infra/homelab/tclip.nix

let
  appName = "tclip";
  tclipImage = "git.gmem.ca/arch/tclip:arm";
in {
  kubernetes.resources.statefulSets.tclip = {
    metadata.namespace = "tclip";
    spec = {
      serviceName = appName;
      selector.matchLabels.app = appName;
      template = {
        metadata.labels.app = appName;
        spec = {
          containers = {
            tclip = {
              image = tclipImage;
              imagePullPolicy = "Always";
              env = [
                {
                  name = "DATA_DIR";
                  value = "/state";
                }
                {
                  name = "USE_FUNNEL";
                  value = "true";
                }
                {
                  name = "HTTP_PORT";
                  value = "8080";
                }
                {
                  name = "ENABLE_METRICS";
                  value = "true";
                }
              ];
              ports.http.containerPort = 8080;
              envFrom = [{secretRef.name = "tclip";}];
              volumeMounts = [
                {
                  name = "state";
                  mountPath = "/state";
                }
              ];
            };
          };
        };
      };
      volumeClaimTemplates = [
        {
          metadata.name = "state";
          spec = {
            storageClassName = "nfs-client";
            accessModes = ["ReadWriteOnce"];
            resources.requests.storage = "512Mi";
          };
        }
      ];
    };
  };
  kubernetes.resources.services.tclip = {
    metadata.namespace = "tclip";
    spec = {
      selector.app = appName;
      ports.http = {
        port = 8080;
        targetPort = 8080;
      };
    };
  };
  kubernetes.resources.ingresses.tclip = {
    metadata = {
      name = appName;
      namespace = "tclip";
      annotations = {
        "cert-manager.io/cluster-issuer" = "le-issuer";
      };
    };
    spec = {
      tls = [
        {
          hosts = ["paste.gmem.ca"];
        }
      ];
      rules = [
        {
          host = "paste.gmem.ca";
          http.paths = [
            {
              path = "/";
              pathType = "Prefix";
              backend.service = {
                name = appName;
                port.name = "http";
              };
            }
          ];
        }
      ];
    };
  };
}