---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgres
  namespace: postgres
  labels:
    k8s-app: postgres
spec:
  replicas: 1
  selector:
    matchLabels:
      k8s-app: postgres
  template:
    metadata:
      labels:
        k8s-app: postgres
    spec:
      containers:
        - name: postgresql
          image: postgres:17.0-bookworm
          env:
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres-secret
                  key: postgres-password
          volumeMounts:
            - name: postgres-data
              mountPath: /var/lib/postgresql/data
            - name: sharemem
              mountPath: /dev/shm
          ports:
            - containerPort: 5432
              name: postgres
              protocol: TCP
          resources:
            requests:
              memory: "2Gi"
              cpu: "500m"
            limits:
              memory: "4Gi"
              cpu: "2000m"
          livenessProbe:
            exec:
              command:
                - /bin/bash
                - -c
                - exec pg_isready -U postgres -h 127.0.0.1 -p 5432
            failureThreshold: 6
            initialDelaySeconds: 20
            periodSeconds: 10
            successThreshold: 1
            timeoutSeconds: 5
          readinessProbe:
            exec:
              command:
                - /bin/bash
                - -c
                - exec pg_isready -U postgres -h 127.0.0.1 -p 5432
            failureThreshold: 6
            initialDelaySeconds: 20
            periodSeconds: 10
            successThreshold: 2
            timeoutSeconds: 5

      volumes:
        - name: postgres-data
          persistentVolumeClaim:
            claimName: postgres-pvc
            readOnly: false
        - emptyDir:
            medium: Memory
            sizeLimit: 1Gi
          name: sharemem