---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: sonarr
  labels:
    app: sonarr
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sonarr
  template:
    metadata:
      labels:
        app: sonarr
    spec:
      volumes:
        - name: sonarr-config
          persistentVolumeClaim:
            claimName: sonarr-storage
        - name: nfs-media
          persistentVolumeClaim:
            claimName: nfs-media
      containers:
        - name: sonarr
          image: linuxserver/sonarr:4.0.16
          imagePullPolicy: IfNotPresent
          ports:
            - containerPort: 8989
          env:
            - name: PUID
              value: "1000"
            - name: PGID
              value: "1000"
            - name: TZ
              value: Europe/Amsterdam
          volumeMounts:
            - mountPath: /config
              name: sonarr-config
            - mountPath: /shared/media
              name: nfs-media
          securityContext:
            seccompProfile:
              type: RuntimeDefault
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - "ALL"
          #     add:
          #       - "CHOWN"
          #       - "SETUID"
          #       - "SETGID"