apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: {{ namespace }}
  name: sfive-{{ worker.name }}
  labels:
    app: sfive
    worker: {{ worker.name }}
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sfive
      worker: {{ worker.name }}
  strategy:
    type: Recreate
  revisionHistoryLimit: 5
  template:
    metadata:
      labels:
        app: sfive
        worker: {{ worker.name }}
{% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %}
        spreadspace.org/onion-service: {{ worker.flags['stream-onion'] }}
{% endif %}
    spec:
      nodeName: {{ worker.name }}
      serviceAccountName: sfive
      securityContext:
        runAsUser: 998
        fsGroup: 998
      hostNetwork: true
      dnsPolicy: ClusterFirstWithHostNet
      containers:
{% if worker.flags.sfive == 'proxy' %}
      - name: proxy
        image: spreadspace/sfive:{{ desc.globals.deployment.parameter.sfive_image_version }}
        imagePullPolicy: Always
        args:
        - s5proxy
        - -config
        - /srv/config/proxy.json
        volumeMounts:
        - name: home
          mountPath: /srv
        - name: proxy-config
          mountPath: /srv/config
{%   if 'stream-onion' in worker.flags %}
      - name: proxy-onion
        image: spreadspace/sfive:{{ desc.globals.deployment.parameter.sfive_image_version }}
        imagePullPolicy: Always
        args:
        - s5proxy
        - -config
        - /srv/config/proxy-onion.json
        volumeMounts:
        - name: home
          mountPath: /srv
        - name: proxy-config
          mountPath: /srv/config
      - name: onion-service
        image: spreadspace/onion-service:{{ desc.globals.deployment.parameter.onion_service_image_version }}
        imagePullPolicy: Always
        env:
        - name: ONION_HOST
          value: "127.0.0.1"
        - name: ONION_PORT
          value: "8001"
        - name: POD_NAME
          valueFrom:
            fieldRef:
              fieldPath: metadata.name
        - name: POD_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.namespace
        volumeMounts:
        - name: onion-lib
          mountPath: /var/lib/tor
        - name: proxy-config
          mountPath: /srv/config
{%   endif %}
{% endif %}
      - name: hub
        image: spreadspace/sfive:{{ desc.globals.deployment.parameter.sfive_image_version }}
        imagePullPolicy: Always
        args:
        - sfive-hub
        - -db
        - /srv/data/db.bolt
        - -start-pipe-server=false
        - -start-web-server=false
        - -start-pipegram-server
        - -pipegram
        - /srv/hub.sock
        volumeMounts:
        - name: home
          mountPath: /srv
        - name: hub-data
          mountPath: /srv/data
      volumes:
      - name: home
        emptyDir:
          medium: Memory
{% if worker.flags.sfive == 'proxy' and 'stream-onion' in worker.flags %}
      - name: onion-lib
        hostPath:
          type: DirectoryOrCreate
          path: /var/lib/tor/{{ desc.globals.name }}/{{ worker.flags.stream }}
{% endif %}
      - name: proxy-config
        configMap:
          name: sfive-{{ worker.name }}
      - name: hub-data
        hostPath:
          type: DirectoryOrCreate
          path: /var/lib/sfive/{{ desc.globals.name }}