blob: 805f019b106d9109a41aca6e2624ac2e9a504bc1 [file] [log] [blame]
local kube = import "../../kube/hscloud.libsonnet";
{
local top = self,
local cfg = self.cfg,
cfg:: {
name: 'ldapweb',
namespace: 'ldapweb',
domain: 'profile.hackerspace.pl',
image: 'registry.k0.hswaw.net/radex/ldapweb:20231123203042',
},
secrets:: {
admin_password: { secretKeyRef: { name: cfg.name, key: 'admin_password' } },
smtp_password: { secretKeyRef: { name: cfg.name, key: 'smtp_password' } },
},
ns: kube.Namespace(cfg.namespace),
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
spec+: {
replicas: 1,
template+: {
spec+: {
containers_: {
default: kube.Container("default") {
image: cfg.image,
resources: {
requests: { cpu: "25m", memory: "256Mi" },
limits: { cpu: "500m", memory: "512Mi" },
},
ports_: {
http: { containerPort: 8000 },
},
env_: {
LDAPWEB_ADMIN_GROUPS: 'ldap-admin,staff,zarzad',
LDAPWEB_ACTIVE_GROUPS: 'fatty,starving,potato',
LDAPWEB_ADMIN_DN: 'cn=ldapweb,ou=services,dc=hackerspace,dc=pl',
LDAPWEB_ADMIN_PASSWORD: top.secrets.admin_password,
LDAPWEB_PROTECTED_GROUPS: 'ldap-admin,staff,zarzad',
LDAPWEB_SMTP_USER: 'ldapweb',
LDAPWEB_SMTP_PASSWORD: top.secrets.smtp_password,
LDAPWEB_PAPERTRAIL_RECIPIENTS: 'zarzad@hackerspace.pl',
LDAPWEB_AVATAR_CACHE_TIMEOUT: '1800',
}
},
},
},
},
},
},
service: top.ns.Contain(kube.Service(cfg.name)) {
target:: top.deployment,
},
ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
hosts:: [cfg.domain],
target_service:: top.service,
},
}