apiVersion: apps/v1
kind: Deployment
metadata:
  name: organizr
spec:
  replicas: 1
  revisionHistoryLimit: 3
  selector:
    matchLabels:
      app: organizr
  template:
    metadata:
      labels:
        app: organizr
    spec:
      containers:
        - name: organizr
          image: docker.roxedus.net/roxedus/org-less
          resources:
            limits:
              memory: "2G"
              cpu: "1000m"
          env:
            - name: TZ
              value: Europe/Oslo
            - name: PUID
              value: "1000"
            - name: PGID
              value: "1000"
          ports:
            - containerPort: 80
          volumeMounts:
            - mountPath: /var/www/data
              name: config
      volumes:
        - name: config
          persistentVolumeClaim:
            claimName: organizr-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: organizr
spec:
  type: ClusterIP
  selector:
    app: organizr
  ports:
    - port: 80
      targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    # add an annotation indicating the issuer to use.
    cert-manager.io/acme-challenge-type: dns01
    traefik.ingress.kubernetes.io/router.middlewares: authentik-ak-outpost-authentik-embedded-outpost@kubernetescrd
    cert-manager.io/cluster-issuer: roxedus.com-cloudflare
  name: organizr
  namespace: default
spec:
  ingressClassName: traefik
  rules:
    - host: organizr.roxedus.com
      http:
        paths:
          - pathType: Prefix
            path: /
            backend:
              service:
                name: organizr
                port:
                  number: 80
  tls:
    - hosts:
        - organizr.roxedus.com
      secretName: organizr-roxedus-com-cert
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: organizr-pvc
  labels:
    app: organizr
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: longhorn
  resources:
    requests:
      storage: 2Gi