# services/crypto/xmr-miner/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: p2pool
  namespace: crypto
  labels: { app: p2pool }
spec:
  replicas: 1
  selector:
    matchLabels: { app: p2pool }
  template:
    metadata:
      labels: { app: p2pool }
    spec:
      nodeSelector:
        kubernetes.io/arch: arm64
      priorityClassName: scavenger
      volumes:
        - name: tools
          emptyDir: {}
        - name: payout
          secret:
            secretName: xmr-payout
        - name: sources
          configMap:
            name: xmr-miner-sources
      initContainers:
        - name: fetch-tools
          image: debian:bookworm-slim
          command: ["/bin/sh","-lc"]
          args:
            - |
              set -eux
              apt-get update
              apt-get install -y --no-install-recommends ca-certificates curl xz-utils tar coreutils
              update-ca-certificates

              P2POOL_URL="$(cat /cfg/P2POOL_URL)"; : "${P2POOL_URL:?P2POOL_URL required}"
              XMRIG_URL="$(cat /cfg/XMRIG_URL)";  : "${XMRIG_URL:?XMRIG_URL required}"
              P2POOL_SHA="$(cat /cfg/P2POOL_SHA256)"; true
              XMRIG_SHA="$(cat /cfg/XMRIG_SHA256)"; true

              mkdir -p /opt/bin
              # --- p2pool ---
              curl -fL "$P2POOL_URL" -o /tmp/p2pool.tgz
              if [ -n "${P2POOL_SHA:-}" ]; then echo "${P2POOL_SHA}  /tmp/p2pool.tgz" | sha256sum -c -; fi
              tar -x -C /tmp -f /tmp/p2pool.tgz || true
              # pick the p2pool binary from whatever layout the tarball uses
              P2=$(find /tmp -maxdepth 3 -type f -name 'p2pool*' -perm -u+x | head -n1)
              test -n "$P2" && cp "$P2" /opt/bin/p2pool && chmod 0755 /opt/bin/p2pool

              # --- xmrig (for quick local self-checks; DaemonSet also downloads its own) ---
              curl -fL "$XMRIG_URL" -o /tmp/xmrig.tgz
              if [ -n "${XMRIG_SHA:-}" ]; then echo "${XMRIG_SHA}  /tmp/xmrig.tgz" | sha256sum -c -; fi
              tar -x -C /tmp -f /tmp/xmrig.tgz || true
              XR=$(find /tmp -maxdepth 3 -type f -name 'xmrig*' -perm -u+x | head -n1)
              test -n "$XR" && cp "$XR" /opt/bin/xmrig && chmod 0755 /opt/bin/xmrig

              ls -l /opt/bin
          volumeMounts:
            - { name: tools,   mountPath: /opt/bin }
            - { name: sources, mountPath: /cfg, readOnly: true }
      containers:
        - name: p2pool
          image: debian:bookworm-slim
          command: ["/bin/sh","-lc"]
          args:
            - |
              set -eu
              ADDR="$(cat /run/xmr/address)"
              # be nice to the node; p2pool will connect to your in-cluster monerod
              exec nice -n 19 ionice -c3 /opt/bin/p2pool \
                --wallet "$ADDR" \
                --host monerod.crypto.svc.cluster.local \
                --rpc-port 18081 \
                --zmq-port 18083 \
                --stratum 0.0.0.0:3333
          ports:
            - { containerPort: 3333, name: stratum, protocol: TCP }
          volumeMounts:
            - { name: tools,  mountPath: /opt/bin }
            - { name: payout, mountPath: /run/xmr, readOnly: true }
          # BestEffort QoS: no requests/limits → yields CPU when others need it