---
# PostgreSQL Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: root-db
  namespace: default
  labels:
    app: root-db
spec:
  replicas: 1
  selector:
    matchLabels:
      app: root-db
  template:
    metadata:
      labels:
        app: root-db
    spec:
      containers:
        - name: postgres
          image: docker.cnb.cool/kevisual/dev-env/postgres:17.6
          ports:
            - containerPort: 5432
          env:
            - name: POSTGRES_DB
              value: "postgres"
            - name: POSTGRES_USER
              value: "postgres"
            - name: POSTGRES_PASSWORD
              value: "abearxiong"
          volumeMounts:
            - name: postgres-storage
              mountPath: /var/lib/postgresql/data
          # Health check (liveness/readiness)
          livenessProbe:
            exec:
              command:
                - pg_isready
                - "-U"
                - "postgres"
                - "-d"
                - "postgres"
            initialDelaySeconds: 30
            periodSeconds: 10
            timeoutSeconds: 5
            failureThreshold: 3
          readinessProbe:
            exec:
              command:
                - pg_isready
                - "-U"
                - "postgres"
                - "-d"
                - "postgres"
            initialDelaySeconds: 10
            periodSeconds: 5
            timeoutSeconds: 3
      volumes:
      - name: postgres-storage
        hostPath:
          path: /root/kevisual/k8s/nocodb/postgres_data
          type: Directory
      nodeSelector:
        machine: "kevisual"
---
# PostgreSQL Service (ClusterIP, internal access)
apiVersion: v1
kind: Service
metadata:
  name: root-db
  labels:
    app: root-db
spec:
  selector:
    app: root-db
  ports:
    - protocol: TCP
      port: 5432
      targetPort: 5432
  type: ClusterIP
---
# NocoDB Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nocodb
  labels:
    app: nocodb
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nocodb
  template:
    metadata:
      labels:
        app: nocodb
    spec:
      containers:
        - name: nocodb
          image: docker.cnb.cool/kevisual/dev-env/nocodb:0.301.3
          ports:
            - containerPort: 8080
          env:
            - name: NC_DB
              value: "pg://root-db:5432?u=postgres&p=abearxiong&d=postgres"
            - name: NC_AUTH_JWT_SECRET
              value: "MaCpbZugRlwFWUfpAUNAd7p64V4Yj7Xx" #   openssl rand -base64 32 | tr -dc 'a-zA-Z0-9' | head -c 32
          volumeMounts:
            - name: nc-data-storage
              mountPath: /usr/app/data
          # NocoDB 可能需要一些启动时间，可选添加 readinessProbe
          readinessProbe:
            httpGet:
              path: /api/v1/health
              port: 8080
            initialDelaySeconds: 60
            periodSeconds: 10
            timeoutSeconds: 5
      volumes:
      - name: nc-data-storage
        hostPath:
          path: /root/kevisual/k8s/nocodb/nc_data
          type: Directory
      nodeSelector:
        machine: "kevisual"
---
# NocoDB Service (NodePort to expose on host:8080)
apiVersion: v1
kind: Service
metadata:
  name: nocodb
  labels:
    app: nocodb
spec:
  selector:
    app: nocodb
  ports:
    - protocol: TCP
      port: 8080
      targetPort: 8080
  type: NodePort

---
# NocoDB Ingress (optional, requires Ingress controller)
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: nocodb-https
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`nocodb.kevisual.cn`)
      kind: Rule
      services:
        - name: nocodb
          port: 8080
  tls:
    certResolver: letsencrypt