# Resume Site Deployment Guide

## Overview

Your resume site is now configured for automated deployment to your Kubernetes cluster via Flux CD. The site will be accessible at **https://resume.caffeinetux.com**.

## What's Been Configured

- HTML comment added to source: `<!-- If you're reading this, the hiring pipeline has reached manual approval. -->`
- Helm chart configured for Kubernetes deployment
- Harbor registry: `images.caffeinetux.com/production/resume-site`
- Ingress configured with Let's Encrypt TLS
- Flux CD manifests for GitOps automation
- CI/CD workflow for Harbor image builds

## Deployment Status

✅ **Completed:**
- Resume site extracted and prepared
- HTML comment added to index.html
- Helm values updated with resume.caffeinetux.com domain
- Harbor registry configured at images.caffeinetux.com
- Flux manifests created and configured
- Git repository initialized with all changes committed
- Deployment script created (deploy.sh)

⏳ **Next Steps Required:**

### 1. Create Gitea Repository

```bash
# Option A: Via Web UI
# Navigate to: http://192.168.1.49:13001
# Click "+" → "New Repository"
# Repository name: resume-site
# Owner: admin

# Option B: Via API (requires token)
curl -X POST "http://192.168.1.49:13001/api/v1/user/repos" \
  -H "Authorization: token YOUR_GITEA_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "resume-site",
    "description": "Nicholas Haven Resume Site",
    "private": false
  }'
```

### 2. Push Code to Gitea

```bash
cd /data/data/com.termux/files/home/git/resume-site

# Rename branch to main
git branch -M main

# Add Gitea remote
git remote add origin http://192.168.1.49:13001/admin/resume-site.git

# Push code
git push -u origin main
```

### 3. Build and Push Docker Image

Since Docker isn't available in Termux, you'll need to build from a machine with Docker:

```bash
# Login to Harbor
docker login images.caffeinetux.com

# Build the image
docker build -t images.caffeinetux.com/production/resume-site:latest .

# Push to Harbor
docker push images.caffeinetux.com/production/resume-site:latest
```

**Alternative:** Let your CI/CD handle the build:
- The `.github/workflows/ci.yaml` is configured for automated builds
- Just set `HARBOR_USERNAME` and `HARBOR_PASSWORD` secrets in Gitea
- Push to main branch and it will build automatically

### 4. Apply Flux Manifests

```bash
# Apply the Flux manifests to your cluster
kubectl apply -k /data/data/com.termux/files/home/git/resume-site/flux/

# Verify Flux resources
kubectl get gitrepository -n flux-system resume-site
kubectl get helmrelease -n default resume-site
```

### 5. Monitor Deployment

```bash
# Check pods
kubectl get pods -n default -l app.kubernetes.io/name=resume-site

# Watch logs
kubectl logs -n default -l app.kubernetes.io/name=resume-site -f

# Check ingress
kubectl get ingress -n default

# Verify Flux reconciliation
flux reconcile source git resume-site
flux reconcile helmrelease resume-site
```

## Quick Deployment

Use the provided deployment script for interactive deployment:

```bash
cd /data/data/com.termux/files/home/git/resume-site
./deploy.sh
```

The script will guide you through:
1. Creating the Gitea repository
2. Pushing code to Gitea
3. Building and pushing the Docker image (if Docker is available)
4. Applying Flux manifests
5. Verifying deployment

## Architecture

```
┌─────────────────────────────────────────────────────┐
│                                                       │
│  Gitea (http://192.168.1.49:13001/admin/resume-site)│
│                                                       │
└────────────────┬────────────────────────────────────┘
                 │
                 │ Flux CD watches Git repo every 1 min
                 ▼
┌─────────────────────────────────────────────────────┐
│                                                       │
│  Flux GitRepository + HelmRelease (flux-system ns)  │
│                                                       │
└────────────────┬────────────────────────────────────┘
                 │
                 │ Deploys Helm chart
                 ▼
┌─────────────────────────────────────────────────────┐
│                                                       │
│  Kubernetes Deployment (default namespace)          │
│  - 2 replicas                                        │
│  - nginx:alpine based                                │
│  - Pod anti-affinity for HA                          │
│  - PodDisruptionBudget (minAvailable: 1)            │
│                                                       │
└────────────────┬────────────────────────────────────┘
                 │
                 │ Exposes via Ingress
                 ▼
┌─────────────────────────────────────────────────────┐
│                                                       │
│  nginx Ingress Controller                            │
│  - TLS via Let's Encrypt (letsencrypt-prod)         │
│  - Certificate auto-renewal                          │
│                                                       │
└────────────────┬────────────────────────────────────┘
                 │
                 ▼
          https://resume.caffeinetux.com
```

## Configuration Files

- **index.html**: Resume site with special hiring comment
- **Dockerfile**: nginx:alpine based container
- **helm/**: Kubernetes Helm chart
  - `values.yaml`: Configuration values
  - `templates/`: Kubernetes resource templates
- **flux/**: Flux CD manifests
  - `gitrepository.yaml`: Defines Git source
  - `helmrelease.yaml`: Defines Helm deployment
  - `kustomization.yaml`: Kustomize bundle
- **.github/workflows/ci.yaml**: CI pipeline for Harbor builds

## Harbor Image Pull Secrets (if needed)

If your Harbor registry requires authentication for pulling:

```bash
kubectl create secret docker-registry harbor-creds \
  --docker-server=images.caffeinetux.com \
  --docker-username=YOUR_USERNAME \
  --docker-password=YOUR_PASSWORD \
  --namespace=default

# Then update helm/values.yaml:
# imagePullSecrets:
#   - name: harbor-creds
```

## Troubleshooting

### Flux not reconciling

```bash
# Force reconciliation
flux reconcile source git resume-site
flux reconcile helmrelease resume-site

# Check Flux logs
kubectl logs -n flux-system deployment/source-controller
kubectl logs -n flux-system deployment/helm-controller
```

### Image pull errors

```bash
# Check if Harbor is accessible from cluster
kubectl run test --rm -it --image=busybox --restart=Never -- wget -O- http://images.caffeinetux.com

# Verify image exists in Harbor
curl -k https://images.caffeinetux.com/api/v2.0/projects/production/repositories/resume-site/artifacts
```

### Ingress not working

```bash
# Check ingress controller
kubectl get pods -n ingress-nginx

# Check certificate
kubectl get certificate -n default resume-tls
kubectl describe certificate -n default resume-tls

# Check cert-manager
kubectl get certificaterequest -n default
```

### DNS resolution

```bash
# Verify DNS points to your cluster
nslookup resume.caffeinetux.com

# Check ingress external IP
kubectl get ingress -n default
```

## Updates and Changes

After the initial deployment, any changes you push to the `helm/` directory in Git will be automatically deployed by Flux within 1 minute.

```bash
# Make changes to helm chart
vim helm/values.yaml

# Commit and push
git add helm/values.yaml
git commit -m "Update configuration"
git push

# Flux will automatically sync (or force it)
flux reconcile source git resume-site
```

## Contact

If you encounter issues:
1. Check the logs in each component (Flux, pods, ingress)
2. Verify network connectivity to Gitea and Harbor
3. Ensure DNS is properly configured for resume.caffeinetux.com
4. Check that cert-manager is issuing certificates correctly

---

Generated with Claude Code