# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-5.6.1

# NOTE: The namespace sharing for a pod has been modified by the user and is not the same as the
# default settings for kubernetes. This can lead to unexpected behavior when running the generated
# kube yaml in a kubernetes cluster.
---
apiVersion: v1
kind: Service
metadata:
  creationTimestamp: "2025-09-22T02:26:07Z"
  labels:
    app: podhcvault
  name: podhcvault
spec:
  ports:
  - name: "8200"
    nodePort: 32706
    port: 8200
    targetPort: 8200
  - name: "80"
    nodePort: 30266
    port: 80
    targetPort: 80
  - name: "443"
    nodePort: 32536
    port: 443
    targetPort: 443
  selector:
    app: podhcvault
  type: NodePort
---
apiVersion: v1
kind: Pod
metadata:
  annotations:
    bind-mount-options: /Users/tepichord/hc_vault/nginx/conf:z
    io.kubernetes.cri-o.SandboxID/hcvaultnginx1: 9953963847a9ec2c093caca148c53d760368fb3dd9acbd5992d5deafd5d73e8d
    io.kubernetes.cri-o.SandboxID/hcvaultvault1: 9953963847a9ec2c093caca148c53d760368fb3dd9acbd5992d5deafd5d73e8d
  creationTimestamp: "2025-09-22T02:26:07Z"
  labels:
    app: podhcvault
  name: podhcvault
spec:
  containers:
  - args:
    - server
    env:
    - name: VAULT_CACERT
      value: /opt/vault/certs/rootCA.pem
    - name: VAULT_ADDR
      value: https://127.0.0.1:8200
    - name: VAULT_API_ADDR
      value: https://0.0.0.0:8200
    - name: HOSTNAME
      value: vault
    image: localhost/tepichord/vault:latest
    name: hcvaultvault1
    ports:
    - containerPort: 8200
    securityContext:
      privileged: true
      procMount: Unmasked
      seLinuxOptions:
        type: spc_t
    volumeMounts:
    - mountPath: /vault/config
      name: users-tepichord-hc-vault-hc-vault-config-host-0
    - mountPath: /opt/vault/certs
      name: users-tepichord-hc-vault-hc-vault-certs-host-1
    - mountPath: /opt/vault/data
      name: users-tepichord-hc-vault-hc-vault-vault-data-host-2
    - mountPath: /vault/logs
      name: 2dd2aea4dfe15af0880037ebad6ed68dac260d980411abc9b0b171a57c110d71-pvc
    - mountPath: /vault/file
      name: 4d7764e1aa42ba3d48ef865a321b85883dcdaaacf863d1c0eab041c2d50f96c6-pvc
  - args:
    - nginx
    - -g
    - daemon off;
    env:
    - name: HOSTNAME
      value: nginx
    image: docker.io/library/nginx:alpine
    name: hcvaultnginx1
    ports:
    - containerPort: 80
    - containerPort: 443
    volumeMounts:
    - mountPath: /etc/ssl
      name: users-tepichord-hc-vault-ssl-certs-host-0
    - mountPath: /etc/vault-certs
      name: users-tepichord-hc-vault-hc-vault-certs-host-1
    - mountPath: /etc/nginx
      name: users-tepichord-hc-vault-nginx-conf-host-2
  hostname: vault
  volumes:
  - hostPath:
      path: /Users/tepichord/hc_vault/hc_vault/vault_data
      type: Directory
    name: users-tepichord-hc-vault-hc-vault-vault-data-host-2
  - name: 2dd2aea4dfe15af0880037ebad6ed68dac260d980411abc9b0b171a57c110d71-pvc
    persistentVolumeClaim:
      claimName: 2dd2aea4dfe15af0880037ebad6ed68dac260d980411abc9b0b171a57c110d71
  - name: 4d7764e1aa42ba3d48ef865a321b85883dcdaaacf863d1c0eab041c2d50f96c6-pvc
    persistentVolumeClaim:
      claimName: 4d7764e1aa42ba3d48ef865a321b85883dcdaaacf863d1c0eab041c2d50f96c6
  - hostPath:
      path: /Users/tepichord/hc_vault/ssl-certs
      type: Directory
    name: users-tepichord-hc-vault-ssl-certs-host-0
  - hostPath:
      path: /Users/tepichord/hc_vault/nginx/conf
      type: Directory
    name: users-tepichord-hc-vault-nginx-conf-host-2
  - hostPath:
      path: /Users/tepichord/hc_vault/hc_vault/config
      type: Directory
    name: users-tepichord-hc-vault-hc-vault-config-host-0
  - hostPath:
      path: /Users/tepichord/hc_vault/hc_vault/certs
      type: Directory
    name: users-tepichord-hc-vault-hc-vault-certs-host-1