---
apiVersion: v1
kind: Namespace
metadata:
  name: darkdork-dev
---
kind: StorageClass
apiVersion: storage.k8s.io/v1
metadata:
  name: longhorn-ssd
  namespace: darkdork-dev
provisioner: driver.longhorn.io
allowVolumeExpansion: true
parameters:
  numberOfReplicas: "3"
  staleReplicaTimeout: "2880" # 48 hours in minutes
  fromBackup: ""
  fsType: "xfs"
#  backupTargetName: "default"
#  mkfsParams: "-I 256 -b 4096 -O ^metadata_csum,^64bit"
#  diskSelector: "ssd,fast"
#  nodeSelector: "storage,fast"
#  recurringJobSelector: '[
#   {
#     "name":"snap",
#     "isGroup":true,
#   },
#   {
#     "name":"backup",
#     "isGroup":false,
#   }
#  ]'
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: pleroma
  namespace: darkdork-dev
  annotations:
    cert-manager.io/issuer: "letsencrypt-prod"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - darkdork.dev
    secretName: tls-secret
  rules:
  - host: darkdork.dev
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: pleroma
            port:
              number: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: minio
  namespace: darkdork-dev
  annotations:
    cert-manager.io/issuer: "letsencrypt-prod"
    nginx.ingress.kubernetes.io/rewrite-target: /pleroma.darkdork.dev/$1
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - media.darkdork.dev
    secretName: tls-secret-media
  rules:
  - host: media.darkdork.dev
    http:
      paths:
      - path: /(.+)
        pathType: ImplementationSpecific
        backend:
          service:
            name: minio
            port:
              number: 80

---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  namespace: darkdork-dev
  name: letsencrypt-staging
spec:
  acme:
    # The ACME server URL
    server: https://acme-staging-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: pwm@crlf.ninja
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-staging
    # Enable the HTTP-01 challenge provider
    solvers:
      - http01:
          ingress:
            ingressClassName: nginx
---
apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
  namespace: darkdork-dev
  name: letsencrypt-prod
spec:
  acme:
    # The ACME server URL
    server: https://acme-v02.api.letsencrypt.org/directory
    # Email address used for ACME registration
    email: pwm@crlf.ninja
    # Name of a secret used to store the ACME account private key
    privateKeySecretRef:
      name: letsencrypt-prod
    # Enable the HTTP-01 challenge provider
    solvers:
      - http01:
          ingress:
            ingressClassName: nginx