devtools/issues: redmine deployment
Change-Id: I71956c4132bf2063e9fc41eb24c4f37657b8fd9d
diff --git a/devtools/issues/prod.jsonnet b/devtools/issues/prod.jsonnet
new file mode 100644
index 0000000..2218716
--- /dev/null
+++ b/devtools/issues/prod.jsonnet
@@ -0,0 +1,40 @@
+#
+# issues.hackerspace.pl redmine deployment
+#
+# Bootstrap:
+#
+# ns=redmine
+# kubectl -n $ns create secret generic redmine --from-literal=secret_key=$(pwgen 24 1) --from-literal=oidc_secret=...
+#
+# ceph_ns=ceph-waw3; ceph_pool=waw-hdd-redundant-3
+# kubectl -n $ceph_ns get secrets rook-ceph-object-user-${ceph_pool}-object-issues -o json | jq 'del(.metadata.namespace,.metadata.resourceVersion,.metadata.uid) | .metadata.creationTimestamp=null' | kubectl replace -f - -n $ns
+#
+
+local redmine = import "./redmine.libsonnet";
+
+{
+ issues: redmine {
+ cfg+: {
+ namespace: "redmine",
+ domain: "issues.hackerspace.pl",
+
+ storage+: {
+ endpoint: "https://object.ceph-waw3.hswaw.net",
+ bucket: "issues",
+
+ # This is required for redmine_s3 to properly create a bucket
+ region: "us-east-1",
+
+ local rookSecret = "rook-ceph-object-user-waw-hdd-redundant-3-object-issues",
+ accessKey: { secretKeyRef: { name: rookSecret, key: "AccessKey" } },
+ secretKey: { secretKeyRef: { name: rookSecret, key: "SecretKey" } },
+ },
+
+ oidc+: {
+ server: "https://sso.hackerspace.pl",
+ clientID: "70ee2821-2657-4409-a298-98649d1f689f",
+ clientSecret: { secretKeyRef: { name: "redmine", key: "oidc_secret" } },
+ },
+ },
+ },
+}