apiVersion: v1
kind: Namespace
metadata:
  name: {{NAMESPACE}}
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: {{APP_NAME}}-pv
  labels:
    type: local
spec:
  storageClassName: manual
  capacity:
    storage: {{STORAGE_SIZE}}
  accessModes:
    - ReadWriteOnce
  hostPath:
    path: "/var/lib/rancher/k3s/storage/{{APP_NAME}}"
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: {{APP_NAME}}-pvc
  namespace: {{NAMESPACE}}
spec:
  volumeName: {{APP_NAME}}-pv
  storageClassName: manual
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: {{STORAGE_SIZE}}
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{APP_NAME}}
  namespace: {{NAMESPACE}}
  labels:
    app: {{APP_NAME}}
spec:
  replicas: 1
  selector:
    matchLabels:
      app: {{APP_NAME}}
  template:
    metadata:
      labels:
        app: {{APP_NAME}}
    spec:
      containers:
        - name: {{APP_NAME}}
          image: {{DOCKER_USERNAME}}/{{APP_NAME}}:{{VERSION}}
          imagePullPolicy: Always
          ports:
            - containerPort: 80
          resources:
            limits:
              memory: "128Mi"
              cpu: "1"
          volumeMounts:
          - name: {{APP_NAME}}-volume
            mountPath: /data
            subPath: ./web
      volumes:
        - name: {{APP_NAME}}-volume
          persistentVolumeClaim:
            claimName: {{APP_NAME}}-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: {{APP_NAME}}
  namespace: {{NAMESPACE}}
  labels:
    app: {{APP_NAME}}
spec:
  ports:
  - name: {{APP_NAME}}
    port: 80
    targetPort: 80
  selector:
    app: {{APP_NAME}}
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: {{APP_NAME}}
  namespace: {{NAMESPACE}}
spec:
  entryPoints:
  - websecure
  routes:
    - kind: Rule    
      match: Host(`{{URL}}`, `www.{{URL}}`)
      services:
      - name: {{APP_NAME}}
        port: 80
  tls:
    certResolver: letsencrypt
    domains:
      - main: "{{URL}}"
        sans:
          - "*.{{URL}}"