f3s/syncthing/helm-chart/templates/deployment.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

apiVersion: apps/v1
kind: Deployment
metadata:
  name: syncthing
  namespace: services
spec:
  replicas: 1
  # Use Recreate strategy to avoid file lock conflicts with RWO volumes
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: syncthing
  template:
    metadata:
      labels:
        app: syncthing
    spec:
      initContainers:
      - name: nfs-check-config
        image: busybox:stable
        command:
        - sh
        - -c
        - |
          test -f /mnt/.nfs-sentinel || (
            echo "ERROR: NFS sentinel missing at /mnt/.nfs-sentinel"
            echo "refusing to start; node likely has NFS unmounted"
            echo "pod would otherwise bind-mount the local-XFS shadow"
            exit 1
          )
        volumeMounts:
        - name: syncthing-config
          mountPath: /mnt
          readOnly: true
      - name: nfs-check-data
        image: busybox:stable
        command:
        - sh
        - -c
        - |
          test -f /mnt/.nfs-sentinel || (
            echo "ERROR: NFS sentinel missing at /mnt/.nfs-sentinel"
            echo "refusing to start; node likely has NFS unmounted"
            echo "pod would otherwise bind-mount the local-XFS shadow"
            exit 1
          )
        volumeMounts:
        - name: syncthing-data
          mountPath: /mnt
          readOnly: true
      containers:
      - name: syncthing
        image: lscr.io/linuxserver/syncthing:latest
        ports:
        - containerPort: 8384
        - containerPort: 22000
        # Startup probe: give syncthing time to initialize (especially if NFS is slow)
        startupProbe:
          httpGet:
            path: /
            port: 8384
          initialDelaySeconds: 10
          periodSeconds: 5
          timeoutSeconds: 3
          failureThreshold: 24  # 120 seconds total (24 * 5s)
        # Liveness probe: restart pod if syncthing becomes unresponsive (stale NFS)
        livenessProbe:
          httpGet:
            path: /
            port: 8384
          periodSeconds: 30
          timeoutSeconds: 5
          failureThreshold: 3  # Restart after 90 seconds of failures
        # Readiness probe: remove from service if not ready
        readinessProbe:
          httpGet:
            path: /
            port: 8384
          periodSeconds: 10
          timeoutSeconds: 3
          failureThreshold: 2
        volumeMounts:
        - name: syncthing-config
          mountPath: /config
        - name: syncthing-data
          mountPath: /data
      volumes:
      - name: syncthing-config
        persistentVolumeClaim:
          claimName: syncthing-config-pvc
      - name: syncthing-data
        persistentVolumeClaim:
          claimName: syncthing-data-pvc