-volume"}]}}}} + creationTimestamp: "2025-03-03T21:51:07Z" + generation: 1 + name: local-path-provisioner + namespace: local-path-storage + resourceVersion: "1752979" + uid: 188ca018-74d6-46b1-8f54-b9c1eb50e652 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: local-path-provisioner + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: local-path-provisioner + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner-service-account + serviceAccountName: local-path-provisioner-service-account + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-03-03T21:51:07Z" + lastUpdateTime: "2025-03-03T21:51:12Z" + message: ReplicaSet "local-path-provisioner-74f9666bc9" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-05-11T20:41:42Z" + lastUpdateTime: "2025-05-11T20:41:42Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-03-03T21:51:07Z" + generation: 1 + labels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + name: local-path-provisioner-74f9666bc9 + namespace: local-path-storage + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: local-path-provisioner + uid: 188ca018-74d6-46b1-8f54-b9c1eb50e652 + resourceVersion: "10111264" + uid: 27ff0826-5993-4a1a-8637-0c5907344c44 + spec: + replicas: 1 + selector: + matchLabels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + template: + metadata: + creationTimestamp: null + labels: + app: local-path-provisioner + pod-template-hash: 74f9666bc9 + spec: + containers: + - command: + - local-path-provisioner + - --debug + - start + - --config + - /etc/config/config.json + env: + - name: POD_NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + - name: CONFIG_MOUNT_PATH + value: /etc/config/ + image: rancher/local-path-provisioner:v0.0.31 + imagePullPolicy: IfNotPresent + name: local-path-provisioner + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/config/ + name: config-volume + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: local-path-provisioner-service-account + serviceAccountName: local-path-provisioner-service-account + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: local-path-config + name: config-volume + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/minecraft/all.yaml b/manifests/minecraft/all.yaml new file mode 100644 index 0000000..562bc33 --- /dev/null +++ b/manifests/minecraft/all.yaml @@ -0,0 +1,203 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"minecraft-service","namespace":"minecraft"},"spec":{"ports":[{"nodePort":30065,"port":25565,"protocol":"TCP","targetPort":25565}],"selector":{"app":"minecraft"},"type":"NodePort"}} + creationTimestamp: "2025-03-15T17:15:31Z" + name: minecraft-service + namespace: minecraft + resourceVersion: "33501" + uid: df2206d4-9fd9-43d5-83c7-040ab8c83d76 + spec: + clusterIP: 10.104.56.62 + clusterIPs: + - 10.104.56.62 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30065 + port: 25565 + protocol: TCP + targetPort: 25565 + selector: + app: minecraft + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"labels":{"app":"minecraft"},"name":"minecraft-server","namespace":"minecraft"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"minecraft"}},"template":{"metadata":{"labels":{"app":"minecraft"}},"spec":{"containers":[{"env":[{"name":"EULA","value":"TRUE"},{"name":"TYPE","value":"FORGE"},{"name":"VERSION","value":"1.21.4"},{"name":"MEMORY","value":"4G"},{"name":"ENABLE_RCON","value":"true"},{"name":"RCON_PASSWORD","value":"supersecret"},{"name":"OVERRIDE_SERVER_PROPERTIES","value":"TRUE"},{"name":"SERVER_IP","value":"0.0.0.0"}],"image":"itzg/minecraft-server:latest","imagePullPolicy":"Always","name":"minecraft","ports":[{"containerPort":25565,"name":"minecraft","protocol":"TCP"}],"volumeMounts":[{"mountPath":"/data","name":"mc-data"}]}],"volumes":[{"name":"mc-data","persistentVolumeClaim":{"claimName":"mc-data-pvc"}}]}}}} + creationTimestamp: "2025-03-15T17:15:13Z" + generation: 2 + labels: + app: minecraft + name: minecraft-server + namespace: minecraft + resourceVersion: "537709" + uid: ef31db7b-be9d-48c7-a8da-c9533463ce21 + spec: + progressDeadlineSeconds: 600 + replicas: 0 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: minecraft + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: minecraft + spec: + containers: + - env: + - name: EULA + value: "TRUE" + - name: TYPE + value: FORGE + - name: VERSION + value: 1.21.4 + - name: MEMORY + value: 4G + - name: ENABLE_RCON + value: "true" + - name: RCON_PASSWORD + value: supersecret + - name: OVERRIDE_SERVER_PROPERTIES + value: "TRUE" + - name: SERVER_IP + value: 0.0.0.0 + image: itzg/minecraft-server:latest + imagePullPolicy: Always + name: minecraft + ports: + - containerPort: 25565 + name: minecraft + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: mc-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: mc-data + persistentVolumeClaim: + claimName: mc-data-pvc + status: + conditions: + - lastTransitionTime: "2025-03-15T17:15:13Z" + lastUpdateTime: "2025-03-15T17:17:17Z" + message: ReplicaSet "minecraft-server-589bb7cbf" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-04-25T09:29:05Z" + lastUpdateTime: "2025-04-25T09:29:05Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 2 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "0" + deployment.kubernetes.io/max-replicas: "0" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-03-15T17:15:13Z" + generation: 2 + labels: + app: minecraft + pod-template-hash: 589bb7cbf + name: minecraft-server-589bb7cbf + namespace: minecraft + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: minecraft-server + uid: ef31db7b-be9d-48c7-a8da-c9533463ce21 + resourceVersion: "537706" + uid: 168f9115-db2a-4c62-913b-998ef3166dcd + spec: + replicas: 0 + selector: + matchLabels: + app: minecraft + pod-template-hash: 589bb7cbf + template: + metadata: + creationTimestamp: null + labels: + app: minecraft + pod-template-hash: 589bb7cbf + spec: + containers: + - env: + - name: EULA + value: "TRUE" + - name: TYPE + value: FORGE + - name: VERSION + value: 1.21.4 + - name: MEMORY + value: 4G + - name: ENABLE_RCON + value: "true" + - name: RCON_PASSWORD + value: supersecret + - name: OVERRIDE_SERVER_PROPERTIES + value: "TRUE" + - name: SERVER_IP + value: 0.0.0.0 + image: itzg/minecraft-server:latest + imagePullPolicy: Always + name: minecraft + ports: + - containerPort: 25565 + name: minecraft + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /data + name: mc-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: mc-data + persistentVolumeClaim: + claimName: mc-data-pvc + status: + observedGeneration: 2 + replicas: 0 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/monitoring/all.yaml b/manifests/monitoring/all.yaml new file mode 100644 index 0000000..ddff6b1 --- /dev/null +++ b/manifests/monitoring/all.yaml @@ -0,0 +1,3924 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/default-container: alertmanager + creationTimestamp: "2025-03-15T19:28:35Z" + generateName: alertmanager-monitoring-kube-prometheus-alertmanager- + labels: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: alertmanager + app.kubernetes.io/version: 0.28.1 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 + statefulset.kubernetes.io/pod-name: alertmanager-monitoring-kube-prometheus-alertmanager-0 + name: alertmanager-monitoring-kube-prometheus-alertmanager-0 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: alertmanager-monitoring-kube-prometheus-alertmanager + uid: d1ac5b0a-c1d8-442f-b938-c8387c484893 + resourceVersion: "20356487" + uid: 31a1e271-2244-443c-b58b-486e4d118318 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - alertmanager + - key: alertmanager + operator: In + values: + - monitoring-kube-prometheus-alertmanager + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: true + containers: + - args: + - --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --storage.path=/alertmanager + - --data.retention=120h + - --cluster.listen-address= + - --web.listen-address=:9093 + - --web.external-url=http://monitoring-kube-prometheus-alertmanager.monitoring:9093 + - --web.route-prefix=/ + - --cluster.label=monitoring/monitoring-kube-prometheus-alertmanager + - --cluster.peer=alertmanager-monitoring-kube-prometheus-alertmanager-0.alertmanager-operated:9094 + - --cluster.reconnect-timeout=5m + - --web.config.file=/etc/alertmanager/web_config/web-config.yaml + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: quay.io/prometheus/alertmanager:v0.28.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /-/healthy + port: http-web + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + name: alertmanager + ports: + - containerPort: 9093 + name: http-web + protocol: TCP + - containerPort: 9094 + name: mesh-tcp + protocol: TCP + - containerPort: 9094 + name: mesh-udp + protocol: UDP + readinessProbe: + failureThreshold: 10 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + initialDelaySeconds: 3 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + resources: + requests: + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + - mountPath: /etc/alertmanager/config_out + name: config-out + readOnly: true + - mountPath: /etc/alertmanager/certs + name: tls-assets + readOnly: true + - mountPath: /alertmanager + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml + name: cluster-tls-config + readOnly: true + subPath: cluster-tls-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + - args: + - --listen-address=:8080 + - --web-config-file=/etc/alertmanager/web_config/web-config.yaml + - --reload-url=http://127.0.0.1:9093/-/reload + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "-1" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: config-reloader + ports: + - containerPort: 8080 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: alertmanager-monitoring-kube-prometheus-alertmanager-0 + initContainers: + - args: + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "-1" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: init-config-reloader + ports: + - containerPort: 8081 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-alertmanager + serviceAccountName: monitoring-kube-prometheus-alertmanager + subdomain: alertmanager-operated + terminationGracePeriodSeconds: 120 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: config-volume + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-generated + - name: tls-assets + projected: + defaultMode: 420 + sources: + - secret: + name: alertmanager-monitoring-kube-prometheus-alertmanager-tls-assets-0 + - emptyDir: + medium: Memory + name: config-out + - name: web-config + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-web-config + - name: cluster-tls-config + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-cluster-tls-config + - emptyDir: {} + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - name: kube-api-access-kqjt8 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:02Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:55Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:35Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://11db9ce5b4798a81eedd59f344ec79fbd8efd907e2e80f695dc1ff4dac034c42 + image: quay.io/prometheus/alertmanager:v0.28.1 + imageID: quay.io/prometheus/alertmanager@sha256:27c475db5fb156cab31d5c18a4251ac7ed567746a2483ff264516437a39b15ba + lastState: + terminated: + containerID: containerd://9966b24da94b94e88f9c51c25dc7cf0642f9025e98b690899ac08001e31278a1 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + message: | + time=2025-08-12T14:09:35.281Z level=INFO source=main.go:191 msg="Starting Alertmanager" version="(version=0.28.1, branch=HEAD, revision=b2099eaa2c9ebc25edb26517cb9c732738e93910)" + time=2025-08-12T14:09:35.281Z level=INFO source=main.go:192 msg="Build context" build_context="(go=go1.23.7, platform=linux/amd64, user=root@fa3ca569dfe4, date=20250307-15:05:18, tags=netgo)" + time=2025-08-12T14:09:35.327Z level=INFO source=coordinator.go:112 msg="Loading configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml + time=2025-08-12T14:09:35.328Z level=INFO source=coordinator.go:125 msg="Completed loading of configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml + time=2025-08-12T14:09:35.333Z level=INFO source=tls_config.go:347 msg="Listening on" address=[::]:9093 + time=2025-08-12T14:09:35.333Z level=INFO source=tls_config.go:386 msg="TLS is disabled." http2=false address=[::]:9093 + time=2025-08-12T14:09:40.192Z level=INFO source=coordinator.go:112 msg="Loading configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml + time=2025-08-12T14:09:40.193Z level=INFO source=coordinator.go:125 msg="Completed loading of configuration file" component=configuration file=/etc/alertmanager/config_out/alertmanager.env.yaml + reason: Unknown + startedAt: "2025-08-12T14:09:35Z" + name: alertmanager + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: "2025-08-24T01:02:02Z" + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + - mountPath: /etc/alertmanager/config_out + name: config-out + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/certs + name: tls-assets + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /alertmanager + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml + name: cluster-tls-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://cfc0b8b79f087e97e53ea9a6d6200173b25b29b8bbcf27f8b6c7b532fb5d9c54 + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: + terminated: + containerID: containerd://786140909e80409f663934796f0e0a1bc34a89a0260ac53036e0ebe7a4127b13 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + message: | + ts=2025-08-12T14:09:35.185577512Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:148 msg="Starting prometheus-config-reloader" version="(version=0.81.0, branch=, revision=240b303)" build_context="(go=go1.23.7, platform=linux/amd64, user=, date=20250311-14:56:57, tags=unknown)" + ts=2025-08-12T14:09:35.185911989Z level=info caller=/workspace/internal/goruntime/cpu.go:27 msg="Leaving GOMAXPROCS=4: CPU quota undefined" + level=info ts=2025-08-12T14:09:35.186752469Z caller=reloader.go:282 msg="reloading via HTTP" + ts=2025-08-12T14:09:35.190691008Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:202 msg="Starting web server for metrics" listen=:8080 + ts=2025-08-12T14:09:35.19133334Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:347 msg="Listening on" address=[::]:8080 + ts=2025-08-12T14:09:35.191808246Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:386 msg="TLS is disabled." http2=false address=[::]:8080 + level=error ts=2025-08-12T14:09:35.192479849Z caller=runutil.go:117 msg="function failed. Retrying in next tick" err="trigger reload: reload request failed: Post \"http://127.0.0.1:9093/-/reload\": dial tcp 127.0.0.1:9093: connect: connection refused" + level=info ts=2025-08-12T14:09:40.195756728Z caller=reloader.go:548 msg="Reload triggered" cfg_in=/etc/alertmanager/config/alertmanager.yaml.gz cfg_out=/etc/alertmanager/config_out/alertmanager.env.yaml cfg_dirs= watched_dirs=/etc/alertmanager/config + level=info ts=2025-08-12T14:09:40.195991023Z caller=reloader.go:330 msg="started watching config file and directories for changes" cfg=/etc/alertmanager/config/alertmanager.yaml.gz cfgDirs= out=/etc/alertmanager/config_out/alertmanager.env.yaml dirs=/etc/alertmanager/config + reason: Unknown + startedAt: "2025-08-12T14:09:35Z" + name: config-reloader + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: "2025-08-24T01:02:02Z" + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://0ed3695a0a318284424f596ed810dd70395e54378b7cc3684b5c0d2eccbcee5d + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: {} + name: init-config-reloader + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://0ed3695a0a318284424f596ed810dd70395e54378b7cc3684b5c0d2eccbcee5d + exitCode: 0 + finishedAt: "2025-08-24T01:02:01Z" + reason: Completed + startedAt: "2025-08-24T01:02:01Z" + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-kqjt8 + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.35 + podIPs: + - ip: 10.244.0.35 + qosClass: Burstable + startTime: "2025-03-15T19:28:35Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 + checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 + checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 + kubectl.kubernetes.io/default-container: grafana + creationTimestamp: "2025-03-15T20:17:35Z" + generateName: monitoring-grafana-57bd7cc44f- + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + pod-template-hash: 57bd7cc44f + name: monitoring-grafana-57bd7cc44f-h9t9f + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: monitoring-grafana-57bd7cc44f + uid: 5d7b2e80-dcf0-4ec8-adeb-b494fa3b5e68 + resourceVersion: "20356481" + uid: 582d88bf-0c9b-4eba-84e9-cdc4e90d44bb + spec: + automountServiceAccountToken: true + containers: + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_dashboard + - name: LABEL_VALUE + value: "1" + - name: FOLDER + value: /tmp/dashboards + - name: RESOURCE + value: both + - name: NAMESPACE + value: ALL + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/dashboards/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-dashboard + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_datasource + - name: LABEL_VALUE + value: "1" + - name: FOLDER + value: /etc/grafana/provisioning/datasources + - name: RESOURCE + value: both + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/datasources/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-datasources + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: GF_PATHS_DATA + value: /var/lib/grafana/ + - name: GF_PATHS_LOGS + value: /var/log/grafana + - name: GF_PATHS_PLUGINS + value: /var/lib/grafana/plugins + - name: GF_PATHS_PROVISIONING + value: /etc/grafana/provisioning + image: docker.io/grafana/grafana:11.5.