Piotr Dobrowolski | b67ae48 | 2021-01-31 10:35:38 +0100 | [diff] [blame] | 1 | local kube = import "../../../kube/kube.libsonnet"; |
| 2 | |
| 3 | { |
| 4 | local app = self, |
| 5 | local cfg = app.cfg, |
| 6 | cfg:: { |
| 7 | image: error "cfg.image must be set", |
| 8 | |
| 9 | # webDomain is the domain name at which matrix instance/cas proxy is served |
| 10 | webDomain: error "cfg.webDomain must be set", |
| 11 | |
| 12 | oauth2: error "cfg.oauth2 must be set", |
| 13 | }, |
| 14 | |
| 15 | ns:: error "ns needs to be a kube.Namespace object", |
radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 16 | local ns = app.ns, |
Piotr Dobrowolski | b67ae48 | 2021-01-31 10:35:38 +0100 | [diff] [blame] | 17 | |
radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 18 | deployment: ns.Contain(kube.Deployment("oauth2-cas-proxy")) { |
Piotr Dobrowolski | b67ae48 | 2021-01-31 10:35:38 +0100 | [diff] [blame] | 19 | spec+: { |
| 20 | replicas: 1, |
| 21 | template+: { |
| 22 | spec+: { |
| 23 | containers_: { |
| 24 | proxy: kube.Container("oauth2-cas-proxy") { |
| 25 | image: cfg.image, |
| 26 | ports_: { |
| 27 | http: { containerPort: 5000 }, |
| 28 | }, |
| 29 | env_: { |
| 30 | BASE_URL: "https://%s" % [cfg.webDomain], |
| 31 | SERVICE_URL: "https://%s" % [cfg.webDomain], |
| 32 | OAUTH2_CLIENT: cfg.oauth2.clientID, |
| 33 | OAUTH2_SECRET: cfg.oauth2.clientSecret, |
| 34 | OAUTH2_SCOPE: cfg.oauth2.scope, |
| 35 | OAUTH2_AUTHORIZE: cfg.oauth2.authorizeURL, |
| 36 | OAUTH2_TOKEN: cfg.oauth2.tokenURL, |
| 37 | OAUTH2_USERINFO: cfg.oauth2.userinfoURL, |
| 38 | }, |
| 39 | }, |
| 40 | }, |
| 41 | }, |
| 42 | }, |
| 43 | }, |
| 44 | }, |
| 45 | |
radex | 99ed6a7 | 2023-11-24 11:42:55 +0100 | [diff] [blame^] | 46 | svc: ns.Contain(kube.Service("oauth2-cas-proxy")) { |
radex | 8b8f387 | 2023-11-24 11:09:46 +0100 | [diff] [blame] | 47 | target:: app.deployment, |
Piotr Dobrowolski | b67ae48 | 2021-01-31 10:35:38 +0100 | [diff] [blame] | 48 | }, |
| 49 | } |