| radex | b8d4a8a | 2023-09-22 23:46:05 +0200 | [diff] [blame] | 1 | local kube = import "../../kube/kube.libsonnet"; |
| 2 | |
| 3 | { |
| 4 | local top = self, |
| 5 | local cfg = self.cfg, |
| 6 | |
| 7 | cfg:: { |
| 8 | name: 'ldapweb', |
| 9 | namespace: 'ldapweb', |
| 10 | domain: 'profile.hackerspace.pl', |
| radex | d60a68d | 2023-09-23 18:34:02 +0200 | [diff] [blame^] | 11 | image: 'registry.k0.hswaw.net/radex/ldap-web:1695486391', |
| radex | b8d4a8a | 2023-09-22 23:46:05 +0200 | [diff] [blame] | 12 | }, |
| 13 | |
| 14 | ns: kube.Namespace(cfg.namespace), |
| 15 | |
| 16 | deployment: top.ns.Contain(kube.Deployment(cfg.name)) { |
| 17 | spec+: { |
| 18 | replicas: 1, |
| 19 | template+: { |
| 20 | spec+: { |
| radex | b8d4a8a | 2023-09-22 23:46:05 +0200 | [diff] [blame] | 21 | containers_: { |
| 22 | default: kube.Container("default") { |
| 23 | image: cfg.image, |
| 24 | resources: { |
| 25 | requests: { cpu: "25m", memory: "64Mi" }, |
| 26 | limits: { cpu: "500m", memory: "128Mi" }, |
| 27 | }, |
| 28 | ports_: { |
| 29 | http: { containerPort: 8000 }, |
| 30 | }, |
| radex | d60a68d | 2023-09-23 18:34:02 +0200 | [diff] [blame^] | 31 | env_: { |
| 32 | LDAPWEB_ADMIN_GROUPS: 'ldap-admin,staff,zarzad', |
| 33 | LDAPWEB_ACTIVE_GROUPS: 'fatty,starving,potato', |
| radex | b8d4a8a | 2023-09-22 23:46:05 +0200 | [diff] [blame] | 34 | } |
| 35 | }, |
| 36 | }, |
| 37 | }, |
| 38 | }, |
| 39 | }, |
| 40 | }, |
| 41 | |
| 42 | service: top.ns.Contain(kube.Service(cfg.name)) { |
| 43 | target_pod:: top.deployment.spec.template, |
| 44 | }, |
| 45 | |
| 46 | ingress: top.ns.Contain(kube.Ingress(cfg.name)) { |
| 47 | metadata+: { |
| 48 | annotations+: { |
| 49 | "kubernetes.io/tls-acme": "true", |
| 50 | "cert-manager.io/cluster-issuer": "letsencrypt-prod", |
| 51 | "nginx.ingress.kubernetes.io/proxy-body-size": "0", |
| 52 | }, |
| 53 | }, |
| 54 | spec+: { |
| 55 | tls: [ { hosts: [ cfg.domain ], secretName: cfg.name + "-tls" } ], |
| 56 | rules: [ |
| 57 | { |
| 58 | host: cfg.domain, |
| 59 | http: { |
| 60 | paths: [ |
| 61 | { path: "/", backend: top.service.name_port }, |
| 62 | ], |
| 63 | }, |
| 64 | }, |
| 65 | ], |
| 66 | }, |
| 67 | }, |
| radex | b8d4a8a | 2023-09-22 23:46:05 +0200 | [diff] [blame] | 68 | } |