cheshire
/
hscloud
forked from hswaw/hscloud
1
0
Fork 0
Code Pull Requests Activity

Merge remote-tracking branch 'origin/master' 

Change-Id: I31065ed4d5ab138a90e0be79a9d00db155896ecc
master
arsenicum 2023-10-05 00:07:11 +02:00
parent bdf2defc07 d60a68d4f3
commit 924be126f7
241 changed files with 9900 additions and 5073 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.bazelrc
View File

@ -6,3 +6,5 @@ build --stamp
build --workspace_status_command=./bzl/workspace-status.sh
test --build_tests_only
test --test_output=errors
build --cxxopt=-std=c++14
build --host_cxxopt=-std=c++14

2
.bazelversion
View File

@ -1 +1 @@
5.2.0
5.4.1

15
BUILD
View File

@ -2,15 +2,24 @@
load("@bazel_gazelle//:def.bzl", "gazelle")
# Used by //go/workspace tests.
exports_files(["WORKSPACE", "default.nix"])
exports_files([
"WORKSPACE",
"default.nix",
])
# gazelle:prefix code.hackerspace.pl/hscloud
# gazelle:go_naming_convention go_default_library
# gazelle:go_naming_convention import
# gazelle:exclude **/gomod-generated-placeholder.go
gazelle(name = "gazelle")
gazelle(
name = "gazelle",
name = "gazelle-update-repos",
args = [
"-from_file=go.mod",
"-to_macro=third_party/go/repositories.bzl%go_repositories",
"-prune",
],
command = "update-repos",
)
config_setting(

258
WORKSPACE
View File

@ -2,50 +2,15 @@ workspace(
name = "hscloud",
)
local_repository(
name = "rules_jvm_external",
path = "/home/q3k/Software/rules_jvm_external",
)
load("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository")
load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive", "http_file")
# Protobuf deps (shared between many rules).
# Load this as early as possible, to avoid a different version being pulled in by deps of something else
http_archive(
name = "com_google_protobuf",
sha256 = "8b28fdd45bab62d15db232ec404248901842e5340299a57765e48abe8a80d930",
strip_prefix = "protobuf-3.20.1",
urls = ["https://github.com/google/protobuf/archive/v3.20.1.tar.gz"],
)
load("@com_google_protobuf//:protobuf_deps.bzl", "protobuf_deps")
protobuf_deps()
rules_python_version = "0.13.0"
http_archive(
name = "rules_python",
sha256 = "8c8fe44ef0a9afc256d1e75ad5f448bb59b81aba149b8958f02f7b3a98f5d9b4",
strip_prefix = "rules_python-{}".format(rules_python_version),
url = "https://github.com/bazelbuild/rules_python/archive/refs/tags/{}.tar.gz".format(rules_python_version),
)
# Download Go/Gazelle rules
http_archive(
name = "io_bazel_rules_go",
sha256 = "099a9fb96a376ccbbb7d291ed4ecbdfd42f6bc822ab77ae6f1b5cb9e914e94fa",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.35.0/rules_go-v0.35.0.zip",
"https://github.com/bazelbuild/rules_go/releases/download/v0.35.0/rules_go-v0.35.0.zip",
],
)
http_archive(
name = "bazel_gazelle",
sha256 = "448e37e0dbf61d6fa8f00aaa12d191745e14f07c31cabfa731f0c8e8a4f41b97",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.28.0/bazel-gazelle-v0.28.0.tar.gz",
"https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.28.0/bazel-gazelle-v0.28.0.tar.gz",
],
)
# Gazelle started requiring this after we bumped the version to v0.28.0.
# Load skylib
http_archive(
name = "bazel_skylib",
sha256 = "74d544d96f4a5bb630d465ca8bbcfe231e3594e5aae57e1edbf17a6eb3ca2506",
@ -59,6 +24,67 @@ load("@bazel_skylib//:workspace.bzl", "bazel_skylib_workspace")
bazel_skylib_workspace()
load("@bazel_skylib//lib:versions.bzl", "versions")
versions.check(minimum_bazel_version = "5.4.1")
# Protobuf deps (shared between many rules).
# Load this as early as possible, to avoid a different version being pulled in by deps of something else
http_archive(
name = "com_google_protobuf",
sha256 = "76a33e2136f23971ce46c72fd697cd94dc9f73d56ab23b753c3e16854c90ddfd",
strip_prefix = "protobuf-2c5fa078d8e86e5f4bd34e6f4c9ea9e8d7d4d44a",
urls = [
"https://github.com/protocolbuffers/protobuf/archive/2c5fa078d8e86e5f4bd34e6f4c9ea9e8d7d4d44a.tar.gz",
],
)
http_archive(
name = "rules_proto",
sha256 = "dc3fb206a2cb3441b485eb1e423165b231235a1ea9b031b4433cf7bc1fa460dd",
strip_prefix = "rules_proto-5.3.0-21.7",
urls = [
"https://github.com/bazelbuild/rules_proto/archive/refs/tags/5.3.0-21.7.tar.gz",
],
)
load("@rules_proto//proto:repositories.bzl", "rules_proto_dependencies", "rules_proto_toolchains")
rules_proto_dependencies()
rules_proto_toolchains()
rules_python_version = "0.24.0"
http_archive(
name = "rules_python",
sha256 = "0a8003b044294d7840ac7d9d73eef05d6ceb682d7516781a4ec62eeb34702578",
strip_prefix = "rules_python-{}".format(rules_python_version),
url = "https://github.com/bazelbuild/rules_python/archive/refs/tags/{}.tar.gz".format(rules_python_version),
)
# Download Go/Gazelle rules
http_archive(
name = "io_bazel_rules_go",
sha256 = "51dc53293afe317d2696d4d6433a4c33feedb7748a9e352072e2ec3c0dafd2c6",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.40.1/rules_go-v0.40.1.zip",
"https://github.com/bazelbuild/rules_go/releases/download/v0.40.1/rules_go-v0.40.1.zip",
],
)
http_archive(
name = "bazel_gazelle",
sha256 = "29d5dafc2a5582995488c6735115d1d366fcd6a0fc2e2a153f02988706349825",
urls = [
"https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.31.0/bazel-gazelle-v0.31.0.tar.gz",
"https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.31.0/bazel-gazelle-v0.31.0.tar.gz",
],
)
load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies")
load("//third_party/go:repositories.bzl", "go_repositories")
# Python rules
load("@rules_python//python:repositories.bzl", "python_register_toolchains")
@ -77,19 +103,38 @@ pip_parse(
)
load("@pydeps//:requirements.bzl", "install_deps")
install_deps()
# Setup Go toolchain.
load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains")
go_register_toolchains(version = "1.18.3")
# gazelle:repository_macro third_party/go/repositories.bzl%go_repositories
# gazelle:repository go_repository name=hscloud importpath=code.hackerspace.pl/hscloud
go_repositories()
load("@bazel_gazelle//:deps.bzl", "go_repository")
go_repository(
name = "org_golang_x_mod",
build_external = "external",
importpath = "golang.org/x/mod",
sum = "h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=",
version = "v0.10.0",
)
go_rules_dependencies()
go_register_toolchains(go_version = "1.20.5")
# IMPORTANT: match protobuf version above with the one loaded by grpc
http_archive(
name = "com_github_grpc_grpc",
sha256 = "419dba362eaf8f1d36849ceee17c3e2ff8ff12ac666b42d3ff02a164ebe090e9",
strip_prefix = "grpc-1.30.0",
urls = ["https://github.com/grpc/grpc/archive/v1.30.0.tar.gz"],
patch_args = ["-p1"],
patches = [
"//third_party:grpc_extra_deps.patch",
],
sha256 = "931f07db9d48cff6a6007c1033ba6d691fe655bea2765444bc1ad974dfc840aa",
strip_prefix = "grpc-1.56.2",
urls = ["https://github.com/grpc/grpc/archive/v1.56.2.tar.gz"],
)
# Load grpc deps after Go, to prevent overriding Go toolchains/SDK.
@ -101,48 +146,20 @@ load("@com_github_grpc_grpc//bazel:grpc_extra_deps.bzl", "grpc_extra_deps")
grpc_extra_deps()
load("@io_bazel_rules_go//go:deps.bzl", "go_rules_dependencies")
go_rules_dependencies()
# gazelle:repository_macro third_party/go/repositories.bzl%go_repositories
load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies", "go_repository")
# Force newer version of golang.org/x/crypto that gazelle_dependencies would
# usually get.
go_repository(
name = "org_golang_x_crypto",
build_naming_convention = "go_default_library",
importpath = "golang.org/x/crypto",
sum = "h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg=",
version = "v0.0.0-20210921155107-089bfa567519",
)
load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")
gazelle_dependencies()
# Load Go third-party packages.
load("//third_party/go:repositories.bzl", "go_repositories")
go_repositories()
# Docker rules
http_archive(
name = "io_bazel_rules_docker",
sha256 = "4349f2b0b45c860dd2ffe18802e9f79183806af93ce5921fb12cbd6c07ab69a8",
strip_prefix = "rules_docker-0.21.0",
urls = ["https://github.com/bazelbuild/rules_docker/releases/download/v0.21.0/rules_docker-v0.21.0.tar.gz"],
sha256 = "b1e80761a8a8243d03ebca8845e9cc1ba6c82ce7c5179ce2b295cd36f7e394bf",
urls = ["https://github.com/bazelbuild/rules_docker/releases/download/v0.25.0/rules_docker-v0.25.0.tar.gz"],
)
load("@io_bazel_rules_docker//toolchains/docker:toolchain.bzl", docker_toolchain_configure = "toolchain_configure")
# This forces the use of Docker $HOME/.docker configuration.
docker_toolchain_configure(
name = "docker_config",
client_config = "",
docker_path = "/usr/bin/docker",
)
load(
"@io_bazel_rules_docker//repositories:repositories.bzl",
container_repositories = "repositories",
@ -150,10 +167,26 @@ load(
container_repositories()
load(
"@io_bazel_rules_docker//python3:image.bzl",
_py_image_repos = "repositories",
)
_py_image_repos()
# Docker base images
load("@io_bazel_rules_docker//container:container.bzl", "container_pull")
container_pull(
name = "python-debian",
digest = "sha256:cfa3b79333c4e56fc675b6800445b6dcbb3e6cd4d52f2a9ade944ab73dadc6a1",
registry = "index.docker.io",
repository = "python",
tag = "3.10-bullseye", # use the same version as in python_register_toolchains
)
container_pull(
name = "prodimage-bionic",
digest = "sha256:1cd1f84169b8e1414a5d511b42909f2d540831c67b6799ae9af8cd6a80d75b5f",
@ -190,6 +223,10 @@ git_repository(
commit = "a511f3c90129d7de7ae67c0637001162980c08d5",
remote = "https://gerrit.googlesource.com/bazlets",
shallow_since = "1606931369 -0600",
patch_args = ["-p1"],
patches = [
"//third_party:bazlets_py3.patch",
],
)
load("@com_googlesource_gerrit_bazlets//:gerrit_api.bzl", "gerrit_api")
@ -220,59 +257,6 @@ http_file(
],
)
# minecraft spigot/bukkit deps
# this uses rules_jvm_external vs gerrit's maven_jar because we need SNAPSHOT support
http_archive(
name = "io_grpc_grpc_java",
sha256 = "446ad7a2e85bbd05406dbf95232c7c49ed90de83b3b60cb2048b0c4c9f254d29",
strip_prefix = "grpc-java-1.29.0",
url = "https://github.com/grpc/grpc-java/archive/v1.29.0.zip",
)
RULES_JVM_EXTERNAL_TAG = "3.0"
RULES_JVM_EXTERNAL_SHA = "62133c125bf4109dfd9d2af64830208356ce4ef8b165a6ef15bbff7460b35c3a"
http_archive(
name = "rules_jvm_external",
sha256 = RULES_JVM_EXTERNAL_SHA,
strip_prefix = "rules_jvm_external-%s" % RULES_JVM_EXTERNAL_TAG,
url = "https://github.com/bazelbuild/rules_jvm_external/archive/%s.zip" % RULES_JVM_EXTERNAL_TAG,
)
load("@rules_jvm_external//:defs.bzl", "maven_install")
load("@io_grpc_grpc_java//:repositories.bzl", "IO_GRPC_GRPC_JAVA_ARTIFACTS")
load("@io_grpc_grpc_java//:repositories.bzl", "IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS")
maven_install(
artifacts = [
"org.spigotmc:spigot-api:1.15.2-R0.1-20200624.001023-124",
"io.grpc:grpc-netty-shaded:1.29.0",
"io.grpc:grpc-services:1.29.0",
] + IO_GRPC_GRPC_JAVA_ARTIFACTS,
generate_compat_repositories = True,
maven_install_json = "//third_party/java:maven_install.json",
override_targets = IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS,
repositories = [
"https://hub.spigotmc.org/nexus/content/repositories/snapshots",
"https://oss.sonatype.org/content/repositories/snapshots",
"https://repo1.maven.org/maven2/",
],
)
load("@maven//:defs.bzl", "pinned_maven_install")
pinned_maven_install()
load("@maven//:compat.bzl", "compat_repositories")
compat_repositories()
load("@io_grpc_grpc_java//:repositories.bzl", "grpc_java_repositories")
grpc_java_repositories()
# Gerrit OWNERS plugins external repositories
git_repository(
@ -288,12 +272,16 @@ gerrit_owners_deps()
# Go image repos for Docker
load("@io_bazel_rules_docker//go:image.bzl", go_image_repositories = "repositories")
load(
"@io_bazel_rules_docker//go:image.bzl",
go_image_repos = "repositories",
)
go_image_repositories()
go_image_repos()
# //hswaw/site deps.
load("//hswaw/site:deps.bzl", "hswaw_site_deps")
hswaw_site_deps()
# noVNC, used by //dc/drackvm.
@ -321,7 +309,7 @@ filegroup(
http_file(
name = "calicoctl_3_15",
downloaded_file_path = "calicoctl",
urls = ["https://github.com/projectcalico/calicoctl/releases/download/v3.15.5/calicoctl"],
sha256 = "f49e9e8d25108f7f22d5a51c756b2fe40cbe36347ad297e31a767376172f2845",
executable = True,
sha256 = "f49e9e8d25108f7f22d5a51c756b2fe40cbe36347ad297e31a767376172f2845",
urls = ["https://github.com/projectcalico/calicoctl/releases/download/v3.15.5/calicoctl"],
)

