apiVersion: apps/v1 kind: Deployment metadata: name: matomo namespace: solitaire spec: replicas: 1 selector: matchLabels: app: matomo strategy: type: Recreate template: metadata: labels: app: matomo spec: containers: - name: matomo image: matomo:5.10.0 env: - name: MATOMO_DATABASE_HOST value: mariadb - name: MATOMO_DATABASE_PORT value: "3306" - name: MATOMO_DATABASE_ADAPTER value: PDO\MYSQL - name: MATOMO_DATABASE_DBNAME valueFrom: secretKeyRef: name: matomo-secret key: MYSQL_DATABASE - name: MATOMO_DATABASE_USERNAME valueFrom: secretKeyRef: name: matomo-secret key: MYSQL_USER - name: MATOMO_DATABASE_PASSWORD valueFrom: secretKeyRef: name: matomo-secret key: MYSQL_PASSWORD # Traefik terminates SSL; tell Matomo to trust X-Forwarded-* headers - name: MATOMO_GENERAL_ASSUME_SECURE_PROTOCOL value: "1" - name: MATOMO_GENERAL_PROXY_CLIENT_HEADERS value: HTTP_X_FORWARDED_FOR - name: MATOMO_GENERAL_PROXY_HOST_HEADERS value: HTTP_X_FORWARDED_HOST ports: - containerPort: 80 volumeMounts: - name: matomo-data mountPath: /var/www/html livenessProbe: httpGet: path: /matomo.php port: 80 initialDelaySeconds: 60 periodSeconds: 30 timeoutSeconds: 5 readinessProbe: httpGet: path: /matomo.php port: 80 initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 resources: requests: cpu: 100m memory: 256Mi limits: cpu: 500m memory: 512Mi volumes: - name: matomo-data persistentVolumeClaim: claimName: matomo-data