# uBlue-OS forge podman deployment --- apiVersion: v1 kind: Pod metadata: name: ublue-os_forge spec: restartPolicy: OnFailure volumes: - name: ublue-os_forge-certs-pvc persistentVolumeClaim: claimName: ublue-os_forge-certs - name: ublue-os_forge-registry-pvc persistentVolumeClaim: claimName: ublue-os_forge-registry - name: ublue-os_forge-semaphore-pvc persistentVolumeClaim: claimName: ublue-os_forge-semaphore containers: - name: rvproxy.ublue.local image: rvproxy resources: limits: memory: 128Mi cpu: 200m volumeMounts: - mountPath: /certs name: ublue-os_forge-certs-pvc ports: - containerPort: 443 hostPort: 443 protocol: TCP - name: registry.ublue.local image: registry resources: limits: memory: 512Mi cpu: 200m volumeMounts: - mountPath: /certs name: ublue-os_forge-certs-pvc subPath: _.ublue.local - mountPath: /var/lib/registry name: ublue-os_forge-registry-pvc ports: - containerPort: 5000 protocol: TCP - name: semaphore.ublue.local image: semaphore resources: limits: memory: 512Mi cpu: 200m volumeMounts: - mountPath: /var/lib/semaphore name: ublue-os_forge-semaphore-pvc - mountPath: /certs subPath: ssh name: ublue-os_forge-certs-pvc readOnly: true ports: - containerPort: 3000 protocol: TCP - name: setup.ublue.local image: setup volumeMounts: - mountPath: /certs name: ublue-os_forge-certs-pvc readOnly: true env: - name: ANSIBLE_FORGE_HOST_USER valueFrom: secretKeyRef: name: ublue-os_forge-secure key: ANSIBLE_FORGE_HOST_USER - name: ANSIBLE_FORGE_HOST_BECOME_PASSWORD valueFrom: secretKeyRef: name: ublue-os_forge-secure key: ANSIBLE_FORGE_HOST_BECOME_PASSWORD workingDir: /ansible command: - ansible-playbook args: - main.yml resources: limits: memory: 512Mi cpu: 200m initContainers: - name: minica.ublue.local image: minica volumeMounts: - mountPath: /certs name: ublue-os_forge-certs-pvc