apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: website-db
  namespace: website-production
spec:
  accessModes:
    - ReadWriteOnce
  storageClassName: openebs-hostpath-retain
  resources:
    requests:
      storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: php-website-deployment
  namespace: website-production
  labels:
    app: php-website
spec:
  replicas: 2
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
  selector:
    matchLabels:
      app: php-website
  template:
    metadata:
      labels:
        app: php-website
    spec:
      nodeSelector:
        kubernetes.io/hostname: raspberry
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
        runAsGroup: 1000
        fsGroup: 1000
        fsGroupChangePolicy: OnRootMismatch
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 100
              podAffinityTerm:
                labelSelector:
                  matchExpressions:
                  - key: app
                    operator: In
                    values:
                    - php-website
                topologyKey: "kubernetes.io/hostname"
      containers:
        - name: php-app
          image: 192.168.100.68:30500/php-website:latest
          imagePullPolicy: Always
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: true
            capabilities:
              drop:
                - ALL
          env:
            - name: WEBSITE_LANG_WRITE_DIR
              value: /var/www/localhost/htdocs/db/lang
            - name: WEBSITE_IDEAS_WRITE_DIR
              value: /var/www/localhost/htdocs/db/ideas
            - name: OLLAMA_HOST
              value: http://192.168.100.68:11434
            - name: OLLAMA_MODEL
              value: llama3.2:3b
          ports:
            - containerPort: 8080
              name: http
          readinessProbe:
            httpGet:
              path: /
              port: http
            initialDelaySeconds: 5
            periodSeconds: 10
          livenessProbe:
            httpGet:
              path: /
              port: http
            initialDelaySeconds: 30
            periodSeconds: 30
          resources:
            requests:
              cpu: 25m
              memory: 64Mi
            limits:
              memory: 256Mi
          volumeMounts:
            - name: apache-run
              mountPath: /run/apache2
            - name: apache-logs
              mountPath: /var/log/apache2
            - name: website-db
              mountPath: /var/www/localhost/htdocs/db
            - name: tmp
              mountPath: /tmp
      volumes:
        - name: apache-run
          emptyDir: {}
        - name: apache-logs
          emptyDir: {}
        - name: website-db
          persistentVolumeClaim:
            claimName: website-db
        - name: tmp
          emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
  name: php-website-service
  namespace: website-production
spec:
  type: NodePort
  externalTrafficPolicy: Local
  ports:
    - port: 80
      targetPort: http
      nodePort: 30080
  selector:
    app: php-website