3
app/inventory/README.md Normal file
View File

@ -0,0 +1,3 @@
# inventory
For app source, see https://code.hackerspace.pl/informatic/spejstore

119
app/inventory/prod.jsonnet Normal file
View File

@ -0,0 +1,119 @@
local kube = import '../../kube/kube.libsonnet';
local postgres = import '../../kube/postgres_v.libsonnet';
{
local top = self,
local cfg = top.cfg,
cfg:: {
name: 'inventory',
namespace: 'inventory',
domain: 'inventory.hackerspace.pl',
image: 'registry.k0.hswaw.net/palid/spejstore:1694280421',
db: {
name: 'inventory',
username: 'inventory',
},
oauthClientId: '82fffb65-0bbd-4d18-becd-0ce0b31373cf',
storageClassName: 'waw-hdd-redundant-3',
mediaPath: '/var/www/media',
},
secrets:: {
postgres: { secretKeyRef: { name: cfg.name, key: 'postgres_password' } },
oauth: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } },
},
ns: kube.Namespace(cfg.namespace),
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
spec+: {
template+: {
spec+: {
volumes_: {
media: kube.PersistentVolumeClaimVolume(top.media),
},
containers_: {
default: kube.Container('default') {
image: cfg.image,
ports_: {
web: { containerPort: 8000 },
},
env_: {
SPEJSTORE_ENV: 'prod',
SPEJSTORE_DB_NAME: cfg.db.name,
SPEJSTORE_DB_USER: cfg.db.username,
SPEJSTORE_DB_PASSWORD: top.secrets.postgres,
SPEJSTORE_DB_HOST: top.psql.svc.host,
SPEJSTORE_DB_PORT: top.psql.svc.port,
SPEJSTORE_ALLOWED_HOSTS: cfg.domain,
SPEJSTORE_CLIENT_ID: cfg.oauthClientId,
SPEJSTORE_SECRET: top.secrets.oauth,
SPEJSTORE_MEDIA_ROOT: cfg.mediaPath,
SPEJSTORE_REQUIRE_AUTH: 'true',
SPEJSTORE_LAN_ALLOWED_ADDRESS_SPACE: '185.236.240.5',
},
volumeMounts_: {
media: { mountPath: cfg.mediaPath },
},
},
},
},
},
},
},
media: top.ns.Contain(kube.PersistentVolumeClaim(cfg.name)) {
spec+: {
storageClassName: cfg.storageClassName,
accessModes: ['ReadWriteOnce'],
resources: {
requests: {
storage: '20Gi',
},
},
},
},
psql: postgres {
cfg+: {
namespace: cfg.namespace,
appName: cfg.name,
storageClassName: cfg.storageClassName,
version: '15.4',
database: cfg.db.name,
username: cfg.db.username,
password: top.secrets.postgres,
},
bouncer: {},
},
service: top.ns.Contain(kube.Service(cfg.name)) {
target_pod:: top.deployment.spec.template,
},
ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
metadata+: {
annotations+: {
'kubernetes.io/tls-acme': 'true',
'cert-manager.io/cluster-issuer': 'letsencrypt-prod',
'nginx.ingress.kubernetes.io/proxy-body-size': '0',
},
},
spec+: {
tls: [{ hosts: [cfg.domain], secretName: cfg.name + '-tls' }],
rules: [
{
host: cfg.domain,
http: {
paths: [
{ path: '/', backend: top.service.name_port },
],
},
},
],
},
},
}

150
app/mailman-web/BUILD Normal file
View File

@ -0,0 +1,150 @@
load("@pydeps//:requirements.bzl", "requirement")
load("@rules_python//python:defs.bzl", "py_binary")
load("@io_bazel_rules_docker//python:image.bzl", "py_layer")
load("@io_bazel_rules_docker//python3:image.bzl", "py3_image")
load("@io_bazel_rules_docker//container:container.bzl", "container_layer", "container_image")
load("@io_bazel_rules_docker//docker/util:run.bzl", "container_run_and_extract", "container_run_and_commit_layer")
load("@io_bazel_rules_docker//docker/package_managers:download_pkgs.bzl", "download_pkgs")
load("@io_bazel_rules_docker//docker/package_managers:install_pkgs.bzl", "install_pkgs")
# - - base docker stuff - -
download_pkgs(
name = "apt_py_is_py3",
image_tar = "@python-debian//image",
packages = [
# rules_docker python wants /usr/bin/python
"python-is-python3",
],
)
install_pkgs(
name = "base_image",
output_image_name = "base_image",
image_tar = "@python-debian//image",
installables_tar = ":apt_py_is_py3.tar",
installation_cleanup_commands = "rm -rf /var/lib/apt/lists/* /usr/share/doc && apt remove -y libbluetooth3 mariadb-common tk && apt autoremove -y",
)
BASE_IMAGE = ":base_image"
# overkill rube goldberg setup to build static files begins
# - - - -
container_run_and_extract(
name = "static_pack",
commands = [
"tar cpJvf /out.tar.xz -C /opt/mailman/web/static ./",
],
extract_file = "/out.tar.xz",
image = ":static_build_image.tar",
)
container_image(
name = "static_build_image",
layers = [":static_build_layer"],
base = BASE_IMAGE,
)
# this will also contain .pyc files, but the python binary will be the same
# on prod, so it's fine
container_run_and_commit_layer(
name = "static_build_layer",
commands = [
"./app/mailman-web/manage collectstatic",
"./app/mailman-web/manage compress",
# gettext is cursed, TODO make this work
#"./app/mailman-web/manage compilemessages",
],
image = ":build_container.tar",
docker_run_flags = ["--entrypoint="],
)
py3_image(
name = "build_container",
srcs = [":manage"],
main = "manage.py",
base = ":build_tools_container",
layers = [":deps_layer"],
# this doesn't work for some reason - this is always rebuilt, unless
# you pass --nostamp globally
stamp = 0,
)
download_pkgs(
name = "build_tools",
image_tar = "@python-debian//image",
packages = [
"sassc",
"gettext",
],
)
install_pkgs(
name = "build_tools_container",
output_image_name = "build_tools_container",
image_tar = BASE_IMAGE + '.tar',
installables_tar = ":build_tools.tar",
installation_cleanup_commands = "rm -rf /var/lib/apt/lists/* /usr/share/doc",
)
# - - - -
# overkill rube goldberg setup to build static files ends
# - - python stuff - -
# this is purely a build optimization - put the pip deps into a separate layer
py_layer(
name = "deps_layer",
deps = [
requirement("Django"),
requirement("postorius"),
requirement("hyperkitty"),
requirement("gunicorn"),
requirement("psycopg2-binary"),
],
)
py_library(
name = "django_base",
srcs = ["settings.py", "urls.py"]
+ glob(["upstream_settings/*.py"]),
deps = [
requirement("Django"),
requirement("postorius"),
requirement("hyperkitty"),
requirement("gunicorn"),
requirement("psycopg2-binary"),
],
)
py_binary(
name = "manage",
srcs = ["manage.py"],
deps = [":django_base"],
)
py_binary(
name = "serve",
srcs = ["serve.py"],
deps = [":django_base"],
)
# prod docker image
py3_image(
name = "mailman-web",
srcs = ["container_main.py"],
deps = [
":django_base",
":manage",
":serve",
],
layers = [
":deps_layer",
],
main = "container_main.py",
#base = ":base_container"
base = ":static_build_image",
)

3
app/mailman-web/LICENSE Normal file
View File

@ -0,0 +1,3 @@
Mailman and its components (postorius, hyperkitty) are licensed under GPLv3 and we link/import that code here directly.
Also, a good portion of this wsgi launcher is copied from https://gitlab.com/mailman/mailman-web, GPLv3 as well.
Therefore, this entire directory likely falls under GPLv3.

7
app/mailman-web/README.md Normal file
View File

@ -0,0 +1,7 @@
Web parts of mailman3 - postorius and hyperkitty.
Postgres only, TODO attempt cockroachization.
This currently serves static files via an extremely cursed hack:
lists.hackerspace.pl points to boston-packets, which serves /static/* from
a local directory there, made by extracting :static_pack there; and proxy_passes
every other path to the k8s Service defined here.

13
app/mailman-web/container_main.py Normal file
View File

@ -0,0 +1,13 @@
from sys import argv, exit
# simple wrapper so we don't need two container entrypoints
assert len(argv) > 1, "specify a command"
if argv[1] == "serve":
import serve
serve.main()
elif argv[1] == "manage":
import manage
manage.main(argv[1:])
else:
print("unknown command", argv[1])
exit(1)

215
app/mailman-web/kube/mailman.libsonnet Normal file
View File

@ -0,0 +1,215 @@
local kube = import "../../../kube/kube.libsonnet";
{
local app = self,
local cfg = app.cfg,
cfg:: {
namespace: error "cfg.namespace must be set",
webDomain: error "cfg.webDomain must be set",
images: {
web: "registry.k0.hswaw.net/implr/mailman-web:0.6",
# https://github.com/octeep/wireproxy
wireproxy: "registry.k0.hswaw.net/implr/wireproxy:1.0.5"
},
passwords: {
postgres: error "cfg.secrets.postgres must be set",
mailmanRest: error "cfg.secrets.mailmanRest must be set",
mailmanArchiver: error "cfg.secrets.mailmanArchiver must be set",
},
smtp: {
user: "postorius",
# from mail server
password: error "cfg.smtp.password must be set",
},
secrets: {
djangoSecretKey: error "cfg.secrets.djangoSecretKey must be set",
},
wg: {
peerPubkey: error "cfg.wg.peerPubkey must be set",
privkey: error "cfg.wg.privkey must be set",
endpoint: error "cfg.wg.endpoint must be set",
},
},
env:: {
WEB_DOMAIN: cfg.webDomain,
BIND_ADDR: "0.0.0.0:8080",
//DB_HOST: app.postgres.svc.host,
DB_HOST: "boston-packets.hackerspace.pl",
DB_USER: "mailman",
DB_NAME: "mailman-web",
DB_PASS: kube.SecretKeyRef(app.config, "postgres-pass"),
DB_PORT: "5432",
SMTP_HOST: "mail.hackerspace.pl",
SMTP_PORT: "587",
SMTP_USER: "postorius",
SMTP_PASSWORD: kube.SecretKeyRef(app.config, "smtp-password"),
SECRET_KEY: kube.SecretKeyRef(app.config, "django-secret-key"),
MAILMAN_REST_API_PASS: kube.SecretKeyRef(app.config, 'mailman-api-password'),
MAILMAN_ARCHIVER_KEY: kube.SecretKeyRef(app.config, 'mailman-archiver-key'),
},
namespace: kube.Namespace(cfg.namespace),
local ns = self.namespace,
web: ns.Contain(kube.Deployment("web")) {
spec+: {
minReadySeconds: 10,
replicas: 1,
template+: {
spec+: {
initContainers_: {
migrate: kube.Container("migrate") {
image: cfg.images.web,
env_: app.env,
args: [
"manage", "migrate",
],
},
},
volumes_: {
config: kube.SecretVolume(app.wireproxyConfig),
},
containers_: {
default: kube.Container("default") {
image: cfg.images.web,
env_: app.env,
args: ["serve"],
ports_: {
web: { containerPort: 8080 },
},
# readinessProbe: {
# httpGet: {
# path: "/",
# port: "web",
# },
# failureThreshold: 10,
# periodSeconds: 5,
# },
resources: {
requests: {
cpu: "250m",
memory: "1024M",
},
limits: {
cpu: "1",
memory: "1024M",
},
},
},
wireproxy: kube.Container("wireproxy") {
image: cfg.images.wireproxy,
resources: {
requests: {
cpu: "100m",
memory: "64M",
},
limits: {
cpu: "200m",
memory: "128M",
},
},
volumeMounts_: {
config: { mountPath: "/etc/wireproxy/config", subPath: "config" }
},
},
},
},
},
},
},
local manifestIniMultisection(sname, values) = std.join('\n',
[std.manifestIni({
sections: {
[sname]: i,
}}) for i in values]),
wireproxyConfig: ns.Contain(kube.Secret("wireproxy-config")) {
data: {
config: std.base64(std.manifestIni({
sections: {
Interface: {
Address: cfg.wg.address,
PrivateKey: cfg.wg.privkey,
},
Peer: {
PublicKey: cfg.wg.peerPubkey,
Endpoint: cfg.wg.endpoint,
},
},
}) + manifestIniMultisection("TCPClientTunnel", [
# {
# # postgres
# ListenPort: 5432,
# Target: "localhost:5432",
# },
{
# mailman core api
BindAddress: "127.0.0.1:8001",
Target: "172.17.1.1:8001",
},
])),
},
},
svcWeb: ns.Contain(kube.Service("web")) {
target_pod: app.web.spec.template,
spec+: {
# hax
type: "LoadBalancer",
externalTrafficPolicy: "Local",
},
},
#ingress: ns.Contain(kube.Ingress("mailman")) {
# metadata+: {
# annotations+: {
# "kubernetes.io/tls-acme": "true",
# "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
# "nginx.ingress.kubernetes.io/proxy-body-size": "0",
# },
# },
# spec+: {
# tls: [
# {
# hosts: [cfg.webDomain],
# secretName: "mailman-ingress-tls",
# },
# ],
# rules: [
# {
# host: cfg.webDomain,
# http: {
# paths: [
# { path: "/", backend: app.svcWeb.name_port },
# //{ path: "/static/", backend: app.svcStatic.name_port },
# ],
# },
# },
# ],
# },
#},
config: ns.Contain(kube.Secret("config")) {
data_: {
"postgres-pass": cfg.passwords.postgres,
"django-secret-key": cfg.secrets.djangoSecretKey,
"smtp-password": cfg.smtp.password,
"mailman-api-password": cfg.mailmanCore.mailmanApiPass,
"mailman-archiver-key": cfg.mailmanCore.mailmanArchiverKey,
},
},
}

