apiVersion: v1
kind: Pod
metadata:
  name: {{ nodeName }}
  namespace: default
  labels:
    app: {{ applicationName }}
spec:
  containers:
    - name: {{ nodeName }}
      image: owasp/modsecurity-crs:nginx    #this is the container image owasp last version
      ports:
      - containerPort: {{ port }}
        name: web   #I select the port that the pod expose, which named http-web
      - containerPort: 443
        name: https-web   #I select the port that the pod expose, which named http-web
      env:
        # Define the environment variable
        - name: PARANOIA # Notice that the case is different here
                         # from the key name in the ConfigMap.
          value: "{{ alert_level }}"
      volumeMounts:
      - name: base
        mountPath: "/etc/nginx/conf.d"
        readOnly: true 
      - name: rules
        mountPath: "/opt/owasp-crs/rules"
        readOnly: true 
      - name: test
        mountPath: "/etc/db"
      - name: nginx
        mountPath: "/etc/nginx/nginx.conf"
  volumes:
    # You set volumes at the Pod level, then mount them into containers inside that Pod
    - name: test
      hostPath:
        path: "/c/Users/poppo/Desktop/prova"
        type: DirectoryOrCreate
    - name: nginx
      hostPath:
        path: "/c/Users/poppo/Desktop/prova/nginx.conf"
        type: FileOrCreate
    - name: base
      configMap:
        # Provide the name of the ConfigMap you want to mount.
        name: {{ configMapName }}
        # An array of keys from the ConfigMap to create as files
        items:
{%- for line in fileNameConf %}
        - key: "{{ line }}"
          path: "my{{ line }}" {% endfor %}
    - name: rules
      configMap:
        # Provide the name of the ConfigMap you want to mount.
        name: {{ configMapName }}
        # An array of keys from the ConfigMap to create as files
        items:
{%- for line in fileNameThreatProtection %}
        - key: "{{ line }}"
          path: "{{ line }}" {% endfor %}
---
apiVersion: v1
kind: Service
metadata:
  name: {{ nodeName }}service
spec:
  type: NodePort
  ports:
  - name: http
    protocol: TCP
    port: {{ port }}
    targetPort: web
  - name: https
    protocol: TCP
    port: 443
    targetPort: https-web
  selector:
    app: {{ applicationName }}