#SPDX-License-Identifier: MIT-0
---
# tasks file for ansible-role-www
- name: namespace
  k8s:
    state: present
    definition:
      apiVersion: v1
      kind: Namespace
      metadata:
        name: www

- name: pvc
  k8s:
    state: present
    definition:
      apiVersion: v1
      kind: PersistentVolumeClaim
      metadata:
        name: data
        namespace: www
      spec:
        accessModes:
          - ReadWriteMany
        resources:
          requests:
            storage: 8Ti

- name: configmap for httpd.conf
  k8s:
    state: present
    definition:
      apiVersion: v1
      kind: ConfigMap
      metadata:
        name: httpd
        namespace: www
      data:
        httpd.conf: "{{ lookup('file', 'httpd.conf') }}"

- name: deployment for www
  k8s:
    definition:
      apiVersion: v1
      kind: Deployment
      metadata:
        name: httpd
        namespace: www
      spec:
        replicas: 1
        selector:
          matchLabels:
            app: httpd
        template:
          metadata:
            labels:
              app: httpd
          spec:
            initContainers:
              - name: init
                image: debian:trixie
                command:
                  - /bin/bash
                  - -c
                  - "apt update -y && apt install -y git && git clone {{ www_repo_url }} /tmp/www && rm -rf /data/* && cp -r /tmp/www/htdocs/* /data/"
                volumeMounts:
                  - name: data
                    mountPath: /data
            containers:
              - name: httpd
                image: ericomeehan/www:latest
                imagePullPolicy: Always
                ports:
                  - containerPort: 80
                  - containerPort: 9117
                volumeMounts:
                  - name: data
                    mountPath: /usr/local/apache2/htdocs
                  - name: httpd
                    mountPath: /usr/local/apache2/conf/httpd.conf
                    subPath: httpd.conf
            volumes:
              - name: data
                persistentVolumeClaim:
                  claimName: data
              - name: httpd
                configMap:
                  name: httpd

- name: service for prometheus
  k8s:
    definition:
      apiVersion: v1
      kind: Service
      metadata:
        name: prometheus
        namespace: www
      spec:
        selector:
          app: httpd
        ports:
          - port: 9117
            name: http
        type: ClusterIP

- name: service for httpd
  k8s:
    definition:
      apiVersion: v1
      kind: Service
      metadata:
        name: httpd
        namespace: www
      spec:
        selector:
          app: httpd
        ports:
          - port: 80
            name: http
        type: ClusterIP

- name: onionservice
  k8s:
    definition:
      apiVersion: tor.k8s.torproject.org/v1alpha2
      kind: OnionService
      metadata:
        name: httpd
        namespace: www
      spec:
        version: 3
        rules:
          - port:
              number: 80
            backend:
              service:
                name: httpd
                port:
                  number: 80

- name: ingress
  k8s:
    state: present
    definition:
      apiVersion: networking.k8s.io/v1
      kind: Ingress
      metadata:
        annotations:
          cert-manager.io/cluster-issuer: ca-issuer
          nginx.ingress.kubernetes.io/enable-cors: "true"
          nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For"
        name: www
        namespace: www
      spec:
        ingressClassName: nginx
        rules:
          - host: eom.dev
            http:
              paths:
                - pathType: Prefix
                  path: /
                  backend:
                    service:
                      name: httpd
                      port:
                        number: 80
        tls:
          - hosts:
            - eom.dev
            secretName: www