---
# yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2beta2.schema.json
apiVersion: helm.toolkit.fluxcd.io/v2beta2
kind: HelmRelease
metadata:
  name: &app mosquitto
spec:
  interval: 30m
  chart:
    spec:
      chart: app-template
      version: 3.1.0
      interval: 30m
      sourceRef:
        kind: HelmRepository
        name: bjw-s
        namespace: flux-system

  values:
    controllers:
      mosquitto:
        annotations:
          reloader.stakater.com/auto: "true"

        pod:
          securityContext:
            runAsUser: 568
            runAsGroup: 568
            fsGroup: 568
            fsGroupChangePolicy: OnRootMismatch

        initContainers:
          init-config:
            image:
              repository: public.ecr.aws/docker/library/eclipse-mosquitto
              tag: 2.0.18
            command:
              - "/bin/sh"
              - "-c"
            args:
              - cp /tmp/secret/* /mosquitto/external_config/;
                mosquitto_passwd -U /mosquitto/external_config/mosquitto_pwd;
                chmod 0600 /mosquitto/external_config/mosquitto_pwd;

        containers:
          app:
            image:
              repository: public.ecr.aws/docker/library/eclipse-mosquitto
              tag: 2.0.18
            probes:
              liveness:
                enabled: true
              readiness:
                enabled: true
              startup:
                enabled: true
                spec:
                  failureThreshold: 30
                  periodSeconds: 5
            resources:
              requests:
                cpu: 5m
                memory: 10M
              limits:
                memory: 10M

    service:
      app:
        controller: mosquitto
        type: LoadBalancer
        annotations:
          external-dns.alpha.kubernetes.io/hostname: "mqtt.jahanson.tech"
          io.cilium/lb-ipam-ips: "10.1.1.36"
        externalTrafficPolicy: Local
        ports:
          mqtt:
            enabled: true
            port: 1883

    persistence:
      data:
        existingClaim: *app
        advancedMounts:
          mosquitto:
            app:
              - path: /data
      mosquitto-configfile:
        type: configMap
        name: mosquitto-configmap
        advancedMounts:
          mosquitto:
            app:
              - path: /mosquitto/config/mosquitto.conf
                subPath: mosquitto.conf
      mosquitto-secret:
        type: secret
        name: mosquitto-secret
        advancedMounts:
          mosquitto:
            init-config:
              - path: /tmp/secret
      mosquitto-externalconfig:
        type: emptyDir
        globalMounts:
          - path: /mosquitto/external_config