apiVersion: apps/v1
kind: Deployment
metadata:
  name: frontend
  namespace: owntracks
  labels:
    app: frontend
spec:
  selector:
    matchLabels:
      app: frontend
  strategy:
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: frontend
    spec:
      containers:
      - name: oauth2-proxy
        image: quay.io/oauth2-proxy/oauth2-proxy:v5.1.1
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          protocol: TCP
          name: http
        env:
        - name: OAUTH2_PROXY_HTTP_ADDRESS
          value: :8080
        - name: OAUTH2_PROXY_REVERSE_PROXY
          value: "true"
        - name: OAUTH2_PROXY_EMAIL_DOMAINS
          value: tobru.ch
        - name: OAUTH2_PROXY_PROVIDER
          value: github
        - name: OAUTH2_PROXY_REDIRECT_URL
          value: https://whereis.tobru.ch/oauth2/callback
        - name: OAUTH2_PROXY_PROVIDER_DISPLAY_NAME
          value: tbrnt Gitea
        - name: OAUTH2_PROXY_LOGIN_URL
          value: https://git.tbrnt.ch/login/oauth/authorize
        - name: OAUTH2_PROXY_REDEEM_URL
          value: https://git.tbrnt.ch/login/oauth/access_token
        - name: OAUTH2_PROXY_VALIDATE_URL
          value: https://git.tbrnt.ch/api/v1
        - name: OAUTH2_PROXY_UPSTREAMS
          value: http://127.0.0.1
        envFrom:
        - secretRef:
            name: oauth2-proxy-frontend
      - name: frontend
        env:
        - name: SERVER_HOST
          value: recorder
        - name: SERVER_PORT
          value: "8083"
        image: docker.io/owntracks/frontend:2.9.0
        imagePullPolicy: IfNotPresent
        volumeMounts:
        - mountPath: /usr/share/nginx/html/config
          name: config
      volumes:
      - name: config
        configMap:
          name: frontend