blob: be5be7e3f787281e75865c419d08ff994fdbc24e [file] [log] [blame]
local kube = import "../../kube/kube.libsonnet";
{
local top = self,
local cfg = self.cfg,
cfg:: {
name: 'site',
namespace: 'site',
domains: [
'new.hackerspace.pl',
],
image: 'registry.k0.hswaw.net/q3k/hswaw-site@sha256:02414c9e7e0751abe7a8ad3ef1b1ccc35f1f89edf67a6f0b396b7a1d0c178f2b',
},
ns: kube.Namespace(cfg.namespace),
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
spec+: {
replicas: 3,
template+: {
spec+: {
containers_: {
default: kube.Container("default") {
image: cfg.image,
command: [
"/hswaw/site/site",
"-logtostderr",
],
resources: {
requests: { cpu: "25m", memory: "64Mi" },
limits: { cpu: "500m", memory: "128Mi" },
},
ports_: {
http: { containerPort: 8080 },
},
},
},
},
},
},
},
service: top.ns.Contain(kube.Service(cfg.name)) {
target_pod:: top.deployment.spec.template,
},
ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
metadata+: {
annotations+: {
"kubernetes.io/tls-acme": "true",
"cert-manager.io/cluster-issuer": "letsencrypt-prod",
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
},
},
spec+: {
tls: [ { hosts: cfg.domains, secretName: cfg.name + "-tls" } ],
rules: [
{
host: domain,
http: {
paths: [
{ path: "/", backend: top.service.name_port },
],
},
}
for domain in cfg.domains
],
},
},
}