---
apiVersion: v1
kind: Namespace
metadata:
    name: blog
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: jekyll
  namespace: blog
spec:
  selector:
    matchLabels:
      app: jekyll
  replicas: 2
  template:
    metadata:
      labels:
        app: jekyll
    spec:
      containers:
      - name: jekyll
        image: jibby0/docker-jekyll-webhook:latest
        ports:
        - containerPort: 80
          name: http-web-svc
        # TODO re-add caching
        # tbh this whole auto-update thing isn't really necessary with k8s anymore
        #volumeMounts:
        #- mountPath: "/vendor"
        #  name: vendor-cache
        env:
        - name: TZ
          value: America/New_York
        - name: REPO
          value: https://github.com/jibby0/blog.git
        - name: WEBHOOK_SECRET
        envFrom:
        - secretRef:
            name: webhook
        livenessProbe:
          httpGet:
            path: /
            port: 80
          failureThreshold: 10
          initialDelaySeconds: 300
          periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
  name: jekyll-service
  namespace: blog
spec:
  selector:
    app: jekyll
  type: ClusterIP
  ports:
  - name: jekyll-port
    protocol: TCP
    port: 80
    targetPort: http-web-svc
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: jekyll
  namespace: blog
spec:
  entryPoints:
  - websecure
  routes:
  - kind: Rule
    match: Host(`jibby.org`)
    services:
    - kind: Service
      name: jekyll-service
      port: 80
    middlewares:
    - name: well-known-redirect
# HACK: for mastodon
---
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: well-known-redirect
  namespace: blog
spec:
  redirectRegex:
    regex: ^https://jibby.org/.well-known/webfinger(.*)
    replacement: https://mastodon.jibby.org/.well-known/webfinger${1}
    permanent: true