forked from hswaw/hscloud
49 lines
1.7 KiB
Plaintext
49 lines
1.7 KiB
Plaintext
local kube = import "../../../kube/kube.libsonnet";
|
|
|
|
{
|
|
local app = self,
|
|
local cfg = app.cfg,
|
|
cfg:: {
|
|
image: error "cfg.image must be set",
|
|
|
|
# webDomain is the domain name at which matrix instance/cas proxy is served
|
|
webDomain: error "cfg.webDomain must be set",
|
|
|
|
oauth2: error "cfg.oauth2 must be set",
|
|
},
|
|
|
|
ns:: error "ns needs to be a kube.Namespace object",
|
|
|
|
deployment: app.ns.Contain(kube.Deployment("oauth2-cas-proxy")) {
|
|
spec+: {
|
|
replicas: 1,
|
|
template+: {
|
|
spec+: {
|
|
containers_: {
|
|
proxy: kube.Container("oauth2-cas-proxy") {
|
|
image: cfg.image,
|
|
ports_: {
|
|
http: { containerPort: 5000 },
|
|
},
|
|
env_: {
|
|
BASE_URL: "https://%s" % [cfg.webDomain],
|
|
SERVICE_URL: "https://%s" % [cfg.webDomain],
|
|
OAUTH2_CLIENT: cfg.oauth2.clientID,
|
|
OAUTH2_SECRET: cfg.oauth2.clientSecret,
|
|
OAUTH2_SCOPE: cfg.oauth2.scope,
|
|
OAUTH2_AUTHORIZE: cfg.oauth2.authorizeURL,
|
|
OAUTH2_TOKEN: cfg.oauth2.tokenURL,
|
|
OAUTH2_USERINFO: cfg.oauth2.userinfoURL,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
|
|
svc: app.ns.Contain(kube.Service("oauth2-cas-proxy")) {
|
|
target_pod:: app.deployment.spec.template,
|
|
},
|
|
}
|