local kube = import "../../kube/hscloud.libsonnet";
local postgres = import "../../kube/postgres.libsonnet";

{
    local app = self,
    local cfg = app.cfg,

    cfg:: {
        namespace: "redmine",
        image: "registry.k0.hswaw.net/informatic/redmine@sha256:b04d1fd04549424e505722c9feb0b6741a057cb8f0fab68ad3730ecb167417df",
        domain: error "domain must be set",
        storageClassName: "waw-hdd-redundant-3",
        database: {
            host: "postgres",
            name: "redmine",
            username: "redmine",
            password: { secretKeyRef: { name: "redmine", key: "postgres_password" } },
            port: 5432,
        },

        b: {
            domains: [],
            image: "registry.k0.hswaw.net/q3k/b:315532800-6cc2f867951e123909b23955cd7bcbcc3ec24f8a",
        },

        storage: {
            endpoint: error "storage.endpoint must be set",
            region: error "storage.region must be set",
            bucket: error "storage.bucket must be set",
            accessKey: error "storage.accessKey must be set",
            secretKey: error "storage.secretKey must be set",
        },

        oidc: {
            server: error "oidc.server must be set",
            clientID: error "oidc.clientID must be set",
            clientSecret: error "oidc.clientSecret must be set",
        },

        # Mailing configuration object passed to smtp_settings
        mailing: {
            address: error "mailing.address must be set",
            port: 465,
            ssl: true,
            domain: error "mailing.domain must be set",
            authentication: ":login",
            user_name: error "mailing.user_name must be set",
            password: error "mailing.password must be set",
        },
    },

    # Generates YAML file while preserving specified ruby-style symbols.
    # (ie. removes surrounding quotes)
    rubyYaml(obj, symbols):: std.foldr(function (symbol, str) std.strReplace(str, '"%s"' % symbol, symbol), symbols, std.manifestYamlDoc(obj)),

    local ns = kube.Namespace(app.cfg.namespace),

    postgres: postgres {
        cfg+: {
            namespace: cfg.namespace,
            appName: "redmine",
            database: cfg.database.name,
            username: cfg.database.username,
            password: cfg.database.password,
            storageClassName: cfg.storageClassName,
        },
    },

    deployment: ns.Contain(kube.Deployment("redmine")) {
        spec+: {
            replicas: 1,
            template+: {
                spec+: {
                    securityContext: {
                        runAsUser: 999,
                        runAsGroup: 999,
                        fsGroup: 999,
                    },
                    containers_: {
                        web: kube.Container("redmine") {
                            image: cfg.image,
                            args: ['sh', '-c', |||
                                set -e
                                echo "${X_EXTRA_CONFIGURATION}" > config/configuration.yml
                                exec /docker-entrypoint.sh rails server -b 0.0.0.0
                            |||],
                            ports_: {
                                http: { containerPort: 3000 },
                            },
                            env_: {
                                REDMINE_DB_POSTGRES: cfg.database.host,
                                REDMINE_DB_PORT: cfg.database.port,
                                REDMINE_DB_USERNAME: cfg.database.username,
                                REDMINE_DB_PASSWORD: cfg.database.password,
                                REDMINE_DB_DATABASE: cfg.database.name,

                                REDMINE_SECRET_KEY_BASE: { secretKeyRef: { name: "redmine", key: "secret_key" } },

                                REDMINE_OIDC_SERVER: cfg.oidc.server,
                                REDMINE_OIDC_CLIENT_ID: cfg.oidc.clientID,
                                REDMINE_OIDC_CLIENT_SECRET: cfg.oidc.clientSecret,
                                REDMINE_OIDC_ADMIN_GROUP: "issues-admin",

                                REDMINE_S3_ENDPOINT: cfg.storage.endpoint,
                                REDMINE_S3_BUCKET: cfg.storage.bucket,
                                REDMINE_S3_ACCESS_KEY_ID: cfg.storage.accessKey,
                                REDMINE_S3_SECRET_ACCESS_KEY: cfg.storage.secretKey,
                                REDMINE_S3_REGION: cfg.storage.region,

                                REDMINE_MAILING_PASSWORD: cfg.mailing.password,
                                X_EXTRA_CONFIGURATION: app.rubyYaml({
                                    production: {
                                        email_delivery: {
                                            delivery_method: ":smtp",
                                            smtp_settings: cfg.mailing {
                                                password: "$(REDMINE_MAILING_PASSWORD)",
                                            },
                                        }
                                    },
                                }, [":smtp", ":login"]),
                            },
                        },
                    },
                },
            },
        },
    },

    svc: ns.Contain(kube.Service("redmine")) {
        target:: app.deployment,
    },

    ingress: ns.Contain(kube.SimpleIngress("redmine")) {
        hosts:: [cfg.domain],
        target_service:: app.svc,
    },

    b: (if std.length(cfg.b.domains) > 0 then {
        deployment: ns.Contain(kube.Deployment("b")) {
            spec+: {
                replicas: 3,
                template+: {
                    spec+: {
                        containers_: {
                            default: kube.Container("default") {
                                image: "registry.k0.hswaw.net/q3k/b:315532800-6cc2f867951e123909b23955cd7bcbcc3ec24f8a",
                                ports_: {
                                    http: { containerPort: 8000 },
                                },
                                command: [
                                    "/devtools/issues/b",
                                ],
                            },
                        },
                    },
                },
            },
        },
        svc: ns.Contain(kube.Service("b")) {
            target:: app.b.deployment,
        },
        ingress: ns.Contain(kube.SimpleIngress("b")) {
            hosts:: cfg.b.domains,
            target_service:: app.b.svc,
        },
    } else {}),

}