apiVersion: apps/v1 kind: Deployment metadata: name: miniflux-server labels: app: miniflux-server spec: replicas: 1 selector: matchLabels: app: miniflux-server template: metadata: labels: app: miniflux-server spec: initContainers: - name: wait-for-postgres image: postgres:17 command: ["/bin/sh", "-c"] args: - | echo "Waiting for Postgres at miniflux-postgres:5432..."; until pg_isready -h miniflux-postgres -p 5432 -U miniflux; do echo "Postgres not ready, sleeping..."; sleep 2; done; echo "Postgres is ready." containers: - name: miniflux image: miniflux/miniflux:latest ports: - containerPort: 8080 env: - name: CREATE_ADMIN value: "1" - name: ADMIN_USERNAME value: "admin" - name: ADMIN_PASSWORD valueFrom: secretKeyRef: name: miniflux-admin-password key: admin_password - name: RUN_MIGRATIONS value: "1" - name: POLLING_FREQUENCY value: "10" - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: miniflux-db-password key: fluxdb_password command: ["/bin/sh", "-c"] args: - export DATABASE_URL="postgres://miniflux:${POSTGRES_PASSWORD}@miniflux-postgres:5432/miniflux?sslmode=disable"; exec /usr/bin/miniflux livenessProbe: httpGet: path: /healthcheck port: 8080 initialDelaySeconds: 60 periodSeconds: 30 readinessProbe: httpGet: path: /healthcheck port: 8080 initialDelaySeconds: 15 periodSeconds: 15 --- apiVersion: apps/v1 kind: Deployment metadata: name: miniflux-postgres labels: app: miniflux-postgres spec: replicas: 1 # Recreate so the old pod fully terminates before the new one starts — # avoids NFS-lock races on the hostPath-backed PVC during rolling updates. strategy: type: Recreate selector: matchLabels: app: miniflux-postgres template: metadata: labels: app: miniflux-postgres spec: initContainers: - name: nfs-check-data image: busybox:stable command: - sh - -c - | test -f /mnt/.nfs-sentinel || ( echo "ERROR: NFS sentinel missing at /mnt/.nfs-sentinel" echo "refusing to start; node likely has NFS unmounted" echo "pod would otherwise bind-mount the local-XFS shadow" exit 1 ) volumeMounts: - name: miniflux-postgres-data mountPath: /mnt readOnly: true containers: - name: miniflux-postgres image: postgres:17 ports: - containerPort: 5432 env: - name: POSTGRES_USER value: "miniflux" - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: miniflux-db-password key: fluxdb_password volumeMounts: - name: miniflux-postgres-data mountPath: /var/lib/postgresql/data livenessProbe: exec: command: - pg_isready - -U - miniflux initialDelaySeconds: 60 periodSeconds: 30 readinessProbe: exec: command: - pg_isready - -U - miniflux initialDelaySeconds: 15 periodSeconds: 15 volumes: - name: miniflux-postgres-data persistentVolumeClaim: claimName: miniflux-postgres-pvc