apiVersion: v1
kind: Namespace
metadata:
  name: api
---
apiVersion: v1
kind: Secret
metadata:
  name: hadith-api-secrets
  namespace: api
type: Opaque
stringData:
  PG_DBNAME: "REPLACE_ME"
  PG_USER: "REPLACE_ME"
  PG_PASSWORD: "REPLACE_ME"
  NEO4J_PASSWORD: "NEO4J-PASS"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: hadith-api
  namespace: api
  labels:
    app: hadith-api
spec:
  replicas: 2
  selector:
    matchLabels:
      app: hadith-api
  template:
    metadata:
      labels:
        app: hadith-api
    spec:
      containers:
        - name: hadith-api
          image: registry.betelgeusebytes.io/hadith-api:latest  # adjust to your registry
          ports:
            - containerPort: 8000
          env:
            - name: HADITH_PG_HOST
              value: "pg.betelgeusebytes.io"
            - name: HADITH_PG_PORT
              value: "5432"
            - name: HADITH_PG_DBNAME
              valueFrom:
                secretKeyRef:
                  name: hadith-api-secrets
                  key: PG_DBNAME
            - name: HADITH_PG_USER
              valueFrom:
                secretKeyRef:
                  name: hadith-api-secrets
                  key: PG_USER
            - name: HADITH_PG_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: hadith-api-secrets
                  key: PG_PASSWORD
            - name: HADITH_PG_SSLMODE
              value: "require"
            - name: HADITH_NEO4J_URI
              value: "neo4j+ssc://neo4j.betelgeusebytes.io:7687"
            - name: HADITH_NEO4J_USER
              value: "neo4j"
            - name: HADITH_NEO4J_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: hadith-api-secrets
                  key: NEO4J_PASSWORD
            - name: HADITH_QDRANT_HOST
              value: "qdrant.vector.svc.cluster.local"
            - name: HADITH_QDRANT_PORT
              value: "6333"
            - name: HADITH_QDRANT_COLLECTION
              value: "hadiths"
            - name: HADITH_ES_HOST
              value: "http://elasticsearch.elastic.svc.cluster.local:9200"
            - name: HADITH_ES_INDEX
              value: "hadiths"
            - name: HADITH_TEI_URL
              value: "http://tei.ml.svc.cluster.local:80"
          resources:
            requests:
              cpu: "250m"
              memory: "256Mi"
            limits:
              cpu: "1000m"
              memory: "512Mi"
          livenessProbe:
            httpGet:
              path: /health
              port: 8000
            initialDelaySeconds: 10
            periodSeconds: 30
          readinessProbe:
            httpGet:
              path: /health
              port: 8000
            initialDelaySeconds: 5
            periodSeconds: 10
---
apiVersion: v1
kind: Service
metadata:
  name: hadith-api
  namespace: api
spec:
  selector:
    app: hadith-api
  ports:
    - port: 80
      targetPort: 8000
      protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: hadith-api-ingress
  namespace: api
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/proxy-body-size: "10m"
    nginx.ingress.kubernetes.io/enable-cors: "true"
spec:
  ingressClassName: nginx
  tls:
    - hosts:
        - api.betelgeusebytes.io
      secretName: hadith-api-tls
  rules:
    - host: api.betelgeusebytes.io
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: hadith-api
                port:
                  number: 80