Malin/paste.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bc9f96cbd4b27d101f65908b9b90b8c22b665b56
paste.es/helm/hemmelig/templates/deployment.yaml

319 lines
12 KiB
YAML
Raw Normal View History

feat: rebrand Hemmelig to paste.es for cloudhost.es - Set Spanish as default language with ephemeral/encrypted privacy focus - Translate all user-facing strings and legal pages to Spanish - Replace Norwegian flag with Spanish flag in footer - Remove Hemmelig/terces.cloud links, add cloudhost.es sponsorship - Rewrite PrivacyPage: zero data collection, ephemeral design emphasis - Rewrite TermsPage: Spanish law, RGPD, paste.es/CloudHost.es references - Update PWA manifest, HTML meta tags, package.json branding - Rename webhook headers to X-Paste-Event / X-Paste-Signature - Update API docs title and contact to paste.es / cloudhost.es Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-24 09:30:19 +01:00
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "hemmelig.fullname" . }}
labels:
{{- include "hemmelig.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
strategy:
type: Recreate
selector:
matchLabels:
{{- include "hemmelig.selectorLabels" . | nindent 6 }}
template:
metadata:
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "hemmelig.labels" . | nindent 8 }}
{{- with .Values.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "hemmelig.serviceAccountName" . }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: 3000
protocol: TCP
env:
- name: NODE_ENV
value: "production"
- name: DATABASE_URL
value: "file:/app/database/hemmelig.db"
{{- if .Values.config.betterAuthUrl }}
- name: BETTER_AUTH_URL
value: {{ .Values.config.betterAuthUrl | quote }}
{{- end }}
{{- if .Values.config.baseUrl }}
- name: HEMMELIG_BASE_URL
value: {{ .Values.config.baseUrl | quote }}
{{- end }}
{{- if .Values.existingSecret }}
- name: BETTER_AUTH_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: BETTER_AUTH_SECRET
{{- else if .Values.config.betterAuthSecret }}
- name: BETTER_AUTH_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: BETTER_AUTH_SECRET
{{- end }}
{{- if or (.Values.oauth.github.enabled) (.Values.oauth.google.enabled) (.Values.oauth.microsoft.enabled) (.Values.oauth.discord.enabled) (.Values.oauth.gitlab.enabled) (.Values.oauth.apple.enabled) (.Values.oauth.twitter.enabled) (.Values.oauth.generic) }}
{{- if .Values.existingSecret }}
# OAuth variables from existing secret
{{- if .Values.oauth.github.enabled }}
- name: HEMMELIG_AUTH_GITHUB_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GITHUB_ID
- name: HEMMELIG_AUTH_GITHUB_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GITHUB_SECRET
{{- end }}
{{- if .Values.oauth.google.enabled }}
- name: HEMMELIG_AUTH_GOOGLE_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GOOGLE_ID
- name: HEMMELIG_AUTH_GOOGLE_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GOOGLE_SECRET
{{- end }}
{{- if .Values.oauth.microsoft.enabled }}
- name: HEMMELIG_AUTH_MICROSOFT_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_MICROSOFT_ID
- name: HEMMELIG_AUTH_MICROSOFT_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_MICROSOFT_SECRET
- name: HEMMELIG_AUTH_MICROSOFT_TENANT_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_MICROSOFT_TENANT_ID
optional: true
{{- end }}
{{- if .Values.oauth.discord.enabled }}
- name: HEMMELIG_AUTH_DISCORD_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_DISCORD_ID
- name: HEMMELIG_AUTH_DISCORD_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_DISCORD_SECRET
{{- end }}
{{- if .Values.oauth.gitlab.enabled }}
- name: HEMMELIG_AUTH_GITLAB_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GITLAB_ID
- name: HEMMELIG_AUTH_GITLAB_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GITLAB_SECRET
- name: HEMMELIG_AUTH_GITLAB_ISSUER
