---
apiVersion: v1
kind: Secret
metadata:
  name: nextcloud-postgres-pass
  annotations:
    "helm.sh/resource-policy": "keep"
type: Opaque
data:
  {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace "nextcloud-postgres-pass") | default dict }}
  {{- $secretData := (get $secretObj "data") | default dict }}
  {{- $pass := (get $secretData "password") | default (randAlphaNum 32 | b64enc) }}
  password: {{ $pass | quote }}
---
# apiVersion: extensions/v1beta1
apiVersion: v1
kind: ConfigMap
metadata:
  name: nextcloud-postgres-config
  labels:
    app: nextcloud-postgres
data:
  POSTGRES_DB: nextcloud_db
  POSTGRES_USER: postgres
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nextcloud-postgres
  labels:
    app: nextcloud-postgres
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nextcloud-postgres
  template:
    metadata:
      labels:
        app: nextcloud-postgres
        name: nextcloud-postgres
    spec:
      containers:
      - name: nextcloud-postgres
        image: postgres:10.4
        imagePullPolicy: "IfNotPresent"
        ports:
        - containerPort: 5432
        envFrom:
        - configMapRef:
            name: nextcloud-postgres-config
        env:
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: nextcloud-postgres-pass
              key: password
        volumeMounts:
        - mountPath: /var/lib/postgresql/data
          subPath: backup/nextcloud/db
          name: nextcloud-postgredb
      volumes:
      - name: nextcloud-postgredb
        persistentVolumeClaim:
          claimName: homey-pvc-nfs
---
apiVersion: v1
kind: Service
metadata:
  name: nextcloud-postgres
  labels:
    app: nextcloud-postgres
spec:
  ports:
   - port: 5432
  selector:
    app: nextcloud-postgres
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nextcloud
  labels:
    app: nextcloud
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nextcloud
  template:
    metadata:
      labels:
        app: nextcloud
        name: nextcloud
    spec:
      containers:
      - name: nextcloud
        image: nextcloud
        imagePullPolicy: Always
        volumeMounts:
        - name: nextcloud-volume
          mountPath: "/var/www/html"
          subPath: backup/nextcloud/html
        envFrom:
        - configMapRef:
            name: nextcloud-postgres-config
        env:
        - name: POSTGRES_HOST
          value: "nextcloud-postgres"
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: nextcloud-postgres-pass
              key: password
        - name: OVERWRITEPROTOCOL
          value: "https"
      volumes:
      - name: nextcloud-volume
        persistentVolumeClaim:
          claimName: homey-pvc-nfs
---
apiVersion: v1
kind: Service
metadata:
  name: nextcloud
spec:
  selector:
    app: nextcloud
  ports:
  - port: 80
    targetPort: 80
    name: nextcloud
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nextcloud-ingress
  annotations:
    kubernetes.io/ingress.allow-http: "false"
    traefik.ingress.kubernetes.io/router.middlewares: {{ .Release.Namespace }}-redirect@kubernetescrd
spec:
  tls:
    - hosts:
      - nextcloud.{{ .Values.homey.url }}
  rules:
   - host: nextcloud.{{ .Values.homey.url }}
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: nextcloud
             port:
               number: 80