From 74cbdb9faed185fbfcc4c596f44b2f75d93645b2 Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <wolfgang.hottgenroth@icloud.com>
Date: Mon, 27 Oct 2025 10:54:06 +0100
Subject: [PATCH] deployment

---
 deployment/deploy-yml.tmpl | 99 ++++++++++++++++++++++++++++++++++++++
 deployment/deploy.sh       | 26 ++++++++++
 2 files changed, 125 insertions(+)
 create mode 100644 deployment/deploy-yml.tmpl
 create mode 100755 deployment/deploy.sh

diff --git a/deployment/deploy-yml.tmpl b/deployment/deploy-yml.tmpl
new file mode 100644
index 0000000..bde5249
--- /dev/null
+++ b/deployment/deploy-yml.tmpl
@@ -0,0 +1,99 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: bind-hidden-primary
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: bind-hidden-primary
+  template:
+    metadata:
+      labels:
+        app: bind-hidden-primary
+    spec:
+      containers:
+        - name: bind
+          image: %IMAGE%
+          ports:
+            - name: dns-tcp
+              containerPort: 8053
+              protocol: TCP
+            - name: dns-udp
+              containerPort: 8053
+              protocol: UDP
+          volumeMounts:
+            - name: bind-zones
+              mountPath: /etc/named/zones
+            - name: bind-keys
+              mountPath: /etc/named/keys
+          resources:
+            requests:
+              memory: "128Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "500m"
+          livenessProbe:
+            tcpSocket:
+              port: 8053
+            initialDelaySeconds: 30
+            periodSeconds: 10
+          readinessProbe:
+            tcpSocket:
+              port: 8053
+            initialDelaySeconds: 5
+            periodSeconds: 5
+      volumes:
+        - name: bind-zones
+          persistentVolumeClaim:
+            claimName: bind-hidden-primary-zones
+        - name: bind-keys
+          persistentVolumeClaim:
+            claimName: bind-hidden-primary-keys
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: bind-hidden-primary
+spec:
+  type: LoadBalancer
+  selector:
+    app: bind-hidden-primary
+  ports:
+    - name: dns-tcp
+      port: 8053
+      targetPort: 8053
+      protocol: TCP
+    - name: dns-udp
+      port: 8053
+      targetPort: 8053
+      protocol: UDP
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bind-hidden-primary-zones
+  labels:
+    app: bind-hidden-primary
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Mi
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: bind-hidden-primary-keys
+  labels:
+    app: bind-hidden-primary
+spec:
+  accessModes:
+    - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100Mi
+
+
diff --git a/deployment/deploy.sh b/deployment/deploy.sh
new file mode 100755
index 0000000..20d39ce
--- /dev/null
+++ b/deployment/deploy.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+if [ "$IMAGE_TAG" == "" ]; then
+  echo "Make sure IMAGE_TAG is set"
+  exit 1
+fi
+
+
+IMAGE_NAME=gitea.hottis.de/deployments/bind
+NAMESPACE=bind
+DEPLOYMENT_DIR=$PWD/deployment
+
+pushd $DEPLOYMENT_DIR > /dev/null
+
+kubectl create namespace $NAMESPACE \
+  --dry-run=client \
+  -o yaml | \
+  kubectl -f - apply
+
+
+cat $DEPLOYMENT_DIR/deploy-yml.tmpl | \
+  sed -e 's,%IMAGE%,'$IMAGE_NAME':'$IMAGE_TAG','g | \
+  kubectl apply -f - -n $NAMESPACE
+
+popd > /dev/null
+