---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nginx-certs
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Mi
  storageClassName: rook-cephfs
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nginx-webroot
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Mi
  storageClassName: rook-cephfs
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox-storage-helper
spec:
  containers:
  - name: busybox
    image: busybox
    args:
    - sleep
    - "1000000"
    volumeMounts:
      - mountPath: "/etc/letsencrypt"
        name: letsencryptdir
      - mountPath: "/www"
        name: webroot
  volumes:
    - name: letsencryptdir
      persistentVolumeClaim:
        claimName: nginx-certs
    - name: webroot
      persistentVolumeClaim:
        claimName: nginx-webroot
---
apiVersion: v1
kind: Pod
metadata:
  name: alpine-cert-test
spec:
  containers:
  - name: alpine
    image: alpine:3.13
    args:
    - sleep
    - "1000000"
    volumeMounts:
      - mountPath: "/etc/letsencrypt"
        name: letsencryptdir
      - mountPath: "/www"
        name: webroot
  volumes:
    - name: letsencryptdir
      persistentVolumeClaim:
        claimName: nginx-certs
    - name: webroot
      persistentVolumeClaim:
        claimName: nginx-webroot
---
apiVersion: v1
kind: Pod
metadata:
  name: nginx-port-80
  labels:
    app: ssl
spec:
  containers:
  - name: nginx
    image: nginx:1.21-alpine
    volumeMounts:
      - mountPath: "/etc/letsencrypt"
        name: letsencryptdir
      - mountPath: "/usr/share/nginx/html"
        name: webroot
    ports:
        - containerPort: 80
  volumes:
    - name: letsencryptdir
      persistentVolumeClaim:
        claimName: nginx-certs
    - name: webroot
      persistentVolumeClaim:
        claimName: nginx-webroot
# ---
# apiVersion: v1
# kind: Pod
# metadata:
#   name: nginx-ssl
#   labels:
#     app: nginx-ssl
#    ssl: yes
# spec:
#   containers:
#   - name: nginx
#     image: nginx:1.21-alpine
#     volumeMounts:
#       - mountPath: "/etc/letsencrypt"
#         name: letsencryptdir
#       - mountPath: "/usr/share/nginx/html"
#         name: webroot
#     ports:
#         - containerPort: 443
#   volumes:
#     - name: letsencryptdir
#       persistentVolumeClaim:
#         claimName: nginx-certs
#     - name: webroot
#       persistentVolumeClaim:
#         claimName: nginx-webroot
---
apiVersion: v1
kind: Service
metadata:
  name: svc1
spec:
  type: ClusterIP
  ports:
   - port: 80
     name: "http"
   - port: 443
     name: "https"
  selector:
   app: ssl
# ---
# apiVersion: v1
# kind: ConfigMap
# metadata:
#   name: nginx-ssl-config
# data:
#   # property-like keys; each key maps to a simple value
#   nick_name: "13"

#   # file-like keys
#   game.properties: |
#     enemy.types=aliens,monsters
#     player.maximum-lives=5
#   user-interface.properties: |
#     color.good=purple
#     color.bad=yellow
#     allow.textmode=true