forked from hswaw/hscloud
hswaw/walne: initial deployment
Co-authored-by: Palid <palid@hackerspace.pl> Change-Id: I7c5ef8a1d310821937c49598c4bd983f80a8fbcb Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1741 Reviewed-by: q3k <q3k@hackerspace.pl>
This commit is contained in:
parent
29a96ddcf7
commit
3fdda9c9a3
3 changed files with 65 additions and 0 deletions
3
app/walne/README.md
Normal file
3
app/walne/README.md
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
# Walne (General Assembly Paperwork Generator™)
|
||||||
|
|
||||||
|
Source: https://code.hackerspace.pl/hswaw/walne
|
57
app/walne/prod.jsonnet
Normal file
57
app/walne/prod.jsonnet
Normal file
|
@ -0,0 +1,57 @@
|
||||||
|
local kube = import '../../kube/hscloud.libsonnet';
|
||||||
|
|
||||||
|
{
|
||||||
|
local top = self,
|
||||||
|
local cfg = top.cfg,
|
||||||
|
|
||||||
|
cfg:: {
|
||||||
|
name: 'walne',
|
||||||
|
namespace: 'walne',
|
||||||
|
domain: 'walne.hackerspace.pl',
|
||||||
|
image: 'registry.k0.hswaw.net/radex/walne:1698228636',
|
||||||
|
oauthClientId: '992f3daf-a30e-4409-baad-e7b0e4bc2a2e',
|
||||||
|
},
|
||||||
|
|
||||||
|
// kubectl -n walne create secret generic walne --from-literal=ldap_password=xxx --from-literal=oauth_secret=xxx --from-literal=next_auth_secret=$(pwgen 32 1)
|
||||||
|
secrets:: {
|
||||||
|
ldap: { secretKeyRef: { name: cfg.name, key: 'ldap_password' },},
|
||||||
|
ouath: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } },
|
||||||
|
nextAuth: { secretKeyRef: { name: cfg.name, key: 'next_auth_secret' } },
|
||||||
|
},
|
||||||
|
|
||||||
|
ns: kube.Namespace(cfg.namespace),
|
||||||
|
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
|
||||||
|
spec+: {
|
||||||
|
template+: {
|
||||||
|
spec+: {
|
||||||
|
containers_: {
|
||||||
|
default: kube.Container('default') {
|
||||||
|
image: cfg.image,
|
||||||
|
ports_: {
|
||||||
|
web: { containerPort: 3000 },
|
||||||
|
},
|
||||||
|
env_: {
|
||||||
|
LDAP_USER_DN: 'cn=walone-generator,ou=services,dc=hackerspace,dc=pl',
|
||||||
|
LDAP_USER_PW: top.secrets.ldap,
|
||||||
|
ALLOWED_LDAP_GROUPS: 'zarzad,rewizja,staff,walne-users',
|
||||||
|
HSWAW_AUTH_CLIENT_ID: cfg.oauthClientId,
|
||||||
|
HSWAW_AUTH_CLIENT_SECRET: top.secrets.ouath,
|
||||||
|
AUTH_SECRET: top.secrets.nextAuth,
|
||||||
|
REDIRECT_PROXY_URL: 'https://' + cfg.domain + '/auth',
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
service: top.ns.Contain(kube.Service(cfg.name)) {
|
||||||
|
target_pod:: top.deployment.spec.template,
|
||||||
|
},
|
||||||
|
|
||||||
|
ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
|
||||||
|
hosts:: [cfg.domain],
|
||||||
|
target_service:: top.service,
|
||||||
|
},
|
||||||
|
}
|
|
@ -330,6 +330,7 @@ local admins = import "lib/admins.libsonnet";
|
||||||
{ namespace: "inventory", dns: "inventory.hackerspace.pl" },
|
{ namespace: "inventory", dns: "inventory.hackerspace.pl" },
|
||||||
{ namespace: "capacifier", dns: "capacifier.hackerspace.pl" },
|
{ namespace: "capacifier", dns: "capacifier.hackerspace.pl" },
|
||||||
{ namespace: "ldapweb", dns: "profile.hackerspace.pl" },
|
{ namespace: "ldapweb", dns: "profile.hackerspace.pl" },
|
||||||
|
{ namespace: "walne", dns: "walne.hackerspace.pl" },
|
||||||
{ namespace: "devtools-prod", dns: "hackdoc.hackerspace.pl" },
|
{ namespace: "devtools-prod", dns: "hackdoc.hackerspace.pl" },
|
||||||
{ namespace: "devtools-prod", dns: "cs.hackerspace.pl" },
|
{ namespace: "devtools-prod", dns: "cs.hackerspace.pl" },
|
||||||
{ namespace: "codehosting-prod", dns: "git.hackerspace.pl" },
|
{ namespace: "codehosting-prod", dns: "git.hackerspace.pl" },
|
||||||
|
@ -393,6 +394,10 @@ local admins = import "lib/admins.libsonnet";
|
||||||
"radex",
|
"radex",
|
||||||
"palid",
|
"palid",
|
||||||
],
|
],
|
||||||
|
"walne": [
|
||||||
|
"radex",
|
||||||
|
"palid",
|
||||||
|
],
|
||||||
"site": [
|
"site": [
|
||||||
"ar",
|
"ar",
|
||||||
"radex",
|
"radex",
|
||||||
|
|
Loading…
Reference in a new issue