securityContext:
  allowPrivilegeEscalation: false
  runAsUser: 990
  runAsGroup: 990
containers:
- name: icecast
  image: registry.gitlab.com/spreadspace/docker/icecast:{{ item.value.image_version }}
  imagePullPolicy: Always
  resources:
    limits:
      memory: "512Mi"
  args:
  - icecast2
  - -c
  - /srv/icecast.xml
  volumeMounts:
  - name: home
    mountPath: /srv/icecast.xml
    subPath: icecast.xml
    readOnly: true
  - name: home
    mountPath: /srv/logs
    subPath: logs
  ports:
{% for listener in item.value.listeners %}
  - containerPort: {{ listener.port }}
    hostPort: {{ listener.port }}
{%   if 'shoutcast_mountpoint' in listener %}
  - containerPort: {{ listener.port + 1 }}
    hostPort: {{ listener.port + 1 }}
{%   endif  %}
{% endfor %}

volumes:
- name: home
  hostPath:
    path: "{{ icecast_base_path }}/{{ item.key }}"