| Radek Pietruszewski | f584431 | 2023-10-27 22:41:18 +0200 | [diff] [blame] | 1 | local kube = import "../../kube/hscloud.libsonnet"; |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 2 | local postgres = import '../../kube/postgres_v.libsonnet'; |
| 3 | |
| 4 | { |
| 5 | local top = self, |
| 6 | local cfg = top.cfg, |
| 7 | |
| 8 | cfg:: { |
| 9 | name: 'inventory', |
| 10 | namespace: 'inventory', |
| 11 | domain: 'inventory.hackerspace.pl', |
| 12 | |
| 13 | image: 'registry.k0.hswaw.net/palid/spejstore:1694280421', |
| 14 | db: { |
| 15 | name: 'inventory', |
| 16 | username: 'inventory', |
| 17 | }, |
| 18 | oauthClientId: '82fffb65-0bbd-4d18-becd-0ce0b31373cf', |
| 19 | storageClassName: 'waw-hdd-redundant-3', |
| 20 | |
| 21 | mediaPath: '/var/www/media', |
| 22 | }, |
| 23 | |
| 24 | secrets:: { |
| 25 | postgres: { secretKeyRef: { name: cfg.name, key: 'postgres_password' } }, |
| 26 | oauth: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } }, |
| 27 | }, |
| 28 | |
| radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 29 | local ns = kube.Namespace(cfg.namespace), |
| 30 | |
| 31 | deployment: ns.Contain(kube.Deployment(cfg.name)) { |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 32 | spec+: { |
| 33 | template+: { |
| 34 | spec+: { |
| 35 | volumes_: { |
| 36 | media: kube.PersistentVolumeClaimVolume(top.media), |
| 37 | }, |
| 38 | containers_: { |
| 39 | default: kube.Container('default') { |
| 40 | image: cfg.image, |
| 41 | ports_: { |
| 42 | web: { containerPort: 8000 }, |
| 43 | }, |
| 44 | env_: { |
| 45 | SPEJSTORE_ENV: 'prod', |
| 46 | SPEJSTORE_DB_NAME: cfg.db.name, |
| 47 | SPEJSTORE_DB_USER: cfg.db.username, |
| 48 | SPEJSTORE_DB_PASSWORD: top.secrets.postgres, |
| 49 | SPEJSTORE_DB_HOST: top.psql.svc.host, |
| 50 | SPEJSTORE_DB_PORT: top.psql.svc.port, |
| 51 | SPEJSTORE_ALLOWED_HOSTS: cfg.domain, |
| 52 | SPEJSTORE_CLIENT_ID: cfg.oauthClientId, |
| 53 | SPEJSTORE_SECRET: top.secrets.oauth, |
| 54 | SPEJSTORE_MEDIA_ROOT: cfg.mediaPath, |
| 55 | SPEJSTORE_REQUIRE_AUTH: 'true', |
| 56 | SPEJSTORE_LAN_ALLOWED_ADDRESS_SPACE: '185.236.240.5', |
| 57 | }, |
| 58 | volumeMounts_: { |
| 59 | media: { mountPath: cfg.mediaPath }, |
| 60 | }, |
| 61 | }, |
| 62 | }, |
| 63 | }, |
| 64 | }, |
| 65 | }, |
| 66 | }, |
| 67 | |
| radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 68 | media: ns.Contain(kube.PersistentVolumeClaim(cfg.name)) { |
| radex | 36964dc | 2023-11-24 11:19:46 +0100 | [diff] [blame] | 69 | storage:: '20Gi', |
| 70 | storageClass:: cfg.storageClassName, |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 71 | }, |
| 72 | |
| 73 | psql: postgres { |
| 74 | cfg+: { |
| 75 | namespace: cfg.namespace, |
| 76 | appName: cfg.name, |
| 77 | storageClassName: cfg.storageClassName, |
| 78 | version: '15.4', |
| 79 | |
| 80 | database: cfg.db.name, |
| 81 | username: cfg.db.username, |
| 82 | password: top.secrets.postgres, |
| 83 | }, |
| 84 | bouncer: {}, |
| 85 | }, |
| 86 | |
| radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 87 | service: ns.Contain(kube.Service(cfg.name)) { |
| radex | 8b8f387 | 2023-11-24 11:09:46 +0100 | [diff] [blame] | 88 | target:: top.deployment, |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 89 | }, |
| 90 | |
| radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 91 | ingress: ns.Contain(kube.SimpleIngress(cfg.name)) { |
| Radek Pietruszewski | f584431 | 2023-10-27 22:41:18 +0200 | [diff] [blame] | 92 | hosts:: [cfg.domain], |
| 93 | target_service:: top.service, |
| Dariusz Niemczyk | 62b83e0 | 2023-08-13 20:14:15 +0200 | [diff] [blame] | 94 | }, |
| 95 | } |