forked from hswaw/hscloud
app/covid-formity: covid19 hackerspace relief form
Change-Id: I952ca040e85e6305d5241816c3afa8ae69031d5f
This commit is contained in:
parent
97ce218339
commit
973076c0fb
1 changed files with 106 additions and 0 deletions
106
app/covid-formity/prod.jsonnet
Normal file
106
app/covid-formity/prod.jsonnet
Normal file
|
@ -0,0 +1,106 @@
|
|||
# covid19.hackerspace.pl, a covid-formity instance.
|
||||
# This needs a secret provisioned, create with:
|
||||
# kubectl -n covid-formity create secret generic covid-formity --from-literal=postgres_password=$(pwgen 24 1) --from-literal=secret_key=$(pwgen 24 1) --from-literal=oauth2_secret=...
|
||||
|
||||
local kube = import "../../kube/kube.libsonnet";
|
||||
local postgres = import "../../kube/postgres.libsonnet";
|
||||
|
||||
{
|
||||
local app = self,
|
||||
local cfg = app.cfg,
|
||||
cfg:: {
|
||||
namespace: "covid-formity",
|
||||
image: "registry.k0.hswaw.net/informatic/covid-formity@sha256:8295f5b6d71266fb758c103210f12380f15903ba2467ead0e48ae0df16b6d608",
|
||||
domain: "covid19.hackerspace.pl",
|
||||
altDomains: ["covid.hackerspace.pl"],
|
||||
},
|
||||
|
||||
metadata(component):: {
|
||||
namespace: app.cfg.namespace,
|
||||
labels: {
|
||||
"app.kubernetes.io/name": "covid-formity",
|
||||
"app.kubernetes.io/managed-by": "kubecfg",
|
||||
"app.kubernetes.io/component": component,
|
||||
},
|
||||
},
|
||||
|
||||
namespace: kube.Namespace(app.cfg.namespace),
|
||||
|
||||
postgres: postgres {
|
||||
cfg+: {
|
||||
namespace: cfg.namespace,
|
||||
appName: "covid-formity",
|
||||
database: "covid-formity",
|
||||
username: "covid-formity",
|
||||
password: { secretKeyRef: { name: "covid-formity", key: "postgres_password" } },
|
||||
},
|
||||
},
|
||||
|
||||
deployment: kube.Deployment("covid-formity") {
|
||||
metadata+: app.metadata("covid-formity"),
|
||||
spec+: {
|
||||
replicas: 1,
|
||||
template+: {
|
||||
spec+: {
|
||||
containers_: {
|
||||
web: kube.Container("covid-formity") {
|
||||
image: cfg.image,
|
||||
ports_: {
|
||||
http: { containerPort: 5000 },
|
||||
},
|
||||
env_: {
|
||||
DATABASE_HOSTNAME: "postgres",
|
||||
DATABASE_USERNAME: app.postgres.cfg.username,
|
||||
DATABASE_PASSWORD: app.postgres.cfg.password,
|
||||
DATABASE_NAME: app.postgres.cfg.appName,
|
||||
SPACEAUTH_CONSUMER_KEY: "covid-formity",
|
||||
SPACEAUTH_CONSUMER_SECRET: { secretKeyRef: { name: "covid-formity", key: "oauth2_secret" } },
|
||||
SECRET_KEY: { secretKeyRef: { name: "covid-formity", key: "secret_key" } },
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
svc: kube.Service("covid-formity") {
|
||||
metadata+: app.metadata("covid-formity"),
|
||||
target_pod:: app.deployment.spec.template,
|
||||
spec+: {
|
||||
ports: [
|
||||
{ name: "http", port: 5000, targetPort: 5000, protocol: "TCP" },
|
||||
],
|
||||
type: "ClusterIP",
|
||||
},
|
||||
},
|
||||
|
||||
ingress: kube.Ingress("covid-formity") {
|
||||
metadata+: app.metadata("covid-formity") {
|
||||
annotations+: {
|
||||
"kubernetes.io/tls-acme": "true",
|
||||
"certmanager.k8s.io/cluster-issuer": "letsencrypt-prod",
|
||||
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
|
||||
},
|
||||
},
|
||||
spec+: {
|
||||
tls: [
|
||||
{
|
||||
hosts: [cfg.domain] + cfg.altDomains,
|
||||
secretName: "covid-formity-tls",
|
||||
},
|
||||
],
|
||||
rules: [
|
||||
{
|
||||
host: dom,
|
||||
http: {
|
||||
paths: [
|
||||
{ path: "/", backend: app.svc.name_port },
|
||||
]
|
||||
},
|
||||
}
|
||||
for dom in [cfg.domain] + cfg.altDomains
|
||||
],
|
||||
},
|
||||
},
|
||||
}
|
Loading…
Reference in a new issue