apiVersion: apps/v1 kind: Deployment metadata: name: newsnow labels: app: newsnow spec: replicas: 1 selector: matchLabels: app: newsnow template: metadata: labels: app: newsnow spec: containers: - name: newsnow image: ghcr.io/ourongxing/newsnow:latest ports: - containerPort: 4444 env: - name: HOST value: "0.0.0.0" - name: PORT value: "4444" - name: NODE_ENV value: "production" - name: G_CLIENT_ID valueFrom: secretKeyRef: name: my-secrets key: g-client-id - name: G_CLIENT_SECRET valueFrom: secretKeyRef: name: my-secrets key: g-client-secret - name: JWT_SECRET valueFrom: secretKeyRef: name: my-secrets key: jwt-secret - name: INIT_TABLE value: "true" - name: ENABLE_CACHE value: "true" resources: requests: memory: "128Mi" cpu: "100m" limits: memory: "512Mi" cpu: "500m" livenessProbe: httpGet: path: / port: 4444 initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 readinessProbe: httpGet: path: / port: 4444 initialDelaySeconds: 5 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 3 volumeMounts: - name: data-volume mountPath: /usr/app/.data volumes: - name: data-volume hostPath: path: /opt/docker/newsnow/data type: DirectoryOrCreate --- apiVersion: v1 kind: Service metadata: name: newsnow labels: app: newsnow spec: type: ClusterIP ports: - port: 4444 targetPort: 4444 protocol: TCP name: http selector: app: newsnow --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: newsnow-https spec: entryPoints: - websecure routes: - match: Host(`newsnow.xiongxiao.me`) kind: Rule services: - name: newsnow port: 4444 tls: certResolver: letsencrypt