---
apiVersion: v1
kind: Namespace
metadata:
  name: nexus
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nexus-data-pvc
  namespace: nexus
spec:
  accessModes:
    - ReadWriteMany
  storageClassName: nfs-nexus
  resources:
    requests:
      storage: 200Gi
---
apiVersion: v1
kind: Secret
metadata:
  name: nexus-secrets
  namespace: nexus
type: Opaque
data:
  nexus.secrets.json: ewogICJhY3RpdmUiOiAia2hvbmdpc2Eta2V5LTIwMjYiLAogICJrZXlzIjogWwogICAgewogICAgICAiaWQiOiAia2hvbmdpc2Eta2V5LTIwMjYiLAogICAgICAia2V5IjogIk5tTmhZMll3TkdNMUltVXdOVGt4WkROa1l6a3habVk1WVRJek5UWTVOalE9IgogICAgfQogIF0KfQo=
  postgres-password: TWd6dUxVakZianA5ZjQ=
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: nexus-configs
  namespace: nexus
data:
  POSTGRES_HOST: "192.168.1.170"
  POSTGRES_PORT: "5432"
  POSTGRES_USER: "nexus"
  POSTGRES_DBNAME: "nexus"
  JVM_PARAMS: "-Xms2g -Xmx2g -XX:MaxDirectMemorySize=2g -Dnexus.secrets.file=/nexus-data/nexus.secrets.json"
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nexus
  namespace: nexus
  labels:
    app: nexus
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nexus
  template:
    metadata:
      labels:
        app: nexus
    spec:
      securityContext:
        fsGroup: 200
      containers:
        - name: nexus
          image: sonatype/nexus3:latest
          ports:
            - containerPort: 8081
              name: nexus-ui
            - containerPort: 8082
              name: docker-repo
          env:
            - name: INSTALL4J_ADD_VM_PARAMS
              valueFrom:
                configMapKeyRef:
                  name: nexus-configs
                  key: JVM_PARAMS
            - name: NEXUS_DATABAS_TYPE
              value: "postgresql"
            - name: NEXUS_DATABASE_POSTGRES_HOST
              valueFrom:
                configMapKeyRef:
                  name: nexus-configs
                  key: POSTGRES_HOST
            - name: NEXUS_DATABASE_POSTGRES_PORT
              valueFrom:
                configMapKeyRef:
                  name: nexus-configs
                  key: POSTGRES_PORT
            - name: NEXUS_DATABASE_POSTGRES_USER
              valueFrom:
                configMapKeyRef:
                  name: nexus-configs
                  key: POSTGRES_USER
            - name: NEXUS_DATABASE_POSTGRES_DBNAME
              valueFrom:
                configMapKeyRef:
                  name: nexus-configs
                  key: POSTGRES_DBNAME
            - name: NEXUS_DATABASE_POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: nexus-secrets
                  key: postgres-password
          resources:
            requests:
              cpu: "500m"
              memory: "2Gi"
            limits:
              cpu: "4"
              memory: "4Gi"
          volumeMounts:
            - name: nexus-data
              mountPath: /nexus-data
            - name: secrets-volume
              mountPath: /nexus-data/nexus.secrets.json
              subPath: nexus.secrets.json
      volumes:
        - name: nexus-data
          persistentVolumeClaim:
            claimName: nexus-data-pvc
        - name: secrets-volume
          secret:
            secretName: nexus-secrets
            items:
              - key: nexus.secrets.json
                path: nexus.secrets.json
---
apiVersion: v1
kind: Service
metadata:
  name: nexus-service
  namespace: nexus
spec:
  type: NodePort
  selector:
    app: nexus
  ports:
    - name: ui
      protocol: TCP
      port: 8081
      targetPort: 8081
      nodePort: 31009 
    - name: docker
      protocol: TCP
      port: 8082
      targetPort: 8082
      nodePort: 31010