123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 |
- apiVersion: apps/v1
- kind: Deployment
- metadata:
- name: {{ include "mastodon.fullname" . }}-sidekiq
- labels:
- {{- include "mastodon.labels" . | nindent 4 }}
- spec:
- {{- if not .Values.autoscaling.enabled }}
- replicas: {{ .Values.replicaCount }}
- {{- end }}
- selector:
- matchLabels:
- {{- include "mastodon.selectorLabels" . | nindent 6 }}
- app.kubernetes.io/component: sidekiq
- app.kubernetes.io/part-of: rails
- template:
- metadata:
- annotations:
- {{- with .Values.podAnnotations }}
- {{- toYaml . | nindent 8 }}
- {{- end }}
- # roll the pods to pick up any db migrations or other changes
- {{- include "mastodon.rollingPodAnnotations" . | nindent 8 }}
- labels:
- {{- include "mastodon.selectorLabels" . | nindent 8 }}
- app.kubernetes.io/component: sidekiq
- app.kubernetes.io/part-of: rails
- spec:
- {{- with .Values.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "mastodon.serviceAccountName" . }}
- {{- with .Values.podSecurityContext }}
- securityContext:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- if (not .Values.mastodon.s3.enabled) }}
- # ensure we run on the same node as the other rails components; only
- # required when using PVCs that are ReadWriteOnce
- {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
- affinity:
- podAffinity:
- requiredDuringSchedulingIgnoredDuringExecution:
- - labelSelector:
- matchExpressions:
- - key: app.kubernetes.io/part-of
- operator: In
- values:
- - rails
- topologyKey: kubernetes.io/hostname
- {{- end }}
- volumes:
- - name: assets
- persistentVolumeClaim:
- claimName: {{ template "mastodon.fullname" . }}-assets
- - name: system
- persistentVolumeClaim:
- claimName: {{ template "mastodon.fullname" . }}-system
- {{- end }}
- containers:
- - name: {{ .Chart.Name }}
- securityContext:
- {{- toYaml .Values.securityContext | nindent 12 }}
- image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
- imagePullPolicy: {{ .Values.image.pullPolicy }}
- command:
- - bundle
- - exec
- - sidekiq
- - -c
- - {{ .Values.mastodon.sidekiq.concurrency | quote }}
- envFrom:
- - configMapRef:
- name: {{ include "mastodon.fullname" . }}-env
- - secretRef:
- name: {{ template "mastodon.secretName" . }}
- env:
- - name: "DB_PASS"
- valueFrom:
- secretKeyRef:
- name: {{ template "mastodon.postgresql.secretName" . }}
- key: password
- - name: "REDIS_PASSWORD"
- valueFrom:
- secretKeyRef:
- name: {{ template "mastodon.redis.secretName" . }}
- key: redis-password
- {{- if (and .Values.mastodon.s3.enabled .Values.mastodon.s3.existingSecret) }}
- - name: "AWS_SECRET_ACCESS_KEY"
- valueFrom:
- secretKeyRef:
- name: {{ .Values.mastodon.s3.existingSecret }}
- key: AWS_SECRET_ACCESS_KEY
- - name: "AWS_ACCESS_KEY_ID"
- valueFrom:
- secretKeyRef:
- name: {{ .Values.mastodon.s3.existingSecret }}
- key: AWS_ACCESS_KEY_ID
- {{- end }}
- {{- if .Values.mastodon.smtp.existingSecret }}
- - name: "SMTP_LOGIN"
- valueFrom:
- secretKeyRef:
- name: {{ .Values.mastodon.smtp.existingSecret }}
- key: login
- optional: true
- - name: "SMTP_PASSWORD"
- valueFrom:
- secretKeyRef:
- name: {{ .Values.mastodon.smtp.existingSecret }}
- key: password
- {{- end }}
- {{- if (not .Values.mastodon.s3.enabled) }}
- volumeMounts:
- - name: assets
- mountPath: /opt/mastodon/public/assets
- - name: system
- mountPath: /opt/mastodon/public/system
- {{- end }}
- resources:
- {{- toYaml .Values.resources | nindent 12 }}
- {{- with .Values.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
|