apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: seaweedfs
  finalizers:
  - resources-finalizer.argocd.argoproj.io
spec:
  project: default
  source:
    repoURL: 'https://seaweedfs.github.io/seaweedfs/helm'
    chart: seaweedfs
    targetRevision: 4.*.*
    helm:
      values: |
        global:
          extraEnvironmentVars:
            WEED_CLUSTER_DEFAULT: "sw"
            WEED_CLUSTER_SW_MASTER: "seaweedfs-master.seaweedfs:9333"
            WEED_CLUSTER_SW_FILER: "seaweedfs-filer.seaweedfs:8888"

        master:
          enabled: true
          replicas: 1
          data:
            type: "existingClaim"
            claimName: "seaweedfs-master-data-longhorn"

        volume:
          enabled: true
          replicas: 1
          dataDirs:
            - name: data1
              type: "existingClaim"
              claimName: "seaweedfs-volume-data-longhorn"
              maxVolumes: 0
          idx:
            type: "existingClaim"
            claimName: "seaweedfs-volume-idx-longhorn"

        filer:
          enabled: true
          replicas: 1
          data:
            type: "existingClaim"
            claimName: "seaweedfs-filer-data-longhorn"
          s3:
            enabled: true
            port: 8333
            domainName: "sws3.innovation-hub-niedersachsen.de"
            allowEmptyFolder: true
            enableAuth: true
            allowDeleteBucketNotEmpty: true

        s3:
          enabled: true
          replicas: 1
          port: 8333
          enableAuth: true
          existingConfigSecret: "admin-s3-secret"
          existingConfigSecretKey: "seaweedfs_s3_config"
          extraEnvironmentVars:
            WEED_S3_ALLOWED_ORIGINS: "*"
          extraArgs:
            - "-allowedOrigins=*"
          service:
            type: ClusterIP
            ports:
              - name: http
                port: 8333
                targetPort: 8333
                protocol: TCP           
          ingress:
            enabled: true
            className: "traefik"
            host: "sws3.innovation-hub-niedersachsen.de"
            annotations:
              kubernetes.io/ingress.class: "traefik"
              traefik.ingress.kubernetes.io/router.entrypoints: "websecure"
              traefik.ingress.kubernetes.io/router.tls: "true"
              cert-manager.io/cluster-issuer: "lets-encrypt"
              traefik.ingress.kubernetes.io/router.middlewares: "seaweedfs-s3-cors@kubernetescrd"
            hosts:
              - host: "sws3.innovation-hub-niedersachsen.de"
                paths:
                  - path: /
                    pathType: Prefix
                    backend:
                      service:
                        name: seaweedfs-s3
                        port:
                          number: 8333
            tls:
              - secretName: "sws3.innovation-hub-niedersachsen.de-tls"
                hosts:
                  - "sws3.innovation-hub-niedersachsen.de"

  destination:
    server: 'https://kubernetes.default.svc'
    namespace: seaweedfs
  syncPolicy:
    managedNamespaceMetadata:
      labels:
        pod-security.kubernetes.io/enforce: "privileged"
    automated:
      selfHeal: true
      prune: true
    syncOptions:
      - CreateNamespace=true