| local mirko = import "../../kube/mirko.libsonnet"; |
| local kube = import "../../kube/kube.libsonnet"; |
| |
| local smsgw = import "smsgw.libsonnet"; |
| local teleimg = import "teleimg.libsonnet"; |
| local frab = import "frab.libsonnet"; |
| local pretalx = import "pretalx.libsonnet"; |
| local cebulacamp = import "cebulacamp.libsonnet"; |
| local site = import "site.libsonnet"; |
| local capacifier = import "capacifier.libsonnet"; |
| |
| { |
| hswaw(name):: mirko.Environment(name) { |
| local env = self, |
| local cfg = self.cfg, |
| |
| cfg+: { |
| smsgw: smsgw.cfg, |
| teleimg: teleimg.cfg, |
| frab: frab.cfg, |
| pretalx: pretalx.cfg, |
| cebulacamp: cebulacamp.cfg, |
| site: site.cfg, |
| capacifier: capacifier.cfg, |
| }, |
| |
| components: { |
| smsgw: smsgw.component(cfg.smsgw, env), |
| teleimg: teleimg.teleimg(cfg.teleimg, env), |
| lelegram: teleimg.lelegram(cfg.teleimg, env), |
| frab: frab.component(cfg.frab, env), |
| pretalx: pretalx.component(cfg.pretalx, env) { |
| cronjob: null, |
| }, |
| cebulacamp: cebulacamp.component(cfg.cebulacamp, env), |
| site: site.component(cfg.site, env), |
| capacifier: capacifier.component(cfg.capacifier, env), |
| }, |
| }, |
| |
| prod: self.hswaw("hswaw-prod") { |
| cfg+: { |
| smsgw+: { |
| secret+: { |
| twilio_token: std.base64(std.split(importstr "secrets/plain/prod-twilio-token", "\n")[0]), |
| }, |
| webhookFQDN: "smsgw-webhook-prod.hswaw.net", |
| }, |
| teleimg+: { |
| webFQDN: "teleimg.hswaw.net", |
| secret+: { |
| telegram_token: std.base64(std.split(importstr "secrets/plain/prod-telegram-token", "\n")[0]), |
| }, |
| }, |
| frab+: { |
| storageClassName: "waw-hdd-redundant-3", |
| webFQDN: "frab.hackerspace.pl", |
| secret+: { |
| secretKeyBase: std.base64(std.split(importstr "secrets/plain/prod-frab-smtp-password", "\n")[0]), |
| smtpPassword: std.base64(std.split(importstr "secrets/plain/prod-frab-secret-key-base", "\n")[0]), |
| }, |
| }, |
| pretalx+: { |
| storageClassName: "waw-hdd-redundant-3", |
| webFQDN: "cfp.cebula.camp", |
| smtpPassword: std.base64(std.split(importstr "secrets/plain/prod-pretalx-smtp-password", "\n")[0]), |
| s3+: { |
| credsSecret: import "secrets/plain/prod-pretalx-s3.json", |
| }, |
| }, |
| cebulacamp+: { |
| webFQDN: "cebula.camp", |
| }, |
| site+: { |
| webFQDN: "new.hackerspace.pl", |
| }, |
| capacifier+: { |
| ldapBindPassword: std.split(importstr "secrets/plain/prod-capacifier-password", "\n")[0], |
| }, |
| }, |
| }, |
| |
| admins: kube.RoleBinding("admins") { |
| metadata+: { |
| namespace: "hswaw-prod", |
| }, |
| roleRef: { |
| apiGroup: "rbac.authorization.k8s.io", |
| kind: "ClusterRole", |
| name: "system:admin-namespace", |
| }, |
| subjects: [ |
| kube.User("ar@hackerspace.pl"), |
| kube.User("radex@hackerspace.pl"), |
| ], |
| }, |
| } |