# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: piwigo
  namespace: default
spec:
  interval: 5m
  chart:
    spec:
      chart: app-template
      version: 3.1.0
      sourceRef:
        kind: HelmRepository
        name: bjws-charts
        namespace: flux-system

  values:
    controllers:
      main:
#        pod:
#          securityContext:
#            runAsNonRoot: true
#            runAsUser: 10000
#            runAsGroup: 10000
#            fsGroup: 10000
#            fsGroupChangePolicy: OnRootMismatch

        containers:
          main:
            image:
              repository: lscr.io/linuxserver/piwigo
              tag: 14.5.0

            env:
              PUID: 9000
              PGID: 9000
              TZ: ${SERVER_TIMEZONE}

    service:
      app:
        controller: main

        ports:
          http:
            port: 80

    ingress:
      main:
        annotations:
          cert-manager.io/cluster-issuer: letsencrypt-production
          traefik.ingress.kubernetes.io/router.entrypoints: websecure
          #traefik.ingress.kubernetes.io/router.middlewares: traefik-authentik@kubernetescrd

        hosts:
        - host: "gallery.${SECRET_NEW_DOMAIN}"
          paths:
          - path: /
            service:
              identifier: app
              port: http

    persistence:
      config:
        type: hostPath
        hostPath: /mnt/MainPool/Kubernetes/piwigo/config
        globalMounts:
        - path: /config

      gallery:
        type: hostPath
        hostPath: /mnt/MainPool/Kubernetes/piwigo/gallery
        globalMounts:
        - path: /gallery