---
apiVersion: v1
kind: Namespace
metadata:
  labels:
    wildcard-tls.kn8v.com/copy: "true"
  name: joplin
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: joplin-config
  namespace: joplin
spec:
  accessModes:
  - ReadWriteMany
  resources:
    requests:
      storage: 1Gi
  storageClassName: nfs
---
apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: joplin
  name: joplin
spec:
  replicas: 1
  selector:
    matchLabels:
      app: joplin
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: joplin
    spec:
      containers:
        - name: joplin
          image: joplin/server:latest
          env:
            - name: APP_PORT
              value: "8080"
            - name: APP_BASE_URL
              value: https://joplin.strudelline.net
            - name: DB_CLIENT
              value: pg
            - name: PGSSLMODE
              value: no-verify
            - name: POSTGRES_CONNECTION_STRING
              valueFrom:
                secretKeyRef:
                  key: uri
                  name: joplin-pguser-joplin
            #- name: POSTGRES_PASSWORD
            #  valueFrom:
            #    secretKeyRef:
            #      key: password
            #      name: joplin-pguser-joplin
            #- name: POSTGRES_DATABASE
            #  valueFrom:
            #    secretKeyRef:
            #      key: dbname
            #      name: joplin-pguser-joplin
            #- name: POSTGRES_USER
            #  valueFrom:
            #    secretKeyRef:
            #      key: user
            #      name: joplin-pguser-joplin
            #- name: POSTGRES_PORT
            #  valueFrom:
            #    secretKeyRef:
            #      key: port
            #      name: joplin-pguser-joplin
            #- name: POSTGRES_HOST
            #  valueFrom:
            #    secretKeyRef:
            #      key: host
            #      name: joplin-pguser-joplin
          volumeMounts:
            - mountPath: /config
              name: joplin-config
      volumes:
        - name: joplin-config
          persistentVolumeClaim:
            claimName: joplin-config
      restartPolicy: Always
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: joplin
  namespace: joplin
  annotations:
    haproxy-ingress.github.io/ssl-redirect: "true"
    ingress.kubernetes.io/force-ssl-redirect: 'true'
spec:
  ingressClassName: istio
  rules:
  - host: joplin.strudelline.net
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: joplin
            port:
              number: 8080
  tls:
  - hosts:
    - joplin.strudelline.net
    secretName: wildcard-tls
---
apiVersion: v1
kind: Service
metadata:
  labels:
    app: joplin
  name: joplin
  namespace: joplin
spec:
  selector:
    app: joplin
  ports:
   - name: http
     port: 8080
     protocol: TCP
     targetPort: 8080
  clusterIP: None
  type: ClusterIP