forked from hswaw/hscloud
hswaw/site: migrate away from mirko
Change-Id: I34163bbb62ba792d359a5f5e72de1024c0109eab Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1631 Reviewed-by: q3k <q3k@hackerspace.pl>master
parent
8dcca254ce
commit
a364934d33
|
@ -341,6 +341,8 @@ local rook = import "lib/rook.libsonnet";
|
|||
{ namespace: "gitea-prod", dns: "gitea.hackerspace.pl" },
|
||||
{ namespace: "hswaw-prod", dns: "*.hackerspace.pl" },
|
||||
{ namespace: "hswaw-prod", dns: "*.hswaw.net" },
|
||||
{ namespace: "site", dns: "hackerspace.pl" },
|
||||
{ namespace: "site", dns: "www.hackerspace.pl" },
|
||||
{ namespace: "internet", dns: "internet.hackerspace.pl" },
|
||||
{ namespace: "matrix", dns: "matrix.hackerspace.pl" },
|
||||
{ namespace: "onlyoffice-prod", dns: "office.hackerspace.pl" },
|
||||
|
|
|
@ -6,7 +6,6 @@ local teleimg = import "teleimg.libsonnet";
|
|||
local frab = import "frab.libsonnet";
|
||||
local pretalx = import "pretalx.libsonnet";
|
||||
local cebulacamp = import "cebulacamp.libsonnet";
|
||||
local site = import "site.libsonnet";
|
||||
local capacifier = import "capacifier.libsonnet";
|
||||
|
||||
{
|
||||
|
@ -20,7 +19,6 @@ local capacifier = import "capacifier.libsonnet";
|
|||
frab: frab.cfg,
|
||||
pretalx: pretalx.cfg,
|
||||
cebulacamp: cebulacamp.cfg,
|
||||
site: site.cfg,
|
||||
capacifier: capacifier.cfg,
|
||||
},
|
||||
|
||||
|
@ -33,7 +31,6 @@ local capacifier = import "capacifier.libsonnet";
|
|||
cronjob: null,
|
||||
},
|
||||
cebulacamp: cebulacamp.component(cfg.cebulacamp, env),
|
||||
site: site.component(cfg.site, env),
|
||||
capacifier: capacifier.component(cfg.capacifier, env),
|
||||
},
|
||||
},
|
||||
|
@ -71,9 +68,6 @@ local capacifier = import "capacifier.libsonnet";
|
|||
cebulacamp+: {
|
||||
webFQDN: "cebula.camp",
|
||||
},
|
||||
site+: {
|
||||
webFQDN: "new.hackerspace.pl",
|
||||
},
|
||||
capacifier+: {
|
||||
ldapBindPassword: std.split(importstr "secrets/plain/prod-capacifier-password", "\n")[0],
|
||||
},
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
local mirko = import "../../kube/mirko.libsonnet";
|
||||
local kube = import "../../kube/kube.libsonnet";
|
||||
|
||||
{
|
||||
cfg:: {
|
||||
image: "registry.k0.hswaw.net/q3k/hswaw-site@sha256:ba8b5ca2aab81edd7a1f5bcc1e75253d7573e199463e7e56aaf18ad4380d681b",
|
||||
webFQDN: error "webFQDN must be set",
|
||||
},
|
||||
|
||||
component(cfg, env):: mirko.Component(env, "site") {
|
||||
local site = self,
|
||||
cfg+: {
|
||||
image: cfg.image,
|
||||
container: site.GoContainer("main", "/hswaw/site/site") {
|
||||
},
|
||||
ports+: {
|
||||
publicHTTP: {
|
||||
web: {
|
||||
port: 8080,
|
||||
dns: cfg.webFQDN,
|
||||
}
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
|
@ -0,0 +1,73 @@
|
|||
local kube = import "../../kube/kube.libsonnet";
|
||||
|
||||
{
|
||||
local top = self,
|
||||
local cfg = self.cfg,
|
||||
|
||||
cfg:: {
|
||||
name: 'site',
|
||||
namespace: 'site',
|
||||
domains: [
|
||||
'hackerspace.pl',
|
||||
'www.hackerspace.pl',
|
||||
],
|
||||
image: 'registry.k0.hswaw.net/q3k/hswaw-site@sha256:ba8b5ca2aab81edd7a1f5bcc1e75253d7573e199463e7e56aaf18ad4380d681b',
|
||||
},
|
||||
|
||||
ns: kube.Namespace(cfg.namespace),
|
||||
|
||||
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
|
||||
spec+: {
|
||||
replicas: 3,
|
||||
template+: {
|
||||
spec+: {
|
||||
containers_: {
|
||||
default: kube.Container("default") {
|
||||
image: cfg.image,
|
||||
command: [
|
||||
"/hswaw/site/site",
|
||||
"-hspki_disable",
|
||||
"-logtostderr",
|
||||
],
|
||||
resources: {
|
||||
requests: { cpu: "25m", memory: "64Mi" },
|
||||
limits: { cpu: "500m", memory: "128Mi" },
|
||||
},
|
||||
ports_: {
|
||||
http: { containerPort: 8080 },
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
service: top.ns.Contain(kube.Service(cfg.name)) {
|
||||
target_pod:: top.deployment.spec.template,
|
||||
},
|
||||
|
||||
ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
|
||||
metadata+: {
|
||||
annotations+: {
|
||||
"kubernetes.io/tls-acme": "true",
|
||||
"cert-manager.io/cluster-issuer": "letsencrypt-prod",
|
||||
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
|
||||
},
|
||||
},
|
||||
spec+: {
|
||||
tls: [ { hosts: cfg.domains, secretName: cfg.name + "-tls" } ],
|
||||
rules: [
|
||||
{
|
||||
host: domain,
|
||||
http: {
|
||||
paths: [
|
||||
{ path: "/", backend: top.service.name_port },
|
||||
],
|
||||
},
|
||||
}
|
||||
for domain in cfg.domains
|
||||
],
|
||||
},
|
||||
},
|
||||
}
|
Loading…
Reference in New Issue