20
app/mailman-web/kube/prod.jsonnet Normal file
View File

@ -0,0 +1,20 @@
local mailman = import "mailman.libsonnet";
local secrets = import "secrets/plain/prod.libsonnet";
mailman {
cfg+: secrets {
namespace: "mailman-hackerspace-prod",
webDomain: "lists2.hackerspace.pl",
wg+: {
address: "172.17.1.2/32",
peerPubkey: "sKobxe3U6Gz72MWXEETTr8fSFIPSuX/WOGGFwd3oXy8=",
endpoint: "boston-packets.hackerspace.pl:51820"
},
//objectStorage+: {
//bucket: "mailman-prod",
//},
},
}

13
app/mailman-web/manage.py Normal file
View File

@ -0,0 +1,13 @@
import os
import sys
def main(argv):
os.environ['DJANGO_SETTINGS_MODULE'] = "settings"
os.environ['DJANGO_IS_MANAGEMENT_COMMAND'] = '1'
from django.core.management import execute_from_command_line
execute_from_command_line(argv)
if __name__ == "__main__":
main(sys.argv)

38
app/mailman-web/serve.py Normal file
View File

@ -0,0 +1,38 @@
import os
import gunicorn.app.base
from django.core.wsgi import get_wsgi_application
class StandaloneApplication(gunicorn.app.base.BaseApplication):
def __init__(self, app, options=None):
self.options = options or {}
self.application = app
super().__init__()
def load_config(self):
config = {key: value for key, value in self.options.items()
if key in self.cfg.settings and value is not None}
for key, value in config.items():
self.cfg.set(key.lower(), value)
def load(self):
return self.application
def main():
options = {
'bind': os.environ.get('BIND_ADDR', '127.0.0.1:8080'),
'workers': int(os.environ.get("GUNICORN_WORKERS", "4")),
'capture_output': True,
'disable_redirect_access_to_syslog': True,
'accesslog': '-',
'errorlog': '-',
}
os.environ['DJANGO_SETTINGS_MODULE'] = "settings"
application = get_wsgi_application()
StandaloneApplication(application, options).run()
if __name__ == '__main__':
main()

102
app/mailman-web/settings.py Normal file
View File

@ -0,0 +1,102 @@
import sys
import os
from upstream_settings.base import *
from upstream_settings.mailman import *
# we're in a container, stdout only
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'formatters': {
'verbose': {
'format': '%(asctime)s %(name)-12s %(levelname)-8s %(message)s',
},
},
'handlers': {
'console': {
'level': 'INFO',
'class': 'logging.StreamHandler',
'stream': sys.stdout,
'formatter': 'verbose'
},
},
'loggers': {
'': {
'handlers': ['console'],
'level': 'INFO',
'propagate': True,
},
},
}
SECRET_KEY = os.environ.get("SECRET_KEY", "hackme")
# assert len(SECRET_KEY) > 16
ROOT_URLCONF = "urls"
ALLOWED_HOSTS = [
"localhost", # Archiving API from Mailman, keep it.
os.environ.get('WEB_DOMAIN', "lists.hackerspace.pl"),
]
ALLOWED_HOSTS = ["*"] # TODO deleteme
MAILMAN_REST_API_URL = 'http://localhost:8001'
MAILMAN_REST_API_USER = 'restadmin'
MAILMAN_REST_API_PASS = os.environ.get('MAILMAN_REST_API_PASS')
MAILMAN_ARCHIVER_KEY = os.environ.get('MAILMAN_ARCHIVER_KEY')
MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', '185.236.240.38', "2a0d:eb00:2137:2::10")
DATABASES = {
'default': {
# Use 'sqlite3', 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
'ENGINE': 'django.db.backends.postgresql_psycopg2',
# DB name or path to database file if using sqlite3.
'NAME': os.environ.get('DB_NAME', 'mailman-web'),
# The following settings are not used with sqlite3:
'USER': os.environ.get('DB_USER', 'mailman'),
'PASSWORD': os.environ.get('DB_PASS'),
# HOST: empty for localhost through domain sockets or '127.0.0.1' for
# localhost through TCP.
'HOST': os.environ.get('DB_HOST', '127.0.0.1'),
# PORT: set to empty string for default.
'PORT': os.environ.get('DB_PORT', ''),
# OPTIONS: for mysql engine only, do not use with other engines.
# 'OPTIONS': {'charset': 'utf8mb4'} # Enable utf8 4-byte encodings.
}
}
# TODO check this
USE_X_FORWARDED_HOST = True # behind an Ingress
# And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER
# https://docs.djangoproject.com/en/1.8/ref/settings/#secure-proxy-ssl-header
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_SCHEME', 'https')
DEFAULT_FROM_EMAIL = 'postorius@hackerspace.pl'
SERVER_EMAIL = 'bofh@hackerspace.pl'
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = os.environ.get('SMTP_HOST', '127.0.0.1')
EMAIL_PORT = int(os.environ.get('SMTP_PORT', '465'))
EMAIL_HOST_USER = os.environ.get('SMTP_USER', 'postorius')
EMAIL_HOST_PASSWORD = os.environ.get('SMTP_PASSWORD')
EMAIL_TIMEOUT=3
EMAIL_USE_TLS=True
HAYSTACK_CONNECTIONS = {
'default': {
'ENGINE': 'haystack.backends.whoosh_backend.WhooshEngine',
'PATH': os.environ.get('FULLTEXT_INDEX_PATH', "fulltext_index"),
# You can also use the Xapian engine, it's faster and more accurate,
# but requires another library.
# http://django-haystack.readthedocs.io/en/v2.4.1/installing_search_engines.html#xapian
# Example configuration for Xapian:
# 'ENGINE': 'xapian_backend.XapianEngine'
},
}
# Only display mailing-lists from the same virtual host as the webserver
FILTER_VHOST = False
POSTORIUS_TEMPLATE_BASE_URL = 'https://lists.hackerspace.pl'

1
app/mailman-web/upstream_settings/README Normal file
View File

@ -0,0 +1 @@
Unmodified copy of default settings from mailman-web.

0
third_party/go/k8s-apimachinery/BUILD → app/mailman-web/upstream_settings/__init__.py
View File

300
app/mailman-web/upstream_settings/base.py Normal file
View File

@ -0,0 +1,300 @@
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
import os
from django.contrib.messages import constants as messages
from pathlib import Path
#: The base directory for logs and database.
BASE_DIR = Path('/opt/mailman/web')
#: Default list of admins who receive the emails from error logging.
ADMINS = (
('Mailman Suite Admin', 'root@localhost'),
)
#: Hosts/domain names that are valid for this site; required if DEBUG is False.
#: See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
ALLOWED_HOSTS = [
"localhost", # Archiving API from Mailman, keep it.
# "lists.your-domain.org",
# Add here all production URLs you may have.
]
#: Enable Development Mode.
DEBUG = False
#: URL Configuration for Django
ROOT_URLCONF = 'mailman_web.urls'
#: Default list of django applications.
#: Each social account provider is an application and by default no social auth
#: providers are enabled. To enable a social auth provider, you can add them
#: to list of INSTALLED_APPS. For example::
#:
#: DJANGO_SOCIAL_AUTH_PROVIDERS = [
#: 'allauth.socialaccount.providers.openid',
#: 'django_mailman3.lib.auth.fedora',
#: 'allauth.socialaccount.providers.github',
#: 'allauth.socialaccount.providers.gitlab',
#: 'allauth.socialaccount.providers.google',
#: 'allauth.socialaccount.providers.facebook',
#: 'allauth.socialaccount.providers.twitter',
#: 'allauth.socialaccount.providers.stackexchange',
#: ]
#: INSTALLED_APPS += DJANGO_SOCIAL_AUTH_PROVIDERS
#:
#: A full list of providers can be found at
#: https://django-allauth.readthedocs.io/en/latest/providers.html
#: Please also note that extra configuration is required after
#: a provider is enabled. Django-allauth's documentation mentioned
#: above provides more details about how to configure one.
INSTALLED_APPS = [
'hyperkitty',
'postorius',
'django_mailman3',
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'django_gravatar',
'compressor',
'haystack',
'django_extensions',
'django_q',
'allauth',
'allauth.account',
'allauth.socialaccount',
]
#: Default Django Middlewares.
MIDDLEWARE = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'django.middleware.security.SecurityMiddleware',
'django_mailman3.middleware.TimezoneMiddleware',
'postorius.middleware.PostoriusMiddleware',
)
#: Default Template finders.
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.i18n',
'django.template.context_processors.media',
'django.template.context_processors.static',
'django.template.context_processors.tz',
'django.template.context_processors.csrf',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
'django_mailman3.context_processors.common',
'hyperkitty.context_processors.common',
'postorius.context_processors.postorius',
],
},
},
]
#: Wsgi application import path. This will be used by the WSGI server which
#: will be used to deploy this application.
WSGI_APPLICATION = 'mailman_web.wsgi.application'
#: Default Database to be used.
#: Example for PostgreSQL (**recommanded for production**)::
#:
#: 'default': {
#: 'ENGINE': 'django.db.backends.postgresql_psycopg2',
#: 'NAME': 'database_name',
#: 'USER': 'database_user',
#: 'PASSWORD': 'database_password',
#: 'HOST': 'localhost',
#: }
#:
#: For MySQL/MariaDB also add the following to the the configuration::
#:
#: 'OPTIONS': {'charset': 'utf8mb4'} # Enable utf8 4-byte encodings.
#:
#: Check out
#: `Django documentation
#: <https://docs.djangoproject.com/en/3.0/ref/settings/#databases>`_ for
#: more details.
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'mailman-web.db'),
'HOST': '',
'PORT': '',
}
}
# Maintain type of autogenerated keys going forward
# https://docs.djangoproject.com/en/3.2/releases/3.2/#customizing-type-of-auto-created-primary-keys
DEFAULT_AUTO_FIELD = 'django.db.models.AutoField'
#: Default password validators.
AUTH_PASSWORD_VALIDATORS = [
{
'NAME':
'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', # noqa: E501
},
{
'NAME':
'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME':
'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME':
'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
#: Default Language code.
LANGUAGE_CODE = 'en-us'
#: Default timezone.
TIME_ZONE = 'UTC'
#: Enable internationalization.
USE_I18N = True
#: Enable localization.
USE_L10N = True
#: Use the timezone information.
USE_TZ = True
#: Default path where static files will be placed.
STATIC_ROOT = os.path.join(BASE_DIR, 'static')
#: URL prefix for static files.
#: Example: "http://example.com/static/", "http://static.example.com/"
STATIC_URL = '/static/'
#: Additional locations of static files
STATICFILES_DIRS = (
# Put strings here, like "/home/html/static" or "C:/www/django/static".
# Always use forward slashes, even on Windows.
# Don't forget to use absolute paths, not relative paths.
# BASE_DIR + '/static/',
)
#: List of finder classes that know how to find static files in
#: various locations.
STATICFILES_FINDERS = (
'django.contrib.staticfiles.finders.FileSystemFinder',
'django.contrib.staticfiles.finders.AppDirectoriesFinder',
# 'django.contrib.staticfiles.finders.DefaultStorageFinder',
'compressor.finders.CompressorFinder',
)
#: Default Django URL to redirect to for Login.
LOGIN_URL = 'account_login'
#: Default Django URL to redirect to after a successful login.
LOGIN_REDIRECT_URL = 'list_index'
#: Default Django URL to Logout the user.
LOGOUT_URL = 'account_logout'
#: If you enable email reporting for error messages, this is where those emails
#: will appear to be coming from. Make sure you set a valid domain name,
#: otherwise the emails may get rejected.
#: https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-SERVER_EMAIL
SERVER_EMAIL = 'root@localhost.local'
#: The default implementation to send out emails. This can be customized to
#: something else for testing purposes.
#: https://docs.djangoproject.com/en/dev/topics/email/#email-backends
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
MESSAGE_TAGS = {
messages.ERROR: 'danger'
}
#: Default Logging configuration.
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'filters': {
'require_debug_false': {
'()': 'django.utils.log.RequireDebugFalse'
}
},
'handlers': {
'mail_admins': {
'level': 'ERROR',
'filters': ['require_debug_false'],
'class': 'django.utils.log.AdminEmailHandler'
},
'file': {
'level': 'INFO',
'class': 'logging.handlers.WatchedFileHandler',
'filename': os.path.join(BASE_DIR, 'logs', 'mailmanweb.log'),
'formatter': 'verbose',
},
'console': {
'class': 'logging.StreamHandler',
'formatter': 'simple',
},
},
'loggers': {
'django.request': {
'handlers': ['mail_admins', 'file'],
'level': 'ERROR',
'propagate': True,
},
'django': {
'handlers': ['file'],
'level': 'ERROR',
'propagate': True,
},
'hyperkitty': {
'handlers': ['file'],
'level': 'DEBUG',
'propagate': True,
},
'postorius': {
'handlers': ['console', 'file'],
'level': 'INFO',
},
'q': {
'level': 'WARNING',
'propagate': False,
'handlers': ['console', 'file'],
},
},
'formatters': {
'verbose': {
'format': '%(levelname)s %(asctime)s %(process)d %(name)s %(message)s' # noqa: E501
},
'simple': {
'format': '%(levelname)s %(message)s'
},
},
}
#: Current Django Site being served. This is used to customize the web host
#: being used to serve the current website. For more details about Django
#: site, see: https://docs.djangoproject.com/en/dev/ref/contrib/sites/
SITE_ID = 1

