apiVersion: apps/v1
kind: Deployment
metadata:
  name: irc-bot
  labels:
    app: irc-bot
spec:
  replicas: 1
  selector:
    matchLabels:
      app: irc-bot
  template:
    metadata:
      labels:
        app: irc-bot
    spec:
      # securityContext con fsGroup si lo deseas, pero no es obligatorio
      securityContext:
        fsGroup: 100  # Ajusta al GID correcto si usas un usuario con gid=100
      initContainers:
        - name: fix-permissions
          image: busybox:latest
          securityContext:
            runAsUser: 0
          command: ["sh", "-c"]
          args:
            - |
              echo "Arreglando permisos en /var/lib/radio/radio-data..."
              mkdir -p /var/lib/radio/
              chown -R 1000:1000 /var/lib/radio/
              chmod -R a+rwx /var/lib/radio
          volumeMounts:
            - name: radio-storage
              mountPath: /var/lib/radio
      containers:
        - name: irc-bot
          image: prietus/myircbot:1.0.38
          resources:
            requests:
              cpu: "1000m"
              memory: "512Mi"
            limits:
              cpu: "2000m"
              memory: "1024Mi"
          env:
            - name: OLLAMA_URL
              value: "http://ollama:11434/api/generate"
            - name: IRC_BOT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: irc_password
            - name: OLLAMA_USER
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: ollama_user
            - name: OLLAMA_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: ollama_password
            - name: WEATHER_API_KEY
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: WEATHER_API_KEY
            - name: ICECAST_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: icecast_password
            - name: ICECAST_ADMIN_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: icecast_admin_password
            - name: ICECAST_SOURCE_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: icecast_source_password
            - name: ICECAST_MOUNT_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: irc-bot-secret
                  key: icecast_mount_password
            - name: LASTFM_API_KEY
              valueFrom:
                  secretKeyRef:
                    name: lastfm-secret
                    key: LASTFM_API_KEY
            - name: PASTE_USERNAME
              valueFrom:
                secretKeyRef:
                  name: pastebin-bot-secret
                  key: PASTE_USERNAME
            - name: PASTE_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: pastebin-bot-secret
                  key: PASTE_PASSWORD
            - name: HUGGINGFACE_API_KEY
              valueFrom:
                secretKeyRef:
                  name: huggingface-secret
                  key: HUGGINGFACE_API_KEY
            - name: CALENDARIFIC_API_KEY
              valueFrom:
                secretKeyRef:
                  name: calendarific-secret
                  key: CALENDARIFIC_API_KEY
          volumeMounts:
            - name: radio-storage
              mountPath: /var/lib/radio
            - name: control-socket
              mountPath: /tmp
            - name: youtube-cookies
              mountPath: /cookies-secret
      volumes:
        - name: radio-storage
          persistentVolumeClaim:
            claimName: radio-storage
        - name: control-socket
          emptyDir: {}
        - name: youtube-cookies
          secret:
            secretName: youtube-cookies