apiVersion: v1
kind: Namespace
metadata:
  name: legendary
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: legendary
  namespace: legendary
spec:
  replicas: 2
  selector:
    matchLabels:
      app: legendary
  template:
    metadata:
      labels:
        app: legendary
    spec:
      containers:
        - name: app
          image: registry.gitlab.com/mythic-insight/legendary:3.0.3
          command: ["elixir"]
          args:
            - "--name"
            - "$(NAME)@$(POD_IP)"
            - "--cookie"
            - "$(SECRET_KEY_BASE)"
            - "-S"
            - "mix"
            - "phx.server"
          ports:
            - containerPort: 4000
            - containerPort: 4369
          env:
            - name: HOSTNAME
              value: legendaryframework.org
            - name: EMAIL_FROM
              value: no-reply@legendaryframework.org
            - name: NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: NAME
              value: legendary-doc-site
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: database
                  key: url
            - name: SECRET_KEY_BASE
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: secret-key-base
            - name: LIVE_VIEW_SIGNING_SALT
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: live-view-signing-salt
            - name: SMTP_HOST
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: smtp-host
            - name: SMTP_USERNAME
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: smtp-username
            - name: SMTP_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: smtp-password
            - name: SMTP_HOST
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: smtp-host
            - name: SMTP_USERNAME
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: smtp-username
            - name: SMTP_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: legendary
                  key: smtp-password
---
apiVersion: v1
kind: Service
metadata:
  name: legendary
  namespace: legendary
spec:
  selector:
    app: legendary
  ports:
    - protocol: TCP
      port: 80
      targetPort: 4000
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: legendary
  namespace: legendary
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/cluster-issuer: letsencrypt
spec:
  rules:
  - host: legendary-demo.mythicinsight.com
    http:
      paths:
      - backend:
          service:
            name: legendary
            port:
              number: 80
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - legendary-demo.mythicinsight.com
    secretName: legendary-demo-cert
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: legendary
  name: pod-watcher
rules:
- apiGroups: [""]
  resources: ["pods"]
  verbs: ["list"]
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: legendary
  name: pod-watcher-binding
subjects:
- kind: ServiceAccount
  namespace: legendary
  name: default
roleRef:
  kind: Role
  name: pod-watcher
  apiGroup: rbac.authorization.k8s.io