From b323c48c18317bad015e6cf9b16f8f2eef9c2dcb Mon Sep 17 00:00:00 2001
From: Jonas Juselius <jonas.juselius@oceanbox.io>
Date: Wed, 10 Dec 2025 08:51:01 +0100
Subject: [PATCH] fix: split and fix drupal manifests

---
 values/drupal/manifests/deployment.yaml |  62 ++++++++++++
 values/drupal/manifests/ingress.yaml    |  32 ++++++
 values/drupal/manifests/raw.yaml        | 129 ------------------------
 values/drupal/manifests/volumes.yaml    |  26 +++++
 4 files changed, 120 insertions(+), 129 deletions(-)
 create mode 100644 values/drupal/manifests/deployment.yaml
 create mode 100644 values/drupal/manifests/ingress.yaml
 delete mode 100644 values/drupal/manifests/raw.yaml
 create mode 100644 values/drupal/manifests/volumes.yaml

diff --git a/values/drupal/manifests/deployment.yaml b/values/drupal/manifests/deployment.yaml
new file mode 100644
index 00000000..3136c061
--- /dev/null
+++ b/values/drupal/manifests/deployment.yaml
@@ -0,0 +1,62 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: drupal
+  labels:
+    app: drupal
+spec:
+  selector:
+    matchLabels:
+      app: drupal
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: drupal
+    spec:
+      containers:
+        - name: drupal
+          image: drupal
+          # image: registry.gitlab.com/oceanbox/fornix/oceanbox:dev
+          ports:
+            - containerPort: 80
+              name: http
+              protocol: TCP
+          env:
+            - name: DRUPAL_DATABASE_HOST
+              value: drupal-db-rw
+            - name: DRUPAL_DATABASE_PREFIX
+              value: ""
+            - name: DRUPAL_DATABASE_NAME
+              value: app
+            - name: DRUPAL_DATABASE_USERNAME
+              valueFrom:
+                secretKeyRef:
+                  name: drupal-db-app
+                  key: username
+            - name: DRUPAL_DATABASE_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: drupal-db-app
+                  key: password
+          volumeMounts:
+            - mountPath: /opt/drupal/web/modules
+              name: drupal
+              subPath: modules
+            - mountPath: /opt/drupal/web/profiles
+              name: drupal
+              subPath: profiles
+            - mountPath: /opt/drupal/web/themes
+              name: drupal
+              subPath: themes
+            - mountPath: /opt/drupal/web/sites
+              name: drupal
+              subPath: sites
+            - mountPath: /opt/drupal/composer.json
+              name: drupal
+              subPath: sites/default/files/composer.json
+      volumes:
+        - name: drupal
+          persistentVolumeClaim:
+            claimName: drupal
diff --git a/values/drupal/manifests/ingress.yaml b/values/drupal/manifests/ingress.yaml
new file mode 100644
index 00000000..7c4e3d18
--- /dev/null
+++ b/values/drupal/manifests/ingress.yaml
@@ -0,0 +1,32 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-production
+    nginx.ingress.kubernetes.io/backend-protocol: HTTP
+    nginx.ingress.kubernetes.io/proxy-body-size: "0"
+    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
+    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
+    nginx.ingress.kubernetes.io/ssl-redirect: "true"
+    nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24,100.64.0.0/12
+  labels:
+    app.kubernetes.io/component: drupal
+  name: drupal
+  namespace: drupal
+spec:
+  ingressClassName: nginx
+  rules:
+    - host: drupal.hel1.oceanbox.io
+      http:
+        paths:
+          - backend:
+              service:
+                name: drupal
+                port:
+                  number: 80
+            path: /
+            pathType: Prefix
+  tls:
+    - hosts:
+        - drupal.hel1.oceanbox.io
+      secretName: drupal-tls
diff --git a/values/drupal/manifests/raw.yaml b/values/drupal/manifests/raw.yaml
deleted file mode 100644
