82 lines
1.9 KiB
YAML
82 lines
1.9 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/refs/heads/master/v1.32.0/serviceaccount.json
|
|
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: jitsi
|
|
namespace: jitsi
|
|
---
|
|
# yaml-language-server: $schema=https://raw.githubusercontent.com/yannh/kubernetes-json-schema/refs/heads/master/v1.32.0/deployment.json
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
|
|
metadata:
|
|
labels:
|
|
app: jitsi
|
|
name: jitsi
|
|
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
|
|
selector:
|
|
matchLabels:
|
|
app: jitsi
|
|
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: jitsi
|
|
|
|
spec:
|
|
serviceAccountName: jitsi
|
|
|
|
securityContext:
|
|
fsGroup: 65532
|
|
fsGroupChangePolicy: OnRootMismatch
|
|
runAsGroup: 65532
|
|
runAsNonRoot: true
|
|
runAsUser: 65532
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
|
|
containers:
|
|
- name: jicofo
|
|
image: jicofo
|
|
imagePullPolicy: IfNotPresent
|
|
envFrom: &DefaultEnvFrom
|
|
- secretRef:
|
|
name: jitsi-secrets
|
|
- configMapRef:
|
|
name: envs
|
|
securityContext: &DefaultContainerSecurityContext
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
allowPrivilegeEscalation: false
|
|
|
|
- name: prosody
|
|
image: prosody
|
|
imagePullPolicy: IfNotPresent
|
|
envFrom: *DefaultEnvFrom
|
|
securityContext: *DefaultContainerSecurityContext
|
|
|
|
- name: jitsi
|
|
image: jitsi
|
|
imagePullPolicy: IfNotPresent
|
|
envFrom: *DefaultEnvFrom
|
|
securityContext: *DefaultContainerSecurityContext
|
|
|
|
- name: jvb
|
|
image: jvb
|
|
imagePullPolicy: IfNotPresent
|
|
envFrom: *DefaultEnvFrom
|
|
securityContext: *DefaultContainerSecurityContext
|
|
|
|
volumes:
|
|
- name: ephemeral
|
|
emptyDir:
|
|
sizeLimit: 256Mi
|