| Radek Pietruszewski | f584431 | 2023-10-27 22:41:18 +0200 | [diff] [blame] | 1 | local kube = import "../../kube/hscloud.libsonnet"; |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 2 | local postgres = import '../../kube/postgres_v.libsonnet'; |
| 3 | |
| 4 | { |
| 5 | local top = self, |
| 6 | local cfg = top.cfg, |
| 7 | |
| 8 | cfg:: { |
| 9 | name: 'inventory', |
| 10 | namespace: 'inventory', |
| 11 | domain: 'inventory.hackerspace.pl', |
| 12 | |
| 13 | image: 'registry.k0.hswaw.net/palid/spejstore:1694280421', |
| 14 | db: { |
| 15 | name: 'inventory', |
| 16 | username: 'inventory', |
| 17 | }, |
| 18 | oauthClientId: '82fffb65-0bbd-4d18-becd-0ce0b31373cf', |
| 19 | storageClassName: 'waw-hdd-redundant-3', |
| 20 | |
| 21 | mediaPath: '/var/www/media', |
| 22 | }, |
| 23 | |
| 24 | secrets:: { |
| 25 | postgres: { secretKeyRef: { name: cfg.name, key: 'postgres_password' } }, |
| 26 | oauth: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } }, |
| 27 | }, |
| 28 | |
| 29 | ns: kube.Namespace(cfg.namespace), |
| 30 | deployment: top.ns.Contain(kube.Deployment(cfg.name)) { |
| 31 | spec+: { |
| 32 | template+: { |
| 33 | spec+: { |
| 34 | volumes_: { |
| 35 | media: kube.PersistentVolumeClaimVolume(top.media), |
| 36 | }, |
| 37 | containers_: { |
| 38 | default: kube.Container('default') { |
| 39 | image: cfg.image, |
| 40 | ports_: { |
| 41 | web: { containerPort: 8000 }, |
| 42 | }, |
| 43 | env_: { |
| 44 | SPEJSTORE_ENV: 'prod', |
| 45 | SPEJSTORE_DB_NAME: cfg.db.name, |
| 46 | SPEJSTORE_DB_USER: cfg.db.username, |
| 47 | SPEJSTORE_DB_PASSWORD: top.secrets.postgres, |
| 48 | SPEJSTORE_DB_HOST: top.psql.svc.host, |
| 49 | SPEJSTORE_DB_PORT: top.psql.svc.port, |
| 50 | SPEJSTORE_ALLOWED_HOSTS: cfg.domain, |
| 51 | SPEJSTORE_CLIENT_ID: cfg.oauthClientId, |
| 52 | SPEJSTORE_SECRET: top.secrets.oauth, |
| 53 | SPEJSTORE_MEDIA_ROOT: cfg.mediaPath, |
| 54 | SPEJSTORE_REQUIRE_AUTH: 'true', |
| 55 | SPEJSTORE_LAN_ALLOWED_ADDRESS_SPACE: '185.236.240.5', |
| 56 | }, |
| 57 | volumeMounts_: { |
| 58 | media: { mountPath: cfg.mediaPath }, |
| 59 | }, |
| 60 | }, |
| 61 | }, |
| 62 | }, |
| 63 | }, |
| 64 | }, |
| 65 | }, |
| 66 | |
| 67 | media: top.ns.Contain(kube.PersistentVolumeClaim(cfg.name)) { |
| Radek Pietruszewski | f28cd62 | 2023-11-03 17:30:10 +0100 | [diff] [blame] | 68 | storage: '20Gi', |
| 69 | storageClass: cfg.storageClassName, |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 70 | }, |
| 71 | |
| 72 | psql: postgres { |
| 73 | cfg+: { |
| 74 | namespace: cfg.namespace, |
| 75 | appName: cfg.name, |
| 76 | storageClassName: cfg.storageClassName, |
| 77 | version: '15.4', |
| 78 | |
| 79 | database: cfg.db.name, |
| 80 | username: cfg.db.username, |
| 81 | password: top.secrets.postgres, |
| 82 | }, |
| 83 | bouncer: {}, |
| 84 | }, |
| 85 | |
| 86 | service: top.ns.Contain(kube.Service(cfg.name)) { |
| radex | 8b8f387 | 2023-11-24 11:09:46 +0100 | [diff] [blame^] | 87 | target:: top.deployment, |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 88 | }, |
| 89 | |
| Radek Pietruszewski | f584431 | 2023-10-27 22:41:18 +0200 | [diff] [blame] | 90 | ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) { |
| 91 | hosts:: [cfg.domain], |
| 92 | target_service:: top.service, |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 93 | }, |
| 94 | } |