apiVersion: v1
kind: ConfigMap
metadata:
  name: ratelimit-config
  namespace: juwan
data:
  ratelimit.yaml: |
    domain: api
    descriptors:
      - key: generic_key
        value: login
        descriptors:
          - key: remote_address
            rate_limit:
              unit: MINUTE
              requests_per_unit: 10
      - key: generic_key
        value: register
        descriptors:
          - key: remote_address
            rate_limit:
              unit: MINUTE
              requests_per_unit: 5
      - key: generic_key
        value: forgot_password_send
        descriptors:
          - key: remote_address
            rate_limit:
              unit: MINUTE
              requests_per_unit: 3
      - key: generic_key
        value: verify_code_send
        descriptors:
          - key: remote_address
            rate_limit:
              unit: MINUTE
              requests_per_unit: 3

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: rl-redis
  namespace: juwan
  labels:
    app: rl-redis
spec:
  replicas: 1
  selector:
    matchLabels:
      app: rl-redis
  template:
    metadata:
      labels:
        app: rl-redis
    spec:
      containers:
        - name: redis
          image: redis:8.6.2-alpine
          ports:
            - containerPort: 6379
          resources:
            requests:
              cpu: 20m
              memory: 32Mi

---
apiVersion: v1
kind: Service
metadata:
  name: rl-redis-svc
  namespace: juwan
spec:
  ports:
    - port: 6379
      targetPort: 6379
  selector:
    app: rl-redis

---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: ratelimit
  namespace: juwan
  labels:
    app: ratelimit
spec:
  replicas: 1
  selector:
    matchLabels:
      app: ratelimit
  template:
    metadata:
      labels:
        app: ratelimit
    spec:
      containers:
        - name: ratelimit
          image: envoyproxy/ratelimit:fe26676d
          command: ["/bin/ratelimit"]
          env:
            - name: REDIS_SOCKET_TYPE
              value: tcp
            - name: REDIS_URL
              value: rl-redis-svc:6379
            - name: USE_STATSD
              value: "false"
            - name: RUNTIME_ROOT
              value: /data
            - name: RUNTIME_SUBDIRECTORY
              value: ratelimit
            - name: RUNTIME_WATCH_ROOT
              value: "true"
            - name: LOG_LEVEL
              value: info
          ports:
            - containerPort: 8081
              name: grpc
            - containerPort: 6070
              name: debug
          volumeMounts:
            - name: config
              mountPath: /data/ratelimit/config
          resources:
            requests:
              cpu: 50m
              memory: 64Mi
            limits:
              memory: 256Mi
      volumes:
        - name: config
          configMap:
            name: ratelimit-config

---
apiVersion: v1
kind: Service
metadata:
  name: ratelimit-svc
  namespace: juwan
spec:
  ports:
    - name: grpc
      port: 8081
      targetPort: 8081
    - name: debug
      port: 6070
      targetPort: 6070
  selector:
    app: ratelimit