local kube = import "../../kube/hscloud.libsonnet";

{
    local top = self,
    local cfg = self.cfg,

    cfg:: {
        name: 'ldapweb',
        namespace: 'ldapweb',
        domain: 'profile.hackerspace.pl',
        image: 'registry.k0.hswaw.net/radex/ldapweb:1698604668',
    },

    secrets:: {
        admin_password: { secretKeyRef: { name: cfg.name, key: 'admin_password' } },
    },

    ns: kube.Namespace(cfg.namespace),

    deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
        spec+: {
            replicas: 1,
            template+: {
                spec+: {
                    containers_: {
                        default: kube.Container("default") {
                            image: cfg.image,
                            resources: {
                                requests: { cpu: "25m", memory: "256Mi" },
                                limits: { cpu: "500m", memory: "512Mi" },
                            },
                            ports_: {
                                http: { containerPort: 8000 },
                            },
                            env_: {
                                LDAPWEB_ADMIN_GROUPS: 'ldap-admin,staff,zarzad',
                                LDAPWEB_ACTIVE_GROUPS: 'fatty,starving,potato',
                                LDAPWEB_ADMIN_DN: 'cn=ldapweb,ou=services,dc=hackerspace,dc=pl',
                                LDAPWEB_ADMIN_PASSWORD: top.secrets.admin_password,
                                LDAPWEB_AVATAR_CACHE_TIMEOUT: '1800',
                            }
                        },
                    },
                },
            },
        },
    },

    service: top.ns.Contain(kube.Service(cfg.name)) {
        target_pod:: top.deployment.spec.template,
    },

    ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
        hosts:: [cfg.domain],
        target_service:: top.service,
    },
}