Merge "bgpwtf/cccampix: add and deploy octorpki"
diff --git a/personal/q3k/annoyatron/prod.jsonnet b/personal/q3k/annoyatron/prod.jsonnet
new file mode 100644
index 0000000..977b8e0
--- /dev/null
+++ b/personal/q3k/annoyatron/prod.jsonnet
@@ -0,0 +1,73 @@
+local kube = import '../../../kube/kube.libsonnet';
+{
+ local annoyatron = self,
+ local cfg = self.cfg,
+ cfg:: {
+ image: "registry.k0.hswaw.net/q3k/annoyatron:latest",
+ domain: "annoyatron-prod.q3k.org",
+ },
+
+ deploy: kube.Deployment("annoyatron") {
+ metadata+: {
+ namespace: "q3k",
+ },
+ spec+: {
+ template+: {
+ spec+: {
+ containers_: {
+ annoyatron: kube.Container("annoyatron") {
+ image: cfg.image,
+ env_: {
+ TOKEN: {
+ secretKeyRef: { name: "annoyatron-token", key: "token" },
+ },
+ },
+ command: [
+ "/app/annoyatron",
+ "-token=$(TOKEN)",
+ ],
+ ports_: {
+ client: { containerPort: 8080 },
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ svc: kube.Service("annoyatron") {
+ metadata+: {
+ namespace: "q3k",
+ },
+ target_pod:: annoyatron.deploy.spec.template,
+ spec+: {
+ ports: [
+ { name: "client", port: 8080, targetPort: 8080, protocol: "TCP" },
+ ],
+ },
+ },
+ ingress: kube.Ingress("annoyatron") {
+ metadata+: {
+ namespace: "q3k",
+ annotations+: {
+ "kubernetes.io/tls-acme": "true",
+ "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
+ },
+ },
+ spec+: {
+ tls: [
+ { hosts: [cfg.domain], secretName: "annoyatron-tls" },
+ ],
+ rules: [
+ {
+ host: cfg.domain,
+ http: {
+ paths: [
+ { path: "/", backend: annoyatron.svc.name_port },
+ ],
+ },
+ }
+ ],
+ },
+ },
+}
diff --git a/personal/q3k/djtest/BUILD b/personal/q3k/djtest/BUILD
new file mode 100644
index 0000000..155b171
--- /dev/null
+++ b/personal/q3k/djtest/BUILD
@@ -0,0 +1,27 @@
+py_library(
+ name = "app",
+ srcs = glob(["djtest/**/*.py"]),
+ deps = [
+ "@pip36//django",
+ ],
+)
+
+py_binary(
+ name = "manage",
+ srcs = ["manage.py"],
+ deps = [
+ ":app",
+ ],
+)
+
+py_binary(
+ name = "uwsgi-start",
+ srcs = ["uwsgi-start.py"],
+ deps = [
+ ":app",
+ "@bazel_tools//tools/python/runfiles",
+ ],
+ data = [
+ '@pip36//uwsgi/scripts:uwsgi',
+ ],
+)
diff --git a/personal/q3k/djtest/djtest/__init__.py b/personal/q3k/djtest/djtest/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/personal/q3k/djtest/djtest/__init__.py
diff --git a/personal/q3k/djtest/djtest/settings.py b/personal/q3k/djtest/djtest/settings.py
new file mode 100644
index 0000000..1942799
--- /dev/null
+++ b/personal/q3k/djtest/djtest/settings.py
@@ -0,0 +1,120 @@
+"""
+Django settings for djtest project.
+
+Generated by 'django-admin startproject' using Django 2.2.3.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/2.2/topics/settings/
+
+For the full list of settings and their values, see
+https://docs.djangoproject.com/en/2.2/ref/settings/
+"""
+
+import os
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
+
+
+# Quick-start development settings - unsuitable for production
+# See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'av&&kc(mhuhms+s+av-lz+3d3a*)%!f1$7u0^)91t3)()ix*j@'
+
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = True
+
+ALLOWED_HOSTS = []
+
+
+# Application definition
+
+INSTALLED_APPS = [
+ 'django.contrib.admin',
+ 'django.contrib.auth',
+ 'django.contrib.contenttypes',
+ 'django.contrib.sessions',
+ 'django.contrib.messages',
+ 'django.contrib.staticfiles',
+]
+
+MIDDLEWARE = [
+ 'django.middleware.security.SecurityMiddleware',
+ 'django.contrib.sessions.middleware.SessionMiddleware',
+ 'django.middleware.common.CommonMiddleware',
+ 'django.middleware.csrf.CsrfViewMiddleware',
+ 'django.contrib.auth.middleware.AuthenticationMiddleware',
+ 'django.contrib.messages.middleware.MessageMiddleware',
+ 'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'djtest.urls'
+
+TEMPLATES = [
+ {
+ 'BACKEND': 'django.template.backends.django.DjangoTemplates',
+ 'DIRS': [],
+ 'APP_DIRS': True,
+ 'OPTIONS': {
+ 'context_processors': [
+ 'django.template.context_processors.debug',
+ 'django.template.context_processors.request',
+ 'django.contrib.auth.context_processors.auth',
+ 'django.contrib.messages.context_processors.messages',
+ ],
+ },
+ },
+]
+
+WSGI_APPLICATION = 'djtest.wsgi.application'