124
app/mailman-web/upstream_settings/mailman.py Normal file
View File

@ -0,0 +1,124 @@
#: Mailman Core default API Path
MAILMAN_REST_API_URL = 'http://localhost:8001'
#: Mailman Core API user
MAILMAN_REST_API_USER = 'restadmin'
#: Mailman Core API user's password.
MAILMAN_REST_API_PASS = 'restpass'
#: Mailman Core Shared archiving key. This value is set in the :
#: mailman-hyperkitty's configuration file.
MAILMAN_ARCHIVER_KEY = 'SecretArchiverAPIKey'
#: Host for Mailman Core, from where Hyperkitty will accept connections
#: for archiving.
MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1')
#: Base URL where Django/Mailman-web would be listening for requests. Used by
#: Mailman Core for fetching templates.
POSTORIUS_TEMPLATE_BASE_URL = 'http://localhost:8000'
#: Use gravatar in HyperKitty and Postorius.
#: If disabled django_gravatar can be removed from INSTALLED_APPS:
#: INSTALLED_APPS.remove('django_gravatar')
HYPERKITTY_ENABLE_GRAVATAR = True
#: Filter visible Mailing Lists based on the current host being used to serve.
FILTER_VHOST = False
#: Sender in Emails sent out by Postorius.
DEFAULT_FROM_EMAIL = 'postorius@localhost'
#: Django Allauth
ACCOUNT_AUTHENTICATION_METHOD = "username_email"
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
ACCOUNT_UNIQUE_EMAIL = True
#: Protocol for URLs generated for authentication, like email
#: confirmation.
ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
#: Extra configuration for Social auth. For these configuration to be used.
#: each of the social account providers must be first added in INSTALLED_APPS.
#: See :py:data:`mailman_web.settings.base.INSTALLED_APPS` for more
#: configuration.
SOCIALACCOUNT_PROVIDERS = {
'openid': {
'SERVERS': [
dict(id='yahoo',
name='Yahoo',
openid_url='http://me.yahoo.com'),
],
},
'google': {
'SCOPE': ['profile', 'email'],
'AUTH_PARAMS': {'access_type': 'online'},
},
'facebook': {
'METHOD': 'oauth2',
'SCOPE': ['email'],
'FIELDS': [
'email',
'name',
'first_name',
'last_name',
'locale',
'timezone',
],
'VERSION': 'v2.4',
},
}
#: django-compressor
#: https://pypi.python.org/pypi/django_compressor
COMPRESS_PRECOMPILERS = (
('text/x-scss', 'sassc -t compressed {infile} {outfile}'),
('text/x-sass', 'sassc -t compressed {infile} {outfile}'),
)
# Social auth
#
#: Authentication backends for Django to be used.
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'allauth.account.auth_backends.AuthenticationBackend',
)
#
# Full-text search engine
#
#: Django-Haystack connection parameters.
HAYSTACK_CONNECTIONS = {
'default': {
'ENGINE': 'haystack.backends.whoosh_backend.WhooshEngine',
'PATH': "fulltext_index",
# You can also use the Xapian engine, it's faster and more accurate,
# but requires another library.
# http://django-haystack.readthedocs.io/en/v2.4.1/installing_search_engines.html#xapian
# Example configuration for Xapian:
# 'ENGINE': 'xapian_backend.XapianEngine'
},
}
# Asynchronous tasks
#
#: Django Q connection parameters.
Q_CLUSTER = {
'retry': 360,
'timeout': 300,
'save_limit': 100,
'orm': 'default',
}
#: On a production setup, setting COMPRESS_OFFLINE to True will bring a
#: significant performance improvement, as CSS files will not need to be
#: recompiled on each requests. It means running an additional "compress"
#: management command after each code upgrade.
#: http://django-compressor.readthedocs.io/en/latest/usage/#offline-compression
COMPRESS_OFFLINE = True
# Needed for debug mode
# INTERNAL_IPS = ('127.0.0.1',)

35
app/mailman-web/urls.py Normal file
View File

@ -0,0 +1,35 @@
# -*- coding: utf-8 -*-
# Copyright (C) 1998-2016 by the Free Software Foundation, Inc.
#
# This file is part of Postorius.
#
# Postorius is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free
# Software Foundation, either version 3 of the License, or (at your option)
# any later version.
#
# Postorius is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
# more details.
#
# You should have received a copy of the GNU General Public License along with
# Postorius. If not, see <http://www.gnu.org/licenses/>.
from django.conf.urls import include
from django.contrib import admin
from django.urls import path, reverse_lazy
from django.views.generic import RedirectView
urlpatterns = [
path(
'',
RedirectView.as_view(url=reverse_lazy('list_index'), permanent=True),
),
path('mailman3/', include('postorius.urls')),
path('archives/', include('hyperkitty.urls')),
path('', include('django_mailman3.urls')),
path('accounts/', include('allauth.urls')),
path('admin/', admin.site.urls),
]

5
app/matrix/media-repo-proxy/BUILD.bazel
View File

@ -22,10 +22,10 @@ go_test(
container_layer(
name = "layer_bin",
directory = "/app/matrix/",
files = [
":media-repo-proxy",
],
directory = "/app/matrix/",
)
container_image(
@ -38,10 +38,9 @@ container_image(
container_push(
name = "push",
image = ":runtime",
format = "Docker",
image = ":runtime",
registry = "registry.k0.hswaw.net",
repository = "q3k/media-repo-proxy",
tag = "1631791816-{STABLE_GIT_COMMIT}",
)

18
app/matrix/wellknown/BUILD
View File

@ -2,35 +2,35 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image", "cont
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "wellknown_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/app/matrix/wellknown",
visibility = ["//visibility:private"],
deps = [
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"//go/mirko",
"@com_github_golang_glog//:glog",
],
)
go_binary(
name = "wellknown",
embed = [":go_default_library"],
embed = [":wellknown_lib"],
visibility = ["//visibility:public"],
)
go_test(
name = "go_default_test",
name = "wellknown_test",
srcs = ["server_test.go"],
embed = [":go_default_library"],
deps = ["@com_github_go_test_deep//:go_default_library"],
embed = [":wellknown_lib"],
deps = ["@com_github_go_test_deep//:deep"],
)
container_layer(
name = "layer_bin",
directory = "/app/matrix/",
files = [
":wellknown",
],
directory = "/app/matrix/",
)
container_image(
@ -43,8 +43,8 @@ container_image(
container_push(
name = "push",
image = ":runtime",
format = "Docker",
image = ":runtime",
registry = "registry.k0.hswaw.net",
repository = "q3k/wellknown",
tag = "{BUILD_TIMESTAMP}-{STABLE_GIT_COMMIT}",

26
bgpwtf/cccampix/BUILD
View File

@ -1,32 +1,30 @@
load("@io_bazel_rules_docker//container:container.bzl", "container_image", "container_layer", "container_push")
load("@subpar//:subpar.bzl", "par_binary")
load("@pydeps//:requirements.bzl", "requirement")
par_binary(
py_binary(
name = "ripe-sync",
srcs = [
"ripe-sync.py",
],
legacy_create_init = False,
deps = [
requirement("requests"),
"//bgpwtf/cccampix/proto:ix_py_proto",
"//bgpwtf/cccampix/proto:ix_grpc_proto",
"//bgpwtf/cccampix/proto:ix_py_proto",
],
legacy_create_init = False,
zip_safe = False,
)
container_layer(
name = "layer_bin",
files = [
"//bgpwtf/cccampix:ripe-sync.par",
"//bgpwtf/cccampix/irr:irr",
"//bgpwtf/cccampix/pgpencryptor:pgpencryptor",
"//bgpwtf/cccampix/peeringdb:peeringdb",
"//bgpwtf/cccampix/verifier:verifier",
"//bgpwtf/cccampix/frontend:frontend.par",
],
directory = "/ix/",
files = [
"//bgpwtf/cccampix:ripe-sync",
"//bgpwtf/cccampix/frontend",
"//bgpwtf/cccampix/irr",
"//bgpwtf/cccampix/peeringdb",
"//bgpwtf/cccampix/pgpencryptor",
"//bgpwtf/cccampix/verifier",
],
)
container_image(
@ -41,8 +39,8 @@ container_image(
container_push(
name = "push",
image = ":runtime",
format = "Docker",
image = ":runtime",
registry = "registry.k0.hswaw.net",
repository = "bgpwtf/cccampix",
tag = "{BUILD_TIMESTAMP}-{STABLE_GIT_COMMIT}",

11
bgpwtf/cccampix/birdie/BUILD.bazel
View File

@ -1,21 +1,22 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "birdie_lib",
srcs = ["birdie.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/birdie",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/cccampix/proto:go_default_library",
"@com_github_golang_glog//:go_default_library",
"//bgpwtf/cccampix/proto",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//credentials:go_default_library",
"@org_golang_google_grpc//credentials",
],
)
go_binary(
name = "birdie",
embed = [":go_default_library"],
embed = [":birdie_lib"],
pure = "on",
static = "on",
visibility = ["//visibility:public"],
)

18
bgpwtf/cccampix/frontend/BUILD.bazel
View File

@ -1,11 +1,10 @@
load("@subpar//:subpar.bzl", "par_binary")
load("@pydeps//:requirements.bzl", "requirement")
py_library(
name = "frontend_lib",
srcs = [
"frontend.py",
"channel.py",
"frontend.py",
],
data = glob([
"templates/**",
@ -15,8 +14,8 @@ py_library(
requirement("flask"),
requirement("werkzeug"),
requirement("itsdangerous"),
"//bgpwtf/cccampix/proto:ix_py_proto",
"//bgpwtf/cccampix/proto:ix_grpc_proto",
"//bgpwtf/cccampix/proto:ix_py_proto",
],
)
@ -31,22 +30,21 @@ py_binary(
],
)
par_binary(
py_binary(
name = "frontend",
main = "server.py",
srcs = [
"server.py",
],
legacy_create_init = False,
main = "server.py",
visibility = [
"//bgpwtf/cccampix:__pkg__",
],
deps = [
":frontend_lib",
requirement("gevent"),
requirement("gunicorn"),
requirement("greenlet"),
],
visibility = [
"//bgpwtf/cccampix:__pkg__",
],
legacy_create_init = False,
zip_safe = False,
#no_remove = True,
)

16
bgpwtf/cccampix/irr/BUILD.bazel
View File

@ -1,22 +1,22 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "irr_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/irr",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/cccampix/irr/provider:go_default_library",
"//bgpwtf/cccampix/proto:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"//bgpwtf/cccampix/irr/provider",
"//bgpwtf/cccampix/proto",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "irr",
embed = [":go_default_library"],
embed = [":irr_lib"],
visibility = ["//visibility:public"],
)

22
bgpwtf/cccampix/irr/provider/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "provider",
srcs = [
"arin.go",
"iana.go",
@ -12,21 +12,21 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/irr/provider",
visibility = ["//visibility:public"],
deps = [
"//bgpwtf/cccampix/irr/whois:go_default_library",
"//bgpwtf/cccampix/proto:go_default_library",
"@com_github_golang_collections_go_datastructures//augmentedtree:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"//bgpwtf/cccampix/irr/whois",
"//bgpwtf/cccampix/proto",
"@com_github_golang_collections_go_datastructures//augmentedtree",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_test(
name = "go_default_test",
name = "provider_test",
srcs = ["rpsl_test.go"],
embed = [":go_default_library"],
embed = [":provider"],
deps = [
"//bgpwtf/cccampix/proto:go_default_library",
"@com_github_go_test_deep//:go_default_library",
"//bgpwtf/cccampix/proto",
"@com_github_go_test_deep//:deep",
],
)

2
bgpwtf/cccampix/irr/whois/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "whois",
srcs = ["whois.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/irr/whois",
visibility = ["//visibility:public"],

10
bgpwtf/cccampix/octorpki/BUILD.bazel
View File

@ -2,17 +2,17 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image", "cont
container_layer(
name = "layer_bin",
files = [
"@com_github_cloudflare_cfrpki//cmd/octorpki:octorpki",
"entrypoint.sh",
],
directory = "/octorpki/",
files = [
"entrypoint.sh",
"@com_github_cloudflare_cfrpki//cmd/octorpki",
],
visibility = ["//bgpwtf/cccampix:__pkg__"],
)
container_layer(
name = "layer_tals",
files = glob(["tals/*"]),
directory = "/octorpki/tals/",
files = glob(["tals/*"]),
visibility = ["//bgpwtf/cccampix:__pkg__"],
)

8
bgpwtf/cccampix/octorpki/tools.go Normal file
View File

@ -0,0 +1,8 @@
//go:build tools
// +tools
package octorpki
import (
_ "github.com/cloudflare/cfrpki/cmd/octorpki"
)

16
bgpwtf/cccampix/peeringdb/BUILD.bazel
View File

@ -1,22 +1,22 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "peeringdb_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/peeringdb",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/cccampix/peeringdb/schema:go_default_library",
"//bgpwtf/cccampix/proto:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"//bgpwtf/cccampix/peeringdb/schema",
"//bgpwtf/cccampix/proto",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "peeringdb",
embed = [":go_default_library"],
embed = [":peeringdb_lib"],
visibility = ["//visibility:public"],
)

2
bgpwtf/cccampix/peeringdb/schema/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "schema",
srcs = [
"schema.go",
"urls.go",