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 30 + name: grafana + ports: + - containerPort: 3000 + name: grafana + protocol: TCP + - containerPort: 9094 + name: gossip-tcp + protocol: TCP + - containerPort: 9094 + name: gossip-udp + protocol: UDP + - containerPort: 6060 + name: profiling + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + subPath: grafana.ini + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + subPath: provider.yaml + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 472 + runAsGroup: 472 + runAsNonRoot: true + runAsUser: 472 + serviceAccount: monitoring-grafana + serviceAccountName: monitoring-grafana + shareProcessNamespace: false + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - configMap: + defaultMode: 420 + name: monitoring-grafana + name: config + - emptyDir: {} + name: storage + - emptyDir: {} + name: sc-dashboard-volume + - configMap: + defaultMode: 420 + name: monitoring-grafana-config-dashboards + name: sc-dashboard-provider + - emptyDir: {} + name: sc-datasources-volume + - name: kube-api-access-khj29 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:05Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-03-15T20:17:35Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:15Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:15Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-03-15T20:17:35Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://d9f759986c23a25bf868950f905db151b59c9752575088ba22185f5250db0466 + image: docker.io/grafana/grafana:11.5.2 + imageID: docker.io/grafana/grafana@sha256:8b37a2f028f164ce7b9889e1765b9d6ee23fec80f871d156fbf436d6198d32b7 + lastState: + terminated: + containerID: containerd://ad484f6759705312c760c4db7754375b7f16628aa9b71cc4d4d90e4fa2bc3a77 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:33Z" + name: grafana + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: "2025-08-24T01:02:04Z" + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://3c9aa1fa5e6ced932afe1771d5ef58eadf4f55d3832ba96b6e4d902f855850b9 + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imageID: quay.io/kiwigrid/k8s-sidecar@sha256:9a326271c439b6f9e174f3b48ed132bbff71c00592c7dbd072ccdc334445bde2 + lastState: + terminated: + containerID: containerd://7b2dfcc88610d7b4bc54215d16c9acf1512ef91f0ecb352a9c416270e96e5d0f + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:33Z" + name: grafana-sc-dashboard + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: "2025-08-24T01:02:03Z" + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://ed8944c8c2ed25b53826f9904118c8f40849f35adf80a085b55f446c9403f52c + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imageID: quay.io/kiwigrid/k8s-sidecar@sha256:9a326271c439b6f9e174f3b48ed132bbff71c00592c7dbd072ccdc334445bde2 + lastState: + terminated: + containerID: containerd://7fd38cc69fc5b56e3801f74f4af036911e04eef8da868d881e287e1b2820c4eb + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:33Z" + name: grafana-sc-datasources + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: "2025-08-24T01:02:03Z" + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-khj29 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.39 + podIPs: + - ip: 10.244.0.39 + qosClass: BestEffort + startTime: "2025-03-15T20:17:35Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-03-15T19:28:25Z" + generateName: monitoring-kube-prometheus-operator-55f4b4d949- + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + pod-template-hash: 55f4b4d949 + release: monitoring + name: monitoring-kube-prometheus-operator-55f4b4d949-9xhm7 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: monitoring-kube-prometheus-operator-55f4b4d949 + uid: 6018d8a7-1d56-4811-80e1-042743fa271b + resourceVersion: "20356570" + uid: 9e0b6bc0-4aa8-494c-90b2-c095910bc33b + spec: + automountServiceAccountToken: true + containers: + - args: + - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet + - --kubelet-endpoints=true + - --kubelet-endpointslice=false + - --localhost=127.0.0.1 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + - --config-reloader-cpu-request=0 + - --config-reloader-cpu-limit=0 + - --config-reloader-memory-request=0 + - --config-reloader-memory-limit=0 + - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 + - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 + - --web.enable-tls=true + - --web.cert-file=/cert/cert + - --web.key-file=/cert/key + - --web.listen-address=:10250 + - --web.tls-min-version=VersionTLS13 + env: + - name: GOGC + value: "30" + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: kube-prometheus-stack + ports: + - containerPort: 10250 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-4zxdr + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-operator + serviceAccountName: monitoring-kube-prometheus-operator + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: tls-secret + secret: + defaultMode: 420 + secretName: monitoring-kube-prometheus-admission + - name: kube-api-access-4zxdr + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:03Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:25Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:04Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:04Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:25Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://eb2ab2cccf0b98c082733495e3a4bcb1b85bce20ac880731ae89be3f488e945d + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-operator@sha256:5f6a204b252e901b97486ff409c74f48cdbb4cf83731355b08f1155febad6822 + lastState: + terminated: + containerID: containerd://1cae6950db5136f118602297f5922b4d127864034e2b50bffd1df8f7e7f909cc + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:31Z" + name: kube-prometheus-stack + ready: true + restartCount: 47 + started: true + state: + running: + startedAt: "2025-08-24T01:02:03Z" + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-4zxdr + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.37 + podIPs: + - ip: 10.244.0.37 + qosClass: BestEffort + startTime: "2025-03-15T19:28:25Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-03-15T19:28:25Z" + generateName: monitoring-kube-state-metrics-6d79fb6b66- + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + pod-template-hash: 6d79fb6b66 + release: monitoring + name: monitoring-kube-state-metrics-6d79fb6b66-8ss6p + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: monitoring-kube-state-metrics-6d79fb6b66 + uid: d4a6f708-59c4-4a58-9fec-f0bbfde4a93b + resourceVersion: "20356827" + uid: e334bfda-b179-44a3-98a9-18eedce004ee + spec: + automountServiceAccountToken: true + containers: + - args: + - --port=8080 + - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: kube-state-metrics + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-nzt2m + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-state-metrics + serviceAccountName: monitoring-kube-state-metrics + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-nzt2m + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:02Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:25Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-10-27T12:02:33Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-10-27T12:02:33Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:25Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://f5bd7ed2ad9ab66b7d1af9603476a2175229c4a495fb0f2e194fde4efc7f3ba7 + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imageID: registry.k8s.io/kube-state-metrics/kube-state-metrics@sha256:db384bf43222b066c378e77027a675d4cd9911107adba46c2922b3a55e10d6fb + lastState: + terminated: + containerID: containerd://bfdc847811e3f392b2e261e76783ab1a37501a92937610d6c42b7bfd4ed15896 + exitCode: 1 + finishedAt: "2025-10-27T11:57:13Z" + reason: Error + startedAt: "2025-10-27T11:57:13Z" + name: kube-state-metrics + ready: true + restartCount: 136 + started: true + state: + running: + startedAt: "2025-10-27T12:02:21Z" + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-nzt2m + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.34 + podIPs: + - ip: 10.244.0.34 + qosClass: BestEffort + startTime: "2025-03-15T19:28:25Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + cluster-autoscaler.kubernetes.io/safe-to-evict: "true" + creationTimestamp: "2025-03-15T19:28:25Z" + generateName: monitoring-prometheus-node-exporter- + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + controller-revision-hash: 668c8cbd9b + helm.sh/chart: prometheus-node-exporter-4.44.1 + jobLabel: node-exporter + pod-template-generation: "1" + release: monitoring + name: monitoring-prometheus-node-exporter-w4smp + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: DaemonSet + name: monitoring-prometheus-node-exporter + uid: 6d528352-5dc2-4440-a370-5a7deaba08e8 + resourceVersion: "20356662" + uid: 3430d5a2-f5ec-4939-86c8-6cb3ed035431 + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchFields: + - key: metadata.name + operator: In + values: + - server-thinkcentre-e73 + automountServiceAccountToken: false + containers: + - args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + - --path.rootfs=/host/root + - --path.udev.data=/host/root/run/udev/data + - --web.listen-address=[$(HOST_IP)]:9100 + - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) + - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ + env: + - name: HOST_IP + value: 0.0.0.0 + image: quay.io/prometheus/node-exporter:v1.9.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: node-exporter + ports: + - containerPort: 9100 + hostPort: 9100 + name: http-metrics + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /host/proc + name: proc + readOnly: true + - mountPath: /host/sys + name: sys + readOnly: true + - mountPath: /host/root + mountPropagation: HostToContainer + name: root + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostNetwork: true + hostPID: true + nodeName: server-thinkcentre-e73 + nodeSelector: + kubernetes.io/os: linux + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + serviceAccount: monitoring-prometheus-node-exporter + serviceAccountName: monitoring-prometheus-node-exporter + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoSchedule + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/disk-pressure + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/memory-pressure + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/pid-pressure + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/unschedulable + operator: Exists + - effect: NoSchedule + key: node.kubernetes.io/network-unavailable + operator: Exists + volumes: + - hostPath: + path: /proc + type: "" + name: proc + - hostPath: + path: /sys + type: "" + name: sys + - hostPath: + path: / + type: "" + name: root + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:01:56Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:25Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-10-27T12:01:10Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-10-27T12:01:10Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:25Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://ffc7637c59f9589d4b27a4419e236cb6a417f68ccb15d518e75363de37a231f7 + image: quay.io/prometheus/node-exporter:v1.9.0 + imageID: quay.io/prometheus/node-exporter@sha256:c99d7ee4d12a38661788f60d9eca493f08584e2e544bbd3b3fca64749f86b848 + lastState: + terminated: + containerID: containerd://df37269a9109c51b2ff5b69e0a123736cb6a190307affb63865f6de1e5e48f65 + exitCode: 143 + finishedAt: "2025-10-27T11:56:02Z" + reason: Error + startedAt: "2025-10-27T11:55:32Z" + name: node-exporter + ready: true + restartCount: 183 + started: true + state: + running: + startedAt: "2025-10-27T12:01:09Z" + volumeMounts: + - mountPath: /host/proc + name: proc + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /host/sys + name: sys + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /host/root + name: root + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 192.168.31.54 + podIPs: + - ip: 192.168.31.54 + qosClass: BestEffort + startTime: "2025-03-15T19:28:25Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/default-container: prometheus + creationTimestamp: "2025-03-15T19:28:36Z" + generateName: prometheus-monitoring-kube-prometheus-prometheus- + labels: + app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: prometheus + app.kubernetes.io/version: 3.2.1 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: "0" + prometheus: monitoring-kube-prometheus-prometheus + statefulset.kubernetes.io/pod-name: prometheus-monitoring-kube-prometheus-prometheus-0 + name: prometheus-monitoring-kube-prometheus-prometheus-0 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: prometheus-monitoring-kube-prometheus-prometheus + uid: 9bffc56e-9f40-49e1-82af-16217933206f + resourceVersion: "20356567" + uid: 244b32a1-dfd3-460c-81e6-626c045ff8ac + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - prometheus + - key: prometheus + operator: In + values: + - monitoring-kube-prometheus-prometheus + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: true + containers: + - args: + - --web.console.templates=/etc/prometheus/consoles + - --web.console.libraries=/etc/prometheus/console_libraries + - --config.file=/etc/prometheus/config_out/prometheus.env.yaml + - --web.enable-lifecycle + - --web.external-url=http://monitoring-kube-prometheus-prometheus.monitoring:9090 + - --web.route-prefix=/ + - --storage.tsdb.retention.time=10d + - --storage.tsdb.path=/prometheus + - --storage.tsdb.wal-compression + - --web.config.file=/etc/prometheus/web_config/web-config.yaml + image: quay.io/prometheus/prometheus:v3.2.