apiVersion: apps/v1
kind: Deployment
metadata:
  name: defectdojo
  namespace: defectdojo
spec:
  replicas: 1
  selector:
    matchLabels:
      app: defectdojo
  template:
    metadata:
      labels:
        app: defectdojo
    spec:
      containers:
      - name: defectdojo
        image: defectdojo/defectdojo:2.31.0
        env:
        - name: DD_DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: defectdojo-secret
              key: DD_DATABASE_URL
        - name: DD_ADMIN_USER
          valueFrom:
            secretKeyRef:
              name: defectdojo-secret
              key: DD_ADMIN_USER
        - name: DD_ADMIN_PASSWORD
          valueFrom:
            secretKeyRef:
              name: defectdojo-secret
              key: DD_ADMIN_PASSWORD
        - name: DD_REDIS_HOST
          value: redis
        - name: DD_REDIS_PORT
          value: "6379"
        volumeMounts:
          - name: web-storage
            mountPath: /app/media
      volumes:
        - name: web-storage
          persistentVolumeClaim:
            claimName: dd-web-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: defectdojo
  namespace: defectdojo
spec:
  ports:
    - port: 8080
      targetPort: 8080
  selector:
    app: defectdojo
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: celery-worker
  namespace: defectdojo
spec:
  replicas: 1
  selector:
    matchLabels:
      app: celery-worker
  template:
    metadata:
      labels:
        app: celery-worker
    spec:
      containers:
      - name: celery-worker
        image: defectdojo/worker:2.31.0
        env:
        - name: DD_DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: defectdojo-secret
              key: DD_DATABASE_URL
        - name: DD_REDIS_HOST
          value: redis
        volumeMounts:
          - name: worker-storage
            mountPath: /app/media
      volumes:
        - name: worker-storage
          persistentVolumeClaim:
            claimName: dd-celeryworker-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: celery-beat
  namespace: defectdojo
spec:
  replicas: 1
  selector:
    matchLabels:
      app: celery-beat
  template:
    metadata:
      labels:
        app: celery-beat
    spec:
      containers:
      - name: celery-beat
        image: defectdojo/beat:2.31.0
        env:
        - name: DD_DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: defectdojo-secret
              key: DD_DATABASE_URL
        - name: DD_REDIS_HOST
          value: redis
        volumeMounts:
          - name: beat-storage
            mountPath: /app/media
      volumes:
        - name: beat-storage
          persistentVolumeClaim:
            claimName: dd-celerybeat-pvc
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: redis
  namespace: defectdojo
spec:
  replicas: 1
  selector:
    matchLabels:
      app: redis
  template:
    metadata:
      labels:
        app: redis
    spec:
      containers:
      - name: redis
        image: redis:7
        volumeMounts:
          - mountPath: /data
            name: redis-storage
        command: ["redis-server", "--appendonly", "yes"]
      volumes:
        - name: redis-storage
          persistentVolumeClaim:
            claimName: dd-redis-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: redis
  namespace: defectdojo
spec:
  ports:
    - port: 6379
  selector:
    app: redis
---
apiVersion: v1
kind: Secret
metadata:
  name: defectdojo-secret
  namespace: defectdojo
type: Opaque
stringData:
  DD_DATABASE_URL: "postgres://defectdojo:defectdojo@postgres15.postgres.svc.cluster.local:5432/defectdojo"
  DD_ADMIN_USER: "admin"
  DD_ADMIN_PASSWORD: "Defectdojo01@"
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-defectdojo-nginx
spec:
  capacity:
    storage: 2Gi
  accessModes:
    - ReadWriteMany
  nfs:
    server: 192.168.2.110
    path: /mnt/nfs_share/defectdojo/nginx
  persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-defectdojo-redis
spec:
  capacity:
    storage: 2Gi
  accessModes:
    - ReadWriteMany
  nfs:
    server: 192.168.2.110
    path: /mnt/nfs_share/defectdojo/redis
  persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-defectdojo-celerybeat
spec:
  capacity:
    storage: 2Gi
  accessModes:
    - ReadWriteMany
  nfs:
    server: 192.168.2.110
    path: /mnt/nfs_share/defectdojo/celerybeat
  persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolume
metadata:
  name: pv-defectdojo-celeryworker
spec:
  capacity:
    storage: 2Gi
  accessModes:
    - ReadWriteMany
  nfs:
    server: 192.168.2.110
    path: /mnt/nfs_share/defectdojo/celeryworker
  persistentVolumeReclaimPolicy: Retain
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-defectdojo-nginx
  namespace: defectdojo
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 2Gi
  volumeName: pv-defectdojo-nginx
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-defectdojo-redis
  namespace: defectdojo
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 2Gi
  volumeName: pv-defectdojo-redis
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-defectdojo-celerybeat
  namespace: defectdojo
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 2Gi
  volumeName: pv-defectdojo-celerybeat
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: pvc-defectdojo-celeryworker
  namespace: defectdojo
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 2Gi
  volumeName: pv-defectdojo-celeryworker