--- apiVersion: apps/v1 kind: Deployment metadata: name: postgres namespace: gitea labels: app: postgres spec: selector: matchLabels: app: postgres # has to match .spec.template.metadata.labels tier: postgres strategy: type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: postgres tier: postgres spec: containers: - image: postgres:12 securityContext: runAsUser: 1000 name: postgres # command: ["chown", "-R", "1000:1000", "/var/lib/postgresql/data"] envFrom: - configMapRef: name: postgres-config env: - name: PGDATA value: /var/lib/postgresql/data/pgdata - name: POSTGRES_USER valueFrom: secretKeyRef: name: gitea-secrets key: pg_username - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: gitea-secrets key: pg_password ports: - containerPort: 5432 name: postgres volumeMounts: - name: postgres-persistent-storage mountPath: /var/lib/postgresql/data subPath: pgdata volumes: - name: postgres-persistent-storage persistentVolumeClaim: claimName: postgres-pvc --- apiVersion: apps/v1 kind: Deployment metadata: name: gitea namespace: gitea labels: app: gitea spec: selector: matchLabels: app: gitea strategy: #type: Recreate type: RollingUpdate rollingUpdate: maxSurge: 1 maxUnavailable: 0 template: metadata: labels: app: gitea spec: containers: - image: gitea/gitea:1.15.4 name: gitea envFrom: - configMapRef: name: gitea-env env: - name: DB_PASSWD valueFrom: secretKeyRef: name: gitea-secrets key: pg_password ports: - containerPort: 3000 name: gitea volumeMounts: - name: gitea-persistent-storage mountPath: /data volumes: - name: gitea-persistent-storage persistentVolumeClaim: claimName: gitea-pvc