| # |
| # issues.hackerspace.pl redmine deployment |
| # |
| # Bootstrap: |
| # |
| # ns=redmine |
| # kubectl -n $ns create secret generic redmine --from-literal=secret_key=$(pwgen 24 1) --from-literal=postgres_password=$(pwgen 32 1) --from-literal=mailing_password=... --from-literal=oidc_secret=... |
| # |
| # ceph_ns=ceph-waw3; ceph_pool=waw-hdd-redundant-3 |
| # kubectl -n $ceph_ns get secrets rook-ceph-object-user-${ceph_pool}-object-issues -o json | jq 'del(.metadata.namespace,.metadata.resourceVersion,.metadata.uid) | .metadata.creationTimestamp=null' | kubectl replace -f - -n $ns |
| # |
| |
| local redmine = import "./redmine.libsonnet"; |
| |
| { |
| issues: redmine { |
| cfg+: { |
| namespace: "redmine", |
| domain: "issues.hackerspace.pl", |
| |
| b: { |
| domains: [ |
| "b.hackerspace.pl", |
| "b.hswaw.net", |
| "xn--137h.hswaw.net", |
| "xn--137h.hackerspace.pl", |
| ], |
| }, |
| |
| storage+: { |
| endpoint: "https://object.ceph-waw3.hswaw.net", |
| bucket: "issues", |
| |
| # This is required for redmine_s3 to properly create a bucket |
| region: "us-east-1", |
| |
| local rookSecret = "rook-ceph-object-user-waw-hdd-redundant-3-object-issues", |
| accessKey: { secretKeyRef: { name: rookSecret, key: "AccessKey" } }, |
| secretKey: { secretKeyRef: { name: rookSecret, key: "SecretKey" } }, |
| }, |
| |
| oidc+: { |
| server: "https://sso.hackerspace.pl", |
| clientID: "70ee2821-2657-4409-a298-98649d1f689f", |
| clientSecret: { secretKeyRef: { name: "redmine", key: "oidc_secret" } }, |
| }, |
| |
| mailing+: { |
| address: "mail.hackerspace.pl", |
| user_name: "issues", |
| domain: "hackerspace.pl", |
| password: { secretKeyRef: { name: "redmine", key: "mailing_password" } }, |
| }, |
| }, |
| }, |
| } |