apiVersion: v1 kind: Pod metadata: name: "etherpad-lite-{{ item.key }}" spec: securityContext: allowPrivilegeEscalation: false containers: - name: etherpad-lite image: spreadspace/etherpad-lite:{{ item.value.version }} # securityContext: # runAsUser: {{ etherpad_lite_app_uid }} # runAsGroup: {{ etherpad_lite_app_gid }} resources: limits: memory: "4Gi" volumeMounts: - name: config mountPath: /opt/etherpad-lite/settings.json subPath: settings.json readOnly: true ports: - containerPort: 9001 hostPort: {{ item.value.port }} hostIP: 127.0.0.1 - name: database image: "mariadb:{{ item.value.database.version }}" securityContext: runAsUser: {{ etherpad_lite_db_uid }} runAsGroup: {{ etherpad_lite_db_gid }} resources: limits: memory: "4Gi" env: - name: MYSQL_RANDOM_ROOT_PASSWORD value: "true" - name: MYSQL_DATABASE value: etherpad-lite - name: MYSQL_USER value: etherpad-lite - name: MYSQL_PASSWORD value: "{{ item.value.database.password }}" volumeMounts: - name: database mountPath: /var/lib/mysql volumes: - name: config hostPath: path: "{{ etherpad_lite_base_path }}/{{ item.key }}/config/" type: Directory - name: database hostPath: path: "{{ etherpad_lite_base_path }}/{{ item.key }}/{{ item.value.database.type }}" type: Directory