let
  appName = "soju";
  sojuImage = "git.gmem.ca/arch/soju:latest";
  gamjaImage = "git.gmem.ca/arch/gamja:latest";
in {
  kubernetes.resources.services.soju = {
    metadata.namespace = "irc";
    spec = {
      type = "NodePort";
      selector.app = appName;
      ports.tls = {
        port = 6697;
        targetPort = 6697;
        nodePort = 6697;
      };
    };
  };
  kubernetes.resources.services.soju-ws = {
    metadata.namespace = "irc";
    spec = {
      selector.app = appName;
      ports.ws = {
        port = 80;
        targetPort = 80;
      };
    };
  };
  kubernetes.resources.services.gamja = {
    metadata.namespace = "irc";
    spec = {
      selector.app = "gamja";
      ports.http = {
        port = 80;
        targetPort = 80;
      };
    };
  };
  kubernetes.resources.deployments.soju = {
    metadata.namespace = "irc";
    spec = {
      selector.matchLabels.app = appName;
      template = {
        metadata.labels.app = appName;
        spec = {
          volumes = {
            config.configMap.name = "soju";
            ssl.secret.secretName = "irc-gmem-ca";
          };
          containers = {
            soju = {
              image = sojuImage;
              imagePullPolicy = "Always";
              volumeMounts = [
                {
                  name = "config";
                  mountPath = "/etc/soju/config";
                  subPath = "config";
                }
                {
                  name = "ssl";
                  mountPath = "/ssl";
                }
              ];
              ports.tls.containerPort = 6697;
              ports.ws.containerPort = 80;

              env.PGHOST.value = "192.168.50.236";
              env.PGPASSWORD.valueFrom.secretKeyRef = {
                name = "postgres-soju";
                key = "password";
              };
              env.PGUSER.valueFrom.secretKeyRef = {
                name = "postgres-soju";
                key = "user";
              };
              env.PGDATABASE.valueFrom.secretKeyRef = {
                name = "postgres-soju";
                key = "dbname";
              };
            };
          };
        };
      };
    };
  };
  kubernetes.resources.deployments.gamja = {
    metadata.namespace = "irc";
    spec = {
      selector.matchLabels.app = "gamja";
      template = {
        metadata.labels.app = "gamja";
        spec = {
          containers = {
            gamja = {
              image = gamjaImage;
              imagePullPolicy = "Always";
              ports.http.containerPort = 80;
            };
          };
        };
      };
    };
  };

  kubernetes.resources.ingresses.irc = {
    metadata.namespace = "irc";
    metadata.annotations = {
      "cert-manager.io/cluster-issuer" = "le-issuer";
      "nginx.ingress.kubernetes.io/proxy-read-timeout" = "3600";
      "nginx.ingress.kubernetes.io/proxy-send-timeout" = "3600";
    };
    spec = {
      tls = [
        {
          hosts = ["irc.gmem.ca"];
        }
      ];
      rules = [
        {
          host = "irc.gmem.ca";
          http.paths = [
            {
              path = "/";
              pathType = "Prefix";
              backend.service = {
                name = "gamja";
                port.number = 80;
              };
            }
            {
              path = "/socket";
              pathType = "Prefix";
              backend.service = {
                name = "soju-ws";
                port.number = 80;
              };
            }
          ];
        }
      ];
    };
  };

  kubernetes.resources.configMaps.soju = {
    metadata.namespace = "irc";
    data.config = ''
      listen ircs://
      listen unix+admin:///app/admin
      listen ws+insecure://
      listen http+prometheus://localhost:9090
      hostname irc.gmem.ca
      title irc.gmem.ca
      db postgres "dbname=soju"
      message-store db
      tls /ssl/tls.crt /ssl/tls.key
    '';
  };
}