#!/bin/bash
set -e
export KUBECONFIG=/etc/rancher/k3s/k3s.yaml

echo "=== Adding Gitea Helm repo ==="
helm repo add gitea-charts https://dl.gitea.com/charts/
helm repo update

echo "=== Installing Gitea ==="
helm upgrade --install gitea gitea-charts/gitea \
  --namespace gitea \
  --set gitea.admin.username=admin \
  --set gitea.admin.password=GooSeek2026! \
  --set gitea.admin.email=admin@gooseek.ru \
  --set persistence.enabled=true \
  --set persistence.size=10Gi \
  --set postgresql-ha.enabled=false \
  --set postgresql.enabled=false \
  --set redis-cluster.enabled=false \
  --set redis.enabled=false \
  --set gitea.config.database.DB_TYPE=sqlite3 \
  --set gitea.config.server.ROOT_URL=https://git.gooseek.ru \
  --set gitea.config.server.DOMAIN=git.gooseek.ru \
  --set ingress.enabled=true \
  --set ingress.className=nginx \
  --set ingress.hosts[0].host=git.gooseek.ru \
  --set ingress.hosts[0].paths[0].path=/ \
  --set ingress.hosts[0].paths[0].pathType=Prefix \
  --set ingress.tls[0].secretName=gitea-tls \
  --set ingress.tls[0].hosts[0]=git.gooseek.ru \
  --set ingress.annotations."cert-manager\.io/cluster-issuer"=letsencrypt-prod \
  --wait --timeout 300s

echo "=== Installing Docker Registry ==="
cat <<'EOF' | kubectl apply -f -
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: registry-pvc
  namespace: gooseek
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 20Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: registry
  namespace: gooseek
spec:
  replicas: 1
  selector:
    matchLabels:
      app: registry
  template:
    metadata:
      labels:
        app: registry
    spec:
      containers:
      - name: registry
        image: registry:2
        ports:
        - containerPort: 5000
        volumeMounts:
        - name: registry-data
          mountPath: /var/lib/registry
        env:
        - name: REGISTRY_STORAGE_DELETE_ENABLED
          value: "true"
      volumes:
      - name: registry-data
        persistentVolumeClaim:
          claimName: registry-pvc
---
apiVersion: v1
kind: Service
metadata:
  name: registry
  namespace: gooseek
spec:
  selector:
    app: registry
  ports:
  - port: 5000
    targetPort: 5000
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: registry-ingress
  namespace: gooseek
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod
    nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
  ingressClassName: nginx
  tls:
  - hosts:
    - registry.gooseek.ru
    secretName: registry-tls
  rules:
  - host: registry.gooseek.ru
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: registry
            port:
              number: 5000
EOF

echo "=== Waiting for pods ==="
kubectl -n gitea wait --for=condition=Ready pod -l app.kubernetes.io/name=gitea --timeout=300s || true
kubectl -n gooseek wait --for=condition=Ready pod -l app=registry --timeout=120s || true

echo "=== Final status ==="
kubectl get pods -A
kubectl get ingress -A
kubectl get certificates -A

echo ""
echo "=== DONE ==="
echo "Gitea: https://git.gooseek.ru (admin / GooSeek2026!)"
echo "Registry: https://registry.gooseek.ru"