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 6 + httpGet: + path: /-/healthy + port: http-web + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + name: prometheus + ports: + - containerPort: 9090 + name: http-web + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + startupProbe: + failureThreshold: 60 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + periodSeconds: 15 + successThreshold: 1 + timeoutSeconds: 3 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config_out + name: config-out + readOnly: true + - mountPath: /etc/prometheus/certs + name: tls-assets + readOnly: true + - mountPath: /prometheus + name: prometheus-monitoring-kube-prometheus-prometheus-db + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /etc/prometheus/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + - args: + - --listen-address=:8080 + - --reload-url=http://127.0.0.1:9090/-/reload + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "0" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: config-reloader + ports: + - containerPort: 8080 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: prometheus-monitoring-kube-prometheus-prometheus-0 + initContainers: + - args: + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "0" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: init-config-reloader + ports: + - containerPort: 8081 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-prometheus + serviceAccountName: monitoring-kube-prometheus-prometheus + shareProcessNamespace: false + subdomain: prometheus-operated + terminationGracePeriodSeconds: 600 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: config + secret: + defaultMode: 420 + secretName: prometheus-monitoring-kube-prometheus-prometheus + - name: tls-assets + projected: + defaultMode: 420 + sources: + - secret: + name: prometheus-monitoring-kube-prometheus-prometheus-tls-assets-0 + - emptyDir: + medium: Memory + name: config-out + - configMap: + defaultMode: 420 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - name: web-config + secret: + defaultMode: 420 + secretName: prometheus-monitoring-kube-prometheus-prometheus-web-config + - emptyDir: {} + name: prometheus-monitoring-kube-prometheus-prometheus-db + - name: kube-api-access-p86t2 + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:01Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:55Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:14Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:14Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-03-15T19:28:36Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://24aea25929f7c6290589bb75e0387eef32927bc3ea1e9e8f6225a31cd95cd7b2 + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: + terminated: + containerID: containerd://504a46448a2af4d2106361c74ebfd8f831e63d873c86a16a0468e0bf62077207 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + message: | + ts=2025-08-12T14:09:40.326926499Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:148 msg="Starting prometheus-config-reloader" version="(version=0.81.0, branch=, revision=240b303)" build_context="(go=go1.23.7, platform=linux/amd64, user=, date=20250311-14:56:57, tags=unknown)" + ts=2025-08-12T14:09:40.327286946Z level=info caller=/workspace/internal/goruntime/cpu.go:27 msg="Leaving GOMAXPROCS=4: CPU quota undefined" + level=info ts=2025-08-12T14:09:40.328570882Z caller=reloader.go:282 msg="reloading via HTTP" + ts=2025-08-12T14:09:40.328652702Z level=info caller=/workspace/cmd/prometheus-config-reloader/main.go:202 msg="Starting web server for metrics" listen=:8080 + ts=2025-08-12T14:09:40.3298177Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:347 msg="Listening on" address=[::]:8080 + ts=2025-08-12T14:09:40.330054287Z level=info caller=/go/pkg/mod/github.com/prometheus/exporter-toolkit@v0.13.2/web/tls_config.go:350 msg="TLS is disabled." http2=false address=[::]:8080 + level=error ts=2025-08-12T14:09:40.34388543Z caller=runutil.go:117 msg="function failed. Retrying in next tick" err="trigger reload: reload request failed: Post \"http://127.0.0.1:9090/-/reload\": dial tcp 127.0.0.1:9090: connect: connection refused" + level=info ts=2025-08-12T14:09:46.048560099Z caller=reloader.go:548 msg="Reload triggered" cfg_in=/etc/prometheus/config/prometheus.yaml.gz cfg_out=/etc/prometheus/config_out/prometheus.env.yaml cfg_dirs= watched_dirs=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + level=info ts=2025-08-12T14:09:46.048728407Z caller=reloader.go:330 msg="started watching config file and directories for changes" cfg=/etc/prometheus/config/prometheus.yaml.gz cfgDirs= out=/etc/prometheus/config_out/prometheus.env.yaml dirs=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + reason: Unknown + startedAt: "2025-08-12T14:09:40Z" + name: config-reloader + ready: true + restartCount: 24 + started: true + state: + running: + startedAt: "2025-08-24T01:02:01Z" + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + recursiveReadOnly: Disabled + - containerID: containerd://991a9e0bcc2885f002c804acefa68ca621df144dd04e6a234ec13dc7ed6fbf55 + image: quay.io/prometheus/prometheus:v3.2.1 + imageID: quay.io/prometheus/prometheus@sha256:6927e0919a144aa7616fd0137d4816816d42f6b816de3af269ab065250859a62 + lastState: + terminated: + containerID: containerd://f8573fee09d77135fcd33a274ee7eb08f71b79309d5e07e6b83e3ea13769a807 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + message: | + lector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273178\": dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime + time=2025-08-13T13:21:17.143Z level=ERROR source=reflector.go:158 msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273178\": dial tcp 10.96.0.1:443: i/o timeout" + time=2025-08-13T13:21:17.342Z level=INFO source=reflector.go:561 msg="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273169\": dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime + time=2025-08-13T13:21:17.343Z level=ERROR source=reflector.go:158 msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/monitoring/endpoints?resourceVersion=12273169\": dial tcp 10.96.0.1:443: i/o timeout" + time=2025-08-13T13:21:17.964Z level=INFO source=reflector.go:561 msg="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/default/endpoints?resourceVersion=12273115\": dial tcp 10.96.0.1:443: i/o timeout" component=k8s_client_runtime + time=2025-08-13T13:21:17.964Z level=ERROR source=reflector.go:158 msg="Unhandled Error" component=k8s_client_runtime logger=UnhandledError err="pkg/mod/k8s.io/client-go@v0.31.3/tools/cache/reflector.go:243: Failed to watch *v1.Endpoints: failed to list *v1.Endpoints: Get \"https://10.96.0.1:443/api/v1/namespaces/default/endpoints?resourceVersion=12273115\": dial tcp 10.96.0.1:443: i/o timeout" + reason: Unknown + startedAt: "2025-08-12T14:09:39Z" + name: prometheus + ready: true + restartCount: 26 + started: true + state: + running: + startedAt: "2025-08-24T01:02:01Z" + volumeMounts: + - mountPath: /etc/prometheus/config_out + name: config-out + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /etc/prometheus/certs + name: tls-assets + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /prometheus + name: prometheus-monitoring-kube-prometheus-prometheus-db + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /etc/prometheus/web_config/web-config.yaml + name: web-config + readOnly: true + recursiveReadOnly: Disabled + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://ede82a260dbcf83eac9b9d89275858a311a22f59e3be952b0d1afc94252648fe + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imageID: quay.io/prometheus-operator/prometheus-config-reloader@sha256:959d47672fbff2776a04ec62b8afcec89e8c036af84dc5fade50019dab212746 + lastState: {} + name: init-config-reloader + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://ede82a260dbcf83eac9b9d89275858a311a22f59e3be952b0d1afc94252648fe + exitCode: 0 + finishedAt: "2025-08-24T01:02:00Z" + reason: Completed + startedAt: "2025-08-24T01:02:00Z" + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-p86t2 + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.33 + podIPs: + - ip: 10.244.0.33 + qosClass: BestEffort + startTime: "2025-03-15T19:28:36Z" +- apiVersion: v1 + kind: Service + metadata: + creationTimestamp: "2025-03-15T19:28:35Z" + labels: + managed-by: prometheus-operator + operated-alertmanager: "true" + name: alertmanager-operated + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + kind: Alertmanager + name: monitoring-kube-prometheus-alertmanager + uid: 88a51b90-294a-485f-84ca-ec2b1b03eab6 + resourceVersion: "44301" + uid: 03bc5664-262c-4b79-a1ba-09470f9d347b + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9093 + protocol: TCP + targetPort: http-web + - name: tcp-mesh + port: 9094 + protocol: TCP + targetPort: 9094 + - name: udp-mesh + port: 9094 + protocol: UDP + targetPort: 9094 + publishNotReadyAddresses: true + selector: + app.kubernetes.io/name: alertmanager + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + name: monitoring-grafana + namespace: monitoring + resourceVersion: "44520" + uid: 72825402-9c40-486e-a498-35a9cdd122c9 + spec: + clusterIP: 10.105.0.57 + clusterIPs: + - 10.105.0.57 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + nodePort: 30129 + port: 80 + protocol: TCP + targetPort: 3000 + selector: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + labels: + app: kube-prometheus-stack-alertmanager + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + self-monitor: "true" + name: monitoring-kube-prometheus-alertmanager + namespace: monitoring + resourceVersion: "44096" + uid: 2742b08b-5099-48a2-8994-863db4da6d65 + spec: + clusterIP: 10.99.143.97 + clusterIPs: + - 10.99.143.97 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9093 + protocol: TCP + targetPort: 9093 + - appProtocol: http + name: reloader-web + port: 8080 + protocol: TCP + targetPort: reloader-web + selector: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/name: alertmanager + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + name: monitoring-kube-prometheus-operator + namespace: monitoring + resourceVersion: "44076" + uid: 79de3aaa-68a9-4b77-88cb-cc9604bc442d + spec: + clusterIP: 10.96.8.233 + clusterIPs: + - 10.96.8.233 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: https + port: 443 + protocol: TCP + targetPort: https + selector: + app: kube-prometheus-stack-operator + release: monitoring + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + labels: + app: kube-prometheus-stack-prometheus + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + self-monitor: "true" + name: monitoring-kube-prometheus-prometheus + namespace: monitoring + resourceVersion: "44074" + uid: a37d3d3d-36a8-4789-ace8-cbc883b7a77d + spec: + clusterIP: 10.100.57.9 + clusterIPs: + - 10.100.57.9 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9090 + protocol: TCP + targetPort: 9090 + - appProtocol: http + name: reloader-web + port: 8080 + protocol: TCP + targetPort: reloader-web + selector: + app.kubernetes.io/name: prometheus + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + release: monitoring + name: monitoring-kube-state-metrics + namespace: monitoring + resourceVersion: "44104" + uid: 92f36d87-29da-42d0-afba-dc64950f1b4c + spec: + clusterIP: 10.108.92.173 + clusterIPs: + - 10.108.92.173 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: kube-state-metrics + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + prometheus.io/scrape: "true" + creationTimestamp: "2025-03-15T19:28:25Z" + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + helm.sh/chart: prometheus-node-exporter-4.44.1 + jobLabel: node-exporter + release: monitoring + name: monitoring-prometheus-node-exporter + namespace: monitoring + resourceVersion: "44100" + uid: 28555baf-eb07-43b6-a015-1c30c9442515 + spec: + clusterIP: 10.105.167.78 + clusterIPs: + - 10.105.167.78 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-metrics + port: 9100 + protocol: TCP + targetPort: 9100 + selector: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: prometheus-node-exporter + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + creationTimestamp: "2025-03-15T19:28:36Z" + labels: + managed-by: prometheus-operator + operated-prometheus: "true" + name: prometheus-operated + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + kind: Prometheus + name: monitoring-kube-prometheus-prometheus + uid: 733d54a5-4541-46bc-82be-1c8b1b5925f4 + resourceVersion: "44330" + uid: 78275757-3538-44df-b51a-2af3b3fb9a16 + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http-web + port: 9090 + protocol: TCP + targetPort: http-web + selector: + app.kubernetes.io/name: prometheus + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: DaemonSet + metadata: + annotations: + deprecated.daemonset.template.generation: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + helm.sh/chart: prometheus-node-exporter-4.44.1 + release: monitoring + name: monitoring-prometheus-node-exporter + namespace: monitoring + resourceVersion: "20356664" + uid: 6d528352-5dc2-4440-a370-5a7deaba08e8 + spec: + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: prometheus-node-exporter + template: + metadata: + annotations: + cluster-autoscaler.kubernetes.io/safe-to-evict: "true" + creationTimestamp: null + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: prometheus-node-exporter + app.kubernetes.io/part-of: prometheus-node-exporter + app.kubernetes.io/version: 1.9.0 + helm.sh/chart: prometheus-node-exporter-4.44.1 + jobLabel: node-exporter + release: monitoring + spec: + affinity: + nodeAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + nodeSelectorTerms: + - matchExpressions: + - key: eks.amazonaws.com/compute-type + operator: NotIn + values: + - fargate + - key: type + operator: NotIn + values: + - virtual-kubelet + automountServiceAccountToken: false + containers: + - args: + - --path.procfs=/host/proc + - --path.sysfs=/host/sys + - --path.rootfs=/host/root + - --path.udev.data=/host/root/run/udev/data + - --web.listen-address=[$(HOST_IP)]:9100 + - --collector.filesystem.mount-points-exclude=^/(dev|proc|sys|var/lib/docker/.+|var/lib/kubelet/.+)($|/) + - --collector.filesystem.fs-types-exclude=^(autofs|binfmt_misc|bpf|cgroup2?|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|iso9660|mqueue|nsfs|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|selinuxfs|squashfs|sysfs|tracefs)$ + env: + - name: HOST_IP + value: 0.0.0.0 + image: quay.io/prometheus/node-exporter:v1.9.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: node-exporter + ports: + - containerPort: 9100 + name: http-metrics + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: / + port: 9100 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /host/proc + name: proc + readOnly: true + - mountPath: /host/sys + name: sys + readOnly: true + - mountPath: /host/root + mountPropagation: HostToContainer + name: root + readOnly: true + dnsPolicy: ClusterFirst + hostNetwork: true + hostPID: true + nodeSelector: + kubernetes.io/os: linux + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + serviceAccount: monitoring-prometheus-node-exporter + serviceAccountName: monitoring-prometheus-node-exporter + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoSchedule + operator: Exists + volumes: + - hostPath: + path: /proc + type: "" + name: proc + - hostPath: + path: /sys + type: "" + name: sys + - hostPath: + path: / + type: "" + name: root + updateStrategy: + rollingUpdate: + maxSurge: 0 + maxUnavailable: 1 + type: RollingUpdate + status: + currentNumberScheduled: 1 + desiredNumberScheduled: 1 + numberAvailable: 1 + numberMisscheduled: 0 + numberReady: 1 + observedGeneration: 1 + updatedNumberScheduled: 1 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + name: monitoring-grafana + namespace: monitoring + resourceVersion: "12273753" + uid: fc6bfa03-c1bf-465a-8b0f-cc59840d4ee9 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + annotations: + checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 + checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 + checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 + kubectl.kubernetes.io/default-container: grafana + creationTimestamp: null + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_dashboard + - name: LABEL_VALUE + value: "1" + - name: FOLDER + value: /tmp/dashboards + - name: RESOURCE + value: both + - name: NAMESPACE + value: ALL + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/dashboards/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-dashboard + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_datasource + - name: LABEL_VALUE + value: "1" + - name: FOLDER + value: /etc/grafana/provisioning/datasources + - name: RESOURCE + value: both + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/datasources/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-datasources + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: GF_PATHS_DATA + value: /var/lib/grafana/ + - name: GF_PATHS_LOGS + value: /var/log/grafana + - name: GF_PATHS_PLUGINS + value: /var/lib/grafana/plugins + - name: GF_PATHS_PROVISIONING + value: /etc/grafana/provisioning + image: docker.io/grafana/grafana:11.5.