# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: mealie namespace: default spec: interval: 5m chart: spec: chart: app-template version: 3.1.0 sourceRef: kind: HelmRepository name: bjws-charts namespace: flux-system values: controllers: main: # pod: # securityContext: # runAsNonRoot: true # runAsUser: 10000 # runAsGroup: 10000 # fsGroup: 10000 # fsGroupChangePolicy: OnRootMismatch containers: main: image: repository: ghcr.io/mealie-recipes/mealie tag: v2.4.0 env: ALLOW_SIGNUP: true PUID: 10000 PGID: 10000 TZ: ${SERVER_TIMEZONE} MAX_WORKERS: 1 WEB_CONCURRENCY: 1 BASE_URL: &host meals.${SECRET_NEW_DOMAIN} # database DB_ENGINE: postgres POSTGRES_USER: mealie # specified in mealie-env # POSTGRES_PASSWORD POSTGRES_SERVER: postgres16-rw.database.svc POSTGRES_PORT: 5432 POSTGRES_DB: mealie # oidc OIDC_AUTH_ENABLED: "True" OIDC_SIGNUP_ENABLED: "True" OIDC_ADMIN_GROUP: mealieAdmins OIDC_AUTO_REDIRECT: "True" OIDC_REMEMBER_ME: "True" # specified in mealie-env # OIDC_CONFIGURATION_URL # OIDC_CLIENT_ID envFrom: - secretRef: name: mealie-env resources: limits: memory: 1Gi service: app: controller: main ports: http: port: 9000 ingress: main: annotations: cert-manager.io/cluster-issuer: letsencrypt-production traefik.ingress.kubernetes.io/router.entrypoints: websecure hosts: - host: *host paths: - path: / service: identifier: app port: http persistence: data: existingClaim: mealie globalMounts: - path: /app/data