forked from hswaw/hscloud
app/covid-formity: covid19 hackerspace relief form
Change-Id: I952ca040e85e6305d5241816c3afa8ae69031d5f
This commit is contained in:
parent
97ce218339
commit
973076c0fb
1 changed files with 106 additions and 0 deletions
106
app/covid-formity/prod.jsonnet
Normal file
106
app/covid-formity/prod.jsonnet
Normal file
|
@ -0,0 +1,106 @@
|
||||||
|
# covid19.hackerspace.pl, a covid-formity instance.
|
||||||
|
# This needs a secret provisioned, create with:
|
||||||
|
# kubectl -n covid-formity create secret generic covid-formity --from-literal=postgres_password=$(pwgen 24 1) --from-literal=secret_key=$(pwgen 24 1) --from-literal=oauth2_secret=...
|
||||||
|
|
||||||
|
local kube = import "../../kube/kube.libsonnet";
|
||||||
|
local postgres = import "../../kube/postgres.libsonnet";
|
||||||
|
|
||||||
|
{
|
||||||
|
local app = self,
|
||||||
|
local cfg = app.cfg,
|
||||||
|
cfg:: {
|
||||||
|
namespace: "covid-formity",
|
||||||
|
image: "registry.k0.hswaw.net/informatic/covid-formity@sha256:8295f5b6d71266fb758c103210f12380f15903ba2467ead0e48ae0df16b6d608",
|
||||||
|
domain: "covid19.hackerspace.pl",
|
||||||
|
altDomains: ["covid.hackerspace.pl"],
|
||||||
|
},
|
||||||
|
|
||||||
|
metadata(component):: {
|
||||||
|
namespace: app.cfg.namespace,
|
||||||
|
labels: {
|
||||||
|
"app.kubernetes.io/name": "covid-formity",
|
||||||
|
"app.kubernetes.io/managed-by": "kubecfg",
|
||||||
|
"app.kubernetes.io/component": component,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
namespace: kube.Namespace(app.cfg.namespace),
|
||||||
|
|
||||||
|
postgres: postgres {
|
||||||
|
cfg+: {
|
||||||
|
namespace: cfg.namespace,
|
||||||
|
appName: "covid-formity",
|
||||||
|
database: "covid-formity",
|
||||||
|
username: "covid-formity",
|
||||||
|
password: { secretKeyRef: { name: "covid-formity", key: "postgres_password" } },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
deployment: kube.Deployment("covid-formity") {
|
||||||
|
metadata+: app.metadata("covid-formity"),
|
||||||
|
spec+: {
|
||||||
|
replicas: 1,
|
||||||
|
template+: {
|
||||||
|
spec+: {
|
||||||
|
containers_: {
|
||||||
|
web: kube.Container("covid-formity") {
|
||||||
|
image: cfg.image,
|
||||||
|
ports_: {
|
||||||
|
http: { containerPort: 5000 },
|
||||||
|
},
|
||||||
|
env_: {
|
||||||
|
DATABASE_HOSTNAME: "postgres",
|
||||||
|
DATABASE_USERNAME: app.postgres.cfg.username,
|
||||||
|
DATABASE_PASSWORD: app.postgres.cfg.password,
|
||||||
|
DATABASE_NAME: app.postgres.cfg.appName,
|
||||||
|
SPACEAUTH_CONSUMER_KEY: "covid-formity",
|
||||||
|
SPACEAUTH_CONSUMER_SECRET: { secretKeyRef: { name: "covid-formity", key: "oauth2_secret" } },
|
||||||
|
SECRET_KEY: { secretKeyRef: { name: "covid-formity", key: "secret_key" } },
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
svc: kube.Service("covid-formity") {
|
||||||
|
metadata+: app.metadata("covid-formity"),
|
||||||
|
target_pod:: app.deployment.spec.template,
|
||||||
|
spec+: {
|
||||||
|
ports: [
|
||||||
|
{ name: "http", port: 5000, targetPort: 5000, protocol: "TCP" },
|
||||||
|
],
|
||||||
|
type: "ClusterIP",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
|
||||||
|
ingress: kube.Ingress("covid-formity") {
|
||||||
|
metadata+: app.metadata("covid-formity") {
|
||||||
|
annotations+: {
|
||||||
|
"kubernetes.io/tls-acme": "true",
|
||||||
|
"certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
|
||||||
|
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
spec+: {
|
||||||
|
tls: [
|
||||||
|
{
|
||||||
|
hosts: [cfg.domain] + cfg.altDomains,
|
||||||
|
secretName: "covid-formity-tls",
|
||||||
|
},
|
||||||
|
],
|
||||||
|
rules: [
|
||||||
|
{
|
||||||
|
host: dom,
|
||||||
|
http: {
|
||||||
|
paths: [
|
||||||
|
{ path: "/", backend: app.svc.name_port },
|
||||||
|
]
|
||||||
|
},
|
||||||
|
}
|
||||||
|
for dom in [cfg.domain] + cfg.altDomains
|
||||||
|
],
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
Loading…
Reference in a new issue