| local kube = import '../../kube/hscloud.libsonnet'; |
| local postgres = import '../../kube/postgres.libsonnet'; |
| |
| { |
| local top = self, |
| local cfg = top.cfg, |
| |
| cfg:: { |
| name: 'inventory', |
| namespace: 'inventory', |
| domain: 'inventory.hackerspace.pl', |
| |
| images: { |
| app: 'registry.k0.hswaw.net/palid/inventory-31.01.2024-3', |
| labelmaker: 'registry.k0.hswaw.net/radex/spejstore-labelmaker:20240201181500', |
| }, |
| oauthClientId: '82fffb65-0bbd-4d18-becd-0ce0b31373cf', |
| storageClassName: 'waw-hdd-redundant-3', |
| |
| mediaPath: '/var/www/media', |
| }, |
| |
| secretRefs:: { |
| postgres: { secretKeyRef: { name: cfg.name, key: 'postgres_password' } }, |
| oauth: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } }, |
| s3Secret: { secretKeyRef: { name: cfg.name, key: 's3_secret_key' } }, |
| s3Access: { secretKeyRef: { name: cfg.name, key: 's3_access_key' } }, |
| }, |
| |
| local ns = kube.Namespace(cfg.namespace), |
| |
| deployment: ns.Contain(kube.Deployment(cfg.name)) { |
| spec+: { |
| template+: { |
| spec+: { |
| volumes_: { |
| media: top.media.volume, |
| }, |
| containers_: { |
| default: kube.Container('default') { |
| image: cfg.images.app, |
| ports_: { |
| web: { containerPort: 8000 }, |
| }, |
| env_: { |
| SPEJSTORE_ENV: 'prod', |
| SPEJSTORE_DB_NAME: top.postgres.cfg.database, |
| SPEJSTORE_DB_USER: top.postgres.cfg.username, |
| SPEJSTORE_DB_PASSWORD: top.postgres.cfg.password, |
| SPEJSTORE_DB_HOST: top.postgres.svc.host, |
| SPEJSTORE_DB_PORT: top.postgres.svc.port, |
| SPEJSTORE_ALLOWED_HOSTS: cfg.domain, |
| SPEJSTORE_CLIENT_ID: cfg.oauthClientId, |
| SPEJSTORE_SECRET: top.secretRefs.oauth, |
| SPEJSTORE_MEDIA_ROOT: cfg.mediaPath, |
| SPEJSTORE_REQUIRE_AUTH: 'true', |
| SPEJSTORE_LAN_ALLOWED_ADDRESS_SPACE: '185.236.240.5', |
| SPEJSTORE_HOST: 'https://' + cfg.domain, |
| SPEJSTORE_LABEL_API: 'http://localhost:4567', |
| SPEJSTORE_FILE_STORAGE_TYPE: 's3', |
| SPEJSTORE_S3_ACCESS_KEY: top.secretRefs.s3Access, |
| SPEJSTORE_S3_SECRET_KEY: top.secretRefs.s3Secret, |
| SPEJSTORE_S3_BUCKET_NAME: 'inventory', |
| SPEJSTORE_S3_ENDPOINT_URL: 'https://object.ceph-eu.hswaw.net', |
| SPEJSTORE_S3_DOMAIN_NAME: 'object.ceph-eu.hswaw.net', |
| SPEJSTORE_S3_STATIC_LOCATION: 'static', |
| SPEJSTORE_S3_MEDIA_LOCATION: 'media', |
| }, |
| volumeMounts_: { |
| media: { mountPath: cfg.mediaPath }, |
| }, |
| }, |
| labelmaker: kube.Container('labelmaker') { |
| image: cfg.images.labelmaker, |
| ports_: { |
| web: { containerPort: 4567 }, |
| }, |
| env_: { |
| LABELMAKER_CODE_PREFIX: 'https://inventory.hackerspace.pl/', |
| LABELMAKER_LABEL_SIZE: '[89, 36]', |
| LABELMAKER_LOCAL_PRINTER_NAME: '', |
| LABELMAKER_IPP_PRINTER_URL: '', |
| LABELMAKER_WEBHOOK: 'http://printservant.printservant.svc.cluster.local:3199/print?printer=dymo', |
| }, |
| livenessProbe: { |
| httpGet: { path: '/api/2/health', port: 4567 }, |
| initialDelaySeconds: 5, |
| periodSeconds: 5 * 60, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| |
| media: ns.Contain(kube.PersistentVolumeClaim(cfg.name)) { |
| storage:: '20Gi', |
| storageClass:: cfg.storageClassName, |
| }, |
| |
| postgres: ns.Contain(postgres) { |
| cfg+: { |
| appName: cfg.name, |
| storageClassName: cfg.storageClassName, |
| version: '15.4', |
| |
| database: 'inventory', |
| username: 'inventory', |
| password: top.secretRefs.postgres, |
| versionedNames: true, |
| }, |
| }, |
| |
| service: ns.Contain(kube.Service(cfg.name)) { |
| target:: top.deployment, |
| }, |
| |
| ingress: ns.Contain(kube.SimpleIngress(cfg.name)) { |
| hosts:: [cfg.domain], |
| target:: top.service, |
| }, |
| } |