hswaw/walne: initial deployment
Co-authored-by: Palid <palid@hackerspace.pl>
Change-Id: I7c5ef8a1d310821937c49598c4bd983f80a8fbcb
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1741
Reviewed-by: q3k <q3k@hackerspace.pl>
diff --git a/app/walne/README.md b/app/walne/README.md
new file mode 100644
index 0000000..dd917e6
--- /dev/null
+++ b/app/walne/README.md
@@ -0,0 +1,3 @@
+# Walne (General Assembly Paperwork Generator™)
+
+Source: https://code.hackerspace.pl/hswaw/walne
diff --git a/app/walne/prod.jsonnet b/app/walne/prod.jsonnet
new file mode 100644
index 0000000..da98b70
--- /dev/null
+++ b/app/walne/prod.jsonnet
@@ -0,0 +1,57 @@
+local kube = import '../../kube/hscloud.libsonnet';
+
+{
+ local top = self,
+ local cfg = top.cfg,
+
+ cfg:: {
+ name: 'walne',
+ namespace: 'walne',
+ domain: 'walne.hackerspace.pl',
+ image: 'registry.k0.hswaw.net/radex/walne:1698228636',
+ oauthClientId: '992f3daf-a30e-4409-baad-e7b0e4bc2a2e',
+ },
+
+ // kubectl -n walne create secret generic walne --from-literal=ldap_password=xxx --from-literal=oauth_secret=xxx --from-literal=next_auth_secret=$(pwgen 32 1)
+ secrets:: {
+ ldap: { secretKeyRef: { name: cfg.name, key: 'ldap_password' },},
+ ouath: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } },
+ nextAuth: { secretKeyRef: { name: cfg.name, key: 'next_auth_secret' } },
+ },
+
+ ns: kube.Namespace(cfg.namespace),
+ deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
+ spec+: {
+ template+: {
+ spec+: {
+ containers_: {
+ default: kube.Container('default') {
+ image: cfg.image,
+ ports_: {
+ web: { containerPort: 3000 },
+ },
+ env_: {
+ LDAP_USER_DN: 'cn=walone-generator,ou=services,dc=hackerspace,dc=pl',
+ LDAP_USER_PW: top.secrets.ldap,
+ ALLOWED_LDAP_GROUPS: 'zarzad,rewizja,staff,walne-users',
+ HSWAW_AUTH_CLIENT_ID: cfg.oauthClientId,
+ HSWAW_AUTH_CLIENT_SECRET: top.secrets.ouath,
+ AUTH_SECRET: top.secrets.nextAuth,
+ REDIRECT_PROXY_URL: 'https://' + cfg.domain + '/auth',
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+
+ service: top.ns.Contain(kube.Service(cfg.name)) {
+ target_pod:: top.deployment.spec.template,
+ },
+
+ ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
+ hosts:: [cfg.domain],
+ target_service:: top.service,
+ },
+}
diff --git a/cluster/kube/k0.libsonnet b/cluster/kube/k0.libsonnet
index e6079e3..ed18f60 100644
--- a/cluster/kube/k0.libsonnet
+++ b/cluster/kube/k0.libsonnet
@@ -330,6 +330,7 @@
{ namespace: "inventory", dns: "inventory.hackerspace.pl" },
{ namespace: "capacifier", dns: "capacifier.hackerspace.pl" },
{ namespace: "ldapweb", dns: "profile.hackerspace.pl" },
+ { namespace: "walne", dns: "walne.hackerspace.pl" },
{ namespace: "devtools-prod", dns: "hackdoc.hackerspace.pl" },
{ namespace: "devtools-prod", dns: "cs.hackerspace.pl" },
{ namespace: "codehosting-prod", dns: "git.hackerspace.pl" },
@@ -393,6 +394,10 @@
"radex",
"palid",
],
+ "walne": [
+ "radex",
+ "palid",
+ ],
"site": [
"ar",
"radex",