---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pasarguard
  labels:
    app: pasarguard
  annotations:
    reloader.stakater.com/auto: "true"
spec:
  selector:
    matchLabels:
      app: pasarguard
  replicas: 1
  strategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: pasarguard
    spec:
      nodeSelector:
        kubernetes.io/hostname: master.tail2fe2d.ts.net
      containers:
        - name: pasarguard-web
          image: 'pasarguard/panel:v1.4.1'
          imagePullPolicy: Always
          envFrom:
            - secretRef:
                name: pasarguard-secrets
          env:
            - name: UVICORN_HOST
              value: "0.0.0.0"
            - name: UVICORN_PORT
              value: "8000"
            - name: UVICORN_SSL_CERTFILE
              value: "/etc/ssl/certs/tls.crt"
            - name: UVICORN_SSL_KEYFILE
              value: "/etc/ssl/private/tls.key"
          ports:
            - name: http
              containerPort: 8000
              protocol: TCP
          volumeMounts:
            - name: tls-certs
              mountPath: /etc/ssl/certs
              readOnly: true
            - name: tls-keys
              mountPath: /etc/ssl/private
              readOnly: true
      volumes:
        - name: tls-certs
          secret:
            secretName: pasarguard-tls
            items:
              - key: tls.crt
                path: tls.crt
        - name: tls-keys
          secret:
            secretName: pasarguard-tls
            items:
              - key: tls.key
                path: tls.key
---
apiVersion: v1
kind: Service
metadata:
  name: pasarguard
spec:
  selector:
    app: pasarguard
  ports:
    - protocol: TCP
      port: 80
      targetPort: 8000