From 3ac01e0cd0c7a17891ec5d0c6f066b7b8907eb43 Mon Sep 17 00:00:00 2001
From: Gabriel Simmer <gabriel@gitgalaxy.com>
Date: Fri, 16 Sep 2022 19:40:29 -0700
Subject: [PATCH] dns, cert for abb

---
 terraform/gmem.ca.tf  |  8 ++++++++
 vps/api-by-becki.yaml | 21 +++++++++++++++++++++
 vps/issuer.yml        |  6 +-----
 3 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/terraform/gmem.ca.tf b/terraform/gmem.ca.tf
index 9146456..d3b5e7f 100644
--- a/terraform/gmem.ca.tf
+++ b/terraform/gmem.ca.tf
@@ -1,3 +1,11 @@
 resource "aws_route53_zone" "gmemca" {
   name = "gmem.ca"
+}
+
+resource "aws_route53_record" "api-by-becki" {
+  zone_id = aws_route53_zone.gmemca.zone_id
+  name    = "abb"
+  type    = "A"
+  ttl     = 300
+  records = ["168.119.154.189"]
 }
\ No newline at end of file
diff --git a/vps/api-by-becki.yaml b/vps/api-by-becki.yaml
index 536ca5c..e4d5686 100644
--- a/vps/api-by-becki.yaml
+++ b/vps/api-by-becki.yaml
@@ -14,6 +14,23 @@ spec:
       containers:
       - name: api-by-becki
         image: icr.gmem.ca/api-by-becki:latest
+        env:
+          - name: API_COUCH_USER
+            valueFrom:
+              secretKeyRef:
+                name: art-by-becki
+                key: couch_username
+                optional: false
+          - name: API_COUCH_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: art-by-becki
+                key: couch_password
+                optional: false
+          - name: API_COUCH_URL
+            value: http://couchdb-svc-couchdb:5984
+          - name: API_COUCH_DATABASE
+            value: art-by-becki
         resources:
           limits:
             memory: "128Mi"
@@ -42,6 +59,10 @@ metadata:
   labels:
     name: art-by-becki
 spec:
+  tls:
+  - hosts:
+    - abb.gmem.ca
+    secretName: abb-tls
   rules:
   - host: abb.gmem.ca
     http:
diff --git a/vps/issuer.yml b/vps/issuer.yml
index d28db2c..b688bf6 100644
--- a/vps/issuer.yml
+++ b/vps/issuer.yml
@@ -6,15 +6,11 @@ metadata:
 
 spec:
   acme:
-    # The ACME server URL
     server: https://acme-v02.api.letsencrypt.org/directory
-    # Email address used for ACME registration
     email: mc-invites@gmem.ca
-    # Name of a secret used to store the ACME account private key
     privateKeySecretRef:
       name: letsencrypt-pro
-    # Enable the HTTP-01 challenge provider
     solvers:
     - http01:
         ingress:
-          class: traefik
\ No newline at end of file
+          class: nginx
\ No newline at end of file