apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: firefly-db
  namespace: firefly
  labels:
    app: firefly-db
spec:
  serviceName: firefly-db
  replicas: 1
  selector:
    matchLabels:
      app: firefly-db
  template:
    metadata:
      labels:
        app: firefly-db
    spec:
      securityContext:
        runAsUser: 999
        runAsGroup: 999
        fsGroup: 999
      containers:
        - name: postgres
          image: postgres:17
          imagePullPolicy: IfNotPresent
          env:
            - name: POSTGRES_USER
              valueFrom:
                secretKeyRef:
                  name: firefly-credentials
                  key: DB_USERNAME
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: firefly-credentials
                  key: DB_PASSWORD
            - name: POSTGRES_DB
              valueFrom:
                secretKeyRef:
                  name: firefly-credentials
                  key: DB_DATABASE
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata
          ports:
            - containerPort: 5432
          startupProbe:
            tcpSocket:
              port: 5432
            initialDelaySeconds: 10
            periodSeconds: 10
            failureThreshold: 30
          livenessProbe:
            tcpSocket:
              port: 5432
            periodSeconds: 30
            failureThreshold: 5
          readinessProbe:
            tcpSocket:
              port: 5432
            periodSeconds: 10
            failureThreshold: 3
          resources:
            requests:
              cpu: 50m
              memory: 256Mi
            limits:
              memory: 1Gi
          volumeMounts:
            - name: data
              mountPath: /var/lib/postgresql/data
  volumeClaimTemplates:
    - metadata:
        name: data
      spec:
        accessModes: ["ReadWriteOnce"]
        storageClassName: nfs-synology-ssd
        resources:
          requests:
            storage: 5Gi