diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..90bc627058ec1fae3b1bfceb55f9e05cba4709f1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+deployment
+.DS_Store
diff --git a/provisioning/couchdb-ingress.yaml b/provisioning/couchdb-ingress.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..fe3df6ea01c992c5a70e20d5c572e245f5ec73af
--- /dev/null
+++ b/provisioning/couchdb-ingress.yaml
@@ -0,0 +1,23 @@
+apiVersion: extensions/v1beta1
+kind: Ingress
+metadata:
+ name: couchdb-${CI_ENVIRONMENT_SLUG}
+ namespace: ${KUBE_NAMESPACE}
+ labels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+ annotations:
+ kubernetes.io/tls-acme: "true"
+ kubernetes.io/ingress.class: "nginx"
+spec:
+ tls:
+ - hosts:
+ - ${CI_ENVIRONMENT_SLUG}.gateway.xpub.semioticsquares.com
+ secretName: couchdb-tls-${CI_ENVIRONMENT_SLUG}
+ rules:
+ - host: ${CI_ENVIRONMENT_SLUG}.gateway.xpub.semioticsquares.com
+ http:
+ paths:
+ - path: /
+ backend:
+ serviceName: couchdb-${CI_ENVIRONMENT_SLUG}
+ servicePort: 5984
diff --git a/provisioning/couchdb-service-internal.yaml b/provisioning/couchdb-service-internal.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..dbcd518243f33222dbfe5a7ba0858ba257d36371
--- /dev/null
+++ b/provisioning/couchdb-service-internal.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: couchdb-internal-${CI_ENVIRONMENT_SLUG}
+ namespace: ${KUBE_NAMESPACE}
+ labels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+spec:
+ clusterIP: None
+ ports:
+ - protocol: TCP
+ name: couchdb
+ port: 5984
+ selector:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
diff --git a/provisioning/couchdb-service.yaml b/provisioning/couchdb-service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c37af06e479f8ed817938e8a513ef7697173c365
--- /dev/null
+++ b/provisioning/couchdb-service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: couchdb-${CI_ENVIRONMENT_SLUG}
+ namespace: ${KUBE_NAMESPACE}
+ labels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+spec:
+ type: ClusterIP
+ ports:
+ - protocol: TCP
+ name: couchdb
+ port: 5984
+ selector:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+
diff --git a/provisioning/couchdb-statefulset.yaml b/provisioning/couchdb-statefulset.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..b1b06f9221325cd0b48d6465de51ea0163d1ecec
--- /dev/null
+++ b/provisioning/couchdb-statefulset.yaml
@@ -0,0 +1,71 @@
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+ name: couchdb-${CI_ENVIRONMENT_SLUG}
+ namespace: ${KUBE_NAMESPACE}
+ labels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+ track: stable
+spec:
+ replicas: 1
+ serviceName: couchdb-internal-${CI_ENVIRONMENT_SLUG}
+ selector:
+ matchLabels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+ template:
+ metadata:
+ labels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+ spec:
+ containers:
+ - name: couchdb
+ image: couchdb:2.1.1
+ imagePullPolicy: Always
+ ports:
+ - name: couchdb
+ containerPort: 5984
+ - name: epmd
+ containerPort: 4369
+ - containerPort: 9100
+ env:
+ - name: ERL_FLAGS
+ value: "-name couchdb -setcookie monster"
+ - name: COUCHDB_USER
+ valueFrom:
+ secretKeyRef:
+ name: couchdb
+ key: adminUsername
+ - name: COUCHDB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: couchdb
+ key: adminPassword
+ - name: COUCHDB_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: couchdb
+ key: cookieAuthSecret
+ livenessProbe:
+ httpGet:
+ path: /
+ port: 5984
+ readinessProbe:
+ httpGet:
+ path: /_up
+ port: 5984
+ volumeMounts:
+ - name: couchdb-${CI_ENVIRONMENT_SLUG}
+ mountPath: /var/lib/couchdb
+ volumes:
+ - name: couchdb-${CI_ENVIRONMENT_SLUG}
+ volumeClaimTemplates:
+ - metadata:
+ name: couchdb-${CI_ENVIRONMENT_SLUG}
+ labels:
+ app: couchdb-${CI_ENVIRONMENT_SLUG}
+ spec:
+ accessModes:
+ - ReadWriteOnce
+ resources:
+ requests:
+ storage: 5Gi