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 30 + name: grafana + ports: + - containerPort: 3000 + name: grafana + protocol: TCP + - containerPort: 9094 + name: gossip-tcp + protocol: TCP + - containerPort: 9094 + name: gossip-udp + protocol: UDP + - containerPort: 6060 + name: profiling + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + subPath: grafana.ini + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + subPath: provider.yaml + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 472 + runAsGroup: 472 + runAsNonRoot: true + runAsUser: 472 + serviceAccount: monitoring-grafana + serviceAccountName: monitoring-grafana + shareProcessNamespace: false + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: monitoring-grafana + name: config + - emptyDir: {} + name: storage + - emptyDir: {} + name: sc-dashboard-volume + - configMap: + defaultMode: 420 + name: monitoring-grafana-config-dashboards + name: sc-dashboard-provider + - emptyDir: {} + name: sc-datasources-volume + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-03-15T19:28:25Z" + lastUpdateTime: "2025-03-15T19:28:57Z" + message: ReplicaSet "monitoring-grafana-57bd7cc44f" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:15Z" + lastUpdateTime: "2025-08-24T01:02:15Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + name: monitoring-kube-prometheus-operator + namespace: monitoring + resourceVersion: "9486996" + uid: 4158076c-b017-4c71-ac3a-f0be9fa7137a + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: kube-prometheus-stack-operator + release: monitoring + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet + - --kubelet-endpoints=true + - --kubelet-endpointslice=false + - --localhost=127.0.0.1 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + - --config-reloader-cpu-request=0 + - --config-reloader-cpu-limit=0 + - --config-reloader-memory-request=0 + - --config-reloader-memory-limit=0 + - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 + - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 + - --web.enable-tls=true + - --web.cert-file=/cert/cert + - --web.key-file=/cert/key + - --web.listen-address=:10250 + - --web.tls-min-version=VersionTLS13 + env: + - name: GOGC + value: "30" + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: kube-prometheus-stack + ports: + - containerPort: 10250 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-operator + serviceAccountName: monitoring-kube-prometheus-operator + terminationGracePeriodSeconds: 30 + volumes: + - name: tls-secret + secret: + defaultMode: 420 + secretName: monitoring-kube-prometheus-admission + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-03-15T19:28:25Z" + lastUpdateTime: "2025-03-15T19:28:36Z" + message: ReplicaSet "monitoring-kube-prometheus-operator-55f4b4d949" has successfully + progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-07-21T02:46:22Z" + lastUpdateTime: "2025-07-21T02:46:22Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + release: monitoring + name: monitoring-kube-state-metrics + namespace: monitoring + resourceVersion: "20356831" + uid: e30931b2-603e-45aa-8921-36bde6c62412 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: kube-state-metrics + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --port=8080 + - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: kube-state-metrics + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-state-metrics + serviceAccountName: monitoring-kube-state-metrics + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-03-15T19:28:25Z" + lastUpdateTime: "2025-03-15T19:28:41Z" + message: ReplicaSet "monitoring-kube-state-metrics-6d79fb6b66" has successfully + progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-10-27T12:02:33Z" + lastUpdateTime: "2025-10-27T12:02:33Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + pod-template-hash: 57bd7cc44f + name: monitoring-grafana-57bd7cc44f + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: monitoring-grafana + uid: fc6bfa03-c1bf-465a-8b0f-cc59840d4ee9 + resourceVersion: "12273752" + uid: 5d7b2e80-dcf0-4ec8-adeb-b494fa3b5e68 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + pod-template-hash: 57bd7cc44f + template: + metadata: + annotations: + checksum/config: 0e9cbd0ea8e24e32f7dfca5bab17a2ba05652642f0a09a4882833ae88e4cc4a3 + checksum/sc-dashboard-provider-config: e70bf6a851099d385178a76de9757bb0bef8299da6d8443602590e44f05fdf24 + checksum/secret: 032056e9c62bbe9d1daa41ee49cd3d9524c076f51ca4c65adadf4ef08ef28712 + kubectl.kubernetes.io/default-container: grafana + creationTimestamp: null + labels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: grafana + app.kubernetes.io/version: 11.5.2 + helm.sh/chart: grafana-8.10.3 + pod-template-hash: 57bd7cc44f + spec: + automountServiceAccountToken: true + containers: + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_dashboard + - name: LABEL_VALUE + value: "1" + - name: FOLDER + value: /tmp/dashboards + - name: RESOURCE + value: both + - name: NAMESPACE + value: ALL + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/dashboards/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-dashboard + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - env: + - name: METHOD + value: WATCH + - name: LABEL + value: grafana_datasource + - name: LABEL_VALUE + value: "1" + - name: FOLDER + value: /etc/grafana/provisioning/datasources + - name: RESOURCE + value: both + - name: REQ_USERNAME + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: REQ_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: REQ_URL + value: http://localhost:3000/api/admin/provisioning/datasources/reload + - name: REQ_METHOD + value: POST + image: quay.io/kiwigrid/k8s-sidecar:1.30.0 + imagePullPolicy: IfNotPresent + name: grafana-sc-datasources + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + - env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + - name: GF_SECURITY_ADMIN_USER + valueFrom: + secretKeyRef: + key: admin-user + name: monitoring-grafana + - name: GF_SECURITY_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: admin-password + name: monitoring-grafana + - name: GF_PATHS_DATA + value: /var/lib/grafana/ + - name: GF_PATHS_LOGS + value: /var/log/grafana + - name: GF_PATHS_PLUGINS + value: /var/lib/grafana/plugins + - name: GF_PATHS_PROVISIONING + value: /etc/grafana/provisioning + image: docker.io/grafana/grafana:11.5.2 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + initialDelaySeconds: 60 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 30 + name: grafana + ports: + - containerPort: 3000 + name: grafana + protocol: TCP + - containerPort: 9094 + name: gossip-tcp + protocol: TCP + - containerPort: 9094 + name: gossip-udp + protocol: UDP + - containerPort: 6060 + name: profiling + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /api/health + port: 3000 + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /etc/grafana/grafana.ini + name: config + subPath: grafana.ini + - mountPath: /var/lib/grafana + name: storage + - mountPath: /tmp/dashboards + name: sc-dashboard-volume + - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml + name: sc-dashboard-provider + subPath: provider.yaml + - mountPath: /etc/grafana/provisioning/datasources + name: sc-datasources-volume + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 472 + runAsGroup: 472 + runAsNonRoot: true + runAsUser: 472 + serviceAccount: monitoring-grafana + serviceAccountName: monitoring-grafana + shareProcessNamespace: false + terminationGracePeriodSeconds: 30 + volumes: + - configMap: + defaultMode: 420 + name: monitoring-grafana + name: config + - emptyDir: {} + name: storage + - emptyDir: {} + name: sc-dashboard-volume + - configMap: + defaultMode: 420 + name: monitoring-grafana-config-dashboards + name: sc-dashboard-provider + - emptyDir: {} + name: sc-datasources-volume + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + pod-template-hash: 55f4b4d949 + release: monitoring + name: monitoring-kube-prometheus-operator-55f4b4d949 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: monitoring-kube-prometheus-operator + uid: 4158076c-b017-4c71-ac3a-f0be9fa7137a + resourceVersion: "9486994" + uid: 6018d8a7-1d56-4811-80e1-042743fa271b + spec: + replicas: 1 + selector: + matchLabels: + app: kube-prometheus-stack-operator + pod-template-hash: 55f4b4d949 + release: monitoring + template: + metadata: + creationTimestamp: null + labels: + app: kube-prometheus-stack-operator + app.kubernetes.io/component: prometheus-operator + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-prometheus-stack-prometheus-operator + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + pod-template-hash: 55f4b4d949 + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --kubelet-service=kube-system/monitoring-kube-prometheus-kubelet + - --kubelet-endpoints=true + - --kubelet-endpointslice=false + - --localhost=127.0.0.1 + - --prometheus-config-reloader=quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + - --config-reloader-cpu-request=0 + - --config-reloader-cpu-limit=0 + - --config-reloader-memory-request=0 + - --config-reloader-memory-limit=0 + - --thanos-default-base-image=quay.io/thanos/thanos:v0.37.2 + - --secret-field-selector=type!=kubernetes.io/dockercfg,type!=kubernetes.io/service-account-token,type!=helm.sh/release.v1 + - --web.enable-tls=true + - --web.cert-file=/cert/cert + - --web.key-file=/cert/key + - --web.listen-address=:10250 + - --web.tls-min-version=VersionTLS13 + env: + - name: GOGC + value: "30" + image: quay.io/prometheus-operator/prometheus-operator:v0.81.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + name: kube-prometheus-stack + ports: + - containerPort: 10250 + name: https + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /healthz + port: https + scheme: HTTPS + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /cert + name: tls-secret + readOnly: true + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-operator + serviceAccountName: monitoring-kube-prometheus-operator + terminationGracePeriodSeconds: 30 + volumes: + - name: tls-secret + secret: + defaultMode: 420 + secretName: monitoring-kube-prometheus-admission + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + creationTimestamp: "2025-03-15T19:28:25Z" + generation: 1 + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + pod-template-hash: 6d79fb6b66 + release: monitoring + name: monitoring-kube-state-metrics-6d79fb6b66 + namespace: monitoring + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: monitoring-kube-state-metrics + uid: e30931b2-603e-45aa-8921-36bde6c62412 + resourceVersion: "20356830" + uid: d4a6f708-59c4-4a58-9fec-f0bbfde4a93b + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring + app.kubernetes.io/name: kube-state-metrics + pod-template-hash: 6d79fb6b66 + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: metrics + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: kube-state-metrics + app.kubernetes.io/part-of: kube-state-metrics + app.kubernetes.io/version: 2.15.0 + helm.sh/chart: kube-state-metrics-5.30.1 + pod-template-hash: 6d79fb6b66 + release: monitoring + spec: + automountServiceAccountToken: true + containers: + - args: + - --port=8080 + - --resources=certificatesigningrequests,configmaps,cronjobs,daemonsets,deployments,endpoints,horizontalpodautoscalers,ingresses,jobs,leases,limitranges,mutatingwebhookconfigurations,namespaces,networkpolicies,nodes,persistentvolumeclaims,persistentvolumes,poddisruptionbudgets,pods,replicasets,replicationcontrollers,resourcequotas,secrets,services,statefulsets,storageclasses,validatingwebhookconfigurations,volumeattachments + image: registry.k8s.io/kube-state-metrics/kube-state-metrics:v2.15.0 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + path: /livez + port: 8080 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: kube-state-metrics + ports: + - containerPort: 8080 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /readyz + port: 8081 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 65534 + runAsGroup: 65534 + runAsNonRoot: true + runAsUser: 65534 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-state-metrics + serviceAccountName: monitoring-kube-state-metrics + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + prometheus-operator-input-hash: "1548357065563043061" + creationTimestamp: "2025-03-15T19:28:35Z" + generation: 1 + labels: + app: kube-prometheus-stack-alertmanager + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + managed-by: prometheus-operator + release: monitoring + name: alertmanager-monitoring-kube-prometheus-alertmanager + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + blockOwnerDeletion: true + controller: true + kind: Alertmanager + name: monitoring-kube-prometheus-alertmanager + uid: 88a51b90-294a-485f-84ca-ec2b1b03eab6 + resourceVersion: "12143681" + uid: d1ac5b0a-c1d8-442f-b938-c8387c484893 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: alertmanager + serviceName: alertmanager-operated + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: alertmanager + creationTimestamp: null + labels: + alertmanager: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/instance: monitoring-kube-prometheus-alertmanager + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: alertmanager + app.kubernetes.io/version: 0.28.1 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - alertmanager + - key: alertmanager + operator: In + values: + - monitoring-kube-prometheus-alertmanager + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: true + containers: + - args: + - --config.file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --storage.path=/alertmanager + - --data.retention=120h + - --cluster.listen-address= + - --web.listen-address=:9093 + - --web.external-url=http://monitoring-kube-prometheus-alertmanager.monitoring:9093 + - --web.route-prefix=/ + - --cluster.label=monitoring/monitoring-kube-prometheus-alertmanager + - --cluster.peer=alertmanager-monitoring-kube-prometheus-alertmanager-0.alertmanager-operated:9094 + - --cluster.reconnect-timeout=5m + - --web.config.file=/etc/alertmanager/web_config/web-config.yaml + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + image: quay.io/prometheus/alertmanager:v0.28.