22
bgpwtf/cccampix/pgpencryptor/BUILD.bazel
View File

@ -1,25 +1,25 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "pgpencryptor_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/pgpencryptor",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/cccampix/pgpencryptor/gpg:go_default_library",
"//bgpwtf/cccampix/pgpencryptor/hkp:go_default_library",
"//bgpwtf/cccampix/pgpencryptor/model:go_default_library",
"//bgpwtf/cccampix/proto:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@com_github_lib_pq//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"//bgpwtf/cccampix/pgpencryptor/gpg",
"//bgpwtf/cccampix/pgpencryptor/hkp",
"//bgpwtf/cccampix/pgpencryptor/model",
"//bgpwtf/cccampix/proto",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@com_github_lib_pq//:pq",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "pgpencryptor",
embed = [":go_default_library"],
embed = [":pgpencryptor_lib"],
visibility = ["//visibility:public"],
)

2
bgpwtf/cccampix/pgpencryptor/gpg/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "gpg",
srcs = ["gpg.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/pgpencryptor/gpg",
visibility = ["//visibility:public"],

2
bgpwtf/cccampix/pgpencryptor/hkp/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "hkp",
srcs = ["hkp.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/pgpencryptor/hkp",
visibility = ["//visibility:public"],

12
bgpwtf/cccampix/pgpencryptor/model/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "model",
srcs = [
"model.go",
"pgp.go",
@ -10,10 +10,10 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/pgpencryptor/model",
visibility = ["//visibility:public"],
deps = [
"//bgpwtf/cccampix/pgpencryptor/model/migrations:go_default_library",
"@com_github_golang_migrate_migrate_v4//:go_default_library",
"@com_github_golang_migrate_migrate_v4//database/cockroachdb:go_default_library",
"@com_github_jmoiron_sqlx//:go_default_library",
"@com_github_lib_pq//:go_default_library",
"//bgpwtf/cccampix/pgpencryptor/model/migrations",
"@com_github_golang_migrate_migrate_v4//:migrate",
"@com_github_golang_migrate_migrate_v4//database/cockroachdb",
"@com_github_jmoiron_sqlx//:sqlx",
"@com_github_lib_pq//:pq",
],
)

8
bgpwtf/cccampix/pgpencryptor/model/migrations/BUILD.bazel
View File

@ -4,12 +4,12 @@ load("@io_bazel_rules_go//extras:embed_data.bzl", "go_embed_data")
go_embed_data(
name = "migrations_data",
srcs = glob(["*.sql"]),
package = "migrations",
flatten = True,
package = "migrations",
)
go_library(
name = "go_default_library",
name = "migrations",
srcs = [
"migrations.go",
":migrations_data", # keep
@ -17,7 +17,7 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/pgpencryptor/model/migrations",
visibility = ["//bgpwtf/cccampix/pgpencryptor/model:__subpackages__"],
deps = [
"//go/mirko:go_default_library",
"@com_github_golang_migrate_migrate_v4//:go_default_library",
"//go/mirko",
"@com_github_golang_migrate_migrate_v4//:migrate",
],
)

10
bgpwtf/cccampix/proto/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
load("@com_github_grpc_grpc//bazel:python_rules.bzl", "py_proto_library", "py_grpc_library")
load("@com_github_grpc_grpc//bazel:python_rules.bzl", "py_grpc_library", "py_proto_library")
proto_library(
name = "ix_proto",
@ -18,7 +18,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":ix_go_proto"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/proto",
visibility = ["//visibility:public"],
@ -26,13 +26,13 @@ go_library(
py_proto_library(
name = "ix_py_proto",
deps = [":ix_proto"],
visibility = ["//visibility:public"],
deps = [":ix_proto"],
)
py_grpc_library(
name = "ix_grpc_proto",
srcs = [":ix_proto"],
deps = [":ix_py_proto"],
visibility = ["//visibility:public"],
deps = [":ix_py_proto"],
)

1
bgpwtf/cccampix/proto/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package proto

28
bgpwtf/cccampix/verifier/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "verifier_lib",
srcs = [
"main.go",
"processor_irr.go",
@ -17,24 +17,24 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/verifier",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/cccampix/proto:go_default_library",
"//bgpwtf/cccampix/verifier/model:go_default_library",
"//go/mirko:go_default_library",
"//go/pki:go_default_library",
"//go/statusz:go_default_library",
"@com_github_dustin_go_humanize//:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@com_github_lib_pq//:go_default_library",
"@com_github_sethvargo_go_password//password:go_default_library",
"//bgpwtf/cccampix/proto",
"//bgpwtf/cccampix/verifier/model",
"//go/mirko",
"//go/pki",
"//go/statusz",
"@com_github_dustin_go_humanize//:go-humanize",
"@com_github_golang_glog//:glog",
"@com_github_lib_pq//:pq",
"@com_github_sethvargo_go_password//password",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"@org_golang_x_net//trace:go_default_library",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
"@org_golang_x_net//trace",
],
)
go_binary(
name = "verifier",
embed = [":go_default_library"],
embed = [":verifier_lib"],
visibility = ["//visibility:public"],
)

16
bgpwtf/cccampix/verifier/model/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "model",
srcs = [
"allowed_prefixes.go",
"checkable_peers.go",
@ -17,12 +17,12 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/verifier/model",
visibility = ["//visibility:public"],
deps = [
"//bgpwtf/cccampix/proto:go_default_library",
"//bgpwtf/cccampix/verifier/model/migrations:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@com_github_golang_migrate_migrate_v4//:go_default_library",
"@com_github_golang_migrate_migrate_v4//database/cockroachdb:go_default_library",
"@com_github_jmoiron_sqlx//:go_default_library",
"@com_github_lib_pq//:go_default_library",
"//bgpwtf/cccampix/proto",
"//bgpwtf/cccampix/verifier/model/migrations",
"@com_github_golang_glog//:glog",
"@com_github_golang_migrate_migrate_v4//:migrate",
"@com_github_golang_migrate_migrate_v4//database/cockroachdb",
"@com_github_jmoiron_sqlx//:sqlx",
"@com_github_lib_pq//:pq",
],
)

8
bgpwtf/cccampix/verifier/model/migrations/BUILD.bazel
View File

@ -4,12 +4,12 @@ load("@io_bazel_rules_go//extras:embed_data.bzl", "go_embed_data")
go_embed_data(
name = "migrations_data",
srcs = glob(["*.sql"]),
package = "migrations",
flatten = True,
package = "migrations",
)
go_library(
name = "go_default_library",
name = "migrations",
srcs = [
"migrations.go",
":migrations_data", # keep
@ -17,7 +17,7 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/cccampix/verifier/model/migrations",
visibility = ["//bgpwtf/cccampix/verifier/model:__subpackages__"],
deps = [
"//go/mirko:go_default_library",
"@com_github_golang_migrate_migrate_v4//:go_default_library",
"//go/mirko",
"@com_github_golang_migrate_migrate_v4//:migrate",
],
)

27
bgpwtf/invoice/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "invoice_lib",
srcs = [
"calc.go",
"main.go",
@ -13,27 +13,28 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/bgpwtf/invoice",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/invoice/proto:go_default_library",
"//bgpwtf/invoice/templates:go_default_library",
"//go/mirko:go_default_library",
"//go/statusz:go_default_library",
"@com_github_golang_glog//:go_default_library",
"//bgpwtf/invoice/proto",
"//bgpwtf/invoice/templates",
"//go/mirko",
"//go/statusz",
"@com_github_golang_glog//:glog",
"@com_github_golang_protobuf//proto:go_default_library",
"@com_github_mattn_go_sqlite3//:go_default_library",
"@com_github_sebastiaanklippert_go_wkhtmltopdf//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"@com_github_mattn_go_sqlite3//:go-sqlite3",
"@com_github_sebastiaanklippert_go_wkhtmltopdf//:go-wkhtmltopdf",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "invoice",
embed = [":go_default_library"],
embed = [":invoice_lib"],
visibility = ["//visibility:public"],
)
go_test(
name = "go_default_test",
name = "invoice_test",
srcs = ["calc_test.go"],
embed = [":go_default_library"],
embed = [":invoice_lib"],
deps = ["//bgpwtf/invoice/proto"],
)

2
bgpwtf/invoice/proto/BUILD.bazel
View File

@ -20,7 +20,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":proto_go_proto"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/invoice/proto",
visibility = ["//visibility:public"],

1
bgpwtf/invoice/proto/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package proto

10
bgpwtf/invoice/recurrent/BUILD.bazel
View File

@ -1,14 +1,14 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "recurrent_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/invoice/recurrent",
visibility = ["//visibility:private"],
deps = [
"//bgpwtf/invoice/proto:go_default_library",
"//go/pki:go_default_library",
"@com_github_golang_glog//:go_default_library",
"//bgpwtf/invoice/proto",
"//go/pki",
"@com_github_golang_glog//:glog",
"@com_github_golang_protobuf//proto:go_default_library",
"@org_golang_google_grpc//:go_default_library",
],
@ -16,6 +16,6 @@ go_library(
go_binary(
name = "recurrent",
embed = [":go_default_library"],
embed = [":recurrent_lib"],
visibility = ["//visibility:public"],
)

2
bgpwtf/invoice/render.go
View File

@ -7,7 +7,7 @@ import (
"strings"
"time"
wkhtml "github.com/sebastiaanklippert/go-wkhtmltopdf"
wkhtml "github.com/SebastiaanKlippert/go-wkhtmltopdf"
pb "code.hackerspace.pl/hscloud/bgpwtf/invoice/proto"
"code.hackerspace.pl/hscloud/bgpwtf/invoice/templates"

2
bgpwtf/invoice/templates/BUILD.bazel
View File

@ -9,7 +9,7 @@ bindata(
)
go_library(
name = "go_default_library",
name = "templates",
srcs = [
":templates_bindata", # keep
],

1
bgpwtf/invoice/templates/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package templates

14
bgpwtf/speedtest/BUILD.bazel
View File

@ -4,7 +4,11 @@ load("@io_bazel_rules_go//extras:embed_data.bzl", "go_embed_data")
go_embed_data(
name = "static",
srcs = ["index.html", "speedtest.js", "speedtest_worker.js"],
srcs = [
"index.html",
"speedtest.js",
"speedtest_worker.js",
],
package = "static",
)
@ -17,17 +21,17 @@ go_library(
)
container_image(
name="latest",
base="@prodimage-bionic//image",
files = ["//bgpwtf/speedtest/backend:backend"],
name = "latest",
base = "@prodimage-bionic//image",
directory = "/hscloud",
entrypoint = ["/hscloud/backend"],
files = ["//bgpwtf/speedtest/backend"],
)
container_push(
name = "push",
image = ":latest",
format = "Docker",
image = ":latest",
registry = "registry.k0.hswaw.net",
repository = "q3k/speedetst",
tag = "{BUILD_TIMESTAMP}-{STABLE_GIT_COMMIT}",

12
bgpwtf/speedtest/backend/BUILD.bazel
View File

@ -1,24 +1,24 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "backend_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/bgpwtf/speedtest/backend",
visibility = ["//visibility:private"],
deps = [
"@com_github_golang_glog//:go_default_library",
"//bgpwtf/speedtest:static_go", # keep
"//bgpwtf/speedtest:static_go", # keep
"@com_github_golang_glog//:glog",
],
)
go_binary(
name = "backend",
embed = [":go_default_library"],
embed = [":backend_lib"],
visibility = ["//visibility:public"],
)
go_test(
name = "go_default_test",
name = "backend_test",
srcs = ["main_test.go"],
embed = [":go_default_library"],
embed = [":backend_lib"],
)

2
bzl/workspace-status.sh
View File

@ -30,7 +30,7 @@ echo STABLE_GIT_COMMIT $(git rev-parse HEAD)
echo STABLE_GIT_VERSION $(rev .)
echo STABLE_BUILDER $(id -un)@$(hostname -f):$(pwd)
# Kubernetes compatibility - see //third_party/go/kubernetes:version.bzl.
# Kubernetes compatibility - see //third_party/go:kubernetes_version_def.bzl.
echo STABLE_KUBERNETES_buildDate $(date -u +'%Y-%m-%dT%H:%M:%SZ')
echo STABLE_KUBERNETES_gitCommit $(git rev-parse HEAD)
echo STABLE_KUBERNETES_gitMajor $KUBE_MAJOR

12
ci_presubmit.sh
View File

@ -6,12 +6,8 @@
set -e -o pipefail
# Build some things that should always build - ie. critical codebases.
bazel build //tools/... //cluster/...
# Run some critical tools that are needed to access clusters.
bazel run //cluster/clustercfg smoketest
bazel run //cluster/tools:kubectl -- version --client=true
bazel run //cluster/tools:kubecfg -- version
bazel run //cluster/prodaccess -- --help 2>/dev/null
# Exclude //app/mailman-web as it requires local docker.
T="//... -//app/mailman-web/..."
bazel build -- $T
bazel test -- $T

7
cluster/README.md
View File

@ -5,3 +5,10 @@ Documentation relating to our Kubernetes cluster(s).
For information about the physical DC infrastructure, see [//dc](/dc/).
For all docs, see [hackdoc root](/).
Cluster docs
------------
- [user (hacker) guide](./doc/user.md)
- [admin guide](./doc/admin.md)

