diff --git a/k8s/deployment-nodejs.yaml b/k8s/deployment-nodejs.yaml new file mode 100644 index 0000000..520de51 --- /dev/null +++ b/k8s/deployment-nodejs.yaml @@ -0,0 +1,170 @@ +apiVersion: v1 +kind: Secret +metadata: + name: git-credentials + namespace: manoonoils +type: Opaque +stringData: + # Gitea SSH private key (for cloning) + # Generate with: ssh-keygen -t ed25519 -f gitea-deploy-key + # Add public key to Gitea repo deploy keys + SSH_KEY: | + -----BEGIN OPENSSH PRIVATE KEY----- + # REPLACE WITH ACTUAL PRIVATE KEY + -----END OPENSSH PRIVATE KEY----- + GIT_HOST: "100.74.155.73" +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: storefront + namespace: manoonoils +spec: + replicas: 1 + selector: + matchLabels: + app: storefront + template: + metadata: + labels: + app: storefront + spec: + initContainers: + - name: build + image: node:20-alpine + command: + - sh + - -c + - | + set -e + + # Install git and ssh + apk add --no-cache git openssh-client + + # Setup SSH for Gitea + mkdir -p /root/.ssh + cp /secrets/SSH_KEY /root/.ssh/id_ed25519 + chmod 600 /root/.ssh/id_ed25519 + ssh-keyscan -p 222 -H $(cat /secrets/GIT_HOST) > /root/.ssh/known_hosts 2>/dev/null || \ + ssh-keyscan -p 222 -H 100.74.155.73 > /root/.ssh/known_hosts 2>/dev/null || true + + # Clone repository + echo "Cloning from Gitea..." + git clone --depth 1 --branch master ssh://git@100.74.155.73:222/unchained/manoon-headless.git /workspace + + cd /workspace + echo "Installing dependencies..." + npm ci --prefer-offline --no-audit --silent + + echo "Building Next.js..." + npm run build + + echo "Build complete!" + ls -la /workspace/.next/ + env: + - name: NODE_ENV + value: "production" + - name: NEXT_PUBLIC_WOOCOMMERCE_URL + valueFrom: + secretKeyRef: + name: woocommerce-credentials + key: WOOCOMMERCE_URL + - name: NEXT_PUBLIC_WOOCOMMERCE_CONSUMER_KEY + valueFrom: + secretKeyRef: + name: woocommerce-credentials + key: WOOCOMMERCE_CONSUMER_KEY + - name: NEXT_PUBLIC_WOOCOMMERCE_CONSUMER_SECRET + valueFrom: + secretKeyRef: + name: woocommerce-credentials + key: WOOCOMMERCE_CONSUMER_SECRET + - name: NEXT_PUBLIC_SITE_URL + value: "https://dev.manoonoils.com" + volumeMounts: + - name: workspace + mountPath: /workspace + - name: git-secret + mountPath: /secrets + readOnly: true + securityContext: + runAsUser: 0 + resources: + limits: + cpu: 2000m + memory: 2Gi + requests: + cpu: 500m + memory: 512Mi + containers: + - name: storefront + image: node:20-alpine + command: + - sh + - -c + - | + cd /workspace + echo "Starting Next.js production server..." + exec npm start + ports: + - containerPort: 3000 + env: + - name: NODE_ENV + value: "production" + - name: PORT + value: "3000" + - name: HOSTNAME + value: "0.0.0.0" + - name: NEXT_PUBLIC_WOOCOMMERCE_URL + valueFrom: + secretKeyRef: + name: woocommerce-credentials + key: WOOCOMMERCE_URL + - name: NEXT_PUBLIC_WOOCOMMERCE_CONSUMER_KEY + valueFrom: + secretKeyRef: + name: woocommerce-credentials + key: WOOCOMMERCE_CONSUMER_KEY + - name: NEXT_PUBLIC_WOOCOMMERCE_CONSUMER_SECRET + valueFrom: + secretKeyRef: + name: woocommerce-credentials + key: WOOCOMMERCE_CONSUMER_SECRET + - name: NEXT_PUBLIC_SITE_URL + value: "https://dev.manoonoils.com" + resources: + limits: + cpu: 1000m + memory: 1Gi + requests: + cpu: 250m + memory: 256Mi + volumeMounts: + - name: workspace + mountPath: /workspace + startupProbe: + httpGet: + path: / + port: 3000 + periodSeconds: 10 + failureThreshold: 60 + livenessProbe: + httpGet: + path: / + port: 3000 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: / + port: 3000 + periodSeconds: 5 + failureThreshold: 3 + volumes: + - name: workspace + emptyDir: + sizeLimit: 2Gi + - name: git-secret + secret: + secretName: git-credentials + defaultMode: 0400