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 10 + httpGet: + path: /-/healthy + port: http-web + scheme: HTTP + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 3 + name: alertmanager + ports: + - containerPort: 9093 + name: http-web + protocol: TCP + - containerPort: 9094 + name: mesh-tcp + protocol: TCP + - containerPort: 9094 + name: mesh-udp + protocol: UDP + readinessProbe: + failureThreshold: 10 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + initialDelaySeconds: 3 + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + resources: + requests: + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + - mountPath: /etc/alertmanager/config_out + name: config-out + readOnly: true + - mountPath: /etc/alertmanager/certs + name: tls-assets + readOnly: true + - mountPath: /alertmanager + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - mountPath: /etc/alertmanager/cluster_tls_config/cluster-tls-config.yaml + name: cluster-tls-config + readOnly: true + subPath: cluster-tls-config.yaml + - args: + - --listen-address=:8080 + - --web-config-file=/etc/alertmanager/web_config/web-config.yaml + - --reload-url=http://127.0.0.1:9093/-/reload + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "-1" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: config-reloader + ports: + - containerPort: 8080 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + dnsPolicy: ClusterFirst + initContainers: + - args: + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/alertmanager/config/alertmanager.yaml.gz + - --config-envsubst-file=/etc/alertmanager/config_out/alertmanager.env.yaml + - --watched-dir=/etc/alertmanager/config + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "-1" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: init-config-reloader + ports: + - containerPort: 8081 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/alertmanager/config + name: config-volume + readOnly: true + - mountPath: /etc/alertmanager/config_out + name: config-out + - mountPath: /etc/alertmanager/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-alertmanager + serviceAccountName: monitoring-kube-prometheus-alertmanager + terminationGracePeriodSeconds: 120 + volumes: + - name: config-volume + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-generated + - name: tls-assets + projected: + defaultMode: 420 + sources: + - secret: + name: alertmanager-monitoring-kube-prometheus-alertmanager-tls-assets-0 + - emptyDir: + medium: Memory + name: config-out + - name: web-config + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-web-config + - name: cluster-tls-config + secret: + defaultMode: 420 + secretName: alertmanager-monitoring-kube-prometheus-alertmanager-cluster-tls-config + - emptyDir: {} + name: alertmanager-monitoring-kube-prometheus-alertmanager-db + updateStrategy: + type: RollingUpdate + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: alertmanager-monitoring-kube-prometheus-alertmanager-6b749c8658 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: monitoring + meta.helm.sh/release-namespace: monitoring + prometheus-operator-input-hash: "13698391499502685580" + creationTimestamp: "2025-03-15T19:28:36Z" + generation: 1 + labels: + app: kube-prometheus-stack-prometheus + app.kubernetes.io/instance: monitoring + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/part-of: kube-prometheus-stack + app.kubernetes.io/version: 70.0.0 + chart: kube-prometheus-stack-70.0.0 + heritage: Helm + managed-by: prometheus-operator + operator.prometheus.io/mode: server + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: "0" + release: monitoring + name: prometheus-monitoring-kube-prometheus-prometheus + namespace: monitoring + ownerReferences: + - apiVersion: monitoring.coreos.com/v1 + blockOwnerDeletion: true + controller: true + kind: Prometheus + name: monitoring-kube-prometheus-prometheus + uid: 733d54a5-4541-46bc-82be-1c8b1b5925f4 + resourceVersion: "12273747" + uid: 9bffc56e-9f40-49e1-82af-16217933206f + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: Parallel + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: prometheus + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: "0" + prometheus: monitoring-kube-prometheus-prometheus + serviceName: prometheus-operated + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: prometheus + creationTimestamp: null + labels: + app.kubernetes.io/instance: monitoring-kube-prometheus-prometheus + app.kubernetes.io/managed-by: prometheus-operator + app.kubernetes.io/name: prometheus + app.kubernetes.io/version: 3.2.1 + operator.prometheus.io/name: monitoring-kube-prometheus-prometheus + operator.prometheus.io/shard: "0" + prometheus: monitoring-kube-prometheus-prometheus + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchExpressions: + - key: app.kubernetes.io/name + operator: In + values: + - prometheus + - key: prometheus + operator: In + values: + - monitoring-kube-prometheus-prometheus + topologyKey: kubernetes.io/hostname + weight: 100 + automountServiceAccountToken: true + containers: + - args: + - --web.console.templates=/etc/prometheus/consoles + - --web.console.libraries=/etc/prometheus/console_libraries + - --config.file=/etc/prometheus/config_out/prometheus.env.yaml + - --web.enable-lifecycle + - --web.external-url=http://monitoring-kube-prometheus-prometheus.monitoring:9090 + - --web.route-prefix=/ + - --storage.tsdb.retention.time=10d + - --storage.tsdb.path=/prometheus + - --storage.tsdb.wal-compression + - --web.config.file=/etc/prometheus/web_config/web-config.yaml + image: quay.io/prometheus/prometheus:v3.2.1 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 6 + httpGet: + path: /-/healthy + port: http-web + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + name: prometheus + ports: + - containerPort: 9090 + name: http-web + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + periodSeconds: 5 + successThreshold: 1 + timeoutSeconds: 3 + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + startupProbe: + failureThreshold: 60 + httpGet: + path: /-/ready + port: http-web + scheme: HTTP + periodSeconds: 15 + successThreshold: 1 + timeoutSeconds: 3 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config_out + name: config-out + readOnly: true + - mountPath: /etc/prometheus/certs + name: tls-assets + readOnly: true + - mountPath: /prometheus + name: prometheus-monitoring-kube-prometheus-prometheus-db + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - mountPath: /etc/prometheus/web_config/web-config.yaml + name: web-config + readOnly: true + subPath: web-config.yaml + - args: + - --listen-address=:8080 + - --reload-url=http://127.0.0.1:9090/-/reload + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "0" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: config-reloader + ports: + - containerPort: 8080 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + dnsPolicy: ClusterFirst + initContainers: + - args: + - --watch-interval=0 + - --listen-address=:8081 + - --config-file=/etc/prometheus/config/prometheus.yaml.gz + - --config-envsubst-file=/etc/prometheus/config_out/prometheus.env.yaml + - --watched-dir=/etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + command: + - /bin/prometheus-config-reloader + env: + - name: POD_NAME + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.name + - name: SHARD + value: "0" + image: quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0 + imagePullPolicy: IfNotPresent + name: init-config-reloader + ports: + - containerPort: 8081 + name: reloader-web + protocol: TCP + resources: {} + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: FallbackToLogsOnError + volumeMounts: + - mountPath: /etc/prometheus/config + name: config + - mountPath: /etc/prometheus/config_out + name: config-out + - mountPath: /etc/prometheus/rules/prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 2000 + runAsGroup: 2000 + runAsNonRoot: true + runAsUser: 1000 + seccompProfile: + type: RuntimeDefault + serviceAccount: monitoring-kube-prometheus-prometheus + serviceAccountName: monitoring-kube-prometheus-prometheus + shareProcessNamespace: false + terminationGracePeriodSeconds: 600 + volumes: + - name: config + secret: + defaultMode: 420 + secretName: prometheus-monitoring-kube-prometheus-prometheus + - name: tls-assets + projected: + defaultMode: 420 + sources: + - secret: + name: prometheus-monitoring-kube-prometheus-prometheus-tls-assets-0 + - emptyDir: + medium: Memory + name: config-out + - configMap: + defaultMode: 420 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + name: prometheus-monitoring-kube-prometheus-prometheus-rulefiles-0 + - name: web-config + secret: + defaultMode: 420 + secretName: prometheus-monitoring-kube-prometheus-prometheus-web-config + - emptyDir: {} + name: prometheus-monitoring-kube-prometheus-prometheus-db + updateStrategy: + type: RollingUpdate + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: prometheus-monitoring-kube-prometheus-prometheus-86dddb5558 + updatedReplicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/nextcloud/all.yaml b/manifests/nextcloud/all.yaml new file mode 100644 index 0000000..33d0475 --- /dev/null +++ b/manifests/nextcloud/all.yaml @@ -0,0 +1,3043 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-08-25T19:58:43Z" + generateName: elasticsearch-6b8cd75846- + labels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + name: elasticsearch-6b8cd75846-9flx5 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: elasticsearch-6b8cd75846 + uid: 5f730c22-0c63-4cb7-81a7-a4eeea5189a0 + resourceVersion: "20356491" + uid: c06f63ef-6dc5-48bf-ac10-1e45a86133bb + spec: + containers: + - env: + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: "false" + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imagePullPolicy: IfNotPresent + name: elasticsearch + ports: + - containerPort: 9200 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-hg5gq + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - emptyDir: {} + name: data + - name: kube-api-access-hg5gq + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-25T19:59:08Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-08-25T19:58:43Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-25T19:59:08Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-25T19:59:08Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-08-25T19:58:43Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://784adc6a2fded6328b195d76aac4660ffffc1b1bea76aac0196977d2091ae3e1 + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imageID: docker.elastic.co/elasticsearch/elasticsearch@sha256:159534b0af912835c708face6c4620029adbbd0d27c8cccd34968d2dba8d74b8 + lastState: {} + name: elasticsearch + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-08-25T19:59:08Z" + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-hg5gq + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.93 + podIPs: + - ip: 10.244.0.93 + qosClass: BestEffort + startTime: "2025-08-25T19:58:43Z" +- apiVersion: v1 + kind: Pod + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: "2025-09-10T18:14:12Z" + generateName: nextcloud-579d6957cd- + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + name: nextcloud-579d6957cd-9rkdf + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: nextcloud-579d6957cd + uid: 3f1c61ec-f722-48ee-93fb-c8e97dd37303 + resourceVersion: "20356628" + uid: b1dfa34d-869e-471a-90cf-b6d9c4b4bab7 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-media + - name: kube-api-access-84vpf + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-09-10T18:14:12Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-09-10T18:14:12Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-09-10T20:47:08Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-09-10T20:47:08Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-09-10T18:14:12Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://dcf8a911b2b8cdef759e2e43b4612773c54c00eecdd28b671892862e428dbde0 + image: docker.io/library/nextcloud:31.0.8-apache + imageID: docker.io/library/nextcloud@sha256:c3329db9d0d0d79b1fe6433b54b81c28acaefecfe96a400be202b7da80f6b8ca + lastState: + terminated: + containerID: containerd://b63eff5a9112bd0c96960ec78a865e2f8330d0378b8bebbac7e881e77ed0717f + exitCode: 0 + finishedAt: "2025-09-10T20:46:46Z" + reason: Completed + startedAt: "2025-09-10T18:14:12Z" + name: nextcloud + ready: true + restartCount: 1 + started: true + state: + running: + startedAt: "2025-09-10T20:46:46Z" + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + - mountPath: /var/www/html + name: nextcloud-main + - mountPath: /var/www/html/data + name: nextcloud-main + - mountPath: /var/www/html/config + name: nextcloud-main + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + - mountPath: /var/www/tmp + name: nextcloud-main + - mountPath: /var/www/html/themes + name: nextcloud-main + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + initContainerStatuses: + - containerID: containerd://07dcee399e4283d9f6e754c0f99bf64d5f38bbc895b4bdb1fd9199c65a51870f + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f + lastState: {} + name: postgresql-isready + ready: true + restartCount: 0 + started: false + state: + terminated: + containerID: containerd://07dcee399e4283d9f6e754c0f99bf64d5f38bbc895b4bdb1fd9199c65a51870f + exitCode: 0 + finishedAt: "2025-09-10T18:14:12Z" + reason: Completed + startedAt: "2025-09-10T18:14:12Z" + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-84vpf + readOnly: true + recursiveReadOnly: Disabled + phase: Running + podIP: 10.244.0.111 + podIPs: + - ip: 10.244.0.111 + qosClass: BestEffort + startTime: "2025-09-10T18:14:12Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-08-24T18:31:46Z" + generateName: nextcloud-postgresql- + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + apps.kubernetes.io/pod-index: "0" + controller-revision-hash: nextcloud-postgresql-797775c5fb + helm.sh/chart: postgresql-16.7.4 + statefulset.kubernetes.io/pod-name: nextcloud-postgresql-0 + name: nextcloud-postgresql-0 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: StatefulSet + name: nextcloud-postgresql + uid: e648b386-1cd1-42db-8e16-6b383dd87d70 + resourceVersion: "20356554" + uid: daf6ad29-f5fe-4c42-8d83-b0d132889928 + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: nextcloud + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: nextcloud + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + enableServiceLinks: true + hostname: nextcloud-postgresql-0 + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: nextcloud-postgresql + serviceAccountName: nextcloud-postgresql + subdomain: nextcloud-postgresql-hl + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - emptyDir: {} + name: empty-dir + - name: postgresql-password + secret: + defaultMode: 420 + secretName: nextcloud-postgresql + - emptyDir: + medium: Memory + name: dshm + - emptyDir: {} + name: data + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T18:31:48Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-08-24T18:31:46Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-09-12T11:29:31Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-09-12T11:29:31Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-08-24T18:31:46Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://f8e95b50afee2a0ac1e6eb497d3b63a17b2da613265284fa8f8f79c2a462fb0b + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imageID: docker.io/bitnami/postgresql@sha256:5cf757a084469da93ca39a294c9ec7c1aaf2d2a5f728001676ece1a9607fa57f + lastState: + terminated: + containerID: containerd://4390cfa5d9bc3faebd41e1394b9e9fcae4c7be44218b44e76b88a2716850a5ff + exitCode: 137 + finishedAt: "2025-09-12T11:29:19Z" + reason: OOMKilled + startedAt: "2025-09-10T20:46:24Z" + name: postgresql + ready: true + restartCount: 3 + started: true + state: + running: + startedAt: "2025-09-12T11:29:20Z" + volumeMounts: + - mountPath: /tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.52 + podIPs: + - ip: 10.244.0.52 + qosClass: Burstable + startTime: "2025-08-24T18:31:46Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"elasticsearch","namespace":"nextcloud"},"spec":{"ports":[{"port":9200,"targetPort":9200}],"selector":{"app":"elasticsearch"}}} + creationTimestamp: "2025-08-25T18:32:31Z" + name: elasticsearch + namespace: nextcloud + resourceVersion: "12502038" + uid: ac66f0f0-787a-40a8-b574-e9856421eaeb + spec: + clusterIP: 10.104.186.33 + clusterIPs: + - 10.104.186.33 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 9200 + protocol: TCP + targetPort: 9200 + selector: + app: elasticsearch + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-24T18:31:46Z" + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nextcloud + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 + name: nextcloud + namespace: nextcloud + resourceVersion: "12365787" + uid: 12fce161-edc8-42ef-a5a3-ff0ef6470098 + spec: + clusterIP: 10.105.83.190 + clusterIPs: + - 10.105.83.190 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 32080 + port: 80 + protocol: TCP + targetPort: 80 + selector: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-24T18:31:46Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql + namespace: nextcloud + resourceVersion: "12365780" + uid: cdc36770-a3be-4d6b-ac0e-a3ca646fe619 + spec: + clusterIP: 10.107.224.100 + clusterIPs: + - 10.107.224.100 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-24T18:31:46Z" + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql-hl + namespace: nextcloud + resourceVersion: "12365777" + uid: 52f65006-c02e-4913-8fb6-07f49128b08a + spec: + clusterIP: None + clusterIPs: + - None + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: tcp-postgresql + port: 5432 + protocol: TCP + targetPort: tcp-postgresql + publishNotReadyAddresses: true + selector: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"elasticsearch","namespace":"nextcloud"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"elasticsearch"}},"template":{"metadata":{"labels":{"app":"elasticsearch"}},"spec":{"containers":[{"env":[{"name":"discovery.type","value":"single-node"},{"name":"xpack.security.enabled","value":"false"},{"name":"ES_JAVA_OPTS","value":"-Xms512m -Xmx512m"}],"image":"docker.elastic.co/elasticsearch/elasticsearch:8.6.1","name":"elasticsearch","ports":[{"containerPort":9200}],"volumeMounts":[{"mountPath":"/usr/share/elasticsearch/data","name":"data"}]}],"volumes":[{"emptyDir":{},"name":"data"}]}}}} + creationTimestamp: "2025-08-25T19:58:43Z" + generation: 1 + name: elasticsearch + namespace: nextcloud + resourceVersion: "12502083" + uid: 28d17310-00fa-4cca-8fd8-8b6bf6361915 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: elasticsearch + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: elasticsearch + spec: + containers: + - env: + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: "false" + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imagePullPolicy: IfNotPresent + name: elasticsearch + ports: + - containerPort: 9200 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: data + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-08-25T19:59:08Z" + lastUpdateTime: "2025-08-25T19:59:08Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2025-08-25T19:58:43Z" + lastUpdateTime: "2025-08-25T19:59:08Z" + message: ReplicaSet "elasticsearch-6b8cd75846" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "10" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-24T18:31:46Z" + generation: 14 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: nextcloud + app.kubernetes.io/version: 31.0.8 + helm.sh/chart: nextcloud-7.0.2 + name: nextcloud + namespace: nextcloud + resourceVersion: "14520176" + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + strategy: + type: Recreate + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-media + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-08-24T18:31:46Z" + lastUpdateTime: "2025-09-10T18:14:24Z" + message: ReplicaSet "nextcloud-579d6957cd" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-09-10T20:47:08Z" + lastUpdateTime: "2025-09-10T20:47:08Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 14 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-08-25T19:58:43Z" + generation: 1 + labels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + name: elasticsearch-6b8cd75846 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: elasticsearch + uid: 28d17310-00fa-4cca-8fd8-8b6bf6361915 + resourceVersion: "12502082" + uid: 5f730c22-0c63-4cb7-81a7-a4eeea5189a0 + spec: + replicas: 1 + selector: + matchLabels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + template: + metadata: + creationTimestamp: null + labels: + app: elasticsearch + pod-template-hash: 6b8cd75846 + spec: + containers: + - env: + - name: discovery.type + value: single-node + - name: xpack.security.enabled + value: "false" + - name: ES_JAVA_OPTS + value: -Xms512m -Xmx512m + image: docker.elastic.co/elasticsearch/elasticsearch:8.6.1 + imagePullPolicy: IfNotPresent + name: elasticsearch + ports: + - containerPort: 9200 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /usr/share/elasticsearch/data + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: data + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "3" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-25T13:34:57Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 55d9785497 + name: nextcloud-55d9785497 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "12467934" + uid: 934925dd-e1e1-43d4-9f05-666f3d01e643 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 55d9785497 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 55d9785497 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "10" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-09-10T18:14:12Z" + generation: 1 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + name: nextcloud-579d6957cd + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "14520175" + uid: 3f1c61ec-f722-48ee-93fb-c8e97dd37303 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 579d6957cd + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-media + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "5" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-25T13:46:49Z" + generation: 4 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6c47bbdc9 + name: nextcloud-6c47bbdc9 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "14497334" + uid: d13cc326-d8f5-410f-b245-6370203d8c0f + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6c47bbdc9 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6c47bbdc9 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 4 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "2" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-25T13:28:33Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6dc4d48f86 + name: nextcloud-6dc4d48f86 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "12466964" + uid: f1c26a26-e346-4d1d-bbc4-421e4ca37ecb + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6dc4d48f86 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 6dc4d48f86 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: next.experlab.xyz nextcloud 192.168.31.54 192.168.31.54:32080 + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "0" + deployment.kubernetes.io/max-replicas: "0" + deployment.kubernetes.io/revision: "8" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-09-10T16:37:56Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 74f4595559 + name: nextcloud-74f4595559 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "14504722" + uid: d969aa34-cca2-4982-a37b-0da16808d5e5 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 74f4595559 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 74f4595559 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "1" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-24T18:31:46Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7578b97497 + name: nextcloud-7578b97497 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "12466308" + uid: 52457b02-27b5-4323-8f31-219477335265 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7578b97497 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7578b97497 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: next.experlab.xyz + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: next.experlab.xyz + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "0" + deployment.kubernetes.io/max-replicas: "0" + deployment.kubernetes.io/revision: "9" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-09-10T17:59:22Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7b9b9f8c44 + name: nextcloud-7b9b9f8c44 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "14506281" + uid: 35abc7c9-fd0a-4810-8804-6542d6c2a5c3 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7b9b9f8c44 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 7b9b9f8c44 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:31.0.8-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud-200gi + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "6" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-09-10T16:31:19Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 8599f69d4c + name: nextcloud-8599f69d4c + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "14497617" + uid: 530f64a1-a1d0-4229-b9e4-448cf7f3a098 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 8599f69d4c + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 8599f69d4c + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.16-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "4" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-25T13:43:20Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 998947f4 + name: nextcloud-998947f4 + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "12468278" + uid: 2cb3bed7-6e22-4971-abac-5ff290007fde + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 998947f4 + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:43:18+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: 998947f4 + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:29.0.3-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "7" + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-09-10T16:34:04Z" + generation: 2 + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: b5bd46b6c + name: nextcloud-b5bd46b6c + namespace: nextcloud + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nextcloud + uid: 3504b054-22ec-4a97-be83-c0b323ed16a6 + resourceVersion: "14497993" + uid: 7f5ec051-bc26-4e3a-b029-12dc6f5482f9 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: b5bd46b6c + template: + metadata: + annotations: + hooks-hash: 9525c2748a6c7cd0e28ec740623d0b3fa5a75c83b51ccfd136bc89c76737b204 + kubectl.kubernetes.io/restartedAt: "2025-08-25T15:46:47+02:00" + nextcloud-config-hash: 8266a725d5474acb6adbf9f0609a3494dc3340a3ac306db90eac9ddb1b851960 + php-config-hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a + creationTimestamp: null + labels: + app.kubernetes.io/component: app + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: nextcloud + pod-template-hash: b5bd46b6c + spec: + containers: + - env: + - name: POSTGRES_HOST + value: nextcloud-postgresql + - name: POSTGRES_DB + value: nextcloud + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + key: db-password + name: nextcloud-db + - name: NEXTCLOUD_ADMIN_USER + valueFrom: + secretKeyRef: + key: nextcloud-username + name: nextcloud + - name: NEXTCLOUD_ADMIN_PASSWORD + valueFrom: + secretKeyRef: + key: nextcloud-password + name: nextcloud + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: 192.168.31.54 192.168.31.54:32080 nextcloud + - name: NEXTCLOUD_DATA_DIR + value: /var/www/html/data + image: nextcloud:30.0.14-apache + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: nextcloud + ports: + - containerPort: 80 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + httpGet: + httpHeaders: + - name: Host + value: 192.168.31.54 + path: /status.php + port: 80 + scheme: HTTP + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/www/ + name: nextcloud-main + subPath: root + - mountPath: /var/www/html + name: nextcloud-main + subPath: html + - mountPath: /var/www/html/data + name: nextcloud-main + subPath: data + - mountPath: /var/www/html/config + name: nextcloud-main + subPath: config + - mountPath: /var/www/html/custom_apps + name: nextcloud-main + subPath: custom_apps + - mountPath: /var/www/tmp + name: nextcloud-main + subPath: tmp + - mountPath: /var/www/html/themes + name: nextcloud-main + subPath: themes + dnsPolicy: ClusterFirst + initContainers: + - command: + - sh + - -c + - until pg_isready -h ${POSTGRES_HOST} -U ${POSTGRES_USER} ; do sleep 2 + ; done + env: + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + key: db-username + name: nextcloud-db + - name: POSTGRES_HOST + value: nextcloud-postgresql + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + name: postgresql-isready + resources: {} + securityContext: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 33 + terminationGracePeriodSeconds: 30 + volumes: + - name: nextcloud-main + persistentVolumeClaim: + claimName: nextcloud-nextcloud + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: StatefulSet + metadata: + annotations: + meta.helm.sh/release-name: nextcloud + meta.helm.sh/release-namespace: nextcloud + creationTimestamp: "2025-08-24T18:31:46Z" + generation: 1 + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql + namespace: nextcloud + resourceVersion: "14723193" + uid: e648b386-1cd1-42db-8e16-6b383dd87d70 + spec: + persistentVolumeClaimRetentionPolicy: + whenDeleted: Retain + whenScaled: Retain + podManagementPolicy: OrderedReady + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + serviceName: nextcloud-postgresql-hl + template: + metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: postgresql + app.kubernetes.io/version: 17.5.0 + helm.sh/chart: postgresql-16.7.4 + name: nextcloud-postgresql + spec: + affinity: + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - podAffinityTerm: + labelSelector: + matchLabels: + app.kubernetes.io/component: primary + app.kubernetes.io/instance: nextcloud + app.kubernetes.io/name: postgresql + topologyKey: kubernetes.io/hostname + weight: 1 + automountServiceAccountToken: false + containers: + - env: + - name: BITNAMI_DEBUG + value: "false" + - name: POSTGRESQL_PORT_NUMBER + value: "5432" + - name: POSTGRESQL_VOLUME_DIR + value: /bitnami/postgresql + - name: PGDATA + value: /bitnami/postgresql/data + - name: POSTGRES_USER + value: nextcloud + - name: POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/password + - name: POSTGRES_POSTGRES_PASSWORD_FILE + value: /opt/bitnami/postgresql/secrets/postgres-password + - name: POSTGRES_DATABASE + value: nextcloud + - name: POSTGRESQL_ENABLE_LDAP + value: "no" + - name: POSTGRESQL_ENABLE_TLS + value: "no" + - name: POSTGRESQL_LOG_HOSTNAME + value: "false" + - name: POSTGRESQL_LOG_CONNECTIONS + value: "false" + - name: POSTGRESQL_LOG_DISCONNECTIONS + value: "false" + - name: POSTGRESQL_PGAUDIT_LOG_CATALOG + value: "off" + - name: POSTGRESQL_CLIENT_MIN_MESSAGES + value: error + - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES + value: pgaudit + image: docker.io/bitnami/postgresql:17.5.0-debian-12-r3 + imagePullPolicy: IfNotPresent + livenessProbe: + exec: + command: + - /bin/sh + - -c + - exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 + -p 5432 + failureThreshold: 6 + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + name: postgresql + ports: + - containerPort: 5432 + name: tcp-postgresql + protocol: TCP + readinessProbe: + exec: + command: + - /bin/sh + - -c + - -e + - | + exec pg_isready -U "nextcloud" -d "dbname=nextcloud" -h 127.0.0.1 -p 5432 + [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] + failureThreshold: 6 + initialDelaySeconds: 5 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + resources: + limits: + cpu: 150m + ephemeral-storage: 2Gi + memory: 192Mi + requests: + cpu: 100m + ephemeral-storage: 50Mi + memory: 128Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + readOnlyRootFilesystem: true + runAsGroup: 1001 + runAsNonRoot: true + runAsUser: 1001 + seLinuxOptions: {} + seccompProfile: + type: RuntimeDefault + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /tmp + name: empty-dir + subPath: tmp-dir + - mountPath: /opt/bitnami/postgresql/conf + name: empty-dir + subPath: app-conf-dir + - mountPath: /opt/bitnami/postgresql/tmp + name: empty-dir + subPath: app-tmp-dir + - mountPath: /opt/bitnami/postgresql/secrets/ + name: postgresql-password + - mountPath: /dev/shm + name: dshm + - mountPath: /bitnami/postgresql + name: data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: + fsGroup: 1001 + fsGroupChangePolicy: Always + serviceAccount: nextcloud-postgresql + serviceAccountName: nextcloud-postgresql + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: empty-dir + - name: postgresql-password + secret: + defaultMode: 420 + secretName: nextcloud-postgresql + - emptyDir: + medium: Memory + name: dshm + - emptyDir: {} + name: data + updateStrategy: + rollingUpdate: + partition: 0 + type: RollingUpdate + status: + availableReplicas: 1 + collisionCount: 