{ kubernetes.resources = { configMaps = { paperless.data = { PAPERLESS_REDIS = "redis://paperless-redis.default.svc.cluster.local:6379"; PAPERLESS_DBENGINE = "postgresql"; PAPERLESS_DBHOST = "paperless-db.default.svc.cluster.local"; PAPERLESS_DBNAME = "paperless"; PAPERLESS_DBUSER = "paperless"; PAPERLESS_DATA_DIR = "/data/"; PAPERLESS_MEDIA_ROOT = "/data/"; PAPERLESS_OCR_LANGUAGES = "nld eng"; PAPERLESS_URL = "https://paperless.kun.is"; PAPERLESS_TIME_ZONE = "Europe/Amsterdam"; PAPERLESS_OCR_LANGUAGE = "nld"; USERMAP_UID = "33"; USERMAP_GID = "33"; }; paperless-db-env.data = { POSTGRES_DB = "paperless"; POSTGRES_USER = "paperless"; POSTGRES_PASSWORD = "ref+sops://secrets/kubernetes.yaml#/paperless/databasePassword"; PGDATA = "/pgdata/data"; }; }; secrets.paperless.stringData = { databasePassword = "ref+sops://secrets/kubernetes.yaml#/paperless/databasePassword"; secretKey = "ref+sops://secrets/kubernetes.yaml#/paperless/secretKey"; }; deployments = { paperless-web = { metadata.labels = { app = "paperless"; component = "web"; }; spec = { selector.matchLabels = { app = "paperless"; component = "web"; }; template = { metadata.labels = { app = "paperless"; component = "web"; }; spec = { volumes.data.persistentVolumeClaim.claimName = "paperless-data"; containers.paperless = { image = "ghcr.io/paperless-ngx/paperless-ngx:2.3"; envFrom = [{ configMapRef.name = "paperless"; }]; ports.web.containerPort = 8000; env = { PAPERLESS_DBPASS.valueFrom.secretKeyRef = { name = "paperless"; key = "databasePassword"; }; PAPERLESS_SECRET_KEY.valueFrom.secretKeyRef = { name = "paperless"; key = "secretKey"; }; }; volumeMounts = [{ name = "data"; mountPath = "/data"; }]; }; securityContext = { fsGroup = 33; fsGroupChangePolicy = "OnRootMismatch"; }; }; }; }; }; paperless-redis = { metadata.labels = { app = "paperless"; component = "redis"; }; spec = { selector.matchLabels = { app = "paperless"; component = "redis"; }; template = { metadata.labels = { app = "paperless"; component = "redis"; }; spec = { volumes.data.persistentVolumeClaim.claimName = "paperless-redisdata"; containers.redis = { image = "docker.io/library/redis:7"; ports.redis.containerPort = 6379; volumeMounts = [{ name = "data"; mountPath = "/data"; }]; }; securityContext = { fsGroup = 999; fsGroupChangePolicy = "OnRootMismatch"; }; }; }; }; }; paperless-db = { metadata.labels = { app = "paperless"; component = "database"; }; spec = { selector.matchLabels = { app = "paperless"; component = "database"; }; template = { metadata.labels = { app = "paperless"; component = "database"; }; spec = { containers.postgres = { image = "postgres:15"; imagePullPolicy = "IfNotPresent"; ports.postgres.containerPort = 5432; envFrom = [{ configMapRef.name = "paperless-db-env"; }]; volumeMounts = [{ name = "data"; mountPath = "/pgdata"; }]; }; volumes.data.persistentVolumeClaim.claimName = "paperless-db"; }; }; }; }; }; services = { paperless-web.spec = { selector = { app = "paperless"; component = "web"; }; ports.web = { port = 80; targetPort = "web"; }; }; paperless-redis.spec = { selector = { app = "paperless"; component = "redis"; }; ports.redis = { port = 6379; targetPort = "redis"; }; }; paperless-db.spec = { selector = { app = "paperless"; component = "database"; }; ports.postgres = { port = 5432; targetPort = "postgres"; }; }; }; }; lab = { ingresses.paperless = { host = "paperless.kun.is"; service = { name = "paperless-web"; portName = "web"; }; }; }; }