From 8efd305e54417097d4bb5cea7244f584bbffaf2b Mon Sep 17 00:00:00 2001
From: Alpha Chen <alpha@kejadlen.dev>
Date: Thu, 6 Jan 2022 15:01:46 -0800
Subject: [PATCH] [meta] move babybuddy from ramble-hard to lotus-land-story

---
 meta/lotus-land-story/babybuddy.tf | 98 ++++++++++++++++++++++++++++++
 meta/lotus-land-story/main.tf      | 32 +++++-----
 meta/ramble-hard.yml               |  1 -
 3 files changed, 113 insertions(+), 18 deletions(-)
 create mode 100644 meta/lotus-land-story/babybuddy.tf

diff --git a/meta/lotus-land-story/babybuddy.tf b/meta/lotus-land-story/babybuddy.tf
new file mode 100644
index 0000000..d1d88e9
--- /dev/null
+++ b/meta/lotus-land-story/babybuddy.tf
@@ -0,0 +1,98 @@
+resource "kubernetes_persistent_volume_claim" "babybuddy" {
+  metadata {
+    name = "babybuddy"
+  }
+  spec {
+    access_modes = ["ReadWriteOnce"]
+    resources {
+      requests = {
+        storage = "2Gi"
+      }
+    }
+    storage_class_name = "linode-block-storage-retain"
+  }
+}
+
+resource "kubernetes_pod" "babybuddy" {
+  metadata {
+    name = "babybuddy"
+    labels = {
+      app = "babybuddy"
+    }
+  }
+
+  spec {
+    container {
+      # https://github.com/babybuddy/babybuddy/issues/337
+      image             = "lscr.io/linuxserver/babybuddy:v1.9.0-ls14"
+      image_pull_policy = "Always"
+      name              = "babybuddy"
+      port {
+        container_port = 8000
+      }
+      volume_mount {
+        name       = "babybuddy"
+        mount_path = "/config"
+      }
+    }
+    volume {
+      name = "babybuddy"
+      persistent_volume_claim {
+        claim_name = "babybuddy"
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "babybuddy" {
+  metadata {
+    name = "babybuddy"
+  }
+
+  spec {
+    port {
+      port        = 80
+      target_port = 8000
+      protocol    = "TCP"
+    }
+    selector = {
+      app = "babybuddy"
+    }
+  }
+}
+
+resource "kubernetes_ingress_v1" "babybuddy" {
+  metadata {
+    name = "babybuddy"
+    annotations = {
+      "kubernetes.io/ingress.class"    = "nginx"
+      "cert-manager.io/cluster-issuer" = "letsencrypt-prod"
+    }
+  }
+
+  spec {
+    tls {
+      hosts = [
+        "babybuddy.${var.domain}"
+      ]
+      secret_name = "babybuddy-tls"
+    }
+    rule {
+      host = "babybuddy.${var.domain}"
+      http {
+        path {
+          path      = "/"
+          path_type = "Prefix"
+          backend {
+            service {
+              name = "babybuddy"
+              port {
+                number = 80
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/meta/lotus-land-story/main.tf b/meta/lotus-land-story/main.tf
index a3aa4db..1ea56ba 100644
--- a/meta/lotus-land-story/main.tf
+++ b/meta/lotus-land-story/main.tf
@@ -26,11 +26,11 @@ resource "kubernetes_namespace" "cert_manager" {
 }
 
 resource "helm_release" "cert_manager" {
-  name             = "cert-manager"
-  repository       = "https://charts.jetstack.io"
-  chart            = "cert-manager"
-  version          = "1.6.1"
-  namespace        = kubernetes_namespace.cert_manager.metadata[0].name
+  name       = "cert-manager"
+  repository = "https://charts.jetstack.io"
+  chart      = "cert-manager"
+  version    = "1.6.1"
+  namespace  = kubernetes_namespace.cert_manager.metadata[0].name
 
   set {
     name  = "installCRDs"
@@ -41,15 +41,14 @@ resource "helm_release" "cert_manager" {
 resource "kubernetes_manifest" "letsencrypt_staging" {
   manifest = {
     apiVersion = "cert-manager.io/v1"
-    kind       = "Issuer"
+    kind       = "ClusterIssuer"
     metadata = {
-      name      = "letsencrypt-staging"
-      namespace = "default"
+      name = "letsencrypt-staging"
     }
     spec = {
       acme = {
         server = "https://acme-staging-v02.api.letsencrypt.org/directory"
-        email = var.letsencrypt_email
+        email  = var.letsencrypt_email
         privateKeySecretRef = {
           name = "letsencrypt-staging"
         }
@@ -71,15 +70,14 @@ resource "kubernetes_manifest" "letsencrypt_staging" {
 resource "kubernetes_manifest" "letsencrypt_prod" {
   manifest = {
     apiVersion = "cert-manager.io/v1"
-    kind       = "Issuer"
+    kind       = "ClusterIssuer"
     metadata = {
-      name      = "letsencrypt-prod"
-      namespace = "default"
+      name = "letsencrypt-prod"
     }
     spec = {
       acme = {
         server = "https://acme-v02.api.letsencrypt.org/directory"
-        email = var.letsencrypt_email
+        email  = var.letsencrypt_email
         privateKeySecretRef = {
           name = "letsencrypt-prod"
         }
@@ -99,8 +97,8 @@ resource "kubernetes_manifest" "letsencrypt_prod" {
 }
 
 resource "helm_release" "ingress_nginx" {
-  name             = "ingress-nginx"
-  repository       = "https://kubernetes.github.io/ingress-nginx"
-  chart            = "ingress-nginx"
-  version          = "4.0.13"
+  name       = "ingress-nginx"
+  repository = "https://kubernetes.github.io/ingress-nginx"
+  chart      = "ingress-nginx"
+  version    = "4.0.13"
 }
diff --git a/meta/ramble-hard.yml b/meta/ramble-hard.yml
index 7b41eb4..b79a794 100644
--- a/meta/ramble-hard.yml
+++ b/meta/ramble-hard.yml
@@ -9,5 +9,4 @@
 
 - import_playbook: playbooks/docker.yml
 - import_playbook: playbooks/lets_encrypt/main.yml
-- import_playbook: playbooks/babybuddy/main.yml
 - import_playbook: playbooks/pixelfed/install.yml