apiVersion: apps/v1
kind: Deployment
metadata:
  name: recorder
  namespace: owntracks
  labels:
    app: recorder
spec:
  selector:
    matchLabels:
      app: recorder
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: recorder
    spec:
      containers:
      - name: oauth2-proxy
        image: quay.io/oauth2-proxy/oauth2-proxy:v7.2.1
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 8080
          protocol: TCP
          name: http
        env:
        - name: OAUTH2_PROXY_HTTP_ADDRESS
          value: :8080
        - name: OAUTH2_PROXY_REVERSE_PROXY
          value: "true"
        - name: OAUTH2_PROXY_EMAIL_DOMAINS
          value: tobru.ch
        - name: OAUTH2_PROXY_PROVIDER
          value: github
        - name: OAUTH2_PROXY_REDIRECT_URL
          value: https://owntracks.tobru.ch/oauth2/callback
        - name: OAUTH2_PROXY_PROVIDER_DISPLAY_NAME
          value: tbrnt Gitea
        - name: OAUTH2_PROXY_LOGIN_URL
          value: https://git.tbrnt.ch/login/oauth/authorize
        - name: OAUTH2_PROXY_REDEEM_URL
          value: https://git.tbrnt.ch/login/oauth/access_token
        - name: OAUTH2_PROXY_VALIDATE_URL
          value: https://git.tbrnt.ch/api/v1
        - name: OAUTH2_PROXY_SKIP_AUTH_REGEX
          value: ^\/(view|static)\/.*$
        - name: OAUTH2_PROXY_UPSTREAMS
          value: http://127.0.0.1:8083
        envFrom:
        - secretRef:
            name: oauth2-proxy-recorder
        securityContext:
          runAsUser: 9999
          runAsGroup: 9999
      - name: recorder
        env:
        - name: OTR_HOST
          value: mqtt-plain.mosquitto.svc.cluster.local
        - name: OTR_USER
          value: ot-recorder
        image: docker.io/owntracks/recorder:0.8.6-12
        imagePullPolicy: IfNotPresent
        command:
        - ot-recorder
        - --viewsdir
        - /htdocs/viewsjson
        ports:
        - containerPort: 8083
          protocol: TCP
          name: recorder
        livenessProbe:
          httpGet:
            path: /api/0/monitor
            port: 8083
          initialDelaySeconds: 1
          periodSeconds: 30
        volumeMounts:
        - name: data
          mountPath: /store
        - name: views
          mountPath: /htdocs/viewsjson
        - name: config
          mountPath: /config
        securityContext:
          runAsUser: 9999
          runAsGroup: 9999
        resources:
          requests:
            memory: 32Mi
            cpu: 100m
          limits:
            memory: 128Mi
            cpu: 300m
      - name: metrics
        env:
        - name: OWNTRACKS_STORAGEDIR
          value: /store
        - name: OWNTRACKS_URL
          value: http://localhost:8083
        - name: SERVER_PORT
          value: "8888"
        image: docker.io/linusgroh/prometheus-owntracks-exporter:latest
        imagePullPolicy: Always
        ports:
        - containerPort: 8888
          protocol: TCP
          name: metrics
        volumeMounts:
        - name: data
          mountPath: /store
        securityContext:
          runAsUser: 9999
          runAsGroup: 9999
        resources:
          requests:
            memory: 32Mi
            cpu: 100m
          limits:
            memory: 128Mi
            cpu: 300m
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: owntracks-data
      - name: views
        configMap:
          name: views
      - name: config
        secret:
          secretName: recorder