apps(privatebin): Added Privatebin to the deployment

apps/privatebin/deployment.yaml

@@ -0,0 +1,79 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: privatebin
+  namespace: privatebin
+  labels:
+    app.kubernetes.io/name: privatebin
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app.kubernetes.io/name: privatebin
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/name: privatebin
+    spec:
+      volumes:
+        - name: privatebin-data
+          persistentVolumeClaim:
+            claimName: privatebin-data-pvc
+      containers:
+        - image: privatebin/nginx-fpm-alpine:latest
+          name: privatebin
+          imagePullPolicy: Always
+          ports:
+            - containerPort: 8080
+              protocol: TCP
+          volumeMounts:
+          - name: privatebin-data
+            mountPath: "/srv/data"
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault
+        - name: anubis
+          image: ghcr.io/techarohq/anubis:latest
+          imagePullPolicy: Always
+          env:
+            - name: "BIND"
+              value: ":8081"
+            - name: "DIFFICULTY"
+              value: "4"
+            - name: ED25519_PRIVATE_KEY_HEX
+              valueFrom:
+                secretKeyRef:
+                  name: anubis-key
+                  key: ED25519_PRIVATE_KEY_HEX
+            - name: "METRICS_BIND"
+              value: ":9090"
+            - name: "SERVE_ROBOTS_TXT"
+              value: "true"
+            - name: "TARGET"
+              value: "http://localhost:8080"
+            - name: "OG_PASSTHROUGH"
+              value: "false"
+          resources:
+            limits:
+              cpu: 750m
+              memory: 256Mi
+            requests:
+              cpu: 250m
+              memory: 256Mi
+          securityContext:
+            runAsUser: 1000
+            runAsGroup: 1000
+            runAsNonRoot: true
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
+            seccompProfile:
+              type: RuntimeDefault

apps/privatebin/kustomization.yaml

@@ -0,0 +1,6 @@
+resources:
+- namespace.yaml
+- pvc.yaml
+- deployment.yaml
+- services.yaml
+- secrets.yaml

apps/privatebin/namespace.yaml

@@ -0,0 +1,6 @@
+kind: Namespace
+apiVersion: v1
+metadata:
+  name: privatebin
+  labels:
+    name: privatebin

apps/privatebin/pvc.yaml

@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  name: privatebin-data-pvc
+  namespace: privatebin
+spec:
+  accessModes:
+    - ReadWriteMany
+  storageClassName: longhorn
+  resources:
+    requests:
+      storage: 5Gi

apps/privatebin/secrets.sops.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+kind: Secret
+metadata:
+    name: anubis-key
+    namespace: privatebin
+type: Opaque
+data:
+    ED25519_PRIVATE_KEY_HEX: ENC[AES256_GCM,data:DBMXjeG7KguofrBF8wFRZoplFKhsxRGvWAXga5QJkhYn4HNF6WvFr8dkCww7Z6qpqdskKqBQqBiYq6OgTe5f55or9sWeO5XwKprjTUYYJ+/Yxvg1MBMlSg==,iv:MfK068uL94QNPlh62FNjBMK26M6Uig9yWvHRLpmEASE=,tag:0w4OMh/KcWsK5n4xnkLzaw==,type:str]
+sops:
+    age:
+        - recipient: age1r0tjhg6uexyj0p7fp0ftv5h7r7e3ptzkk2797pznfvrvsm576u0s37yyaw
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2dGp5eTNoRWZRVENPaXVv
+            cUdJc2d4Sm82RklXb29vRHZQZmhRNHRxWGpRCllwNENBY015WUFqeWI2TGhhcXZ3
+            Z0w4dXJZeEtQZkJRQzAveTZtS1RZdDQKLS0tIHlYeEZzMzNXTzdJaEd3S2s0RWh0
+            L3lRQkxCNWRBbFdlMW1DS2RXUXJwTlkKW7jjQfIC2tZo9vj6QenOdOa54xCjMU5v
+            3Be8lPn1H6js15fKTpCw+6+VaEBaAxO9Q1BnSlKx76YQc4V/1pRGhQ==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2025-05-30T10:26:13Z"
+    mac: ENC[AES256_GCM,data:mC8nlQZA7o6h+FDK5eB4XOXrYnygml0rYDDlg4oq0i0rNXlK0gQcTQxYU3ZJLyEJirsjKhdoyF/thP9ro1Jdbt2bNn5k7crc4o5Ar4/Rlu05xxq7reZKtX2RiUaGonlWNrNLbXWnPFv9TZ2A+qkdIlXYLMg5vNFPJS0E56b/SH0=,iv:1ERSVhVwzEj3Y+vPdbBEeHsjLi5IZ0pgWwh423cGB2g=,tag:l/2a74j+gbyIQIn2DIN09w==,type:str]
+    encrypted_regex: ^(data|stringData)$
+    version: 3.10.2

apps/privatebin/services.yaml

@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: privatebin
+  namespace: privatebin
+spec:
+  type: ClusterIP
+  selector:
+    app.kubernetes.io/name: privatebin
+  ports:
+    - protocol: TCP
+      port: 80
+      targetPort: 8081
+      name: http