apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql helm.sh/chart: postgresql-11.6.12 name: paperless-postgresql namespace: paperless spec: ports: - name: tcp-postgresql nodePort: null port: 5432 targetPort: tcp-postgresql selector: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/name: postgresql sessionAffinity: None type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql helm.sh/chart: postgresql-11.6.12 service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" name: paperless-postgresql-hl namespace: paperless spec: clusterIP: None ports: - name: tcp-postgresql port: 5432 targetPort: tcp-postgresql publishNotReadyAddresses: true selector: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/name: postgresql type: ClusterIP --- apiVersion: v1 kind: Service metadata: labels: app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: paperless app.kubernetes.io/version: 1.8.0 helm.sh/chart: paperless-9.1.3 name: paperless spec: ports: - name: http port: 8000 protocol: TCP targetPort: http selector: app.kubernetes.io/instance: paperless app.kubernetes.io/name: paperless type: ClusterIP --- apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: paperless app.kubernetes.io/version: 1.8.0 helm.sh/chart: paperless-9.1.3 name: paperless-data spec: accessModes: - ReadWriteOnce resources: requests: storage: 1Gi storageClassName: openebs-3-replicas --- apiVersion: v1 kind: PersistentVolumeClaim metadata: labels: app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: paperless app.kubernetes.io/version: 1.8.0 helm.sh/chart: paperless-9.1.3 name: paperless-media spec: accessModes: - ReadWriteOnce resources: requests: storage: 5Gi storageClassName: openebs-3-replicas --- apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: paperless app.kubernetes.io/version: 1.8.0 helm.sh/chart: paperless-9.1.3 name: paperless spec: replicas: 1 revisionHistoryLimit: 3 selector: matchLabels: app.kubernetes.io/instance: paperless app.kubernetes.io/name: paperless strategy: type: Recreate template: metadata: labels: app.kubernetes.io/instance: paperless app.kubernetes.io/name: paperless spec: automountServiceAccountToken: true containers: - env: - name: COMPOSE_PROJECT_NAME value: paperless - name: PAPERLESS_APPS value: allauth.socialaccount.providers.openid_connect - name: PAPERLESS_DBHOST value: paperless-postgresql - name: PAPERLESS_DBPASS valueFrom: secretKeyRef: key: db-pass name: paperless - name: PAPERLESS_DBUSER valueFrom: secretKeyRef: key: db-user name: paperless - name: PAPERLESS_ENABLE_HTTP_REMOTE_USER value: "true" - name: PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME value: HTTP_X_FORWARDED_USER - name: PAPERLESS_LOGOUT_REDIRECT_URL value: https://iam.borninpain.de/realms/home/protocol/openid-connect/logout - name: PAPERLESS_OCR_LANGUAGE value: deu - name: PAPERLESS_OCR_LANGUAGES value: deu - name: PAPERLESS_PORT value: "8000" - name: PAPERLESS_REDIS valueFrom: secretKeyRef: key: redis-url name: paperless - name: PAPERLESS_SOCIALACCOUNT_PROVIDERS valueFrom: secretKeyRef: key: provider name: paperless - name: PAPERLESS_TIME_ZONE value: Europe/Berlin - name: PAPERLESS_URL value: https://paperless.home - name: USERMAP_GID value: "1000" - name: USERMAP_UID value: "1000" image: ghcr.io/paperless-ngx/paperless-ngx:2.18.2 imagePullPolicy: IfNotPresent livenessProbe: failureThreshold: 3 initialDelaySeconds: 0 periodSeconds: 10 tcpSocket: port: 8000 timeoutSeconds: 1 name: paperless ports: - containerPort: 8000 name: http protocol: TCP readinessProbe: failureThreshold: 3 initialDelaySeconds: 0 periodSeconds: 10 tcpSocket: port: 8000 timeoutSeconds: 1 startupProbe: failureThreshold: 30 initialDelaySeconds: 0 periodSeconds: 5 tcpSocket: port: 8000 timeoutSeconds: 1 volumeMounts: - mountPath: /usr/src/paperless/data name: data - mountPath: /usr/src/paperless/media name: media dnsPolicy: ClusterFirst enableServiceLinks: true serviceAccountName: default volumes: - name: data persistentVolumeClaim: claimName: paperless-data - name: media persistentVolumeClaim: claimName: paperless-media --- apiVersion: apps/v1 kind: StatefulSet metadata: labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql helm.sh/chart: postgresql-11.6.12 name: paperless-postgresql namespace: paperless spec: replicas: 1 selector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/name: postgresql serviceName: paperless-postgresql-hl template: metadata: annotations: null labels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/managed-by: Helm app.kubernetes.io/name: postgresql helm.sh/chart: postgresql-11.6.12 name: paperless-postgresql spec: affinity: nodeAffinity: null podAffinity: null podAntiAffinity: preferredDuringSchedulingIgnoredDuringExecution: - podAffinityTerm: labelSelector: matchLabels: app.kubernetes.io/component: primary app.kubernetes.io/instance: paperless app.kubernetes.io/name: postgresql namespaces: - paperless topologyKey: kubernetes.io/hostname weight: 1 containers: - env: - name: BITNAMI_DEBUG value: "false" - name: POSTGRESQL_PORT_NUMBER value: "5432" - name: POSTGRESQL_VOLUME_DIR value: /bitnami/postgresql - name: PGDATA value: /bitnami/postgresql/data - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: postgres-password name: paperless - name: POSTGRESQL_ENABLE_LDAP value: "no" - name: POSTGRESQL_ENABLE_TLS value: "no" - name: POSTGRESQL_LOG_HOSTNAME value: "false" - name: POSTGRESQL_LOG_CONNECTIONS value: "false" - name: POSTGRESQL_LOG_DISCONNECTIONS value: "false" - name: POSTGRESQL_PGAUDIT_LOG_CATALOG value: "off" - name: POSTGRESQL_CLIENT_MIN_MESSAGES value: error - name: POSTGRESQL_SHARED_PRELOAD_LIBRARIES value: pgaudit image: docker.io/bitnami/postgresql:17.6.0-debian-12-r2 imagePullPolicy: IfNotPresent livenessProbe: exec: command: - /bin/sh - -c - exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432 failureThreshold: 6 initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 name: postgresql ports: - containerPort: 5432 name: tcp-postgresql readinessProbe: exec: command: - /bin/sh - -c - -e - | exec pg_isready -U "postgres" -h 127.0.0.1 -p 5432 [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ] failureThreshold: 6 initialDelaySeconds: 5 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 resources: limits: {} requests: cpu: 250m memory: 256Mi securityContext: runAsUser: 1001 volumeMounts: - mountPath: /dev/shm name: dshm - mountPath: /bitnami/postgresql name: data hostIPC: false hostNetwork: false initContainers: null securityContext: fsGroup: 1001 serviceAccountName: default volumes: - emptyDir: medium: Memory name: dshm updateStrategy: rollingUpdate: {} type: RollingUpdate volumeClaimTemplates: - metadata: name: data spec: accessModes: - ReadWriteOnce resources: requests: storage: 8Gi storageClassName: openebs-3-replicas