34
cluster/admitomatic/BUILD.bazel
View File

@ -2,7 +2,7 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image", "cont
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "admitomatic_lib",
srcs = [
"ingress.go",
"main.go",
@ -11,40 +11,40 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/admitomatic",
visibility = ["//visibility:private"],
deps = [
"//cluster/admitomatic/config:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@io_k8s_api//admission/v1beta1:go_default_library",
"@io_k8s_api//networking/v1beta1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@org_golang_google_protobuf//encoding/prototext:go_default_library",
"//cluster/admitomatic/config",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@io_k8s_api//admission/v1beta1",
"@io_k8s_api//networking/v1beta1",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@org_golang_google_protobuf//encoding/prototext",
],
)
go_binary(
name = "admitomatic",
embed = [":go_default_library"],
embed = [":admitomatic_lib"],
visibility = ["//visibility:public"],
)
go_test(
name = "go_default_test",
name = "admitomatic_test",
srcs = ["ingress_test.go"],
embed = [":go_default_library"],
embed = [":admitomatic_lib"],
deps = [
"@io_k8s_api//admission/v1beta1:go_default_library",
"@io_k8s_api//networking/v1beta1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_apimachinery//pkg/runtime:go_default_library",
"@io_k8s_api//admission/v1beta1",
"@io_k8s_api//networking/v1beta1",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@io_k8s_apimachinery//pkg/runtime",
],
)
container_layer(
name = "layer_bin",
directory = "/cluster/admitomatic/",
files = [
":admitomatic",
],
directory = "/cluster/admitomatic/",
)
container_image(
@ -57,8 +57,8 @@ container_image(
container_push(
name = "push",
image = ":runtime",
format = "Docker",
image = ":runtime",
registry = "registry.k0.hswaw.net",
repository = "cluster/admitomatic",
tag = "{BUILD_TIMESTAMP}-{STABLE_GIT_COMMIT}",

2
cluster/admitomatic/config/BUILD.bazel
View File

@ -16,7 +16,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "config",
embed = [":config_go_proto"],
importpath = "code.hackerspace.pl/hscloud/cluster/admitomatic/config",
visibility = ["//visibility:public"],

1
cluster/admitomatic/config/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package config

6
cluster/certs/BUILD.bazel
View File

@ -4,15 +4,15 @@ load("@io_bazel_rules_go//extras:embed_data.bzl", "go_embed_data")
go_embed_data(
name = "certs_data",
srcs = glob(["*.crt"]),
package = "certs",
flatten = True,
package = "certs",
)
go_library(
name = "go_default_library",
name = "certs",
srcs = [
":certs_data", # keep
],
importpath = "code.hackerspace.pl/cluster/certs",
importpath = "code.hackerspace.pl/hscloud/cluster/certs", # keep
visibility = ["//visibility:public"],
)

1
cluster/certs/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package certs

14
cluster/clustercfg/BUILD
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "clustercfg_lib",
srcs = [
"cmd_admincreds.go",
"cmd_gencerts.go",
@ -10,16 +10,16 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/clustercfg",
visibility = ["//visibility:private"],
deps = [
"//cluster/clustercfg/certs:go_default_library",
"//go/workspace:go_default_library",
"@com_github_spf13_cobra//:go_default_library",
"@io_k8s_client_go//tools/clientcmd:go_default_library",
"@io_k8s_client_go//tools/clientcmd/api:go_default_library",
"//cluster/clustercfg/certs",
"//go/workspace",
"@com_github_spf13_cobra//:cobra",
"@io_k8s_client_go//tools/clientcmd",
"@io_k8s_client_go//tools/clientcmd/api",
],
)
go_binary(
name = "clustercfg",
embed = [":go_default_library"],
embed = [":clustercfg_lib"],
visibility = ["//visibility:public"],
)

2
cluster/clustercfg/certs/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library")
go_library(
name = "go_default_library",
name = "certs",
srcs = [
"certs.go",
"generator.go",

14
cluster/doc/user.md
View File

@ -11,14 +11,16 @@ We run Kubernetes, a cluster system on our production machines. This allows you
Accessing Kubernetes
--------------------
Kubernetes is accessed fully via an API, for which there exists a standard command line tool: `kubectl`. If you've check out hscloud and followed the instructions in [//README.md]("/README.md"), you should have that tool built and available for you to use.
Kubernetes is accessed fully via an API, for which there exists a standard command line tool: `kubectl`. If you've check out hscloud and followed the instructions in [//README.md](/), you should have that tool built and available for you to use.
Before you can use `kubectl`, however, you will need to authenticate yourself. To do that, run `prodaccess`. This will issue you short-term (~hours) credentials that `kubectl` can then pass on to Kubernetes to authenticate itself.
$ prodaccess
Enter SSO/LDAP password for q3k@hackerspace.pl:
Enter SSO/LDAP password for q3k@hackerspace.pl:
Good evening professor. I see you have driven here in your Ferrari.
You might need to ping q3k on #hswaw-infra if you get a PermissionDenied error.
If `prodaccess` is not on your $PATH:
$ bazel run //tools:install
@ -42,11 +44,11 @@ For example, to run an Alpine Linux Docker image in your own namespace:
kubectl -n personal-$USER run --image=alpine:latest -it foo
This will create a Kubernetes deployment named foo, running the `alpine:latest` Docker image, and drop you in an interactive shell in it. Naturally, replace `$USER` with your SSO username if it's different from your system username.
This will create a Kubernetes pod named foo, running the `alpine:latest` Docker image, and drop you in an interactive shell in it. Naturally, replace `$USER` with your SSO username if it's different from your system username.
Once you're done, delete the Deployment:
Once you're done, delete the pod:
kubectl -n personal-$USER delete deployment foo
kubectl -n personal-$USER delete pod foo
Pod Security
------------
@ -58,4 +60,4 @@ More Kubernetes
We highly recommend following the [Kubernetes Basics](https://kubernetes.io/docs/tutorials/kubernetes-basics/) tutorial as a first step in using Kubernetes for real world applications.
For defining production jobs, we use a language called `Jsonnet` via a tool called `kubecfg`. This is to replace some more popular tools that other Kubernetes systems use, eg. Helm. For more information about that, ping q3k so that he writes a codelab about it :).
For defining production jobs, we use a language called `Jsonnet` via a tool called `kubecfg`. This is to replace some more popular tools that other Kubernetes systems use, eg. Helm. For more information about that, ping q3k so that he writes a codelab about it :). Before he does, [see jsonnet documentation](https://jsonnet.org/learning/tutorial.html), and [basic (possibly outdated) `kubecfg` readme](https://github.com/q3k/kubecfg).

20
cluster/identd/BUILD.bazel
View File

@ -2,46 +2,46 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image", "cont
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "identd_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/cluster/identd",
visibility = ["//visibility:private"],
deps = [
"//cluster/identd/ident:go_default_library",
"//cluster/identd/kubenat:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"//cluster/identd/ident",
"//cluster/identd/kubenat",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
],
)
go_binary(
name = "identd",
embed = [":go_default_library"],
embed = [":identd_lib"],
visibility = ["//visibility:public"],
)
container_layer(
name = "layer_bin",
directory = "/cluster/identd/",
files = [
":identd",
],
directory = "/cluster/identd/",
)
container_image(
name = "runtime",
base = "@prodimage-bionic//image",
entrypoint = "/cluster/identd/identd",
layers = [
":layer_bin",
],
entrypoint = "/cluster/identd/identd",
)
container_push(
name = "push",
image = ":runtime",
format = "Docker",
image = ":runtime",
registry = "registry.k0.hswaw.net",
repository = "q3k/identd",
tag = "{BUILD_TIMESTAMP}-{STABLE_GIT_COMMIT}",

2
cluster/identd/cri/BUILD.bazel
View File

@ -17,7 +17,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "cri",
embed = [":cri_go_proto"],
importpath = "code.hackerspace.pl/hscloud/cluster/identd/cri",
visibility = ["//visibility:public"],

1
cluster/identd/cri/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package cri

10
cluster/identd/ident/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "ident",
srcs = [
"client.go",
"errors.go",
@ -11,17 +11,17 @@ go_library(
],
importpath = "code.hackerspace.pl/hscloud/cluster/identd/ident",
visibility = ["//visibility:public"],
deps = ["@com_github_golang_glog//:go_default_library"],
deps = ["@com_github_golang_glog//:glog"],
)
go_test(
name = "go_default_test",
name = "ident_test",
srcs = [
"e2e_test.go",
"request_test.go",
"response_test.go",
"server_test.go",
],
embed = [":go_default_library"],
deps = ["@com_github_go_test_deep//:go_default_library"],
embed = [":ident"],
deps = ["@com_github_go_test_deep//:deep"],
)

20
cluster/identd/kubenat/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "kubenat",
srcs = [
"kubenat.go",
"pods.go",
@ -10,25 +10,25 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/identd/kubenat",
visibility = ["//visibility:public"],
deps = [
"//cluster/identd/cri:go_default_library",
"@com_github_cenkalti_backoff//:go_default_library",
"@com_github_golang_glog//:go_default_library",
"//cluster/identd/cri",
"@com_github_cenkalti_backoff//:backoff",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_test(
name = "go_default_test",
name = "kubenat_test",
srcs = [
"kubenat_test.go",
"pods_test.go",
"translation_test.go",
],
embed = [":go_default_library"],
embed = [":kubenat"],
deps = [
"@com_github_go_test_deep//:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@com_github_go_test_deep//:deep",
"@com_github_golang_glog//:glog",
],
)

2
cluster/kube/k0.libsonnet
View File

@ -415,6 +415,8 @@ local rook = import "lib/rook.libsonnet";
{ namespace: "covid-formity", dns: "covid19.hackerspace.pl" },
{ namespace: "covid-formity", dns: "covid.hackerspace.pl" },
{ namespace: "covid-formity", dns: "www.covid.hackerspace.pl" },
{ namespace: "inventory", dns: "inventory.hackerspace.pl" },
{ namespace: "ldapweb", dns: "profile.hackerspace.pl" },
{ namespace: "devtools-prod", dns: "hackdoc.hackerspace.pl" },
{ namespace: "devtools-prod", dns: "cs.hackerspace.pl" },
{ namespace: "engelsystem-prod", dns: "engelsystem.hackerspace.pl" },

18
cluster/prodaccess/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "prodaccess_lib",
srcs = [
"hspki.go",
"kubernetes.go",
@ -10,19 +10,19 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/prodaccess",
visibility = ["//visibility:private"],
deps = [
"//cluster/certs:go_default_library",
"//cluster/prodvider/proto:go_default_library",
"//go/pki:go_default_library",
"//go/workspace:go_default_library",
"@com_github_golang_glog//:go_default_library",
"//cluster/certs",
"//cluster/prodvider/proto",
"//go/pki",
"//go/workspace",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//credentials:go_default_library",
"@org_golang_x_crypto//ssh/terminal:go_default_library",
"@org_golang_google_grpc//credentials",
"@org_golang_x_crypto//ssh/terminal",
],
)
go_binary(
name = "prodaccess",
embed = [":go_default_library"],
embed = [":prodaccess_lib"],
visibility = ["//visibility:public"],
)

2
cluster/prodaccess/prodaccess.go
View File

@ -14,7 +14,7 @@ import (
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"code.hackerspace.pl/cluster/certs"
"code.hackerspace.pl/hscloud/cluster/certs"
pb "code.hackerspace.pl/hscloud/cluster/prodvider/proto"
)

42
cluster/prodvider/BUILD.bazel
View File

@ -2,7 +2,7 @@ load("@io_bazel_rules_docker//container:container.bzl", "container_image", "cont
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "prodvider_lib",
srcs = [
"certs.go",
"crdb.go",
@ -14,39 +14,39 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/prodvider",
visibility = ["//visibility:private"],
deps = [
"//cluster/prodvider/proto:go_default_library",
"@com_github_cloudflare_cfssl//config:go_default_library",
"@com_github_cloudflare_cfssl//csr:go_default_library",
"@com_github_cloudflare_cfssl//helpers:go_default_library",
"@com_github_cloudflare_cfssl//signer:go_default_library",
"@com_github_cloudflare_cfssl//signer/local:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@in_gopkg_ldap_v3//:go_default_library",
"@io_k8s_api//core/v1:go_default_library",
"@io_k8s_api//rbac/v1:go_default_library",
"@io_k8s_apimachinery//pkg/api/errors:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_client_go//kubernetes:go_default_library",
"@io_k8s_client_go//rest:go_default_library",
"//cluster/prodvider/proto",
"@com_github_cloudflare_cfssl//config",
"@com_github_cloudflare_cfssl//csr",
"@com_github_cloudflare_cfssl//helpers",
"@com_github_cloudflare_cfssl//signer",
"@com_github_cloudflare_cfssl//signer/local",
"@com_github_go_ldap_ldap_v3//:ldap",
"@com_github_golang_glog//:glog",
"@io_k8s_api//core/v1:core",
"@io_k8s_api//rbac/v1:rbac",
"@io_k8s_apimachinery//pkg/api/errors",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@io_k8s_client_go//kubernetes",
"@io_k8s_client_go//rest",
"@org_golang_google_grpc//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//credentials:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//credentials",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "prodvider",
embed = [":go_default_library"],
embed = [":prodvider_lib"],
visibility = ["//visibility:public"],
)
container_layer(
name = "layer_bin",
directory = "/cluster/prodvider/",
files = [
":prodvider",
],
directory = "/cluster/prodvider/",
)
container_image(
@ -59,8 +59,8 @@ container_image(
container_push(
name = "push",
image = ":runtime",
format = "Docker",
image = ":runtime",
registry = "registry.k0.hswaw.net",
repository = "q3k/prodvider",
tag = "1680303245",

2
cluster/prodvider/crdb.go
View File

@ -62,7 +62,7 @@ func (p *prodvider) crdbCreds(ctx context.Context, username, cluster string) (*p
signerCert, _ := s.Certificate("", "")
req := &csr.CertificateRequest{
CN: username,
KeyRequest: &csr.BasicKeyRequest{
KeyRequest: &csr.KeyRequest{
A: "rsa",
S: 4096,
},

