Simple nginx-based deployment serving the React SPA on port 80,
no runtime env or volumes required.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Includes two init containers (VPN route setup, Alembic migrations),
secret refs for JWT/encryption/OpenBao/SMTP, and PVC mounts for
git-store, firmware-cache, and wireguard config.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
File-backed storage, IPC_LOCK capability for mlock, startup/liveness/
readiness probes. Config mounted via subPath from ConfigMap.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Runs nats-server with --jetstream and monitoring on port 8222.
Headless service for StatefulSet DNS, ClusterIP service for app connections.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Ephemeral cache with no PVC. Includes redis-cli ping probes for
liveness and readiness.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Includes ConfigMap for init.sql (TimescaleDB extension, app_user and
poller_user role creation), StatefulSet with liveness/readiness probes,
and headless Service for stable DNS.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Three PVCs with configurable size and storageClass. Wireguard PVC is
conditional on wireguard.enabled.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Single Secret with all sensitive values (JWT, encryption keys, DB
passwords, SMTP credentials, poller DB URL). Single ConfigMap with
all non-sensitive config including URL helpers and optional value guards.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
