apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "..fullname" . }}
  labels:
    {{- include "..labels" . | nindent 4 }}
    cloudyne.systems/component: site
spec:
{{- if and .Values.customer .Values.customer.package }}
  replicas: {{ .Values.customer.package.replicas | default 1 }}
{{- else }}
  replicas: 1
{{- end }}
  selector:
    matchLabels:
      cloudyne.systems/customer: {{ .Values.customer.name }}
      cloudyne.systems/site: {{ .Values.site.url }}
  template:
    metadata:
      labels:
        cloudyne.systems/customer: {{ .Values.customer.name }}
        cloudyne.systems/site: {{ .Values.site.url }}
    spec:
      securityContext:
        fsGroup: 65534
      volumes:
        - name: cloud
          persistentVolumeClaim:
            claimName: pvc-{{ include "..fullname" . }}
        - name: local
          emptyDir: {}
        - name: serverconfig
          configMap:
            name: {{ include "..fullname" . }}-cfg
      initContainers:
        - name: deploy
          securityContext:
            allowPrivilegeEscalation: false
            runAsUser: 0
        {{- if .Values.global }}
          image: {{ .Values.global.initImage | default "ghcr.io/cloudynes/php-init" }}:{{ .Values.global.imagetag | default "latest" }}
        {{- else }}
          image: ghcr.io/cloudynes/php-init:latest
        {{- end }}
          imagePullPolicy: Always
          volumeMounts:
            - name: local
              mountPath: /app
          {{- if and .Values.site .Values.site.storage .Values.site.storage.cloud .Values.site.storage.cloud.folders }}
            {{- range $v := .Values.site.storage.cloud.folders }}
            - name: cloud
              mountPath: {{ $v.localPath }}
              subPath: {{ $v.cloudPath }}
            {{- end }}
          {{- end }}
          envFrom:
            - configMapRef:
                name: {{ include "..fullname" . }}-env
            - secretRef:
                name: {{ include "..fullname" . }}-db-auth
            - secretRef:
                name: global-secrets-ext
      containers:
        - name: wordpress
          securityContext:
            runAsUser: 65534
        {{- if .Values.global }}
          image: {{ .Values.global.initImage | default "ghcr.io/cloudynes/php-nginx" }}:{{ .Values.global.imagetag | default "latest" }}
        {{- else }}
          image: ghcr.io/cloudynes/php-nginx:latest
        {{- end }}
          imagePullPolicy: Always
          volumeMounts:
            - name: local
              mountPath: /app
            - name: serverconfig
              mountPath: /etx/nginx/nginx.conf
              subPath: nginx.conf
            - name: serverconfig
              mountPath: /usr/local/etc/php-fpm.d/www.conf
          {{- if and .Values.site .Values.site.storage .Values.site.storage.cloud .Values.site.storage.cloud.folders }}
            {{- range $v := .Values.site.storage.cloud.folders }}
            - name: cloud
              mountPath: {{ $v.localPath }}
              subPath: {{ $v.cloudPath }}
            {{- end }}
          {{- end }}
          envFrom:
            - configMapRef:
                name: {{ include "..fullname" . }}-env
            - secretRef:
                name: {{ include "..fullname" . }}-db-auth
            - secretRef:
                name: global-secrets-ext
          resources:
        {{- if and .Values.customer .Values.customer.package .Values.customer.package.cpu }}
            requests:
                cpu: {{ .Values.customer.package.cpu.avg | default "1000m" }}
                memory: {{ .Values.customer.package.mem.avg | default "1Gi" }}
            limits:
                cpu: {{ .Values.customer.package.cpu.peak | default "1000m" }}
                memory: {{ .Values.customer.package.mem.peak | default "1Gi" }}
        {{- else }}
            requests:
                cpu: 1000m
                memory: 1Gi
            limits:
                cpu: 1000m
                memory: 1Gi
        {{- end }}
          ports:
            - containerPort: 8080
              name: http
              protocol: TCP