---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: postgres-pvc
  namespace: darkdork-dev
  labels:
    app: postgres
spec:
  storageClassName: longhorn-ssd
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 10Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pleroma-pvc
  namespace: darkdork-dev
  labels:
    app: pleroma
spec:
  storageClassName: longhorn-ssd
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage:
        10Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgres
  namespace: darkdork-dev
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
    spec:
      imagePullSecrets:
        - name: registry-credentials
      containers:
        - name: postgres
          image: postgres:17-alpine
          imagePullPolicy: Always
          volumeMounts:
            - name: postgres-data-volume
              mountPath: /var/lib/postgresql/data
            - name: postgres-init-volume
              mountPath: /docker-entrypoint-initdb.d
            - name: postgres-config-volume
              mountPath: /etc/postgresql/postgresql.conf
              subPath: postgresql.conf
          ports:
            - containerPort: 5432
          env:
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: postgres
                  key: postgres-password
            - name: DB_PASS
              valueFrom:
                secretKeyRef:
                  name: postgres
                  key: postgres-password
      volumes:
        - name: postgres-data-volume
          persistentVolumeClaim:
            claimName: postgres-pvc
        - name: postgres-init-volume
          configMap:
            name: postgres-init
            defaultMode: 0755
        - name: postgres-config-volume
          configMap:
            name: postgres-config
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pleroma
  namespace: darkdork-dev
spec:
  replicas: 1
  selector:
    matchLabels:
      app: pleroma
  template:
    metadata:
      labels:
        app: pleroma
    spec:
      imagePullSecrets:
        - name: registry-credentials
      containers:
        - name: pleroma
          image: cr.forge.lan/darkdork-dev/pleroma
          imagePullPolicy: Always
          ports:
            - containerPort: 4000
          env:
            - name: DOMAIN
              value: darkdork.dev
            - name: INSTANCE_NAME
              value: DarkDork.dev
            - name: ADMIN_EMAIL
              value: pwm@crlf.ninja
            - name: NOTIFY_EMAIL
              value: pleroma@crlf.ninja
            - name: REGISTRATIONS_OPEN
              value: "false"
            - name: INVITES_ENABLED
              value: "true"
            - name: SECRET_KEY_BASE
              valueFrom:
                secretKeyRef:
                  name: pleroma
                  key: secret-key-base
            - name: WEB_PUSH_PUBLIC_KEY
              valueFrom:
                secretKeyRef:
                  name: pleroma
                  key: web-push-public-key
            - name: WEB_PUSH_PRIVATE_KEY
              valueFrom:
                secretKeyRef:
                  name: pleroma
                  key: web-push-private-key
            - name: DEFAULT_SIGNER
              valueFrom:
                secretKeyRef:
                  name: pleroma
                  key: default-signer
            - name: DB_HOST
              value: postgres
            - name: DB_NAME
              value: pleroma
            - name: DB_USER
              value: pleroma
            - name: DB_PASS
              valueFrom:
                secretKeyRef:
                  name: postgres
                  key: postgres-password
          volumeMounts:
            - name: pleroma-data-volume
              mountPath: /var/lib/pleroma
      volumes:
        - name: pleroma-data-volume
          persistentVolumeClaim:
            claimName: pleroma-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: postgres
  namespace: darkdork-dev
spec:
  ports:
  - port: 5432
    targetPort: 5432
    protocol: TCP
  selector:
    app: postgres
---
apiVersion: v1
kind: Service
metadata:
  name: pleroma
  namespace: darkdork-dev
spec:
  ports:
    - port: 80
      targetPort: 4000
      protocol: TCP
  selector:
    app: pleroma
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: postgres-init
  namespace: darkdork-dev
data:
  init-db.sh: |
    #!/bin/bash
    set -e
    DB_USER=${DB_USER:-pleroma}
    DB_NAME=${DB_NAME:-pleroma}
     psql -U ${POSTGRES_USER:-postgres} -tc "SELECT 1 FROM pg_user WHERE usename = '$DB_USER'" | \
      grep -q 1 || psql -U postgres -c "CREATE USER $DB_USER WITH ENCRYPTED PASSWORD '$DB_PASS'"
    psql -U ${POSTGRES_USER:-postgres} -tc "SELECT 1 FROM pg_database WHERE datname = '$DB_NAME'" | \
      grep -q 1 || psql -U postgres -c "CREATE DATABASE $DB_NAME OWNER $DB_USER"
    psql -v ON_ERROR_STOP=1 --username "${POSTGRES_USER:-postgres}" --dbname "$DB_NAME" <<-EOSQL
    	CREATE EXTENSION IF NOT EXISTS citext;
      CREATE EXTENSION IF NOT EXISTS pg_trgm;
      CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
    EOSQL
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: postgres-config
  namespace: darkdork-dev
data:
  postgresql.conf: |
    # DB Version: 17
    # OS Type: linux
    # DB Type: web
    # Total Memory (RAM): 4 GB
    # Data Storage: ssd

    max_connections = 200
    shared_buffers = 1GB
    effective_cache_size = 3GB
    maintenance_work_mem = 256MB
    checkpoint_completion_target = 0.9
    wal_buffers = 16MB
    default_statistics_target = 100
    random_page_cost = 1.1
    effective_io_concurrency = 200
    work_mem = 2621kB
    huge_pages = off
    min_wal_size = 1GB
    max_wal_size = 4GB