image: repository: cthulhoo/ttrss-fpm-pgsql-static pullPolicy: IfNotPresent tag: latest@sha256:db0304e94ff80ac6093e16705511f5222619971526dcd7dec8bfedf9836ab2fd nginxImage: repository: cthulhoo/ttrss-web-nginx pullPolicy: IfNotPresent tag: latest@sha256:d77d732d4d48f528d92f4ad6477f3ecb4ed6d4e698f81a102c2cc7921bb0148f updaterImage: repository: cthulhoo/ttrss-fpm-pgsql-static pullPolicy: IfNotPresent tag: latest@sha256:db0304e94ff80ac6093e16705511f5222619971526dcd7dec8bfedf9836ab2fd securityContext: container: readOnlyRootFilesystem: false runAsNonRoot: false runAsUser: 0 runAsGroup: 0 persistence: html: enabled: true targetSelector: main: main: mountPath: /var/www/html nginx: nginx: mountPath: /var/www/html readOnly: true updater: updater: mountPath: /var/www/html config: enabled: true targetSelector: main: main: mountPath: /opt/tt-rss/config.d updater: updater: mountPath: /opt/tt-rss/config.d nginx-conf: enabled: true type: configmap objectName: config targetSelector: nginx: nginx: mountPath: /etc/nginx/templates/nginx.conf.template subPath: nginx.conf.template plugins: enabled: true mountPath: /var/www/html/tt-rss/plugins.local themes: enabled: true mountPath: /var/www/html/tt-rss/themes.local cnpg: main: enabled: true user: tt-rss database: tt-rss portal: open: enabled: true workload: main: podSpec: containers: main: probes: liveness: type: exec command: - /bin/sh - -c - netstat -npl | grep :9000 readiness: type: exec command: - /bin/sh - -c - ls /var/www/html/tt-rss/.app_is_ready startup: type: tcp port: "{{ .Values.service.app.ports.app.port }}" env: TTRSS_SELF_URL_PATH: "" # tt-rss tests with "-z" so an empty string should still allow the randomly generated password to be made. ADMIN_USER_PASS: "" TTRSS_DB_NAME: "{{ .Values.cnpg.main.database }}" TTRSS_DB_USER: "{{ .Values.cnpg.main.user }}" TTRSS_DB_PORT: "5432" TTRSS_DB_PASS: secretKeyRef: name: cnpg-main-user key: password TTRSS_DB_HOST: secretKeyRef: name: cnpg-main-urls key: host nginx: enabled: true type: Deployment podSpec: containers: nginx: enabled: true primary: true imageSelector: nginxImage probes: readiness: enabled: true type: http path: "/public.php?op=healthcheck" port: "{{ .Values.service.main.ports.main.port }}" liveness: enabled: true type: http path: "/public.php?op=healthcheck" port: "{{ .Values.service.main.ports.main.port }}" startup: enabled: true type: tcp port: "{{ .Values.service.main.ports.main.port }}" env: APP_UPSTREAM: '{{ printf "%s-app" (include "tc.v1.common.lib.chart.names.fullname" .) }}' APP_WEB_ROOT: /var/www/html/tt-rss APP_BASE: "" updater: enabled: true type: Deployment podSpec: containers: updater: enabled: true primary: true imageSelector: updaterImage args: /opt/tt-rss/updater.sh probes: liveness: type: exec command: - /usr/bin/test - -f - "/var/www/html/tt-rss/lock/update_daemon.lock" readiness: type: exec command: - /usr/bin/test - -f - "/var/www/html/tt-rss/lock/update_daemon.lock" startup: type: exec command: - /usr/bin/test - -f - "/var/www/html/tt-rss/lock/update_daemon.lock" env: TTRSS_SELF_URL_PATH: "" TTRSS_DB_NAME: "{{ .Values.cnpg.main.database }}" TTRSS_DB_USER: "{{ .Values.cnpg.main.user }}" TTRSS_DB_PORT: "5432" TTRSS_DB_PASS: secretKeyRef: name: cnpg-main-user key: password TTRSS_DB_HOST: secretKeyRef: name: cnpg-main-urls key: host service: # Main service links to ingress easier (according to nextcloud's values.yaml) # That's why the nginx is swapped with app main: targetSelector: nginx ports: main: targetSelector: nginx port: 10104 app: enabled: true targetSelector: main ports: app: enabled: true targetSelector: main port: 9000 targetPort: 9000 configmap: config: enabled: true data: nginx.conf.template: |- worker_processes auto; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; access_log /dev/stdout; error_log /dev/stderr warn; sendfile on; index index.php; # Removed during app integration to Truecharts. # See: https://github.com/truecharts/charts/pull/17293#discussion_r1461102952 #resolver ${RESOLVER} valid=5s; server { listen {{ .Values.service.main.ports.main.port }}; root ${APP_WEB_ROOT}; location ${APP_BASE}/cache { aio threads; internal; } location ${APP_BASE}/backups { internal; } rewrite ${APP_BASE}/healthz ${APP_BASE}/public.php?op=healthcheck; location ~ \.php$ { # regex to split $uri to $fastcgi_script_name and $fastcgi_path fastcgi_split_path_info ^(.+?\.php)(/.*)$; # Check that the PHP script exists before passing it try_files $fastcgi_script_name =404; # Bypass the fact that try_files resets $fastcgi_path_info # see: http://trac.nginx.org/nginx/ticket/321 set $path_info $fastcgi_path_info; fastcgi_param PATH_INFO $path_info; fastcgi_index index.php; include fastcgi.conf; # See note for `resolver` line above #set $backend "${APP_UPSTREAM}:9000"; # See note for `resolver` line above #fastcgi_pass $backend; fastcgi_pass ${APP_UPSTREAM}:9000; } location / { try_files $uri $uri/ =404; } } }