2
cluster/prodvider/hspki.go
View File

@ -60,7 +60,7 @@ func (p *prodvider) hspkiCreds(ctx context.Context, username string) (*pb.HSPKIK
signerCert, _ := s.Certificate("", "")
req := &csr.CertificateRequest{
CN: principal,
KeyRequest: &csr.BasicKeyRequest{
KeyRequest: &csr.KeyRequest{
A: "rsa",
S: 4096,
},

2
cluster/prodvider/proto/BUILD.bazel
View File

@ -17,7 +17,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":proto_go_proto"],
importpath = "code.hackerspace.pl/hscloud/cluster/prodvider/proto",
visibility = ["//visibility:public"],

1
cluster/prodvider/proto/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package proto

2
cluster/prodvider/service.go
View File

@ -7,10 +7,10 @@ import (
"regexp"
"strings"
ldap "github.com/go-ldap/ldap/v3"
"github.com/golang/glog"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
ldap "gopkg.in/ldap.v3"
pb "code.hackerspace.pl/hscloud/cluster/prodvider/proto"
)

7
cluster/tools/BUILD
View File

@ -3,7 +3,7 @@ load("//bzl:rules.bzl", "copy_go_binary")
copy_go_binary(
name = "kubectl",
src = "@io_k8s_kubernetes//cmd/kubectl:kubectl",
src = "@io_k8s_kubernetes//cmd/kubectl",
visibility = ["//visibility:public"],
)
@ -30,7 +30,7 @@ sh_binary(
copy_go_binary(
name = "cfssl",
src = "@com_github_cloudflare_cfssl//cmd/cfssl:cfssl",
src = "@com_github_cloudflare_cfssl//cmd/cfssl",
visibility = ["//visibility:public"],
)
@ -38,8 +38,7 @@ sh_binary(
name = "rook-s3cmd-config",
srcs = ["rook-s3cmd-config.sh"],
data = [
"@bazel_tools//tools/bash/runfiles",
"@com_github_itchyny_gojq//cmd/gojq",
":kubectl",
"@bazel_tools//tools/bash/runfiles",
],
)

10
cluster/tools/kartongips/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "kartongips_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/cluster/tools/kartongips",
visibility = ["//visibility:private"],
@ -9,14 +9,14 @@ go_library(
"code.hackerspace.pl/hscloud/cluster/tools/kartongips.Version": "{STABLE_GIT_VERSION}",
},
deps = [
"//cluster/tools/kartongips/cmd:go_default_library",
"//cluster/tools/kartongips/pkg/kubecfg:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
"//cluster/tools/kartongips/cmd",
"//cluster/tools/kartongips/pkg/kubecfg",
"@com_github_sirupsen_logrus//:logrus",
],
)
go_binary(
name = "kartongips",
embed = [":go_default_library"],
embed = [":kartongips_lib"],
visibility = ["//visibility:public"],
)

45
cluster/tools/kartongips/cmd/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "cmd",
srcs = [
"completion.go",
"delete.go",
@ -15,37 +15,36 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/tools/kartongips/cmd",
visibility = ["//visibility:public"],
deps = [
"//cluster/tools/kartongips/pkg/kubecfg:go_default_library",
"//cluster/tools/kartongips/utils:go_default_library",
"@com_github_genuinetools_reg//registry:go_default_library",
"@com_github_google_go_jsonnet//:go_default_library",
"@com_github_mattn_go_isatty//:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
"@com_github_spf13_cobra//:go_default_library",
"@io_k8s_apimachinery//pkg/api/meta:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured:go_default_library",
"@io_k8s_client_go//discovery:go_default_library",
"@io_k8s_client_go//dynamic:go_default_library",
"@io_k8s_client_go//pkg/version:go_default_library",
"@io_k8s_client_go//plugin/pkg/client/auth:go_default_library",
"@io_k8s_client_go//restmapper:go_default_library",
"@io_k8s_client_go//tools/clientcmd:go_default_library",
"@io_k8s_klog//:go_default_library",
"@org_golang_x_crypto//ssh/terminal:go_default_library",
"//cluster/tools/kartongips/pkg/kubecfg",
"//cluster/tools/kartongips/utils",
"@com_github_genuinetools_reg//registry",
"@com_github_google_go_jsonnet//:go-jsonnet",
"@com_github_mattn_go_isatty//:go-isatty",
"@com_github_sirupsen_logrus//:logrus",
"@com_github_spf13_cobra//:cobra",
"@io_k8s_apimachinery//pkg/api/meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured",
"@io_k8s_client_go//discovery",
"@io_k8s_client_go//dynamic",
"@io_k8s_client_go//plugin/pkg/client/auth",
"@io_k8s_client_go//restmapper",
"@io_k8s_client_go//tools/clientcmd",
"@io_k8s_klog//:klog",
"@org_golang_x_crypto//ssh/terminal",
],
)
go_test(
name = "go_default_test",
name = "cmd_test",
srcs = [
"completion_test.go",
"show_test.go",
"version_test.go",
],
embed = [":go_default_library"],
embed = [":cmd"],
deps = [
"@com_github_spf13_cobra//:go_default_library",
"@com_github_spf13_pflag//:go_default_library",
"@in_gopkg_yaml_v2//:go_default_library",
"@com_github_spf13_cobra//:cobra",
"@com_github_spf13_pflag//:pflag",
"@in_gopkg_yaml_v2//:yaml_v2",
],
)

76
cluster/tools/kartongips/pkg/kubecfg/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "kubecfg",
srcs = [
"delete.go",
"diff.go",
@ -12,52 +12,52 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/tools/kartongips/pkg/kubecfg",
visibility = ["//visibility:public"],
deps = [
"//cluster/tools/kartongips/utils:go_default_library",
"@com_github_evanphx_json_patch//:go_default_library",
"@com_github_mattn_go_isatty//:go_default_library",
"@com_github_sergi_go_diff//diffmatchpatch:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
"@in_gopkg_yaml_v2//:go_default_library",
"@io_k8s_apiextensions_apiserver//pkg/apis/apiextensions/v1beta1:go_default_library",
"@io_k8s_apimachinery//pkg/api/equality:go_default_library",
"@io_k8s_apimachinery//pkg/api/errors:go_default_library",
"@io_k8s_apimachinery//pkg/api/meta:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured:go_default_library",
"@io_k8s_apimachinery//pkg/runtime:go_default_library",
"@io_k8s_apimachinery//pkg/runtime/schema:go_default_library",
"@io_k8s_apimachinery//pkg/util/diff:go_default_library",
"@io_k8s_apimachinery//pkg/util/jsonmergepatch:go_default_library",
"@io_k8s_apimachinery//pkg/util/sets:go_default_library",
"@io_k8s_apimachinery//pkg/util/strategicpatch:go_default_library",
"@io_k8s_apimachinery//pkg/util/wait:go_default_library",
"@io_k8s_client_go//discovery:go_default_library",
"@io_k8s_client_go//dynamic:go_default_library",
"@io_k8s_client_go//util/retry:go_default_library",
"@io_k8s_kube_openapi//pkg/util/proto:go_default_library",
"@io_k8s_kubectl//pkg/util/openapi:go_default_library",
"//cluster/tools/kartongips/utils",
"@com_github_evanphx_json_patch//:json-patch",
"@com_github_mattn_go_isatty//:go-isatty",
"@com_github_sergi_go_diff//diffmatchpatch",
"@com_github_sirupsen_logrus//:logrus",
"@in_gopkg_yaml_v2//:yaml_v2",
"@io_k8s_apiextensions_apiserver//pkg/apis/apiextensions/v1beta1",
"@io_k8s_apimachinery//pkg/api/equality",
"@io_k8s_apimachinery//pkg/api/errors",
"@io_k8s_apimachinery//pkg/api/meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured",
"@io_k8s_apimachinery//pkg/runtime",
"@io_k8s_apimachinery//pkg/runtime/schema",
"@io_k8s_apimachinery//pkg/util/diff",
"@io_k8s_apimachinery//pkg/util/jsonmergepatch",
"@io_k8s_apimachinery//pkg/util/sets",
"@io_k8s_apimachinery//pkg/util/strategicpatch",
"@io_k8s_apimachinery//pkg/util/wait",
"@io_k8s_client_go//discovery",
"@io_k8s_client_go//dynamic",
"@io_k8s_client_go//util/retry",
"@io_k8s_kube_openapi//pkg/util/proto",
"@io_k8s_kubectl//pkg/util/openapi",
],
)
go_test(
name = "go_default_test",
name = "kubecfg_test",
srcs = [
"diff_test.go",
"update_test.go",
],
embed = [":go_default_library"],
embed = [":kubecfg"],
deps = [
"//cluster/tools/kartongips/utils:go_default_library",
"//cluster/tools/kartongips/utils",
"@com_github_golang_protobuf//proto:go_default_library",
"@com_github_googleapis_gnostic//openapiv2:go_default_library",
"@com_github_stretchr_testify//require:go_default_library",
"@io_k8s_apimachinery//pkg/api/equality:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured:go_default_library",
"@io_k8s_apimachinery//pkg/runtime/schema:go_default_library",
"@io_k8s_apimachinery//pkg/util/diff:go_default_library",
"@io_k8s_apimachinery//pkg/util/strategicpatch:go_default_library",
"@io_k8s_kube_openapi//pkg/util/proto:go_default_library",
"@io_k8s_kubectl//pkg/util/openapi:go_default_library",
"@com_github_google_gnostic//openapiv2",
"@com_github_stretchr_testify//require",
"@io_k8s_apimachinery//pkg/api/equality",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured",
"@io_k8s_apimachinery//pkg/runtime/schema",
"@io_k8s_apimachinery//pkg/util/diff",
"@io_k8s_apimachinery//pkg/util/strategicpatch",
"@io_k8s_kube_openapi//pkg/util/proto",
"@io_k8s_kubectl//pkg/util/openapi",
],
)

2
cluster/tools/kartongips/pkg/kubecfg/update.go
View File

@ -442,7 +442,7 @@ func gcDelete(ctx context.Context, client dynamic.Interface, mapper meta.RESTMap
}
func walkObjects(ctx context.Context, client dynamic.Interface, disco discovery.DiscoveryInterface, listopts metav1.ListOptions, callback func(runtime.Object) error) error {
rsrclists, err := disco.ServerResources()
rsrclists, err := disco.ServerPreferredResources()
if err != nil {
return err
}

2
cluster/tools/kartongips/pkg/kubecfg/update_test.go
View File

@ -7,7 +7,7 @@ import (
"testing"
pb_proto "github.com/golang/protobuf/proto"
openapi_v2 "github.com/googleapis/gnostic/openapiv2"
openapi_v2 "github.com/google/gnostic/openapiv2"
apiequality "k8s.io/apimachinery/pkg/api/equality"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"

84
cluster/tools/kartongips/utils/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
go_library(
name = "go_default_library",
name = "utils",
srcs = [
"acquire.go",
"bindata.go",
@ -16,34 +16,36 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/cluster/tools/kartongips/utils",
visibility = ["//visibility:public"],
deps = [
"@com_github_elazarl_go_bindata_assetfs//:go_default_library",
"@com_github_genuinetools_reg//registry:go_default_library",
"@com_github_genuinetools_reg//repoutils:go_default_library",
"@com_github_ghodss_yaml//:go_default_library",
"@com_github_google_go_jsonnet//:go_default_library",
"@com_github_google_go_jsonnet//ast:go_default_library",
"@com_github_googleapis_gnostic//openapiv2:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
"@io_k8s_apimachinery//pkg/api/errors:go_default_library",
"@io_k8s_apimachinery//pkg/api/meta:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured:go_default_library",
"@io_k8s_apimachinery//pkg/runtime:go_default_library",
"@io_k8s_apimachinery//pkg/runtime/schema:go_default_library",
"@io_k8s_apimachinery//pkg/util/runtime:go_default_library",
"@io_k8s_apimachinery//pkg/util/yaml:go_default_library",
"@io_k8s_apimachinery//pkg/version:go_default_library",
"@io_k8s_client_go//discovery:go_default_library",
"@io_k8s_client_go//dynamic:go_default_library",
"@io_k8s_client_go//rest:go_default_library",
"@io_k8s_kube_openapi//pkg/util/proto:go_default_library",
"@io_k8s_kube_openapi//pkg/util/proto/validation:go_default_library",
"@io_k8s_kubectl//pkg/util/openapi:go_default_library",
"@com_github_elazarl_go_bindata_assetfs//:go-bindata-assetfs",
"@com_github_genuinetools_reg//registry",
"@com_github_genuinetools_reg//repoutils",
"@com_github_ghodss_yaml//:yaml",
"@com_github_google_gnostic//openapiv2",
"@com_github_google_go_jsonnet//:go-jsonnet",
"@com_github_google_go_jsonnet//ast",
"@com_github_sirupsen_logrus//:logrus",
"@io_k8s_apimachinery//pkg/api/errors",
"@io_k8s_apimachinery//pkg/api/meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured",
"@io_k8s_apimachinery//pkg/runtime",
"@io_k8s_apimachinery//pkg/runtime/schema",
"@io_k8s_apimachinery//pkg/util/runtime",
"@io_k8s_apimachinery//pkg/util/yaml",
"@io_k8s_apimachinery//pkg/version",
"@io_k8s_client_go//discovery",
"@io_k8s_client_go//dynamic",
"@io_k8s_client_go//openapi",
"@io_k8s_client_go//openapi/cached",
"@io_k8s_client_go//rest",
"@io_k8s_kube_openapi//pkg/util/proto",
"@io_k8s_kube_openapi//pkg/util/proto/validation",
"@io_k8s_kubectl//pkg/util/openapi",
],
)
go_test(
name = "go_default_test",
name = "utils_test",
srcs = [
"acquire_test.go",
"importer_test.go",
@ -52,23 +54,23 @@ go_test(
"openapi_test.go",
"sort_test.go",
],
embed = [":go_default_library"],
embed = [":utils"],
deps = [
"@com_github_golang_protobuf//proto:go_default_library",
"@com_github_google_go_jsonnet//:go_default_library",
"@com_github_googleapis_gnostic//openapiv2:go_default_library",
"@com_github_sirupsen_logrus//:go_default_library",
"@io_k8s_apimachinery//pkg/api/equality:go_default_library",
"@io_k8s_apimachinery//pkg/api/meta:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1:go_default_library",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured:go_default_library",
"@io_k8s_apimachinery//pkg/runtime/schema:go_default_library",
"@io_k8s_apimachinery//pkg/util/diff:go_default_library",
"@io_k8s_apimachinery//pkg/util/errors:go_default_library",
"@io_k8s_apimachinery//pkg/version:go_default_library",
"@io_k8s_client_go//discovery:go_default_library",
"@io_k8s_client_go//discovery/fake:go_default_library",
"@io_k8s_client_go//restmapper:go_default_library",
"@io_k8s_client_go//testing:go_default_library",
"@com_github_google_gnostic//openapiv2",
"@com_github_google_go_jsonnet//:go-jsonnet",
"@com_github_sirupsen_logrus//:logrus",
"@io_k8s_apimachinery//pkg/api/equality",
"@io_k8s_apimachinery//pkg/api/meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1:meta",
"@io_k8s_apimachinery//pkg/apis/meta/v1/unstructured",
"@io_k8s_apimachinery//pkg/runtime/schema",
"@io_k8s_apimachinery//pkg/util/diff",
"@io_k8s_apimachinery//pkg/util/errors",
"@io_k8s_apimachinery//pkg/version",
"@io_k8s_client_go//discovery",
"@io_k8s_client_go//discovery/fake",
"@io_k8s_client_go//restmapper",
"@io_k8s_client_go//testing",
],
)

