apiVersion: v1
kind: ConfigMap
metadata:
  name: env-keksaccount-web
  namespace: keksaccount
data:
  APP_DEBUG: "false"
  DB_CONNECTION: "mysql"
  DB_HOST: "mysql"
  DB_PORT: "3306"
  DB_PORT: "oauth"
  DB_USERNAME: "oauth"
  DB_PASSWORD: "oauth"
---
apiVersion: v1
kind: Secret
metadata:
  name: secret-keksaccount-mysql
  namespace: keksaccount
type: Opaque
data:
  MYSQL_ROOT_PASSWORD: dGlmaW1hZG9ja2Vy
  MYSQL_DATABASE: b2F1dGg=
  MYSQL_USER: b2F1dGg=
  MYSQL_PASSWORD: b2F1dGg=
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: keksaccount
  namespace: keksaccount
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: keksaccount
    spec:
      containers:
        - name: web
          image: docker.keks.cloud/keksaccount/web:latest
          ports:
            - containerPort: 80
          envFrom:
            - configMapRef:
                name: env-keksaccount-web
      imagePullSecrets:
        - name: docker-keks-cloud

---
apiVersion: v1
kind: Service
metadata:
  annotations:
    field.cattle.io/targetWorkloadIds: '["deployment:keksaccount:keksaccount"]'
  name: ingress-keksaccount
  namespace: keksaccount
spec:
  ports:
    - port: 80
      protocol: TCP
      targetPort: 80
  type: ClusterIP
status:
  loadBalancer: {}
---
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: mysql
  namespace: keksaccount
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: mysql
    spec:
      containers:
        - name: mysql
          image: mysql:5.6
          ports:
            - containerPort: 3306
          envFrom:
            - secretRef:
                name: secret-keksaccount-mysql
          volumeMounts:
            - mountPath: /var/lib/mysql
              name: mysql
      volumes:
        - name: mysql
          persistentVolumeClaim:
            claimName: mysql
---
apiVersion: v1
kind: Service
metadata:
  annotations:
    field.cattle.io/targetWorkloadIds: '["deployment:keksaccount:mysql"]'
  name: mysql
  namespace: keksaccount
spec:
  ports:
    - port: 3306
      protocol: TCP
      targetPort: 3306
  type: ClusterIP
status:
  loadBalancer: {}
---
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
  name: account.keks.cloud
  namespace: keksaccount
spec:
  secretName: account-keks-cloud-tls
  acme:
    config:
      - dns01:
          provider: cf-dns
        domains:
          - 'account.keks.cloud'
  commonName: 'account.keks.cloud'
  dnsNames:
    - account.keks.cloud
  issuerRef:
    kind: ClusterIssuer
    name: letsencrypt-prod

---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
  name: keksaccount
  namespace: keksaccount
spec:
  rules:
    - host: account.keks.cloud
      http:
        paths:
          - backend:
              serviceName: ingress-keksaccount
              servicePort: 80
            path: /
  tls:
    - secretName: account-keks-cloud-tls