| Serge Bazanski | 60076c7 | 2020-11-03 19:17:25 +0100 | [diff] [blame] | 1 | local kube = import "../../../kube/kube.libsonnet"; |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 2 | |
| 3 | { |
| 4 | AppServiceIrc(name):: { |
| 5 | local bridge = self, |
| 6 | local cfg = bridge.cfg, |
| 7 | cfg:: { |
| 8 | metadata: {}, |
| Serge Bazanski | 25cd650 | 2021-05-19 16:05:38 +0000 | [diff] [blame^] | 9 | // Whether the bootstrap job should be created/updated. Kubernetes |
| 10 | // doesn't like changing the configuration of jobs, so once this |
| 11 | // appservice has been set up, this flag should be flipped to |
| 12 | // false. |
| 13 | bootstrapJob: true, |
| Piotr Dobrowolski | 37fbff7 | 2021-02-13 20:17:33 +0100 | [diff] [blame] | 14 | config: std.native("parseYaml")(importstr "appservice/appservice-irc.yaml")[0] { |
| 15 | ircService+: { |
| 16 | [if cfg.passwordEncryptionKeySecret != null then "passwordEncryptionKeyPath"]: "/key/key.pem" |
| 17 | }, |
| 18 | }, |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 19 | image: error "image must be set", |
| 20 | storageClassName: error "storageClassName must be set", |
| Piotr Dobrowolski | 37fbff7 | 2021-02-13 20:17:33 +0100 | [diff] [blame] | 21 | |
| 22 | # RSA encryption private key secret name containing "key.pem" key |
| 23 | # Create using: |
| 24 | # kubectl -n matrix create secret generic appservice-irc-password-encryption-key --from-file=key.pem=<(openssl genpkey -out - -outform PEM -algorithm RSA -pkeyopt rsa_keygen_bits:2048) |
| 25 | passwordEncryptionKeySecret: null, |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 26 | }, |
| 27 | |
| 28 | config: kube.ConfigMap("appservice-irc-%s" % [name]) { |
| 29 | metadata+: cfg.metadata, |
| 30 | data: { |
| 31 | "config.yaml": std.manifestJsonEx(cfg.config, ""), |
| 32 | }, |
| 33 | }, |
| 34 | |
| 35 | dataVolume: kube.PersistentVolumeClaim("appservice-irc-%s" % [name]) { |
| 36 | metadata+: cfg.metadata, |
| 37 | spec+: { |
| 38 | storageClassName: cfg.storageClassName, |
| 39 | accessModes: [ "ReadWriteOnce" ], |
| 40 | resources: { |
| 41 | requests: { |
| 42 | storage: "10Gi", |
| 43 | }, |
| 44 | }, |
| 45 | }, |
| 46 | }, |
| 47 | |
| Serge Bazanski | 25cd650 | 2021-05-19 16:05:38 +0000 | [diff] [blame^] | 48 | bootstrapJob: if cfg.bootstrapJob then (kube.Job("appservice-irc-%s-bootstrap" % [name]) { |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 49 | metadata+: cfg.metadata { |
| 50 | labels: { |
| 51 | "job-name": "appservice-irc-%s-bootstrap" % [name], |
| 52 | }, |
| 53 | }, |
| 54 | spec+: { |
| 55 | template+: { |
| 56 | spec+: { |
| 57 | volumes_: { |
| 58 | config: kube.ConfigMapVolume(bridge.config), |
| 59 | }, |
| 60 | containers_: { |
| 61 | bootstrap: kube.Container("appservice-irc-%s-bootstrap" % [name]) { |
| 62 | image: cfg.image, |
| 63 | command: ["sh", "-c", "node app.js -r -u http://appservice-irc-%s:9999 -c /config/config.yaml -f /tmp/registration.yaml && cat /tmp/registration.yaml" % [name]], |
| 64 | volumeMounts_: { |
| 65 | config: { mountPath: "/config" }, |
| 66 | }, |
| 67 | }, |
| 68 | }, |
| 69 | }, |
| 70 | }, |
| 71 | }, |
| Serge Bazanski | 25cd650 | 2021-05-19 16:05:38 +0000 | [diff] [blame^] | 72 | }) else {}, |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 73 | |
| 74 | deployment: kube.Deployment("appservice-irc-%s" % [name]) { |
| 75 | metadata+: cfg.metadata, |
| 76 | spec+: { |
| 77 | replicas: 1, |
| 78 | template+: { |
| 79 | spec+: { |
| 80 | volumes_: { |
| 81 | config: kube.ConfigMapVolume(bridge.config), |
| 82 | data: kube.PersistentVolumeClaimVolume(bridge.dataVolume), |
| 83 | registration: { secret: { secretName: "appservice-irc-%s-registration" % [name] } }, |
| Piotr Dobrowolski | 37fbff7 | 2021-02-13 20:17:33 +0100 | [diff] [blame] | 84 | } + (if cfg.passwordEncryptionKeySecret != null then { |
| 85 | key: { secret: { secretName: cfg.passwordEncryptionKeySecret } }, |
| 86 | } else {}), |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 87 | nodeSelector: cfg.nodeSelector, |
| 88 | containers_: { |
| 89 | appserviceIrc: kube.Container("appservice-irc-%s" % [name]) { |
| 90 | image: cfg.image, |
| 91 | command: ["node", "app.js", "-c", "/config/config.yaml", "-f", "/registration/registration.yaml", "-p", "9999"], |
| 92 | ports_: { |
| 93 | http: { containerPort: 9999 }, |
| 94 | }, |
| 95 | volumeMounts_: { |
| 96 | registration: { mountPath: "/registration", }, |
| 97 | config: { mountPath: "/config", }, |
| 98 | data: { mountPath: "/data" }, |
| Piotr Dobrowolski | 37fbff7 | 2021-02-13 20:17:33 +0100 | [diff] [blame] | 99 | } + (if cfg.passwordEncryptionKeySecret != null then { |
| 100 | key: { mountPath: "/key" }, |
| 101 | } else {}), |
| Serge Bazanski | cdba291 | 2020-08-24 19:11:10 +0000 | [diff] [blame] | 102 | }, |
| 103 | }, |
| 104 | }, |
| 105 | }, |
| 106 | }, |
| 107 | }, |
| 108 | |
| 109 | svc: kube.Service("appservice-irc-%s" % [name]) { |
| 110 | metadata+: cfg.metadata, |
| 111 | target_pod:: bridge.deployment.spec.template, |
| 112 | }, |
| 113 | }, |
| 114 | } |