local kube = import "../../kube/kube.libsonnet";

{
    local rc3 = self,
    deploy: kube.Deployment("rc3-data") {
        metadata+: {
            namespace: "personal-q3k",
        },
        spec+: {
            template+: {
                spec+: {
                    containers_: {
                        default: kube.Container("default") {
                            image: "registry.k0.hswaw.net/q3k/rc3-data:1610640062",
                            ports_: {
                                http: { containerPort: 8080 },
                            },
                        },
                    },
                    securityContext: {
                        // nginx:nginx
                        runAsUser: 101,
                        runAsGroup: 101,
                    },
                },
            },
        },
    },
    svc: kube.Service("rc3-data") {
        metadata+: {
            namespace: "personal-q3k",
        },
        target_pod:: rc3.deploy.spec.template,
    },
    ingress: kube.Ingress("rc3-data") {
        metadata+: {
            namespace: "personal-q3k",
            annotations+: {
                "kubernetes.io/tls-acme": "true",
                "cert-manager.io/cluster-issuer": "letsencrypt-prod",
                "nginx.ingress.kubernetes.io/proxy-body-size": "0",
            },
        },
        spec+: {
            tls: [
                { hosts: [ "rc3-data.q3k.org"], secretName: "rc3-data-tls", },
            ],
            rules: [
                {
                    host: "rc3-data.q3k.org",
                    http: {
                        paths: [
                            { path: "/", backend: rc3.svc.name_port },
                        ],
                    },
                },
            ],
        },
    },
}