hswaw/site/prod.jsonnet - hscloud - Gitiles

 local kube = import "../../kube/kube.libsonnet";

 {
     local top = self,
     local cfg = self.cfg,

     cfg:: {
         name: 'site',
         namespace: 'site',
         domains: [
             'hackerspace.pl',
             'www.hackerspace.pl',
         ],
         image: 'registry.k0.hswaw.net/q3k/hswaw-site@sha256:ba8b5ca2aab81edd7a1f5bcc1e75253d7573e199463e7e56aaf18ad4380d681b',
     },

     ns: kube.Namespace(cfg.namespace),

     deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
         spec+: {
             replicas: 3,
             template+: {
                 spec+: {
                     containers_: {
                         default: kube.Container("default") {
                             image: cfg.image,
                             command: [
                                 "/hswaw/site/site",
                                 "-hspki_disable",
                                 "-logtostderr",
                             ],
                             resources: {
                                 requests: { cpu: "25m", memory: "64Mi" },
                                 limits: { cpu: "500m", memory: "128Mi" },
                             },
                             ports_: {
                                 http: { containerPort: 8080 },
                             },
                         },
                     },
                 },
             },
         },
     },

     service: top.ns.Contain(kube.Service(cfg.name)) {
         target_pod:: top.deployment.spec.template,
     },

     ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
         metadata+: {
             annotations+: {
                 "kubernetes.io/tls-acme": "true",
                 "cert-manager.io/cluster-issuer": "letsencrypt-prod",
                 "nginx.ingress.kubernetes.io/proxy-body-size": "0",
             },
         },
         spec+: {
             tls: [ { hosts: cfg.domains, secretName: cfg.name + "-tls" } ],
             rules: [
                 {
                     host: domain,
                     http: {
                         paths:  [
                             { path: "/", backend: top.service.name_port },
                         ],
                     },
                 }
                 for domain in cfg.domains
             ],
         },
     },
 }
	local kube = import "../../kube/kube.libsonnet";

	{
	local top = self,
	local cfg = self.cfg,

	cfg:: {
	name: 'site',
	namespace: 'site',
	domains: [
	'hackerspace.pl',
	'www.hackerspace.pl',
	],
	image: 'registry.k0.hswaw.net/q3k/hswaw-site@sha256:ba8b5ca2aab81edd7a1f5bcc1e75253d7573e199463e7e56aaf18ad4380d681b',
	},

	ns: kube.Namespace(cfg.namespace),

	deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
	spec+: {
	replicas: 3,
	template+: {
	spec+: {
	containers_: {
	default: kube.Container("default") {
	image: cfg.image,
	command: [
	"/hswaw/site/site",
	"-hspki_disable",
	"-logtostderr",
	],
	resources: {
	requests: { cpu: "25m", memory: "64Mi" },
	limits: { cpu: "500m", memory: "128Mi" },
	},
	ports_: {
	http: { containerPort: 8080 },
	},
	},
	},
	},
	},
	},
	},

	service: top.ns.Contain(kube.Service(cfg.name)) {
	target_pod:: top.deployment.spec.template,
	},

	ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
	metadata+: {
	annotations+: {
	"kubernetes.io/tls-acme": "true",
	"cert-manager.io/cluster-issuer": "letsencrypt-prod",
	"nginx.ingress.kubernetes.io/proxy-body-size": "0",
	},
	},
	spec+: {
	tls: [ { hosts: cfg.domains, secretName: cfg.name + "-tls" } ],
	rules: [
	{
	host: domain,
	http: {
	paths: [
	{ path: "/", backend: top.service.name_port },
	],
	},
	}
	for domain in cfg.domains
	],
	},
	},
	}