apiVersion: v1
kind: Service
metadata:
  name: proxmox-haproxy
  labels:
    run: proxmox-haproxy
spec:
  ports:
    - name: http
      port: 8000
      targetPort: 8000
  selector:
    run: proxmox-haproxy
#  type: LoadBalancer
#status:
#  loadBalancer: {}
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: proxmox-haproxy-config
spec:
  capacity:
    storage: 5Mi
  volumeMode: Filesystem
  accessModes:
    - ReadWriteMany
  persistentVolumeReclaimPolicy: Retain # Keep 4eva
  storageClassName: default
  mountOptions:
    - hard
    - nfsvers=3
  nfs:
    path: /mnt/DroboFS/Shares/Kubernetes/volumes/static/proxmox-haproxy-config
    server: 10.42.42.10
  claimRef:
    name: proxmox-haproxy-config
    namespace: default
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: proxmox-haproxy-config
  annotations:
    nfs.io/storage-path: "proxmox-haproxy-config"
spec:
  storageClassName: default
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 5Mi
status: {}
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: proxmox-haproxy
spec:
  replicas: 1
  selector:
    matchLabels:
      run: proxmox-haproxy
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        run: proxmox-haproxy
    spec:
      terminationGracePeriodSeconds: 30
      containers:
        - image: haproxy:latest
          imagePullPolicy: "Always"
          name: proxmox-haproxy
          env:
            - name: TZ
              value: US/Michigan
          ports:
            - containerPort: 8000
          resources:
            limits:
              memory: "500Mi"
              cpu: "1000m"
            requests:
              memory: "200Mi"
              cpu: "500m"
          volumeMounts:
            - mountPath: /usr/local/etc/haproxy
              name: proxmox-haproxy-config
      restartPolicy: Always
      volumes:
        - name: proxmox-haproxy-config
          persistentVolumeClaim:
            claimName: proxmox-haproxy-config
#      dnsPolicy: "None"
#      dnsConfig:
#        nameservers:
#          - 10.42.42.239
#          - 10.42.42.1
#        searches:
#          - default.svc.cluster.local
#          - svc.cluster.local 
#          - cluster.local
#        options:
#          - name: ndots
#            value: "2"
#          - name: edns0
#          - name: trust-ad
status: {}
---
# Hosting
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: proxmox-haproxy-ingress
  annotations:
    cert-manager.io/cluster-issuer: "letsencrypt-prod"
    ## No basic auth for proxmox-haproxy
    ## type of authentication
    #nginx.ingress.kubernetes.io/auth-type: basic
    ## name of the secret that contains the user/password definitions
    #nginx.ingress.kubernetes.io/auth-secret: basic-auth
    ## message to display with an appropriate context why the authentication is required
    #nginx.ingress.kubernetes.io/auth-realm: 'Authentication Required - Proxmox'
spec:
  tls:
  - hosts:
    - proxmox.monkeybox.org
    secretName: proxmox-haproxy-tls
  rules:
  - host: proxmox.monkeybox.org
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: proxmox-haproxy
            port:
              number: 8000