apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app.kubernetes.io/name: hydra-oidc
  name: hydra-oidc
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: hydra-oidc
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app.kubernetes.io/name: hydra-oidc
    spec:
      containers:
      - name: hydra-oidc-caddy
        image: reg.cadoles.com/cadoles/hydra-oidc-base:2025.6.13-develop.1333.aa5c382
        imagePullPolicy: IfNotPresent
        args:
          [
            "/usr/sbin/caddy",
            "run",
            "--adapter",
            "caddyfile",
            "--config",
            "/etc/caddy/Caddyfile",
          ]
        readinessProbe:
          httpGet:
            path: /healthy
            port: 8080
          initialDelaySeconds: 5
          timeoutSeconds: 5
          periodSeconds: 10
        livenessProbe:
          httpGet:
            path: /healthy
            port: 8080
          initialDelaySeconds: 15
          timeoutSeconds: 5
          periodSeconds: 15
        ports:
          - containerPort: 8080
            name: http
        envFrom:
          - configMapRef:
              name: hydra-oidc-env
        env:
          - name: CADDY_APP_UPSTREAM_BACKEND_SERVER
            value: 127.0.0.1:9000
          - name: CADDY_HTTPS_PORT
            value: "8443"
          - name: CADDY_HTTP_PORT
            value: "8080"
          - name: CADDY_DATA_FS
            value: "/tmp/caddy"
          - name: CADDY_APP_ROOT_PUBLIC
            value: "/app/public/"
          - name: CADDY_LOG_FILTER
            value: healthy|metrics
          - name: CADDY_LOG_SKIP
            value: "true"
        resources: {}
        securityContext:
          runAsNonRoot: true
          runAsGroup: 1000
          runAsUser: 1000
      restartPolicy: Always
      volumes:
        - name: oidc-tmp
          emptyDir:
            medium: Memory