local kube = import "../../kube/hscloud.libsonnet"; local postgres = import "../../kube/postgres.libsonnet"; { local app = self, local cfg = app.cfg, cfg:: { namespace: "redmine", image: "registry.k0.hswaw.net/informatic/redmine@sha256:b04d1fd04549424e505722c9feb0b6741a057cb8f0fab68ad3730ecb167417df", domain: error "domain must be set", storageClassName: "waw-hdd-redundant-3", database: { host: "postgres", name: "redmine", username: "redmine", password: { secretKeyRef: { name: "redmine", key: "postgres_password" } }, port: 5432, }, b: { domains: [], image: "registry.k0.hswaw.net/q3k/b:315532800-6cc2f867951e123909b23955cd7bcbcc3ec24f8a", }, storage: { endpoint: error "storage.endpoint must be set", region: error "storage.region must be set", bucket: error "storage.bucket must be set", accessKey: error "storage.accessKey must be set", secretKey: error "storage.secretKey must be set", }, oidc: { server: error "oidc.server must be set", clientID: error "oidc.clientID must be set", clientSecret: error "oidc.clientSecret must be set", }, # Mailing configuration object passed to smtp_settings mailing: { address: error "mailing.address must be set", port: 465, ssl: true, domain: error "mailing.domain must be set", authentication: ":login", user_name: error "mailing.user_name must be set", password: error "mailing.password must be set", }, }, # Generates YAML file while preserving specified ruby-style symbols. # (ie. removes surrounding quotes) rubyYaml(obj, symbols):: std.foldr(function (symbol, str) std.strReplace(str, '"%s"' % symbol, symbol), symbols, std.manifestYamlDoc(obj)), ns: kube.Namespace(app.cfg.namespace), postgres: postgres { cfg+: { namespace: cfg.namespace, appName: "redmine", database: cfg.database.name, username: cfg.database.username, password: cfg.database.password, storageClassName: cfg.storageClassName, }, }, deployment: app.ns.Contain(kube.Deployment("redmine")) { spec+: { replicas: 1, template+: { spec+: { securityContext: { runAsUser: 999, runAsGroup: 999, fsGroup: 999, }, containers_: { web: kube.Container("redmine") { image: cfg.image, args: ['sh', '-c', ||| set -e echo "${X_EXTRA_CONFIGURATION}" > config/configuration.yml exec /docker-entrypoint.sh rails server -b 0.0.0.0 |||], ports_: { http: { containerPort: 3000 }, }, env_: { REDMINE_DB_POSTGRES: cfg.database.host, REDMINE_DB_PORT: cfg.database.port, REDMINE_DB_USERNAME: cfg.database.username, REDMINE_DB_PASSWORD: cfg.database.password, REDMINE_DB_DATABASE: cfg.database.name, REDMINE_SECRET_KEY_BASE: { secretKeyRef: { name: "redmine", key: "secret_key" } }, REDMINE_OIDC_SERVER: cfg.oidc.server, REDMINE_OIDC_CLIENT_ID: cfg.oidc.clientID, REDMINE_OIDC_CLIENT_SECRET: cfg.oidc.clientSecret, REDMINE_OIDC_ADMIN_GROUP: "issues-admin", REDMINE_S3_ENDPOINT: cfg.storage.endpoint, REDMINE_S3_BUCKET: cfg.storage.bucket, REDMINE_S3_ACCESS_KEY_ID: cfg.storage.accessKey, REDMINE_S3_SECRET_ACCESS_KEY: cfg.storage.secretKey, REDMINE_S3_REGION: cfg.storage.region, REDMINE_MAILING_PASSWORD: cfg.mailing.password, X_EXTRA_CONFIGURATION: app.rubyYaml({ production: { email_delivery: { delivery_method: ":smtp", smtp_settings: cfg.mailing { password: "$(REDMINE_MAILING_PASSWORD)", }, } }, }, [":smtp", ":login"]), }, }, }, }, }, }, }, svc: app.ns.Contain(kube.Service("redmine")) { target_pod:: app.deployment.spec.template, }, ingress: app.ns.Contain(kube.SimpleIngress("redmine")) { hosts:: [cfg.domain], target_service:: app.svc, }, b: (if std.length(cfg.b.domains) > 0 then { deployment: app.ns.Contain(kube.Deployment("b")) { spec+: { replicas: 3, template+: { spec+: { containers_: { default: kube.Container("default") { image: "registry.k0.hswaw.net/q3k/b:315532800-6cc2f867951e123909b23955cd7bcbcc3ec24f8a", ports_: { http: { containerPort: 8000 }, }, command: [ "/devtools/issues/b", ], }, }, }, }, }, }, svc: app.ns.Contain(kube.Service("b")) { target_pod:: app.b.deployment.spec.template, }, ingress: app.ns.Contain(kube.SimpleIngress("b")) { hosts:: cfg.b.domains, target_service:: app.b.svc, }, } else {}), }