mealie
| Field |
Value |
| Service |
mealie |
| Purpose |
Self-hosted recipe and meal planning application |
| Criticality |
Tier 3 |
| Owner |
Application owner |
| Clusters |
oci |
| Namespace |
mealie |
| Exposure |
internet |
| Stateful |
yes |
| Backup class |
snapshot |
| RPO / RTO |
Daily backup target, 2 to 4 hours to restore |
| Last reviewed |
2026-05-20 |
1. Service Overview
Mealie provides a recipe and meal planning interface for end users and depends on a PostgreSQL backend plus external routing.
Summary
If it fails, recipe management and meal planning workflows stop until the application and database are restored.
Dependencies
| Dependency |
Type |
Why it matters |
| PostgreSQL |
database |
Stores application state |
| Traefik |
ingress |
External HTTPS routing |
| Authelia |
access control |
Optional authentication layer |
2. Architecture Diagram
[Browser]
-> [Traefik]
-> [Mealie]
-> [PostgreSQL]
-> [PVC-backed data]
3. Deployment Specifications
| Item |
Value |
| Source path |
mealie/base and mealie/overlays/oci |
| Deployment model |
Kustomize plus Fleet bundle |
| Namespace |
mealie |
| Workload kind |
Deployment plus PostgreSQL workload |
| Chart or image version |
See base manifests for current image tags |
| Config files |
base/kustomization.yaml, overlays/oci/kustomization.yaml, fleet.yaml |
Cluster mapping
| Cluster |
Overlay path |
Notes |
| oci |
mealie/overlays/oci |
Current OCI deployment |
4. Configuration Guide
Environment variables
| Variable |
Source |
Purpose |
Secret? |
| Application runtime settings |
overlay secrets and manifests |
Configure Mealie and DB access |
mixed |
ConfigMaps
| Resource |
Path |
Purpose |
| Kustomize-managed runtime config |
mealie/base and mealie/overlays/oci |
Per-environment application behavior |
Secrets management
- Secret names: application and database credentials in the mealie namespace
- Source of truth: overlay secret inputs and generated manifests
- Rotation trigger: credential rotation or mail/integration changes
- Recovery note: restore secrets before redeploying the overlay
5. Access Protocols
| Path |
URL or endpoint |
Audience |
Auth |
TLS terminates at |
| Internal |
Services inside the mealie namespace |
Cluster workloads |
namespace RBAC |
Traefik / Mealie |
| External |
https://mealie.mutana.fr |
End users |
Authelia when enabled |
Traefik |
6. Operations and Observability
- Primary health indicators: Deployment healthy, DB healthy, and HTTPS route serving the UI.
- Dashboards or alerts: shared cluster monitoring.
- Log locations: Mealie and PostgreSQL pod logs.
- Known failure modes: DB startup issues, PVC problems, or ingress misrouting.
7. Backup and Recovery Notes
- Backup method: PostgreSQL backup plus PVC snapshot.
- Restore prerequisites: DB restore and runtime secrets.
- Related runbook: not required for this lower-blast-radius service.
8. Release and Change Notes
- Current deployed app version: see mealie/base image tags.
- Current chart version: N/A.
- Last significant change: OCI deployment documented under the current overlays structure.
- Rollback reference: previous overlay revision in Git.