+
+
+# Database
+# https://docs.djangoproject.com/en/2.2/ref/settings/#databases
+
+DATABASES = {
+ 'default': {
+ 'ENGINE': 'django.db.backends.sqlite3',
+ 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+ }
+}
+
+
+# Password validation
+# https://docs.djangoproject.com/en/2.2/ref/settings/#auth-password-validators
+
+AUTH_PASSWORD_VALIDATORS = [
+ {
+ 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+ },
+ {
+ 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+ },
+]
+
+
+# Internationalization
+# https://docs.djangoproject.com/en/2.2/topics/i18n/
+
+LANGUAGE_CODE = 'en-us'
+
+TIME_ZONE = 'UTC'
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+# https://docs.djangoproject.com/en/2.2/howto/static-files/
+
+STATIC_URL = '/static/'
diff --git a/personal/q3k/djtest/djtest/urls.py b/personal/q3k/djtest/djtest/urls.py
new file mode 100644
index 0000000..633f699
--- /dev/null
+++ b/personal/q3k/djtest/djtest/urls.py
@@ -0,0 +1,21 @@
+"""djtest URL Configuration
+
+The `urlpatterns` list routes URLs to views. For more information please see:
+ https://docs.djangoproject.com/en/2.2/topics/http/urls/
+Examples:
+Function views
+ 1. Add an import: from my_app import views
+ 2. Add a URL to urlpatterns: path('', views.home, name='home')
+Class-based views
+ 1. Add an import: from other_app.views import Home
+ 2. Add a URL to urlpatterns: path('', Home.as_view(), name='home')
+Including another URLconf
+ 1. Import the include() function: from django.urls import include, path
+ 2. Add a URL to urlpatterns: path('blog/', include('blog.urls'))
+"""
+from django.contrib import admin
+from django.urls import path
+
+urlpatterns = [
+ path('admin/', admin.site.urls),
+]
diff --git a/personal/q3k/djtest/djtest/wsgi.py b/personal/q3k/djtest/djtest/wsgi.py
new file mode 100644
index 0000000..ba3abe3
--- /dev/null
+++ b/personal/q3k/djtest/djtest/wsgi.py
@@ -0,0 +1,16 @@
+"""
+WSGI config for djtest project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/2.2/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'djtest.settings')
+
+application = get_wsgi_application()
diff --git a/personal/q3k/djtest/manage.py b/personal/q3k/djtest/manage.py
new file mode 100644
index 0000000..e7ff590
--- /dev/null
+++ b/personal/q3k/djtest/manage.py
@@ -0,0 +1,21 @@
+#!/usr/bin/env python
+"""Django's command-line utility for administrative tasks."""
+import os
+import sys
+
+
+def main():
+ os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'djtest.settings')
+ try:
+ from django.core.management import execute_from_command_line
+ except ImportError as exc:
+ raise ImportError(
+ "Couldn't import Django. Are you sure it's installed and "
+ "available on your PYTHONPATH environment variable? Did you "
+ "forget to activate a virtual environment?"
+ ) from exc
+ execute_from_command_line(sys.argv)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/personal/q3k/djtest/uwsgi-start.py b/personal/q3k/djtest/uwsgi-start.py
new file mode 100644
index 0000000..7597a6f
--- /dev/null
+++ b/personal/q3k/djtest/uwsgi-start.py
@@ -0,0 +1,44 @@
+import configparser
+import os
+import subprocess
+import tempfile
+
+import bazel_tools
+import bazel_tools.tools.python
+
+from bazel_tools.tools.python.runfiles import runfiles
+r = runfiles.Create()
+
+uwsgi = r.Rlocation("pip36/uwsgi/scripts/uwsgi")
+settings = r.Rlocation("__main__/personal/q3k/djtest/djtest/settings.py")
+
+apppath = os.path.dirname(settings)
+sitepath = os.path.dirname(apppath)
+
+pythonpath = os.environ['PYTHONPATH']
+
+# Make UWSGI ini config file
+cfgf = tempfile.NamedTemporaryFile(mode='w', delete=False)
+
+config = configparser.ConfigParser()
+config['uwsgi'] = {}
+config['uwsgi']['master'] = '1'
+config['uwsgi']['chdir'] = sitepath
+config['uwsgi']['module'] = 'djtest.wsgi'
+config['uwsgi']['env'] = 'DJANGO_SETTINGS_MODULE=djtest.settings'
+config['uwsgi']['http'] = '127.0.0.1:8080'
+config['uwsgi']['pythonpath'] = pythonpath
+
+config.write(cfgf)
+cfgf.close()
+
+args = [
+ # uwsgi from runfiles is non-chmodded, run through interpreter
+ '/lib64/ld-linux-x86-64.so.2',
+ uwsgi,
+ '--ini', cfgf.name,
+]
+
+subprocess.call(args)
+
+os.unlink(cfgf.name)