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GITLAB_ISSUER
optional: true
{{- end }}
{{- if .Values.oauth.apple.enabled }}
- name: HEMMELIG_AUTH_APPLE_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_APPLE_ID
- name: HEMMELIG_AUTH_APPLE_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_APPLE_SECRET
{{- end }}
{{- if .Values.oauth.twitter.enabled }}
- name: HEMMELIG_AUTH_TWITTER_ID
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_TWITTER_ID
- name: HEMMELIG_AUTH_TWITTER_SECRET
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_TWITTER_SECRET
{{- end }}
{{- if .Values.oauth.generic }}
- name: HEMMELIG_AUTH_GENERIC_OAUTH
valueFrom:
secretKeyRef:
name: {{ .Values.existingSecret }}
key: HEMMELIG_AUTH_GENERIC_OAUTH
{{- end }}
{{- else }}
# OAuth variables from default secret (when not using existingSecret)
{{- if .Values.oauth.github.enabled }}
- name: HEMMELIG_AUTH_GITHUB_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GITHUB_ID
- name: HEMMELIG_AUTH_GITHUB_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GITHUB_SECRET
{{- end }}
{{- if .Values.oauth.google.enabled }}
- name: HEMMELIG_AUTH_GOOGLE_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GOOGLE_ID
- name: HEMMELIG_AUTH_GOOGLE_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GOOGLE_SECRET
{{- end }}
{{- if .Values.oauth.microsoft.enabled }}
- name: HEMMELIG_AUTH_MICROSOFT_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_MICROSOFT_ID
- name: HEMMELIG_AUTH_MICROSOFT_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_MICROSOFT_SECRET
- name: HEMMELIG_AUTH_MICROSOFT_TENANT_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_MICROSOFT_TENANT_ID
optional: true
{{- end }}
{{- if .Values.oauth.discord.enabled }}
- name: HEMMELIG_AUTH_DISCORD_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_DISCORD_ID
- name: HEMMELIG_AUTH_DISCORD_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_DISCORD_SECRET
{{- end }}
{{- if .Values.oauth.gitlab.enabled }}
- name: HEMMELIG_AUTH_GITLAB_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GITLAB_ID
- name: HEMMELIG_AUTH_GITLAB_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GITLAB_SECRET
- name: HEMMELIG_AUTH_GITLAB_ISSUER
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GITLAB_ISSUER
optional: true
{{- end }}
{{- if .Values.oauth.apple.enabled }}
- name: HEMMELIG_AUTH_APPLE_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_APPLE_ID
- name: HEMMELIG_AUTH_APPLE_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_APPLE_SECRET
{{- end }}
{{- if .Values.oauth.twitter.enabled }}
- name: HEMMELIG_AUTH_TWITTER_ID
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_TWITTER_ID
- name: HEMMELIG_AUTH_TWITTER_SECRET
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_TWITTER_SECRET
{{- end }}
{{- if .Values.oauth.generic }}
- name: HEMMELIG_AUTH_GENERIC_OAUTH
valueFrom:
secretKeyRef:
name: {{ include "hemmelig.fullname" . }}
key: HEMMELIG_AUTH_GENERIC_OAUTH
{{- end }}
{{- end }}
{{- end }}
{{- with .Values.env }}
{{- toYaml . | nindent 12 }}
{{- end }}
volumeMounts:
- name: data
mountPath: /app/database
- name: uploads
mountPath: /app/uploads
livenessProbe:
{{- toYaml .Values.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.readinessProbe | nindent 12 }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumes:
- name: data
{{- if .Values.persistence.data.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.data.existingClaim | default (printf "%s-data" (include "hemmelig.fullname" .)) }}
{{- else }}
emptyDir: {}
{{- end }}
- name: uploads
{{- if .Values.persistence.uploads.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.uploads.existingClaim | default (printf "%s-uploads" (include "hemmelig.fullname" .)) }}
{{- else }}
emptyDir: {}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
Reference in New Issue Copy Permalink