apiVersion: apps/v1
kind: Deployment
metadata:
  name: netbox
spec:
  selector:
    matchLabels:
      app: netbox
  template:
    metadata:
      labels:
        app: netbox
    spec:
      containers:
      - name: netbox
        image: ghcr.io/netbox-community/netbox:v4.1.9-3.0.2
        envFrom:
          - secretRef:
              name: netbox
          - configMapRef:
              name: netbox
        env:
          - name: DB_USER
            valueFrom:
              secretKeyRef:
                name: netbox.netbox-database.credentials.postgresql.acid.zalan.do
                key: username
          - name: DB_PASSWORD
            valueFrom:
              secretKeyRef:
                name: netbox.netbox-database.credentials.postgresql.acid.zalan.do
                key: password
        volumeMounts:
          - name: netbox-configs
            mountPath: /etc/netbox/config/extra.py
            subPath: extra.py
            readOnly: true
        resources:
          limits:
            memory: "1Gi"
            cpu: "500m"
        readinessProbe:
          httpGet:
            scheme: HTTP
            path: /login/?next=/
            port: 8080
        ports:
        - containerPort: 8080
      volumes:
      - name: netbox-configs
        configMap:
          name: netbox-configs
---
apiVersion: v1
kind: Service
metadata:
  name: netbox
spec:
  selector:
    app: netbox
  ports:
  - port: 8080
---
apiVersion: external-secrets.io/v1beta1
kind: ExternalSecret
metadata:
  name: netbox
spec:
  secretStoreRef:
    kind: SecretStore
    name: openbao
  target:
    name: netbox
    creationPolicy: Owner
  dataFrom:
    - extract:
        key: netbox/default/netbox