forked from hswaw/hscloud
69 lines
2.1 KiB
Plaintext
69 lines
2.1 KiB
Plaintext
local kube = import "../../kube/kube.libsonnet";
|
|
|
|
{
|
|
local top = self,
|
|
local cfg = self.cfg,
|
|
|
|
cfg:: {
|
|
name: 'ldapweb',
|
|
namespace: 'ldapweb',
|
|
domain: 'profile.hackerspace.pl',
|
|
image: 'registry.k0.hswaw.net/radex/ldap-web:1695486391',
|
|
},
|
|
|
|
ns: kube.Namespace(cfg.namespace),
|
|
|
|
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
|
|
spec+: {
|
|
replicas: 1,
|
|
template+: {
|
|
spec+: {
|
|
containers_: {
|
|
default: kube.Container("default") {
|
|
image: cfg.image,
|
|
resources: {
|
|
requests: { cpu: "25m", memory: "64Mi" },
|
|
limits: { cpu: "500m", memory: "128Mi" },
|
|
},
|
|
ports_: {
|
|
http: { containerPort: 8000 },
|
|
},
|
|
env_: {
|
|
LDAPWEB_ADMIN_GROUPS: 'ldap-admin,staff,zarzad',
|
|
LDAPWEB_ACTIVE_GROUPS: 'fatty,starving,potato',
|
|
}
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
|
|
service: top.ns.Contain(kube.Service(cfg.name)) {
|
|
target_pod:: top.deployment.spec.template,
|
|
},
|
|
|
|
ingress: top.ns.Contain(kube.Ingress(cfg.name)) {
|
|
metadata+: {
|
|
annotations+: {
|
|
"kubernetes.io/tls-acme": "true",
|
|
"cert-manager.io/cluster-issuer": "letsencrypt-prod",
|
|
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
|
|
},
|
|
},
|
|
spec+: {
|
|
tls: [ { hosts: [ cfg.domain ], secretName: cfg.name + "-tls" } ],
|
|
rules: [
|
|
{
|
|
host: cfg.domain,
|
|
http: {
|
|
paths: [
|
|
{ path: "/", backend: top.service.name_port },
|
|
],
|
|
},
|
|
},
|
|
],
|
|
},
|
|
},
|
|
}
|