47
cluster/tools/kartongips/utils/client.go
View File

@ -27,7 +27,7 @@ import (
"sync"
"syscall"
openapi_v2 "github.com/googleapis/gnostic/openapiv2"
openapi_v2 "github.com/google/gnostic/openapiv2"
log "github.com/sirupsen/logrus"
errorsutil "k8s.io/apimachinery/pkg/api/errors"
@ -38,6 +38,8 @@ import (
"k8s.io/apimachinery/pkg/version"
"k8s.io/client-go/discovery"
"k8s.io/client-go/dynamic"
openapi_v3 "k8s.io/client-go/openapi"
cachedopenapi_v3 "k8s.io/client-go/openapi/cached"
restclient "k8s.io/client-go/rest"
)
@ -57,7 +59,9 @@ type memcachedDiscoveryClient struct {
lock sync.RWMutex
groupToServerResources map[string]*cacheEntry
groupList *metav1.APIGroupList
openAPISchema *openapi_v2.Document
cacheValid bool
openapiV3Client openapi_v3.Client
}
// Error Constants
@ -124,12 +128,6 @@ func (d *memcachedDiscoveryClient) ServerResourcesForGroupVersion(groupVersion s
return cachedVal.resourceList, cachedVal.err
}
// ServerResources returns the supported resources for all groups and versions.
// Deprecated: use ServerGroupsAndResources instead.
func (d *memcachedDiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) {
return discovery.ServerResources(d)
}
// ServerGroupsAndResources returns the groups and supported resources for all groups and versions.
func (d *memcachedDiscoveryClient) ServerGroupsAndResources() ([]*metav1.APIGroup, []*metav1.APIResourceList, error) {
return discovery.ServerGroupsAndResources(d)
@ -163,7 +161,18 @@ func (d *memcachedDiscoveryClient) ServerVersion() (*version.Info, error) {
}
func (d *memcachedDiscoveryClient) OpenAPISchema() (*openapi_v2.Document, error) {
return d.delegate.OpenAPISchema()
d.lock.Lock()
defer d.lock.Unlock()
if d.openAPISchema == nil {
schema, err := d.delegate.OpenAPISchema()
if err != nil {
return nil, err
}
d.openAPISchema = schema
}
return d.openAPISchema, nil
}
func (d *memcachedDiscoveryClient) Fresh() bool {
@ -183,6 +192,28 @@ func (d *memcachedDiscoveryClient) Invalidate() {
d.cacheValid = false
d.groupToServerResources = nil
d.groupList = nil
d.openAPISchema = nil
}
// OpenAPIV3 retrieves and parses the OpenAPIV3 specs exposed by the server
func (d *memcachedDiscoveryClient) OpenAPIV3() openapi_v3.Client {
d.lock.Lock()
defer d.lock.Unlock()
if d.openapiV3Client == nil {
// Delegate is discovery client created with special HTTP client which
// respects E-Tag cache responses to serve cache from disk.
d.openapiV3Client = cachedopenapi_v3.NewClient(d.delegate.OpenAPIV3())
}
return d.openapiV3Client
}
// taken from: https://github.com/kubernetes/client-go/commit/3ac73ea2c834b1268732024766f1e55a5d0327d2#diff-46edd694bf30a54d9f6e202e010134bedfce438de77f57830155b0762eda7bf6R280-R285
// WithLegacy returns current cached discovery client;
// current client does not support legacy-only discovery.
func (d *memcachedDiscoveryClient) WithLegacy() discovery.DiscoveryInterface {
return d
}
// refreshLocked refreshes the state of cache. The caller must hold d.lock for

2
cluster/tools/kartongips/utils/openapi_test.go
View File

@ -22,7 +22,7 @@ import (
"testing"
"github.com/golang/protobuf/proto"
openapi_v2 "github.com/googleapis/gnostic/openapiv2"
openapi_v2 "github.com/google/gnostic/openapiv2"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"k8s.io/apimachinery/pkg/runtime/schema"
utilerrors "k8s.io/apimachinery/pkg/util/errors"

2
cluster/tools/kartongips/utils/sort_test.go
View File

@ -21,7 +21,7 @@ import (
"sort"
"testing"
openapi_v2 "github.com/googleapis/gnostic/openapiv2"
openapi_v2 "github.com/google/gnostic/openapiv2"
log "github.com/sirupsen/logrus"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"

8
cluster/tools/tools.go Normal file
View File

@ -0,0 +1,8 @@
//go:build tools
// +tools
package tools
import (
_ "k8s.io/kubernetes/cmd/kubectl"
)

16
dc/arista-proxy/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "arista-proxy_lib",
srcs = [
"main.go",
"service.go",
@ -9,17 +9,17 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/dc/arista-proxy",
visibility = ["//visibility:private"],
deps = [
"//dc/arista-proxy/proto:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@com_github_q3k_cursedjsonrpc//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"//dc/arista-proxy/proto",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@com_github_q3k_cursedjsonrpc//:cursedjsonrpc",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "arista-proxy",
embed = [":go_default_library"],
embed = [":arista-proxy_lib"],
visibility = ["//visibility:public"],
)

2
dc/arista-proxy/main.go
View File

@ -6,7 +6,7 @@ import (
"code.hackerspace.pl/hscloud/go/mirko"
"github.com/golang/glog"
"github.com/q3k/cursedjsonrpc"
cursedjsonrpc "github.com/q3k/cursedjsonrpc"
pb "code.hackerspace.pl/hscloud/dc/arista-proxy/proto"
)

3
dc/arista-proxy/proto/BUILD.bazel
View File

@ -1,3 +1,4 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
@ -16,7 +17,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":proto_go_proto"],
importpath = "code.hackerspace.pl/hscloud/dc/arista-proxy/proto",
visibility = ["//visibility:public"],

1
dc/arista-proxy/proto/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package proto

16
dc/cmc-proxy/BUILD.bazel
View File

@ -1,7 +1,7 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
name = "cmc-proxy_lib",
srcs = [
"client.go",
"main.go",
@ -9,17 +9,17 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/dc/cmc-proxy",
visibility = ["//visibility:private"],
deps = [
"//dc/cmc-proxy/proto:go_default_library",
"//go/mirko:go_default_library",
"@com_github_cenkalti_backoff//:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"//dc/cmc-proxy/proto",
"//go/mirko",
"@com_github_cenkalti_backoff//:backoff",
"@com_github_golang_glog//:glog",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "cmc-proxy",
embed = [":go_default_library"],
embed = [":cmc-proxy_lib"],
visibility = ["//visibility:public"],
)

3
dc/cmc-proxy/proto/BUILD.bazel
View File

@ -1,3 +1,4 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
@ -16,7 +17,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":proto_go_proto"],
importpath = "code.hackerspace.pl/hscloud/dc/cmc-proxy/proto",
visibility = ["//visibility:public"],

1
dc/cmc-proxy/proto/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package proto

25
dc/m6220-proxy/BUILD.bazel
View File

@ -1,27 +1,24 @@
load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
go_library(
name = "go_default_library",
srcs = [
"cli.go",
"main.go",
],
name = "m6220-proxy_lib",
srcs = ["main.go"],
importpath = "code.hackerspace.pl/hscloud/dc/m6220-proxy",
visibility = ["//visibility:private"],
deps = [
"//dc/m6220-proxy/proto:go_default_library",
"//dc/proto:go_default_library",
"//go/mirko:go_default_library",
"@com_github_golang_glog//:go_default_library",
"@com_github_ziutek_telnet//:go_default_library",
"@org_golang_google_grpc//codes:go_default_library",
"@org_golang_google_grpc//status:go_default_library",
"@org_golang_x_net//trace:go_default_library",
"//dc/m6220-proxy/cli",
"//dc/m6220-proxy/proto",
"//dc/proto",
"//go/mirko",
"@com_github_golang_glog//:glog",
"@com_github_ziutek_telnet//:telnet",
"@org_golang_google_grpc//codes",
"@org_golang_google_grpc//status",
],
)
go_binary(
name = "m6220-proxy",
embed = [":go_default_library"],
embed = [":m6220-proxy_lib"],
visibility = ["//visibility:public"],
)

5
dc/m6220-proxy/cli/BUILD.bazel
View File

@ -6,8 +6,7 @@ go_library(
importpath = "code.hackerspace.pl/hscloud/dc/m6220-proxy/cli",
visibility = ["//visibility:public"],
deps = [
"@com_github_golang_glog//:go_default_library",
"@com_github_ziutek_telnet//:go_default_library",
"@org_golang_x_net//trace:go_default_library",
"@com_github_ziutek_telnet//:telnet",
"@org_golang_x_net//trace",
],
)

13
dc/m6220-proxy/main.go
View File

@ -8,14 +8,15 @@ import (
"strconv"
"strings"
"code.hackerspace.pl/hscloud/go/mirko"
"github.com/golang/glog"
"github.com/ziutek/telnet"
"google.golang.org/grpc/codes"
"google.golang.org/grpc/status"
"code.hackerspace.pl/hscloud/dc/m6220-proxy/cli"
pb "code.hackerspace.pl/hscloud/dc/m6220-proxy/proto"
dpb "code.hackerspace.pl/hscloud/dc/proto"
"code.hackerspace.pl/hscloud/go/mirko"
)
var (
@ -32,7 +33,7 @@ type service struct {
connectionSemaphore chan int
}
func (s *service) connect() (*cliClient, error) {
func (s *service) connect() (*cli.Client, error) {
s.connectionSemaphore <- 1
conn, err := telnet.Dial("tcp", flagSwitchAddress)
if err != nil {
@ -40,7 +41,7 @@ func (s *service) connect() (*cliClient, error) {
return nil, err
}
cli := newCliClient(conn, flagSwitchUsername, flagSwitchPassword)
cli := cli.NewClient(conn, flagSwitchUsername, flagSwitchPassword)
return cli, nil
}
@ -59,7 +60,7 @@ func (s *service) RunCommand(ctx context.Context, req *pb.RunCommandRequest) (*p
}
defer s.disconnect()
lines, effective, err := cli.runCommand(ctx, req.Command)
lines, effective, err := cli.RunCommand(ctx, req.Command)
if err != nil {
return nil, err
}
@ -227,7 +228,7 @@ func (s *service) GetPorts(ctx context.Context, req *dpb.GetPortsRequest) (*dpb.
defer s.disconnect()
res := &dpb.GetPortsResponse{}
statusLines, _, err := cli.runCommand(ctx, "show interface status")
statusLines, _, err := cli.RunCommand(ctx, "show interface status")
if err != nil {
return nil, status.Error(codes.Unavailable, "could not get interface status from switch")
}
@ -238,7 +239,7 @@ func (s *service) GetPorts(ctx context.Context, req *dpb.GetPortsRequest) (*dpb.
}
for _, port := range res.Ports {
configLines, _, err := cli.runCommand(ctx, "show run interface "+port.Name)
configLines, _, err := cli.RunCommand(ctx, "show run interface "+port.Name)
if err != nil {
return nil, status.Error(codes.Unavailable, "could not get interface config from switch")
}

3
dc/m6220-proxy/proto/BUILD.bazel
View File

@ -1,3 +1,4 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
@ -16,7 +17,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":proto_go_proto"],
importpath = "code.hackerspace.pl/hscloud/dc/m6220-proxy/proto",
visibility = ["//visibility:public"],

1
dc/m6220-proxy/proto/gomod-generated-placeholder.go Normal file
View File

@ -0,0 +1 @@
package proto

3
dc/proto/BUILD.bazel
View File

@ -1,3 +1,4 @@
load("@rules_proto//proto:defs.bzl", "proto_library")
load("@io_bazel_rules_go//go:def.bzl", "go_library")
load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
@ -16,7 +17,7 @@ go_proto_library(
)
go_library(
name = "go_default_library",
name = "proto",
embed = [":proto_go_proto"],
importpath = "code.hackerspace.pl/hscloud/dc/proto",
visibility = ["//visibility:public"],

Some files were not shown because too many files have changed in this diff Show More