k3s/namespaces/apps/paperless/kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

transformers:
  - |-
    apiVersion: builtin
    kind: NamespaceTransformer
    metadata:
      name: notImportantHere
      namespace: apps
    unsetOnly: true

namePrefix: paperless-
resources:
  - ../../../kustomize/bases/public-oidc/
  - extra/deploy-sync.yaml
  - extra/pvc-consume.yaml
  - extra/pvc-sftp.yaml
  - extra/pv-sftp.yaml

replacements:
  - source:
      kind: Service
      name: svc
    targets:
      - select:
          kind: HTTPRoute
        options:
          create: true
        fieldPaths:
          - spec.rules.0.backendRefs.0.name
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appName]
    targets:
      - select:
          kind: HTTPRoute
        options:
          create: true
          delimiter: "."
          index: 0
        fieldPaths:
          - spec.hostnames.0
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "-"
          index: 0
        fieldPaths:
          - spec.managedSecretReference.secretName
      - select:
          kind: InfisicalSecret
        options:
          delimiter: "/"
          index: 2
        fieldPaths:
          - spec.authentication.universalAuth.secretsScope.secretsPath
      - select:
          kind: Service
        fieldPaths:
          - spec.ports.0.name
          - spec.ports.0.targetPort
  - source:
      kind: Deployment
      name: app
      fieldPath: metadata.labels.[app.kubernetes.io/appNamespace]
    targets:
      - select:
          kind: InfisicalSecret
        fieldPaths:
          - spec.managedSecretReference.secretNamespace

patches:
  - path: patches/deployment.yaml
    target:
      kind: Deployment
      name: app
  - path: patches/pvc.yaml
    target:
      kind: PersistentVolumeClaim
      name: pvc

labels:
  - includeSelectors: true
    pairs:
      app.kubernetes.io/appName: paperless
  - pairs:
      app.kubernetes.io/appNamespace: apps

configMapGenerator:
  - name: config
    literals:
      - PAPERLESS_REDIS=redis://redis-svc.core.svc.cluster.local
      - PAPERLESS_DBHOST=postgres-svc.core.svc.cluster.local
      - PAPERLESS_DBUSER=paperless
      - PAPERLESS_DBNAME=paperlessdb
      - PAPERLESS_TIKA_ENABLED="1"
      - PAPERLESS_TIKA_ENDPOINT="http://tika-svc.core:9998"
      - PAPERLESS_TIKA_GOTENBURG_ENDPOINT="http://gotenburg-svc.core:3000"
      - PAPERLESS_USE_X_FORWARD_HOST="1"
      - PAPERLESS_TIME_ZONE="America/New_York"
      - PAPERLESS_URL="https://paperless.leechpepin.com"
      - PAPERLESS_CONSUMER_RECURSIVE="1"
      - PAPERLESS_FILENAME_DATE_ORDER=MDY
      - PAPERLESS_FILENAME_FORMAT="{{created_year}}/{{created_month}}/{{created_day}}/{{title}}"
      - PAPERLESS_PORT="8000"
      - PAPERLESS_BIND_ADDR="[::]"
      - PAPERLESS_CONSUMER_POLLING="30"
      # Setup SMTP
      - PAPERLESS_EMAIL_HOST=blizzard.mxrouting.net
      - PAPERLESS_EMAIL_PORT="465"
      - PAPERLESS_EMAIL_HOST_USER=homelab@leechpepin.com
      - PAPERLESS_EMAIL_USE_SSL="true"
      # OIDC
      - PAPERLESS_APPS=allauth.socialaccount.providers.openid_connect