| local kube = import "../../kube/hscloud.libsonnet"; |
| |
| { |
| local top = self, |
| local cfg = self.cfg, |
| |
| cfg:: { |
| name: 'ldapweb', |
| namespace: 'ldapweb', |
| domain: 'profile.hackerspace.pl', |
| image: 'registry.k0.hswaw.net/radex/ldapweb:20231123203042', |
| }, |
| |
| secretRefs:: { |
| admin_password: { secretKeyRef: { name: cfg.name, key: 'admin_password' } }, |
| smtp_password: { secretKeyRef: { name: cfg.name, key: 'smtp_password' } }, |
| }, |
| |
| local ns = kube.Namespace(cfg.namespace), |
| |
| deployment: ns.Contain(kube.Deployment(cfg.name)) { |
| spec+: { |
| replicas: 1, |
| template+: { |
| spec+: { |
| containers_: { |
| default: kube.Container("default") { |
| image: cfg.image, |
| resources: { |
| requests: { cpu: "25m", memory: "256Mi" }, |
| limits: { cpu: "500m", memory: "512Mi" }, |
| }, |
| ports_: { |
| http: { containerPort: 8000 }, |
| }, |
| env_: { |
| LDAPWEB_ADMIN_GROUPS: 'ldap-admin,staff,zarzad', |
| LDAPWEB_ACTIVE_GROUPS: 'fatty,starving,potato', |
| LDAPWEB_ADMIN_DN: 'cn=ldapweb,ou=services,dc=hackerspace,dc=pl', |
| LDAPWEB_ADMIN_PASSWORD: top.secretRefs.admin_password, |
| LDAPWEB_PROTECTED_GROUPS: 'ldap-admin,staff,zarzad', |
| LDAPWEB_SMTP_USER: 'ldapweb', |
| LDAPWEB_SMTP_PASSWORD: top.secretRefs.smtp_password, |
| LDAPWEB_PAPERTRAIL_RECIPIENTS: 'zarzad@hackerspace.pl', |
| LDAPWEB_AVATAR_CACHE_TIMEOUT: '1800', |
| } |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| |
| service: ns.Contain(kube.Service(cfg.name)) { |
| target:: top.deployment, |
| }, |
| |
| ingress: ns.Contain(kube.SimpleIngress(cfg.name)) { |
| hosts:: [cfg.domain], |
| target_service:: top.service, |
| }, |
| } |