kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-web namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-web template: metadata: labels: app: jitsi-web spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-web image: dowerx/jitsi-web:non-root imagePullPolicy: Always ports: - containerPort: 8000 protocol: TCP - containerPort: 8443 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD securityContext: runAsUser: 1000 runAsGroup: 1000 allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-prosody namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-prosody template: metadata: labels: app: jitsi-prosody spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-prosody image: dowerx/prosody:non-root ports: - containerPort: 5222 protocol: TCP - containerPort: 5269 protocol: TCP - containerPort: 5347 protocol: TCP - containerPort: 5280 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD securityContext: runAsUser: 1000 runAsGroup: 1000 allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /config name: jitsi subPath: prosody - mountPath: /prosody-plugins-custom name: jitsi subPath: prosody/prosody-plugins-custom resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" securityContext: fsGroup: 1000 volumes: - name: jitsi persistentVolumeClaim: claimName: jitsi --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-jicofo namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-jicofo template: metadata: labels: app: jitsi-jicofo spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-jicofo image: dowerx/jicofo:non-root ports: - containerPort: 8888 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD securityContext: runAsUser: 1000 runAsGroup: 1000 allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi" --- kind: Deployment apiVersion: apps/v1 metadata: name: jitsi-jvb namespace: external-app-development spec: strategy: type: Recreate replicas: 1 selector: matchLabels: app: jitsi-jvb template: metadata: labels: app: jitsi-jvb spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: kubernetes.io/arch operator: In values: - arm64 - amd64 containers: - name: jitsi-jvb image: dowerx/jvb:non-root ports: - containerPort: 10000 protocol: UDP - containerPort: 8080 protocol: TCP envFrom: - configMapRef: name: jitsi-env env: - name: JICOFO_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JICOFO_AUTH_PASSWORD - name: JVB_AUTH_PASSWORD valueFrom: secretKeyRef: name: jitsi-passwords key: JVB_AUTH_PASSWORD securityContext: runAsUser: 1000 runAsGroup: 1000 allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true seccompProfile: type: RuntimeDefault resources: limits: cpu: "500m" memory: "512Mi" requests: cpu: "10m" memory: "10Mi"