# Fediverse Application Deployment Template
# Multi-container architecture with web, worker, and optional beat containers

apiVersion: apps/v1
kind: Deployment
metadata:
  name: app-web
  namespace: app-namespace
spec:
  replicas: 2
  selector:
    matchLabels:
      app: app-name
      component: web
  template:
    metadata:
      labels:
        app: app-name
        component: web
    spec:
      containers:
      - name: web
        image: <YOUR_REGISTRY_URL>/library/app-name:latest
        ports:
        - containerPort: 8080
        env:
        - name: DATABASE_URL
          value: "postgresql://user:password@postgresql-shared-rw.postgresql-system.svc.cluster.local:5432/app_db"
        - name: REDIS_URL
          value: "redis://:password@redis-ha-haproxy.redis-system.svc.cluster.local:6379/0"
        - name: S3_BUCKET
          value: "app-bucket"
        - name: S3_CDN_URL
          value: "https://cdn.keyboardvagabond.com"
        envFrom:
        - secretRef:
            name: app-secret
        - configMapRef:
            name: app-config
        volumeMounts:
        - name: app-storage
          mountPath: /app/storage
        resources:
          requests:
            memory: "256Mi"
            cpu: "100m"
          limits:
            memory: "1Gi"
            cpu: "500m"
      volumes:
      - name: app-storage
        persistentVolumeClaim:
          claimName: app-storage-pvc

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: app-worker
  namespace: app-namespace
spec:
  replicas: 1
  selector:
    matchLabels:
      app: app-name
      component: worker
  template:
    metadata:
      labels:
        app: app-name
        component: worker
    spec:
      containers:
      - name: worker
        image: <YOUR_REGISTRY_URL>/library/app-worker:latest
        command: ["worker-command"]  # Framework-specific worker command
        env:
        - name: DATABASE_URL
          value: "postgresql://user:password@postgresql-shared-rw.postgresql-system.svc.cluster.local:5432/app_db"
        - name: REDIS_URL
          value: "redis://:password@redis-ha-haproxy.redis-system.svc.cluster.local:6379/0"
        envFrom:
        - secretRef:
            name: app-secret
        - configMapRef:
            name: app-config
        resources:
          requests:
            memory: "128Mi"
            cpu: "50m"
          limits:
            memory: "512Mi"
            cpu: "200m"

---
# Optional: Celery Beat for Django applications (single replica only)
apiVersion: apps/v1
kind: Deployment
metadata:
  name: app-beat
  namespace: app-namespace
spec:
  replicas: 1  # CRITICAL: Never scale beyond 1 replica
  strategy:
    type: Recreate  # Ensures only one scheduler runs
  selector:
    matchLabels:
      app: app-name
      component: beat
  template:
    metadata:
      labels:
        app: app-name
        component: beat
    spec:
      containers:
      - name: beat
        image: <YOUR_REGISTRY_URL>/library/app-worker:latest
        command: ["celery", "-A", "app", "beat", "-l", "info", "--scheduler", "django_celery_beat.schedulers:DatabaseScheduler"]
        envFrom:
        - secretRef:
            name: app-secret
        - configMapRef:
            name: app-config