apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: ghost-content
namespace: royalcat-blog
labels:
app.kubernetes.io/name: ghost
app.kubernetes.io/part-of: royalcat-blog
spec:
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: v1
kind: Secret
metadata:
name: ghost-config-prod
namespace: royalcat-blog
type: Opaque
stringData:
config.production.json: |-
{
"url": "https://blog.royalcat.dev",
"server": {
"port": 2368,
"host": "0.0.0.0"
},
"mail": {
"transport": "SMTP",
"from": "20royalcat@gmail.com",
"options": {
"service": "Google",
"host": "smtp.gmail.com",
"port": 465,
"secure": true,
"auth": {
"user": "20royalcat@gmail.com",
"pass": "tsdx aaci fncn qbaw"
}
}
},
"logging": {
"transports": [
"stdout"
]
},
"database": {
"client": "mysql",
"connection":
{
"host": "mysql",
"user": "root",
"password": "HuSo6WbDao9Qv3",
"database": "ghost",
"port": "3306"
}
},
"process": "local",
"paths": {
"contentPath": "/var/lib/ghost/content"
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ghost
namespace: royalcat-blog
labels:
app: ghost
spec:
replicas: 1
selector:
matchLabels:
app: ghost
template:
metadata:
namespace: royalcat-blog
labels:
app: ghost
spec:
volumes:
- name: ghost-content
persistentVolumeClaim:
claimName: ghost-content
- name: ghost-config-prod
secret:
secretName: ghost-config-prod
defaultMode: 420
- name: tmp
emptyDir:
sizeLimit: 64Mi
containers:
- name: ghost
image: ghost:latest
ports:
- name: ghk8s
containerPort: 2368
protocol: TCP
# You should uncomment the following lines in production. Change the values according to your environment.
readinessProbe:
httpGet:
path: /ghost/api/v4/admin/site/
port: ghk8s
httpHeaders:
- name: X-Forwarded-Proto
value: https
- name: Host
value: blog.royalcat.dev
periodSeconds: 10
timeoutSeconds: 3
successThreshold: 1
failureThreshold: 3
initialDelaySeconds: 10
livenessProbe:
httpGet:
path: /ghost/api/v4/admin/site/
port: ghk8s
httpHeaders:
- name: X-Forwarded-Proto
value: https
- name: Host
value: blog.royalcat.dev
periodSeconds: 300
timeoutSeconds: 3
successThreshold: 1
failureThreshold: 1
initialDelaySeconds: 30
env:
- name: NODE_ENV
value: production
resources:
limits:
cpu: 800m
memory: 800Mi
requests:
cpu: 100m
memory: 256Mi
volumeMounts:
- name: ghost-content
mountPath: /var/lib/ghost/content
readOnly: false
- name: ghost-config-prod
readOnly: true
mountPath: /var/lib/ghost/config.production.json
subPath: config.production.json
- name: tmp # This is the temporary volume mount to allow loading themes
mountPath: /tmp
readOnly: false
# dnsPolicy: ClusterFirst
# Optional: Uncomment the following to specify node selectors
# affinity:
# nodeAffinity:
# requiredDuringSchedulingIgnoredDuringExecution:
# nodeSelectorTerms:
# - matchExpressions:
# - key: node-role.kubernetes.io/worker
# operator: In
# values:
# - "true"
securityContext: {}
---
apiVersion: v1
kind: Service
metadata:
name: ghost
namespace: royalcat-blog
labels:
app: ghost
spec:
type: ClusterIP
selector:
app: ghost
ports:
- port: 2368
targetPort: ghk8s
name: ghk8s