0 + currentReplicas: 1 + currentRevision: nextcloud-postgresql-797775c5fb + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updateRevision: nextcloud-postgresql-797775c5fb + updatedReplicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/nginx-demo/all.yaml b/manifests/nginx-demo/all.yaml new file mode 100644 index 0000000..f49a460 --- /dev/null +++ b/manifests/nginx-demo/all.yaml @@ -0,0 +1,284 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-10-27T21:31:07Z" + generateName: nginx-demo-6748f5c784- + labels: + app: nginx-demo + pod-template-hash: 6748f5c784 + name: nginx-demo-6748f5c784-g8kfj + namespace: nginx-demo + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: nginx-demo-6748f5c784 + uid: 64b36a88-a697-458f-94eb-a91e7b474cf0 + resourceVersion: "20408523" + uid: 30e71238-2d23-456f-9f72-f63b4a447a5e + spec: + containers: + - image: nginx:1.27 + imagePullPolicy: IfNotPresent + name: nginx + ports: + - containerPort: 80 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-d852g + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-d852g + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:31:14Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:31:07Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:31:14Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:31:14Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-10-27T21:31:07Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://b263caf1cf71726aa91ca0908467be294db4248957f98ecbbc769b29d2bf3207 + image: docker.io/library/nginx:1.27 + imageID: docker.io/library/nginx@sha256:6784fb0834aa7dbbe12e3d7471e69c290df3e6ba810dc38b34ae33d3c1c05f7d + lastState: {} + name: nginx + ready: true + restartCount: 0 + started: true + state: + running: + startedAt: "2025-10-27T21:31:13Z" + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-d852g + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.153 + podIPs: + - ip: 10.244.0.153 + qosClass: BestEffort + startTime: "2025-10-27T21:31:07Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + argocd.argoproj.io/tracking-id: nginx-demo:/Service:nginx-demo/nginx-demo + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{"argocd.argoproj.io/tracking-id":"nginx-demo:/Service:nginx-demo/nginx-demo"},"name":"nginx-demo","namespace":"nginx-demo"},"spec":{"ports":[{"port":80,"targetPort":80}],"selector":{"app":"nginx-demo"}}} + creationTimestamp: "2025-10-27T21:31:07Z" + name: nginx-demo + namespace: nginx-demo + resourceVersion: "20408487" + uid: 3e502593-4bc3-48ce-a06b-438561b21440 + spec: + clusterIP: 10.97.52.37 + clusterIPs: + - 10.97.52.37 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 80 + protocol: TCP + targetPort: 80 + selector: + app: nginx-demo + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + argocd-image-updater.argoproj.io/image-list: nginx=nginx + argocd-image-updater.argoproj.io/nginx.update-strategy: latest + argocd.argoproj.io/tracking-id: nginx-demo:apps/Deployment:nginx-demo/nginx-demo + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{"argocd-image-updater.argoproj.io/image-list":"nginx=nginx","argocd-image-updater.argoproj.io/nginx.update-strategy":"latest","argocd.argoproj.io/tracking-id":"nginx-demo:apps/Deployment:nginx-demo/nginx-demo"},"name":"nginx-demo","namespace":"nginx-demo"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"nginx-demo"}},"template":{"metadata":{"labels":{"app":"nginx-demo"}},"spec":{"containers":[{"image":"nginx:1.27","name":"nginx","ports":[{"containerPort":80}]}]}}}} + creationTimestamp: "2025-10-27T21:31:07Z" + generation: 1 + name: nginx-demo + namespace: nginx-demo + resourceVersion: "20408527" + uid: b66cfbb3-d63c-4ec6-bd97-c74887e4f0ef + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: nginx-demo + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: nginx-demo + spec: + containers: + - image: nginx:1.27 + imagePullPolicy: IfNotPresent + name: nginx + ports: + - containerPort: 80 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-10-27T21:31:14Z" + lastUpdateTime: "2025-10-27T21:31:14Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + - lastTransitionTime: "2025-10-27T21:31:07Z" + lastUpdateTime: "2025-10-27T21:31:14Z" + message: ReplicaSet "nginx-demo-6748f5c784" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + argocd-image-updater.argoproj.io/image-list: nginx=nginx + argocd-image-updater.argoproj.io/nginx.update-strategy: latest + argocd.argoproj.io/tracking-id: nginx-demo:apps/Deployment:nginx-demo/nginx-demo + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-10-27T21:31:07Z" + generation: 1 + labels: + app: nginx-demo + pod-template-hash: 6748f5c784 + name: nginx-demo-6748f5c784 + namespace: nginx-demo + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: nginx-demo + uid: b66cfbb3-d63c-4ec6-bd97-c74887e4f0ef + resourceVersion: "20408526" + uid: 64b36a88-a697-458f-94eb-a91e7b474cf0 + spec: + replicas: 1 + selector: + matchLabels: + app: nginx-demo + pod-template-hash: 6748f5c784 + template: + metadata: + creationTimestamp: null + labels: + app: nginx-demo + pod-template-hash: 6748f5c784 + spec: + containers: + - image: nginx:1.27 + imagePullPolicy: IfNotPresent + name: nginx + ports: + - containerPort: 80 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/opensearch/all.yaml b/manifests/opensearch/all.yaml new file mode 100644 index 0000000..ded9522 --- /dev/null +++ b/manifests/opensearch/all.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +items: [] +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/osdfir/all.yaml b/manifests/osdfir/all.yaml new file mode 100644 index 0000000..ded9522 --- /dev/null +++ b/manifests/osdfir/all.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +items: [] +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/registry/all.yaml b/manifests/registry/all.yaml new file mode 100644 index 0000000..019eda1 --- /dev/null +++ b/manifests/registry/all.yaml @@ -0,0 +1,303 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-05-14T10:34:08Z" + generateName: registry-6b4d69c6d4- + labels: + app: registry + pod-template-hash: 6b4d69c6d4 + name: registry-6b4d69c6d4-z8c8s + namespace: registry + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: registry-6b4d69c6d4 + uid: 62a3ac29-be85-4b16-8396-416dcadb94ad + resourceVersion: "20356625" + uid: 457d674b-2137-469c-b738-f29b103f9e9a + spec: + containers: + - image: registry:2 + imagePullPolicy: IfNotPresent + name: registry + ports: + - containerPort: 5000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-wt7wr + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - emptyDir: {} + name: registry-storage + - name: kube-api-access-wt7wr + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:07Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-05-14T10:34:08Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:07Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:07Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-05-14T10:34:08Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://b7bf5c27c57a87976824cf4acbb9ace00df86fcafb283e4829fb10dbd58c8903 + image: docker.io/library/registry:2 + imageID: docker.io/library/registry@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373 + lastState: + terminated: + containerID: containerd://19cb806bcb7454c1c1ffb1de17f481fd5c0cf8d500b413c07076572b090e7141 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:39Z" + name: registry + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: "2025-08-24T01:02:07Z" + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-wt7wr + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.43 + podIPs: + - ip: 10.244.0.43 + qosClass: BestEffort + startTime: "2025-05-14T10:34:08Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"registry","namespace":"registry"},"spec":{"ports":[{"port":5000,"targetPort":5000}],"selector":{"app":"registry"},"type":"ClusterIP"}} + creationTimestamp: "2025-05-14T10:34:08Z" + name: registry + namespace: registry + resourceVersion: "1974083" + uid: ca00b8f1-81c1-4cdb-b05e-e1fe130f6e28 + spec: + clusterIP: 10.97.245.197 + clusterIPs: + - 10.97.245.197 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30471 + port: 5000 + protocol: TCP + targetPort: 5000 + selector: + app: registry + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"registry","namespace":"registry"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"registry"}},"template":{"metadata":{"labels":{"app":"registry"}},"spec":{"containers":[{"image":"registry:2","name":"registry","ports":[{"containerPort":5000}],"volumeMounts":[{"mountPath":"/var/lib/registry","name":"registry-storage"}]}],"volumes":[{"emptyDir":{},"name":"registry-storage"}]}}}} + creationTimestamp: "2025-05-14T10:34:08Z" + generation: 3 + name: registry + namespace: registry + resourceVersion: "6373430" + uid: 4dbb6e6b-41b4-4f8d-955e-8c8e0e6a1c73 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: registry + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: registry + spec: + containers: + - image: registry:2 + imagePullPolicy: IfNotPresent + name: registry + ports: + - containerPort: 5000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: registry-storage + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-05-14T10:34:08Z" + lastUpdateTime: "2025-05-14T10:34:12Z" + message: ReplicaSet "registry-6b4d69c6d4" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-06-17T12:39:28Z" + lastUpdateTime: "2025-06-17T12:39:28Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 3 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-05-14T10:34:08Z" + generation: 3 + labels: + app: registry + pod-template-hash: 6b4d69c6d4 + name: registry-6b4d69c6d4 + namespace: registry + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: registry + uid: 4dbb6e6b-41b4-4f8d-955e-8c8e0e6a1c73 + resourceVersion: "6373428" + uid: 62a3ac29-be85-4b16-8396-416dcadb94ad + spec: + replicas: 1 + selector: + matchLabels: + app: registry + pod-template-hash: 6b4d69c6d4 + template: + metadata: + creationTimestamp: null + labels: + app: registry + pod-template-hash: 6b4d69c6d4 + spec: + containers: + - image: registry:2 + imagePullPolicy: IfNotPresent + name: registry + ports: + - containerPort: 5000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/registry + name: registry-storage + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - emptyDir: {} + name: registry-storage + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 3 + readyReplicas: 1 + replicas: 1 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/send/all.yaml b/manifests/send/all.yaml new file mode 100644 index 0000000..6c75110 --- /dev/null +++ b/manifests/send/all.yaml @@ -0,0 +1,774 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T15:56:32+02:00" + creationTimestamp: "2025-08-12T13:57:02Z" + generateName: send-7947f95576- + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7947f95576 + name: send-7947f95576-p2ccg + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: send-7947f95576 + uid: 50a9793d-c34b-4fec-9f57-6fea6fbd1361 + resourceVersion: "20356520" + uid: 41e21fe5-7e64-437e-af39-e71eae9c3676 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: "false" + - name: MAX_ANON_FILE_SIZE + value: "21474836480" + - name: MAX_FILE_SIZE + value: "21474836480" + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: "21474836480" + - name: UI_MAX_FILE_SIZE + value: "21474836480" + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-zf5fj + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + - name: kube-api-access-zf5fj + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:10Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-08-12T13:57:02Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:14Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:14Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-08-12T13:57:02Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://37e2d2372f50285e0c36a907a222c2dd88ef876888e24351c7aa84b1e0968c8a + image: registry.gitlab.com/timvisee/send:v3.4.20 + imageID: registry.gitlab.com/timvisee/send@sha256:47986cf6ef69743c97cab26b828335c6887d6b02ce2a1fb18039984d293e4d78 + lastState: + terminated: + containerID: containerd://c8d1e862c2d005b5bc085161da7dea412dd135c73c865a059e2319e961d35b5b + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:31Z" + name: send + ready: true + restartCount: 3 + started: true + state: + running: + startedAt: "2025-08-24T01:02:10Z" + volumeMounts: + - mountPath: /uploads + name: uploads + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-zf5fj + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.49 + podIPs: + - ip: 10.244.0.49 + qosClass: BestEffort + startTime: "2025-08-12T13:57:02Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: "2025-08-12T08:43:41Z" + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: send + app.kubernetes.io/version: v3.4.20 + helm.sh/chart: send-1.2.2 + name: send + namespace: send + resourceVersion: "12122293" + uid: 182d27f5-7e86-4155-9c3d-2fc78e171e92 + spec: + clusterIP: 10.111.192.18 + clusterIPs: + - 10.111.192.18 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - name: http + nodePort: 31030 + port: 1443 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "10" + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: "2025-08-12T08:43:41Z" + generation: 11 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/managed-by: Helm + app.kubernetes.io/name: send + app.kubernetes.io/version: v3.4.20 + helm.sh/chart: send-1.2.2 + name: send + namespace: send + resourceVersion: "12273742" + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 3 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + strategy: + type: Recreate + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T15:56:32+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: "false" + - name: MAX_ANON_FILE_SIZE + value: "21474836480" + - name: MAX_FILE_SIZE + value: "21474836480" + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: "21474836480" + - name: UI_MAX_FILE_SIZE + value: "21474836480" + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-08-12T09:27:35Z" + lastUpdateTime: "2025-08-12T13:57:08Z" + message: ReplicaSet "send-7947f95576" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:15Z" + lastUpdateTime: "2025-08-24T01:02:15Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 11 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "7" + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: "2025-08-12T10:13:52Z" + generation: 2 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 745ff75597 + name: send-745ff75597 + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: "12129988" + uid: 6231ade8-b8f5-478c-9f10-ceb3510b0b0b + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 745ff75597 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T10:51:34+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 745ff75597 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: "false" + - name: MAX_ANON_FILE_SIZE + value: "10737418240" + - name: MAX_FILE_SIZE + value: "10737418240" + - name: TZ + value: UTC + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "9" + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: "2025-08-12T10:17:07Z" + generation: 2 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 764f47c8d6 + name: send-764f47c8d6 + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: "12150014" + uid: c8e51d73-76fe-4991-b1cb-d4fb46672593 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 764f47c8d6 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T10:51:34+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 764f47c8d6 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: "false" + - name: MAX_ANON_FILE_SIZE + value: "21474836480" + - name: MAX_FILE_SIZE + value: "21474836480" + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: "21474836480" + - name: UI_MAX_FILE_SIZE + value: "21474836480" + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + observedGeneration: 2 + replicas: 0 