index dd81db1b..00000000
--- a/values/drupal/manifests/raw.yaml
+++ /dev/null
@@ -1,129 +0,0 @@
-apiVersion: v1
-kind: Service
-metadata:
-  name: drupal
-  labels:
-    app: drupal
-spec:
-  ports:
-    - port: 80
-      name: http
-      targetPort: http
-  selector:
-    app: drupal
----
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: drupal
-  labels:
-    app: drupal
-spec:
-  accessModes:
-    - ReadWriteOnce
-  resources:
-    requests:
-      storage: 5Gi
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: drupal
-  labels:
-    app: drupal
-spec:
-  selector:
-    matchLabels:
-      app: drupal
-  strategy:
-    type: Recreate
-  template:
-    metadata:
-      labels:
-        app: drupal
-    spec:
-      initContainers:
-        - name: init-sites-volume
-          image: drupal
-          command: ["/bin/bash", "-c"]
-          args:
-            [
-              "cp -r /var/www/html/sites/ /data/; chown www-data:www-data /data/ -R",
-            ]
-          volumeMounts:
-            - mountPath: /data
-              name: drupal
-      containers:
-        - image: registry.gitlab.com/oceanbox/fornix/oceanbox:dev
-          name: drupal
-          ports:
-            - containerPort: 80
-              name: http
-              protocol: TCP
-          env:
-          - name: DRUPAL_DATABASE_HOST
-            value: drupal-db-rw
-          - name: DRUPAL_DATABASE_PREFIX
-            value: ""
-          - name: DRUPAL_DATABASE_NAME
-            value: app
-          - name: DRUPAL_DATABASE_USERNAME
-            valueFrom:
-              secretKeyRef:
-                name: drupal-db-app
-                key: username
-          - name: DRUPAL_DATABASE_PASSWORD
-            valueFrom:
-              secretKeyRef:
-                name: drupal-db-app
-                key: password
-          volumeMounts:
-            - mountPath: /var/www/html/modules
-              name: drupal
-              subPath: modules
-            - mountPath: /var/www/html/profiles
-              name: drupal
-              subPath: profiles
-            - mountPath: /var/www/html/sites
-              name: drupal
-              subPath: sites
-            - mountPath: /var/www/html/themes
-              name: drupal
-              subPath: themes
-      volumes:
-        - name: drupal
-          persistentVolumeClaim:
-            claimName: drupal
----
-apiVersion: networking.k8s.io/v1
-kind: Ingress
-metadata:
-  annotations:
-    cert-manager.io/cluster-issuer: letsencrypt-production
-    nginx.ingress.kubernetes.io/backend-protocol: HTTP
-    nginx.ingress.kubernetes.io/proxy-body-size: "0"
-    nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
-    nginx.ingress.kubernetes.io/proxy-send-timeout: "600"
-    nginx.ingress.kubernetes.io/ssl-redirect: "true"
-    nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,172.19.255.0/24,100.64.0.0/12
-  labels:
-    app.kubernetes.io/component: drupal
-  name: drupal
-  namespace: drupal
-spec:
-  ingressClassName: nginx
-  rules:
-  - host: drupal.hel1.oceanbox.io
-    http:
-      paths:
-      - backend:
-          service:
-            name: drupal
-            port:
-              number: 80
-        path: /
-        pathType: Prefix
-  tls:
-  - hosts:
-    - drupal.hel1.oceanbox.io
-    secretName: drupal-tls
diff --git a/values/drupal/manifests/volumes.yaml b/values/drupal/manifests/volumes.yaml
new file mode 100644
index 00000000..cbd813e1
--- /dev/null
+++ b/values/drupal/manifests/volumes.yaml
@@ -0,0 +1,26 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: drupal
+  labels:
+    app: drupal
+spec:
+  ports:
+    - port: 80
+      name: http
+      targetPort: http
+  selector:
+    app: drupal
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: drupal
+  labels:
+    app: drupal
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 5Gi