apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: thelounge
  labels:
    app.kubernetes.io/name: thelounge
    app.kubernetes.io/instance: thelounge
  annotations:
    polaris.fairwinds.com/runAsRootAllowed-exempt: "true"
    polaris.fairwinds.com/tagNotSpecified-exempt: "true"
    polaris.fairwinds.com/topologySpreadConstraint-exempt: "true"
spec:
  serviceName: thelounge
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: thelounge
      app.kubernetes.io/instance: thelounge
  template:
    metadata:
      labels:
        app.kubernetes.io/name: thelounge
        app.kubernetes.io/instance: thelounge
    spec:
      priorityClassName: low-priority
      automountServiceAccountToken: false
      containers:
      - name: thelounge
        image: ghcr.io/thelounge/thelounge:latest
        securityContext:
          allowPrivilegeEscalation: false
        ports:
        - containerPort: 9000
          name: http-9000
        volumeMounts:
        - name: config
          mountPath: /var/opt/thelounge
        resources:
          requests:
            cpu: "100m"
            memory: "256Mi"
          limits:
            cpu: "500m"
            memory: "512Mi"
        livenessProbe:
          tcpSocket:
            port: 9000
          initialDelaySeconds: 20
          periodSeconds: 10
          timeoutSeconds: 1
          failureThreshold: 3
        readinessProbe:
          tcpSocket:
            port: 9000
          initialDelaySeconds: 5
          periodSeconds: 5
          timeoutSeconds: 1
          failureThreshold: 3
  volumeClaimTemplates:
  - metadata:
      name: config
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 4Gi