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "10" + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: "2025-08-12T13:57:02Z" + generation: 1 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7947f95576 + name: send-7947f95576 + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: "12273740" + uid: 50a9793d-c34b-4fec-9f57-6fea6fbd1361 + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7947f95576 + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T15:56:32+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7947f95576 + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: "false" + - name: MAX_ANON_FILE_SIZE + value: "21474836480" + - name: MAX_FILE_SIZE + value: "21474836480" + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: "21474836480" + - name: UI_MAX_FILE_SIZE + value: "21474836480" + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "1" + deployment.kubernetes.io/revision: "8" + meta.helm.sh/release-name: send + meta.helm.sh/release-namespace: send + creationTimestamp: "2025-08-12T10:15:01Z" + generation: 2 + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7cf87974b + name: send-7cf87974b + namespace: send + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: send + uid: 6b144969-395e-4bc5-9e94-c93a2cbc301a + resourceVersion: "12130228" + uid: c001e3d7-8254-4f9a-9f00-a64b8d7309b1 + spec: + replicas: 0 + selector: + matchLabels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7cf87974b + template: + metadata: + annotations: + kubectl.kubernetes.io/restartedAt: "2025-08-12T10:51:34+02:00" + creationTimestamp: null + labels: + app.kubernetes.io/instance: send + app.kubernetes.io/name: send + pod-template-hash: 7cf87974b + spec: + automountServiceAccountToken: true + containers: + - env: + - name: BASE_URL + value: https://send.experlab.xyz + - name: DETECT_BASE_URL + value: "false" + - name: MAX_ANON_FILE_SIZE + value: "10737418240" + - name: MAX_FILE_SIZE + value: "10737418240" + - name: TZ + value: UTC + - name: UI_MAX_ANON_FILE_SIZE + value: "10737418240" + - name: UI_MAX_FILE_SIZE + value: "10737418240" + image: registry.gitlab.com/timvisee/send:v3.4.20 + imagePullPolicy: IfNotPresent + livenessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + name: send + ports: + - containerPort: 1443 + name: http + protocol: TCP + readinessProbe: + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + resources: {} + startupProbe: + failureThreshold: 30 + periodSeconds: 5 + successThreshold: 1 + tcpSocket: + port: 1443 + timeoutSeconds: 1 + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /uploads + name: uploads + dnsPolicy: ClusterFirst + enableServiceLinks: true + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + volumes: + - name: uploads + persistentVolumeClaim: + claimName: send-uploads + status: + observedGeneration: 2 + replicas: 0 +kind: List +metadata: + resourceVersion: "" diff --git a/manifests/wiki/all.yaml b/manifests/wiki/all.yaml new file mode 100644 index 0000000..6a0dbb2 --- /dev/null +++ b/manifests/wiki/all.yaml @@ -0,0 +1,644 @@ +apiVersion: v1 +items: +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-05-21T13:55:04Z" + generateName: wikijs-6bd85497c7- + labels: + app: wikijs + pod-template-hash: 6bd85497c7 + name: wikijs-6bd85497c7-pms5l + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: wikijs-6bd85497c7 + uid: 457871f1-eb38-41a9-afb2-c4f248e68205 + resourceVersion: "20356518" + uid: 7a49f498-1cf4-49b6-b0c3-363769650655 + spec: + containers: + - env: + - name: DB_TYPE + value: postgres + - name: DB_HOST + value: wikijs-postgres + - name: DB_PORT + value: "5432" + - name: DB_USER + value: wikijs + - name: DB_PASS + value: wikijsrocks + - name: DB_NAME + value: wikijs + image: ghcr.io/requarks/wiki:latest + imagePullPolicy: Always + name: wiki + ports: + - containerPort: 3000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-lq4rc + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: kube-api-access-lq4rc + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:42Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-05-21T13:55:04Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:42Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:42Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-05-21T13:55:04Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://7f8a57137386d6f90e200982b8b520c87febdc7eb2a4cf35e2b7efe4285d7f0c + image: ghcr.io/requarks/wiki:latest + imageID: ghcr.io/requarks/wiki@sha256:1eaa2de751c2925871a95a02e0ddbdd5c48bf2e016653b2e4a8f0c646cc4ff83 + lastState: + terminated: + containerID: containerd://911a250febab0b7babd609edb8458077efbbc4b16dd4381c17b3814d1aca762a + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:47Z" + name: wiki + ready: true + restartCount: 12 + started: true + state: + running: + startedAt: "2025-08-24T01:02:41Z" + volumeMounts: + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-lq4rc + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.46 + podIPs: + - ip: 10.244.0.46 + qosClass: BestEffort + startTime: "2025-05-21T13:55:04Z" +- apiVersion: v1 + kind: Pod + metadata: + creationTimestamp: "2025-05-21T13:55:04Z" + generateName: wikijs-postgres-79d84f58b5- + labels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + name: wikijs-postgres-79d84f58b5-jnff4 + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: ReplicaSet + name: wikijs-postgres-79d84f58b5 + uid: d3e5df36-d1f0-4dfd-aa76-30063a80fbb8 + resourceVersion: "20356480" + uid: d30024af-854a-40d2-8615-a2a40c525b60 + spec: + containers: + - env: + - name: POSTGRES_DB + value: wikijs + - name: POSTGRES_USER + value: wikijs + - name: POSTGRES_PASSWORD + value: wikijsrocks + image: postgres:14 + imagePullPolicy: IfNotPresent + name: postgres + ports: + - containerPort: 5432 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-djkxt + readOnly: true + dnsPolicy: ClusterFirst + enableServiceLinks: true + nodeName: server-thinkcentre-e73 + preemptionPolicy: PreemptLowerPriority + priority: 0 + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + serviceAccount: default + serviceAccountName: default + terminationGracePeriodSeconds: 30 + tolerations: + - effect: NoExecute + key: node.kubernetes.io/not-ready + operator: Exists + tolerationSeconds: 300 + - effect: NoExecute + key: node.kubernetes.io/unreachable + operator: Exists + tolerationSeconds: 300 + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: wikijs-postgres-pvc + - name: kube-api-access-djkxt + projected: + defaultMode: 420 + sources: + - serviceAccountToken: + expirationSeconds: 3607 + path: token + - configMap: + items: + - key: ca.crt + path: ca.crt + name: kube-root-ca.crt + - downwardAPI: + items: + - fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + path: namespace + status: + conditions: + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: PodReadyToStartContainers + - lastProbeTime: null + lastTransitionTime: "2025-05-21T13:55:08Z" + status: "True" + type: Initialized + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: Ready + - lastProbeTime: null + lastTransitionTime: "2025-08-24T01:02:09Z" + status: "True" + type: ContainersReady + - lastProbeTime: null + lastTransitionTime: "2025-05-21T13:55:08Z" + status: "True" + type: PodScheduled + containerStatuses: + - containerID: containerd://cf6866bbb5d81f8d0a0d5166f80f983acaf084333be58bb75f09b39b7affe779 + image: docker.io/library/postgres:14 + imageID: docker.io/library/postgres@sha256:e7e9c0b3470ebff1b693f3a0a3302eb02505e62d67fc1b42c86c2811b4c6e451 + lastState: + terminated: + containerID: containerd://748ff60cb1099d8223cb464cfa8b08acbc70f3f954e39d9a9657d8208c1f38b8 + exitCode: 255 + finishedAt: "2025-08-24T01:01:44Z" + reason: Unknown + startedAt: "2025-08-12T14:09:42Z" + name: postgres + ready: true + restartCount: 7 + started: true + state: + running: + startedAt: "2025-08-24T01:02:10Z" + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + - mountPath: /var/run/secrets/kubernetes.io/serviceaccount + name: kube-api-access-djkxt + readOnly: true + recursiveReadOnly: Disabled + hostIP: 192.168.31.54 + hostIPs: + - ip: 192.168.31.54 + phase: Running + podIP: 10.244.0.47 + podIPs: + - ip: 10.244.0.47 + qosClass: BestEffort + startTime: "2025-05-21T13:55:08Z" +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wikijs","namespace":"wiki"},"spec":{"ports":[{"nodePort":30080,"port":80,"targetPort":3000}],"selector":{"app":"wikijs"},"type":"NodePort"}} + creationTimestamp: "2025-05-21T13:55:04Z" + name: wikijs + namespace: wiki + resourceVersion: "2872068" + uid: d358248f-0bf0-459e-95cf-cc10ff21ad6a + spec: + clusterIP: 10.111.144.209 + clusterIPs: + - 10.111.144.209 + externalTrafficPolicy: Cluster + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - nodePort: 30080 + port: 80 + protocol: TCP + targetPort: 3000 + selector: + app: wikijs + sessionAffinity: None + type: NodePort + status: + loadBalancer: {} +- apiVersion: v1 + kind: Service + metadata: + annotations: + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"v1","kind":"Service","metadata":{"annotations":{},"name":"wikijs-postgres","namespace":"wiki"},"spec":{"ports":[{"port":5432,"targetPort":5432}],"selector":{"app":"wikijs-postgres"}}} + creationTimestamp: "2025-05-21T14:01:52Z" + name: wikijs-postgres + namespace: wiki + resourceVersion: "2872812" + uid: e4a14775-b709-4e22-845d-2b454f5c9296 + spec: + clusterIP: 10.106.106.142 + clusterIPs: + - 10.106.106.142 + internalTrafficPolicy: Cluster + ipFamilies: + - IPv4 + ipFamilyPolicy: SingleStack + ports: + - port: 5432 + protocol: TCP + targetPort: 5432 + selector: + app: wikijs-postgres + sessionAffinity: None + type: ClusterIP + status: + loadBalancer: {} +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"wikijs","namespace":"wiki"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"wikijs"}},"template":{"metadata":{"labels":{"app":"wikijs"}},"spec":{"containers":[{"env":[{"name":"DB_TYPE","value":"postgres"},{"name":"DB_HOST","value":"wikijs-postgres"},{"name":"DB_PORT","value":"5432"},{"name":"DB_USER","value":"wikijs"},{"name":"DB_PASS","value":"wikijsrocks"},{"name":"DB_NAME","value":"wikijs"}],"image":"ghcr.io/requarks/wiki:latest","name":"wiki","ports":[{"containerPort":3000}]}]}}}} + creationTimestamp: "2025-05-21T13:55:04Z" + generation: 1 + name: wikijs + namespace: wiki + resourceVersion: "12273871" + uid: 4bdf2b62-bcba-4549-b404-8063922f94fc + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: wikijs + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: wikijs + spec: + containers: + - env: + - name: DB_TYPE + value: postgres + - name: DB_HOST + value: wikijs-postgres + - name: DB_PORT + value: "5432" + - name: DB_USER + value: wikijs + - name: DB_PASS + value: wikijsrocks + - name: DB_NAME + value: wikijs + image: ghcr.io/requarks/wiki:latest + imagePullPolicy: Always + name: wiki + ports: + - containerPort: 3000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-05-21T13:55:04Z" + lastUpdateTime: "2025-05-21T13:55:53Z" + message: ReplicaSet "wikijs-6bd85497c7" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-08-24T01:02:42Z" + lastUpdateTime: "2025-08-24T01:02:42Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: Deployment + metadata: + annotations: + deployment.kubernetes.io/revision: "1" + kubectl.kubernetes.io/last-applied-configuration: | + {"apiVersion":"apps/v1","kind":"Deployment","metadata":{"annotations":{},"name":"wikijs-postgres","namespace":"wiki"},"spec":{"replicas":1,"selector":{"matchLabels":{"app":"wikijs-postgres"}},"template":{"metadata":{"labels":{"app":"wikijs-postgres"}},"spec":{"containers":[{"env":[{"name":"POSTGRES_DB","value":"wikijs"},{"name":"POSTGRES_USER","value":"wikijs"},{"name":"POSTGRES_PASSWORD","value":"wikijsrocks"}],"image":"postgres:14","name":"postgres","ports":[{"containerPort":5432}],"volumeMounts":[{"mountPath":"/var/lib/postgresql/data","name":"postgres-data"}]}],"volumes":[{"name":"postgres-data","persistentVolumeClaim":{"claimName":"wikijs-postgres-pvc"}}]}}}} + creationTimestamp: "2025-05-21T13:55:04Z" + generation: 1 + name: wikijs-postgres + namespace: wiki + resourceVersion: "8820198" + uid: 502330c7-9841-4df2-b4d7-f5664efe11b6 + spec: + progressDeadlineSeconds: 600 + replicas: 1 + revisionHistoryLimit: 10 + selector: + matchLabels: + app: wikijs-postgres + strategy: + rollingUpdate: + maxSurge: 25% + maxUnavailable: 25% + type: RollingUpdate + template: + metadata: + creationTimestamp: null + labels: + app: wikijs-postgres + spec: + containers: + - env: + - name: POSTGRES_DB + value: wikijs + - name: POSTGRES_USER + value: wikijs + - name: POSTGRES_PASSWORD + value: wikijsrocks + image: postgres:14 + imagePullPolicy: IfNotPresent + name: postgres + ports: + - containerPort: 5432 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: wikijs-postgres-pvc + status: + availableReplicas: 1 + conditions: + - lastTransitionTime: "2025-05-21T13:55:04Z" + lastUpdateTime: "2025-05-21T13:56:01Z" + message: ReplicaSet "wikijs-postgres-79d84f58b5" has successfully progressed. + reason: NewReplicaSetAvailable + status: "True" + type: Progressing + - lastTransitionTime: "2025-07-07T13:23:22Z" + lastUpdateTime: "2025-07-07T13:23:22Z" + message: Deployment has minimum availability. + reason: MinimumReplicasAvailable + status: "True" + type: Available + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 + updatedReplicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-05-21T13:55:04Z" + generation: 1 + labels: + app: wikijs + pod-template-hash: 6bd85497c7 + name: wikijs-6bd85497c7 + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: wikijs + uid: 4bdf2b62-bcba-4549-b404-8063922f94fc + resourceVersion: "12273868" + uid: 457871f1-eb38-41a9-afb2-c4f248e68205 + spec: + replicas: 1 + selector: + matchLabels: + app: wikijs + pod-template-hash: 6bd85497c7 + template: + metadata: + creationTimestamp: null + labels: + app: wikijs + pod-template-hash: 6bd85497c7 + spec: + containers: + - env: + - name: DB_TYPE + value: postgres + - name: DB_HOST + value: wikijs-postgres + - name: DB_PORT + value: "5432" + - name: DB_USER + value: wikijs + - name: DB_PASS + value: wikijsrocks + - name: DB_NAME + value: wikijs + image: ghcr.io/requarks/wiki:latest + imagePullPolicy: Always + name: wiki + ports: + - containerPort: 3000 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +- apiVersion: apps/v1 + kind: ReplicaSet + metadata: + annotations: + deployment.kubernetes.io/desired-replicas: "1" + deployment.kubernetes.io/max-replicas: "2" + deployment.kubernetes.io/revision: "1" + creationTimestamp: "2025-05-21T13:55:04Z" + generation: 1 + labels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + name: wikijs-postgres-79d84f58b5 + namespace: wiki + ownerReferences: + - apiVersion: apps/v1 + blockOwnerDeletion: true + controller: true + kind: Deployment + name: wikijs-postgres + uid: 502330c7-9841-4df2-b4d7-f5664efe11b6 + resourceVersion: "8820197" + uid: d3e5df36-d1f0-4dfd-aa76-30063a80fbb8 + spec: + replicas: 1 + selector: + matchLabels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + template: + metadata: + creationTimestamp: null + labels: + app: wikijs-postgres + pod-template-hash: 79d84f58b5 + spec: + containers: + - env: + - name: POSTGRES_DB + value: wikijs + - name: POSTGRES_USER + value: wikijs + - name: POSTGRES_PASSWORD + value: wikijsrocks + image: postgres:14 + imagePullPolicy: IfNotPresent + name: postgres + ports: + - containerPort: 5432 + protocol: TCP + resources: {} + terminationMessagePath: /dev/termination-log + terminationMessagePolicy: File + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgres-data + dnsPolicy: ClusterFirst + restartPolicy: Always + schedulerName: default-scheduler + securityContext: {} + terminationGracePeriodSeconds: 30 + volumes: + - name: postgres-data + persistentVolumeClaim: + claimName: wikijs-postgres-pvc + status: + availableReplicas: 1 + fullyLabeledReplicas: 1 + observedGeneration: 1 + readyReplicas: 1 + replicas: 1 +kind: List +metadata: + resourceVersion: ""