apiVersion: apps/v1 kind: Deployment metadata: name: kakigoori labels: app.kubernetes.io/name: kakigoori spec: replicas: 2 selector: matchLabels: app.kubernetes.io/name: kakigoori template: metadata: labels: app.kubernetes.io/name: kakigoori spec: affinity: nodeAffinity: preferredDuringSchedulingIgnoredDuringExecution: - weight: 1 preference: matchExpressions: - key: location operator: In values: - fsn containers: - name: kakigoori image: "git.remilia.ch/remilia/kakigoori:main" imagePullPolicy: Always ports: - containerPort: 8001 volumeMounts: - name: config mountPath: /kakigoori/kakigoori/local_settings.py subPath: local_settings.py securityContext: runAsUser: 1000 runAsGroup: 1000 runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL seccompProfile: type: RuntimeDefault - name: anubis image: ghcr.io/techarohq/anubis:latest imagePullPolicy: Always env: - name: "BIND" value: ":8080" - name: "DIFFICULTY" value: "4" - name: ED25519_PRIVATE_KEY_HEX valueFrom: secretKeyRef: name: anubis-kakigoori-key key: ED25519_PRIVATE_KEY_HEX - name: "METRICS_BIND" value: ":9090" - name: "SERVE_ROBOTS_TXT" value: "true" - name: "TARGET" value: "http://localhost:8001" - name: "OG_PASSTHROUGH" value: "true" - name: "OG_EXPIRY_TIME" value: "24h" resources: limits: cpu: 750m memory: 256Mi requests: cpu: 250m memory: 256Mi securityContext: runAsUser: 1000 runAsGroup: 1000 runAsNonRoot: true allowPrivilegeEscalation: false capabilities: drop: - ALL seccompProfile: type: RuntimeDefault volumes: - name: config configMap: name: kakigoori-config