apiVersion: v1 kind: Namespace metadata: name: firefly-iii --- apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/component: firefly-iii app.kubernetes.io/instance: firefly-iii app.kubernetes.io/name: firefly-iii app.kubernetes.io/part-of: firefly-iii name: firefly-iii spec: accessModes: - ReadWriteMany resources: requests: storage: 2Gi --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: firefly-iii app.kubernetes.io/instance: firefly-iii app.kubernetes.io/name: firefly-iii app.kubernetes.io/part-of: firefly-iii name: firefly-iii spec: ports: - port: 8080 name: http selector: app.kubernetes.io/component: firefly-iii app.kubernetes.io/instance: firefly-iii app.kubernetes.io/name: firefly-iii --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: firefly-iii app.kubernetes.io/instance: firefly-iii app.kubernetes.io/name: firefly-iii app.kubernetes.io/part-of: firefly-iii name: firefly-iii spec: selector: matchLabels: app.kubernetes.io/component: firefly-iii app.kubernetes.io/instance: firefly-iii app.kubernetes.io/name: firefly-iii template: metadata: labels: app.kubernetes.io/component: firefly-iii app.kubernetes.io/instance: firefly-iii app.kubernetes.io/name: firefly-iii app.kubernetes.io/part-of: firefly-iii spec: containers: - name: firefly-iii image: docker.io/fireflyiii/core:version-6.0.19 envFrom: - configMapRef: name: firefly-iii optional: true env: - name: APP_KEY_FILE value: /run/secrets/firefly-iii/app.key - name: DB_PASSWORD_FILE value: /run/secrets/firefly-iii/db.password - name: STATIC_CRON_TOKEN_FILE value: /run/secrets/firefly-iii/cron.token ports: - containerPort: 8080 name: http readinessProbe: httpGet: port: 8080 path: /health failureThreshold: 3 periodSeconds: 60 successThreshold: 1 timeoutSeconds: 1 startupProbe: httpGet: port: 8080 path: /health failureThreshold: 30 periodSeconds: 3 initialDelaySeconds: 3 successThreshold: 1 timeoutSeconds: 1 volumeMounts: - name: firefly-iii-secrets mountPath: /run/secrets/firefly-iii readOnly: true - name: firefly-iii-data mountPath: /var/www/html/storage/upload subPath: upload securityContext: fsGroup: 33 volumes: - name: firefly-iii-secrets secret: secretName: firefly-iii defaultMode: 0440 - name: firefly-iii-data persistentVolumeClaim: claimName: firefly-iii --- apiVersion: batch/v1 kind: CronJob metadata: name: firefly-iii spec: timeZone: America/Chicago schedule: '0 3 * * *' jobTemplate: spec: template: spec: containers: - image: docker.io/library/busybox name: wget command: - wget args: - http://$(FIREFLY_III_SERVICE_HOST):$(FIREFLY_III_SERVICE_PORT)/api/v1/cron/$(STATIC_CRON_TOKEN) - -O - /dev/null env: - name: STATIC_CRON_TOKEN valueFrom: secretKeyRef: name: firefly-iii key: cron.token securityContext: runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 restartPolicy: Never