personal/radex: wordpress
Change-Id: Ia493d47ace83451169abb715f893325cba0ce5f7
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1756
diff --git a/personal/radex/wordpress/prod.jsonnet b/personal/radex/wordpress/prod.jsonnet
new file mode 100644
index 0000000..e3f457c
--- /dev/null
+++ b/personal/radex/wordpress/prod.jsonnet
@@ -0,0 +1,114 @@
+local kube = import "../../../kube/hscloud.libsonnet";
+
+{
+ local top = self,
+ local cfg = self.cfg,
+
+ cfg:: {
+ name: "wordpress",
+ namespace: "personal-radex",
+ domain: "wordpress.hs.radex.io",
+
+ storageClassName: "waw-hdd-redundant-3",
+ storageSize: "5Gi",
+ },
+
+ secrets:: {
+ mysql: { secretKeyRef: { name: cfg.name, key: 'mysql_password' } },
+ wordpress: { secretKeyRef: { name: cfg.name, key: 'wordpress_password' } },
+ },
+
+ ns: kube.Namespace(cfg.namespace),
+
+ deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
+ spec+: {
+ replicas: 1,
+ template+: {
+ spec+: {
+ containers_: {
+ default: kube.Container("default") {
+ image: 'bitnami/wordpress',
+ resources: {
+ requests: { cpu: "50m", memory: "128M" },
+ limits: { cpu: "750m", memory: "256M" },
+ },
+ ports_: {
+ http: { containerPort: 8080 },
+ },
+ env_: {
+ WORDPRESS_DATABASE_HOST: 'wordpress-mysql',
+ WORDPRESS_DATABASE_NAME: 'wordpress',
+ WORDPRESS_DATABASE_USER: 'wordpress',
+ WORDPRESS_DATABASE_PASSWORD: top.secrets.mysql,
+ WORDPRESS_USERNAME: 'admin',
+ WORDPRESS_PASSWORD: top.secrets.wordpress,
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+
+ service: top.ns.Contain(kube.Service(cfg.name)) {
+ target_pod:: top.deployment.spec.template,
+ },
+
+ ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
+ hosts:: [cfg.domain],
+ target_service:: top.service,
+ },
+
+ mysql: {
+ local mysql = self,
+
+ volume: top.ns.Contain(kube.PersistentVolumeClaim("wordpress-mysql")) {
+ spec+: {
+ storageClassName: cfg.storageClassName,
+ accessModes: [ "ReadWriteOnce" ],
+ resources: {
+ requests: {
+ storage: cfg.storageSize,
+ },
+ },
+ },
+ },
+
+ deployment: top.ns.Contain(kube.Deployment("wordpress-mysql")) {
+ spec+: {
+ replicas: 1,
+ template+: {
+ spec+: {
+ volumes_: {
+ data: kube.PersistentVolumeClaimVolume(mysql.volume),
+ },
+ containers_: {
+ default: kube.Container("default") {
+ image: "mysql:8.2.0",
+ ports_: {
+ client: { containerPort: 3306 },
+ },
+ env_: {
+ MYSQL_RANDOM_ROOT_PASSWORD: "yes",
+ MYSQL_DATABASE: "wordpress",
+ MYSQL_USER: "wordpress",
+ MYSQL_PASSWORD: top.secrets.mysql,
+ },
+ volumeMounts_: {
+ data: { mountPath: '/var/lib/mysql' },
+ },
+ }
+ },
+ securityContext: {
+ runAsUser: 999,
+ },
+ }
+ }
+ }
+ },
+
+ service: top.ns.Contain(kube.Service("wordpress-mysql")) {
+ target_pod:: mysql.deployment.spec.template,
+ },
+ },
+}