# Lab Intranet - Static site served by nginx
# ArgoCD managed - BlueJay Lab
---
apiVersion: v1
kind: Namespace
metadata:
  name: intranet
  labels:
    app.kubernetes.io/part-of: bluejay-infra
---
# nginx configuration
apiVersion: v1
kind: ConfigMap
metadata:
  name: intranet-nginx-conf
  namespace: intranet
data:
  default.conf: |
    server {
        listen 80;
        server_name _;
        root /usr/share/nginx/html;
        index index.html;

        location / {
            try_files $uri $uri/ =404;
        }

        location /healthz {
            access_log off;
            return 200 "ok";
            add_header Content-Type text/plain;
        }
    }
---
# Placeholder HTML content
apiVersion: v1
kind: ConfigMap
metadata:
  name: intranet-html
  namespace: intranet
data:
  index.html: |
    <!DOCTYPE html>
    <html lang="en">
    <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <title>BlueJay Lab - Intranet</title>
        <style>
            * { margin: 0; padding: 0; box-sizing: border-box; }
            body {
                font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
                background: linear-gradient(135deg, #0a1628 0%, #1a2744 50%, #0d1f3c 100%);
                color: #e0e8f0;
                min-height: 100vh;
                display: flex;
                align-items: center;
                justify-content: center;
            }
            .container {
                text-align: center;
                padding: 3rem;
            }
            .logo {
                font-size: 4rem;
                margin-bottom: 1rem;
            }
            h1 {
                font-size: 2.5rem;
                color: #4a9eff;
                margin-bottom: 0.5rem;
            }
            h2 {
                font-size: 1.2rem;
                color: #7ab3ff;
                font-weight: 300;
                margin-bottom: 2rem;
            }
            .status {
                background: rgba(74, 158, 255, 0.1);
                border: 1px solid rgba(74, 158, 255, 0.3);
                border-radius: 8px;
                padding: 1.5rem 2rem;
                display: inline-block;
            }
            .status p { color: #a0b8d0; line-height: 1.8; }
            .status a { color: #4a9eff; text-decoration: none; }
            .status a:hover { text-decoration: underline; }
        </style>
    </head>
    <body>
        <div class="container">
            <div class="logo">&#x1F426;</div>
            <h1>BlueJay Lab</h1>
            <h2>Intranet Portal</h2>
            <div class="status">
                <p>Intranet content coming soon.</p>
                <p>Replace this ConfigMap with lab-intranet.html content.</p>
            </div>
        </div>
    </body>
    </html>
---
# nginx Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
  name: intranet
  namespace: intranet
  labels:
    app: intranet
spec:
  replicas: 1
  selector:
    matchLabels:
      app: intranet
  template:
    metadata:
      labels:
        app: intranet
    spec:
      containers:
        - name: nginx
          image: nginx:alpine
          ports:
            - containerPort: 80
              name: http
          volumeMounts:
            - name: nginx-conf
              mountPath: /etc/nginx/conf.d/default.conf
              subPath: default.conf
            - name: html
              mountPath: /usr/share/nginx/html
          resources:
            requests:
              memory: 16Mi
              cpu: 5m
            limits:
              memory: 64Mi
              cpu: 50m
          livenessProbe:
            httpGet:
              path: /healthz
              port: 80
            initialDelaySeconds: 5
            periodSeconds: 10
          readinessProbe:
            httpGet:
              path: /healthz
              port: 80
            initialDelaySeconds: 3
            periodSeconds: 5
      volumes:
        - name: nginx-conf
          configMap:
            name: intranet-nginx-conf
        - name: html
          configMap:
            name: intranet-html
---
apiVersion: v1
kind: Service
metadata:
  name: intranet
  namespace: intranet
spec:
  selector:
    app: intranet
  ports:
    - port: 80
      targetPort: 80
      name: http
---
# TLS Certificate via cert-manager
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: intranet-tls
  namespace: intranet
spec:
  secretName: intranet-tls
  issuerRef:
    name: step-ca-acme
    kind: ClusterIssuer
  dnsNames:
    - intranet.iamworkin.lan
---
# Traefik IngressRoute
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
  name: intranet
  namespace: intranet
spec:
  entryPoints:
    - websecure
  routes:
    - match: Host(`intranet.iamworkin.lan`)
      kind: Rule
      services:
        - name: intranet
          port: 80
  tls:
    secretName: intranet-tls