Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / 56df80cf249168b5ff2056e3bde7a13f1a6c65b2 / . / hswaw / site / prod.jsonnet
blob: be5be7e3f787281e75865c419d08ff994fdbc24e [file] [log] [blame]
radexa3649342023-09-23 09:34:58 +0200[diff] [blame]1local kube = import "../../kube/kube.libsonnet";
2
3{
4 local top = self,
5 local cfg = self.cfg,
6
7 cfg:: {
8 name: 'site',
9 namespace: 'site',
10 domains: [
Serge Bazanski63ce4232023-10-09 23:41:15 +0000[diff] [blame]11 'new.hackerspace.pl',
radexa3649342023-09-23 09:34:58 +0200[diff] [blame]12 ],
Serge Bazanski56df80c2023-10-28 17:34:23 +0000[diff] [blame^]13 image: 'registry.k0.hswaw.net/q3k/hswaw-site@sha256:02414c9e7e0751abe7a8ad3ef1b1ccc35f1f89edf67a6f0b396b7a1d0c178f2b',
radexa3649342023-09-23 09:34:58 +0200[diff] [blame]14 },
15
16 ns: kube.Namespace(cfg.namespace),
17
18 deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
19 spec+: {
20 replicas: 3,
21 template+: {
22 spec+: {
23 containers_: {
24 default: kube.Container("default") {
25 image: cfg.image,
26 command: [
27 "/hswaw/site/site",
radexa3649342023-09-23 09:34:58 +0200[diff] [blame]28 "-logtostderr",
29 ],
30 resources: {
31 requests: { cpu: "25m", memory: "64Mi" },
32 limits: { cpu: "500m", memory: "128Mi" },
33 },
34 ports_: {
35 http: { containerPort: 8080 },
36 },
37 },
38 },
39 },
40 },
41 },
42 },
43
44 service: top.ns.Contain(kube.Service(cfg.name)) {
45 target_pod:: top.deployment.spec.template,
46 },
47
48 ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
49 metadata+: {
50 annotations+: {
51 "kubernetes.io/tls-acme": "true",
52 "cert-manager.io/cluster-issuer": "letsencrypt-prod",
53 "nginx.ingress.kubernetes.io/proxy-body-size": "0",
54 },
55 },
56 spec+: {
57 tls: [ { hosts: cfg.domains, secretName: cfg.name + "-tls" } ],
58 rules: [
59 {
60 host: domain,
61 http: {
62 paths: [
63 { path: "/", backend: top.service.name_port },
64 ],
65 },
66 }
67 for domain in cfg.domains
68 ],
69 },
70 },
71}