apiVersion: v1
kind: Secret
metadata:
  name: tweetsvg
  namespace: tweetsvg
  annotations:
    kube-1password: dmjtjxrcpqtmeddq5x7zikj37i
    kube-1password/vault: Kubernetes
    kube-1password/secret-text-key: .env
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
  name: tweetsvg
  namespace: tweetsvg
spec:
  type: ClusterIP
  ports:
  - port: 80
    targetPort: 8080
    name: web
  selector:
    app: tweetsvg
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: tweetsvg
  namespace: tweetsvg
spec:
  replicas: 2
  selector:
    matchLabels:
      app: tweetsvg
  template:
    metadata:
      labels:
        app: tweetsvg
    spec:
      containers:
      - name: web
        image: rg.fr-par.scw.cloud/averagemarcus/tweetsvg:latest
        imagePullPolicy: Always
        # env:
        # - name: DOTENV_DIR
        #   value: /config/
        ports:
        - containerPort: 8080
          name: web
        resources:
          limits:
            memory: 100Mi
          requests:
            memory: 100Mi
        volumeMounts:
          - name: dotenv
            mountPath: /app/.env
            subPath: .env
      volumes:
      - name: dotenv
        secret:
          secretName: tweetsvg
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: tweetsvg
  namespace: tweetsvg
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt
    kubernetes.io/ingress.class: traefik
    traefik.ingress.kubernetes.io/router.tls: "true"
    ingress.kubernetes.io/ssl-redirect: "true"
    traefik.ingress.kubernetes.io/router.entrypoints: websecure
spec:
  tls:
  - hosts:
    - tweet.cluster.fun
    secretName: tweetsvg-ingress
  rules:
  - host: tweet.cluster.fun
    http:
      paths:
      - path: /
        pathType: ImplementationSpecific
        backend:
          service:
            name: tweetsvg
            port:
              number: 80