securityContext:
  allowPrivilegeEscalation: false
  runAsUser: 990
  runAsGroup: 990
containers:
- name: icecast
  image: registry.gitlab.com/spreadspace/docker/icecast:{{ item.value.image_version }}
  imagePullPolicy: Always
  resources:
    limits:
      memory: "512Mi"
  args:
  - icecast2
  - -c
  - /srv/icecast.xml
  volumeMounts:
  - name: home
    mountPath: /srv/icecast.xml
    subPath: icecast.xml
    readOnly: true
  - name: home
    mountPath: /srv/logs
    subPath: logs
  ports:
  - containerPort: 8080
    hostPort: {{ item.value.port }}

volumes:
- name: home
  hostPath:
    path: "{{ icecast_base_path }}/{{ item.key }}"