Gitiles
Code Review Sign In
gerrit.hackerspace.pl / hscloud / d45584aa6d15eb6390efdda9539296644aa6142e / . / devtools / issues / redmine.libsonnet
blob: cf90129de466d71840c7435f78fa77f755ebaeca [file] [log] [blame]
Radek Pietruszewskif5844312023-10-27 22:41:18 +0200[diff] [blame]1local kube = import "../../kube/hscloud.libsonnet";
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]2local postgres = import "../../kube/postgres.libsonnet";
3
4{
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]5 local top = self,
6 local cfg = top.cfg,
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]7
8 cfg:: {
9 namespace: "redmine",
10 image: "registry.k0.hswaw.net/informatic/redmine@sha256:b04d1fd04549424e505722c9feb0b6741a057cb8f0fab68ad3730ecb167417df",
11 domain: error "domain must be set",
12 storageClassName: "waw-hdd-redundant-3",
13 database: {
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]14 password: { secretKeyRef: { name: "redmine", key: "postgres_password" } },
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]15 },
16
Serge Bazanski877cf0a2021-02-08 00:34:34 +0100[diff] [blame]17 b: {
18 domains: [],
19 image: "registry.k0.hswaw.net/q3k/b:315532800-6cc2f867951e123909b23955cd7bcbcc3ec24f8a",
20 },
21
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]22 storage: {
23 endpoint: error "storage.endpoint must be set",
24 region: error "storage.region must be set",
25 bucket: error "storage.bucket must be set",
26 accessKey: error "storage.accessKey must be set",
27 secretKey: error "storage.secretKey must be set",
28 },
29
30 oidc: {
31 server: error "oidc.server must be set",
32 clientID: error "oidc.clientID must be set",
33 clientSecret: error "oidc.clientSecret must be set",
34 },
Piotr Dobrowolski054c5b42021-02-09 10:05:59 +0100[diff] [blame]35
36 # Mailing configuration object passed to smtp_settings
37 mailing: {
38 address: error "mailing.address must be set",
39 port: 465,
40 ssl: true,
41 domain: error "mailing.domain must be set",
42 authentication: ":login",
43 user_name: error "mailing.user_name must be set",
44 password: error "mailing.password must be set",
45 },
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]46 },
47
Piotr Dobrowolski054c5b42021-02-09 10:05:59 +0100[diff] [blame]48 # Generates YAML file while preserving specified ruby-style symbols.
49 # (ie. removes surrounding quotes)
50 rubyYaml(obj, symbols):: std.foldr(function (symbol, str) std.strReplace(str, '"%s"' % symbol, symbol), symbols, std.manifestYamlDoc(obj)),
51
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]52 local ns = kube.Namespace(cfg.namespace),
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]53
radex0e128492023-11-24 12:47:27 +0100[diff] [blame]54 postgres: ns.Contain(postgres) {
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]55 cfg+: {
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]56 appName: "redmine",
radex37991742023-11-24 12:37:37 +0100[diff] [blame]57 database: "redmine",
58 username: "redmine",
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]59 password: cfg.database.password,
60 storageClassName: cfg.storageClassName,
61 },
62 },
63
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]64 deployment: ns.Contain(kube.Deployment("redmine")) {
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]65 spec+: {
66 replicas: 1,
67 template+: {
68 spec+: {
69 securityContext: {
70 runAsUser: 999,
71 runAsGroup: 999,
72 fsGroup: 999,
73 },
74 containers_: {
75 web: kube.Container("redmine") {
76 image: cfg.image,
Piotr Dobrowolski054c5b42021-02-09 10:05:59 +0100[diff] [blame]77 args: ['sh', '-c', |||
78 set -e
