Sienna Meridian Satterwhite
ccfe8b877a
- Add Messages (email) service: backend, frontend, MTA in/out, MPA, SOCKS proxy, worker, DKIM config, and theme customization - Add Collabora deployment for document collaboration - Add Drive frontend nginx config and values - Add buildkitd namespace for in-cluster container builds - Add SeaweedFS remote sync and additional S3 buckets - Update vault secrets across namespaces (devtools, lasuite, media, monitoring, ory, storage) with expanded credential management - Update monitoring: rename grafana→metrics OAuth2Client, add Prometheus remote write and additional scrape configs - Update local/production overlays with resource patches - Remove stale login-ui resource patch from production overlay
44 lines
1.0 KiB
YAML
44 lines
1.0 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: buildkitd
|
|
namespace: build
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
app: buildkitd
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: buildkitd
|
|
spec:
|
|
# Use host network so buildkitd can push to src.DOMAIN_SUFFIX (Gitea registry
|
|
# via Pingora) without DNS resolution issues. The registry runs on the same
|
|
# node, so host networking routes traffic back to localhost directly.
|
|
hostNetwork: true
|
|
dnsPolicy: None
|
|
dnsConfig:
|
|
nameservers:
|
|
- 8.8.8.8
|
|
- 1.1.1.1
|
|
containers:
|
|
- name: buildkitd
|
|
image: moby/buildkit:v0.28.0
|
|
args:
|
|
- --addr
|
|
- tcp://0.0.0.0:1234
|
|
ports:
|
|
- containerPort: 1234
|
|
securityContext:
|
|
privileged: true
|
|
resources:
|
|
requests:
|
|
cpu: "500m"
|
|
memory: "1Gi"
|
|
limits:
|
|
cpu: "4"
|
|
memory: "8Gi"
|