aiworker/k8s/backend/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: backend
  namespace: control-plane
  labels:
    app: backend
spec:
  replicas: 2
  selector:
    matchLabels:
      app: backend
  template:
    metadata:
      labels:
        app: backend
    spec:
      serviceAccountName: backend-sa
      imagePullSecrets:
      - name: gitea-registry
      containers:
      - name: backend
        image: git.fuq.tv/admin/aiworker-backend:latest
        imagePullPolicy: Always
        ports:
        - name: http
          containerPort: 3000
          protocol: TCP
        env:
        # Database
        - name: DB_HOST
          value: mariadb.control-plane.svc.cluster.local
        - name: DB_PORT
          value: "3306"
        - name: DB_USER
          value: aiworker
        - name: DB_PASSWORD
          valueFrom:
            secretKeyRef:
              name: backend-secrets
              key: db-password
        - name: DB_NAME
          value: aiworker

        # Redis
        - name: REDIS_HOST
          value: redis.control-plane.svc.cluster.local
        - name: REDIS_PORT
          value: "6379"

        # Gitea
        - name: GITEA_URL
          value: https://git.fuq.tv
        - name: GITEA_TOKEN
          valueFrom:
            secretKeyRef:
              name: backend-secrets
              key: gitea-token

        # Kubernetes
        - name: K8S_IN_CLUSTER
          value: "true"
        - name: NODE_TLS_REJECT_UNAUTHORIZED
          value: "0"

        # App config
        - name: NODE_ENV
          value: production
        - name: PORT
          value: "3000"

        resources:
          requests:
            memory: "256Mi"
            cpu: "250m"
          limits:
            memory: "512Mi"
            cpu: "500m"

        livenessProbe:
          httpGet:
            path: /api/health
            port: 3000
          initialDelaySeconds: 10
          periodSeconds: 30
          timeoutSeconds: 5

        readinessProbe:
          httpGet:
            path: /api/health
            port: 3000
          initialDelaySeconds: 5
          periodSeconds: 10
          timeoutSeconds: 3