--- apiVersion: apps/v1 kind: StatefulSet metadata: name: postgres namespace: darkdork-dev labels: app: postgres spec: serviceName: postgres-headless replicas: 1 selector: matchLabels: app: postgres template: metadata: labels: app: postgres spec: terminationGracePeriodSeconds: 60 imagePullSecrets: - name: registry-credentials securityContext: fsGroup: 1000 containers: - name: postgres image: postgres:17-alpine imagePullPolicy: IfNotPresent ports: - containerPort: 5432 name: postgres resources: requests: memory: "3Gi" cpu: "1000m" limits: memory: "4Gi" cpu: "2000m" env: - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: postgres key: postgres-password - name: DB_PASS valueFrom: secretKeyRef: name: postgres key: postgres-password - name: PGDATA value: /var/lib/postgresql/data/pgdata volumeMounts: - name: postgres-storage mountPath: /var/lib/postgresql/data subPath: pgdata # Using subPath to avoid permission issues - name: dshm mountPath: /dev/shm - name: postgres-init-volume mountPath: /docker-entrypoint-initdb.d - name: postgres-config-volume mountPath: /etc/postgresql/postgresql.conf subPath: postgresql.conf command: - docker-entrypoint.sh - -c - config_file=/etc/postgresql/postgresql.conf livenessProbe: exec: command: - pg_isready - -U - postgres initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 readinessProbe: exec: command: - pg_isready - -U - postgres initialDelaySeconds: 5 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 3 startupProbe: exec: command: - pg_isready - -U - postgres - -d - pleroma initialDelaySeconds: 15 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 12 lifecycle: preStop: exec: command: ["pg_ctl stop -w -t 60 -m fast"] volumes: - name: dshm emptyDir: medium: Memory sizeLimit: 2Gi - name: postgres-init-volume configMap: name: postgres-init defaultMode: 0755 - name: postgres-config-volume configMap: name: postgres-config - name: postgres-storage persistentVolumeClaim: claimName: postgres-pvc