79 echo "${X_EXTRA_CONFIGURATION}" > config/configuration.yml
80 exec /docker-entrypoint.sh rails server -b 0.0.0.0
81 |||],
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]82 ports_: {
83 http: { containerPort: 3000 },
84 },
85 env_: {
radex37991742023-11-24 12:37:37 +0100[diff] [blame]86 REDMINE_DB_POSTGRES: top.postgres.svc.host,
87 REDMINE_DB_PORT: top.postgres.svc.port,
88 REDMINE_DB_DATABASE: top.postgres.cfg.database,
89 REDMINE_DB_USERNAME: top.postgres.cfg.username,
90 REDMINE_DB_PASSWORD: top.postgres.cfg.password,
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]91
92 REDMINE_SECRET_KEY_BASE: { secretKeyRef: { name: "redmine", key: "secret_key" } },
93
94 REDMINE_OIDC_SERVER: cfg.oidc.server,
95 REDMINE_OIDC_CLIENT_ID: cfg.oidc.clientID,
96 REDMINE_OIDC_CLIENT_SECRET: cfg.oidc.clientSecret,
97 REDMINE_OIDC_ADMIN_GROUP: "issues-admin",
98
99 REDMINE_S3_ENDPOINT: cfg.storage.endpoint,
100 REDMINE_S3_BUCKET: cfg.storage.bucket,
101 REDMINE_S3_ACCESS_KEY_ID: cfg.storage.accessKey,
102 REDMINE_S3_SECRET_ACCESS_KEY: cfg.storage.secretKey,
103 REDMINE_S3_REGION: cfg.storage.region,
Piotr Dobrowolski054c5b42021-02-09 10:05:59 +0100[diff] [blame]104
105 REDMINE_MAILING_PASSWORD: cfg.mailing.password,
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]106 X_EXTRA_CONFIGURATION: top.rubyYaml({
Piotr Dobrowolski054c5b42021-02-09 10:05:59 +0100[diff] [blame]107 production: {
108 email_delivery: {
109 delivery_method: ":smtp",
110 smtp_settings: cfg.mailing {
111 password: "$(REDMINE_MAILING_PASSWORD)",
112 },
113 }
114 },
115 }, [":smtp", ":login"]),
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]116 },
117 },
118 },
119 },
120 },
121 },
122 },
123
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]124 svc: ns.Contain(kube.Service("redmine")) {
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]125 target:: top.deployment,
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]126 },
127
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]128 ingress: ns.Contain(kube.SimpleIngress("redmine")) {
Radek Pietruszewskif5844312023-10-27 22:41:18 +0200[diff] [blame]129 hosts:: [cfg.domain],
radexd45584a2023-11-24 12:51:57 +0100[diff] [blame^]130 target:: top.svc,
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]131 },
Serge Bazanski877cf0a2021-02-08 00:34:34 +0100[diff] [blame]132
133 b: (if std.length(cfg.b.domains) > 0 then {
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]134 deployment: ns.Contain(kube.Deployment("b")) {
Serge Bazanski877cf0a2021-02-08 00:34:34 +0100[diff] [blame]135 spec+: {
136 replicas: 3,
137 template+: {
138 spec+: {
139 containers_: {
140 default: kube.Container("default") {
141 image: "registry.k0.hswaw.net/q3k/b:315532800-6cc2f867951e123909b23955cd7bcbcc3ec24f8a",
142 ports_: {
143 http: { containerPort: 8000 },
144 },
145 command: [
146 "/devtools/issues/b",
147 ],
148 },
149 },
150 },
151 },
152 },
153 },
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]154 svc: ns.Contain(kube.Service("b")) {
radexc995c212023-11-24 12:01:49 +0100[diff] [blame]155 target:: top.b.deployment,
Serge Bazanski877cf0a2021-02-08 00:34:34 +0100[diff] [blame]156 },
radex99ed6a72023-11-24 11:42:55 +0100[diff] [blame]157 ingress: ns.Contain(kube.SimpleIngress("b")) {
Radek Pietruszewskif5844312023-10-27 22:41:18 +0200[diff] [blame]158 hosts:: cfg.b.domains,
radexd45584a2023-11-24 12:51:57 +0100[diff] [blame^]159 target:: top.b.svc,
Radek Pietruszewskif5844312023-10-27 22:41:18 +0200[diff] [blame]160 },
Serge Bazanski877cf0a2021-02-08 00:34:34 +0100[diff] [blame]161 } else {}),
162
Piotr Dobrowolski0572fff2021-02-06 22:23:53 +0100[diff] [blame]163}