From 9e8d538ab13688195584f981bd1882cecd88b4a6 Mon Sep 17 00:00:00 2001
From: Mayne0213 <bluemayne0213@icloud.com>
Date: Mon, 5 Jan 2026 02:32:18 +0900
Subject: [PATCH] FEAT(jotion): add jotion application

- Add ArgoCD Application definition
- Add deployment, service, ingress, external-secret
- Domain: jotion0213.kro.kr
- Vault secret path: secret/jotion
---
 jotion/argocd.yaml          | 35 +++++++++++++++++++++++
 jotion/deployment.yaml      | 56 +++++++++++++++++++++++++++++++++++++
 jotion/external-secret.yaml | 18 ++++++++++++
 jotion/ingress.yaml         | 34 ++++++++++++++++++++++
 jotion/kustomization.yaml   |  8 ++++++
 jotion/service.yaml         | 15 ++++++++++
 kustomization.yaml          |  1 +
 7 files changed, 167 insertions(+)
 create mode 100644 jotion/argocd.yaml
 create mode 100644 jotion/deployment.yaml
 create mode 100644 jotion/external-secret.yaml
 create mode 100644 jotion/ingress.yaml
 create mode 100644 jotion/kustomization.yaml
 create mode 100644 jotion/service.yaml

diff --git a/jotion/argocd.yaml b/jotion/argocd.yaml
new file mode 100644
index 0000000..cefb005
--- /dev/null
+++ b/jotion/argocd.yaml
@@ -0,0 +1,35 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: jotion
+  namespace: argocd
+  finalizers:
+  - resources-finalizer.argocd.argoproj.io
+spec:
+  project: default
+  sources:
+  - repoURL: https://github.com/K3S-HOME/web-apps.git
+    targetRevision: main
+    path: jotion
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: jotion
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+      allowEmpty: false
+    syncOptions:
+    - CreateNamespace=true
+    - PrunePropagationPolicy=foreground
+    - PruneLast=true
+    retry:
+      limit: 5
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m
+    managedNamespaceMetadata:
+      labels:
+        goldilocks.fairwinds.com/enabled: 'true'
+  revisionHistoryLimit: 10
diff --git a/jotion/deployment.yaml b/jotion/deployment.yaml
new file mode 100644
index 0000000..c42cff1
--- /dev/null
+++ b/jotion/deployment.yaml
@@ -0,0 +1,56 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: jotion
+  labels:
+    app: jotion
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: jotion
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxUnavailable: 0
+      maxSurge: 1
+  revisionHistoryLimit: 3
+  template:
+    metadata:
+      labels:
+        app: jotion
+    spec:
+      containers:
+      - name: jotion
+        image: ghcr.io/mayne0213/jotion:latest
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 3000
+          protocol: TCP
+        env:
+        - name: NODE_ENV
+          value: production
+        - name: DATABASE_URL
+          valueFrom:
+            secretKeyRef:
+              name: jotion-secrets
+              key: database-url
+        resources:
+          requests:
+            memory: 80Mi
+            cpu: 20m
+          limits:
+            memory: 200Mi
+        livenessProbe:
+          httpGet:
+            path: /api/health
+            port: 3000
+          initialDelaySeconds: 30
+          periodSeconds: 10
+        readinessProbe:
+          httpGet:
+            path: /api/health
+            port: 3000
+          initialDelaySeconds: 5
+          periodSeconds: 5
+      restartPolicy: Always
diff --git a/jotion/external-secret.yaml b/jotion/external-secret.yaml
new file mode 100644
index 0000000..f6880cb
--- /dev/null
+++ b/jotion/external-secret.yaml
@@ -0,0 +1,18 @@
+apiVersion: external-secrets.io/v1
+kind: ExternalSecret
+metadata:
+  name: jotion-secrets
+spec:
+  refreshInterval: 1h
+  secretStoreRef:
+    name: vault-backend
+    kind: ClusterSecretStore
+  target:
+    name: jotion-secrets
+    creationPolicy: Owner
+    deletionPolicy: Retain
+  data:
+  - secretKey: database-url
+    remoteRef:
+      key: jotion
+      property: DATABASE_URL
diff --git a/jotion/ingress.yaml b/jotion/ingress.yaml
new file mode 100644
index 0000000..8491a69
--- /dev/null
+++ b/jotion/ingress.yaml
@@ -0,0 +1,34 @@
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: jotion-ingress
+  annotations:
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+spec:
+  ingressClassName: traefik
+  tls:
+  - hosts:
+    - jotion0213.kro.kr
+    - www.jotion0213.kro.kr
+    secretName: jotion-tls
+  rules:
+  - host: jotion0213.kro.kr
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: jotion
+            port:
+              number: 80
+  - host: www.jotion0213.kro.kr
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: jotion
+            port:
+              number: 80
diff --git a/jotion/kustomization.yaml b/jotion/kustomization.yaml
new file mode 100644
index 0000000..aa56fcd
--- /dev/null
+++ b/jotion/kustomization.yaml
@@ -0,0 +1,8 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+namespace: jotion
+resources:
+- deployment.yaml
+- service.yaml
+- ingress.yaml
+- external-secret.yaml
diff --git a/jotion/service.yaml b/jotion/service.yaml
new file mode 100644
index 0000000..57ef309
--- /dev/null
+++ b/jotion/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: jotion
+  labels:
+    app: jotion
+spec:
+  type: ClusterIP
+  ports:
+  - name: http
+    port: 80
+    targetPort: 3000
+    protocol: TCP
+  selector:
+    app: jotion
diff --git a/kustomization.yaml b/kustomization.yaml
index bd16bf8..83e0c8f 100644
--- a/kustomization.yaml
+++ b/kustomization.yaml
@@ -5,3 +5,4 @@ resources:
   - jovies/argocd.yaml
   - portfolio/argocd.yaml
   - todo/argocd.yaml
+  - jotion/argocd.yaml