---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ghostcms
spec:
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app.kubernetes.io/name: ghostcms
  template:
    metadata:
      labels:
        app.kubernetes.io/name: ghostcms
    spec:
      initContainers:
        - name: plugins
          image: ghostcms
          imagePullPolicy: Always
          command:
            - /bin/ash
            - -c
            - '-'
          args: 
            - |
              if [ ! -d "/var/lib/ghost/content/adapters/storage/s3" ]; then
                npm install --prefix /tmp ghos3
                mkdir -p /var/lib/ghost/content/adapters/storage/s3
                cp -r /tmp/node_modules/ghos3/* /var/lib/ghost/content/adapters/storage/s3
              fi
          volumeMounts:
            - name: ghost-content
              mountPath: /var/lib/ghost/content
      containers:
        - name: ghostcms
          image: ghostcms
          imagePullPolicy: Always
          envFrom:
            - secretRef:
                name: ghostcms-secret-config
          ports:
          - containerPort: 2368
          env:
            - name: NODE_ENV
              value: production
          securityContext:
            allowPrivilegeEscalation: false
            readOnlyRootFilesystem: false
            capabilities:
              drop:
                - ALL
            privileged: false
          resources:
            limits:
              memory: "384Mi"
              cpu: "100m"
          volumeMounts:
            - name: ghost-content
              mountPath: /var/lib/ghost/content
      securityContext:
        fsGroup: 1000
        runAsGroup: 1000
        runAsUser: 1000
        runAsNonRoot: true
      volumes:
        - name: ghost-content
          persistentVolumeClaim:
            claimName: ghost-content