forked from hswaw/hscloud
104 lines
3.7 KiB
Text
104 lines
3.7 KiB
Text
local mirko = import "../../kube/mirko.libsonnet";
|
|
local kube = import "../../kube/kube.libsonnet";
|
|
local postgres = import "../../kube/postgres.libsonnet";
|
|
|
|
{
|
|
local cfg = self.cfg,
|
|
cfg:: {
|
|
# Manually built from code.hackerspace.pl/q3k/ldap-web-public.
|
|
image: "frab/frab@sha256:30051f5153c4f02a8a1bee4b306bd696e2b018f2b13d16bd9c681fc1d633de3e",
|
|
storageClassName: error "storageClassName must be set!",
|
|
webFQDN: error "webFQDN must be set!",
|
|
|
|
secret: {
|
|
secretKeyBase: error "secretKeyBase must be set!",
|
|
smtpPassword: error "smtpPassword must be set!",
|
|
},
|
|
|
|
smtp: {
|
|
server: "mail.hackerspace.pl",
|
|
from: "frab@hackerspace.pl",
|
|
username: "frab",
|
|
},
|
|
},
|
|
|
|
component(cfg, env): mirko.Component(env, "frab") {
|
|
local frab = self,
|
|
cfg+: {
|
|
image: cfg.image,
|
|
volumes+: {
|
|
public: kube.PersistentVolumeClaimVolume(frab.volumePublic),
|
|
},
|
|
|
|
pgpass:: { secretKeyRef: { name: frab.makeName("-postgres"), key: "postgres_password", } },
|
|
|
|
container: frab.Container("main") {
|
|
volumeMounts_+: {
|
|
public: { mountPath: "/home/frab/app/public", },
|
|
},
|
|
// order matters (for POSTGRES_PASS substitution), we don't use env_
|
|
env: [
|
|
{ name: "TZ", value: "Europe/Warsaw" },
|
|
{ name: "POSTGRES_PASS", valueFrom: frab.cfg.pgpass },
|
|
{ name: "DATABASE_URL", value: "postgresql://frab:$(POSTGRES_PASS)@%s/frab" % [frab.postgres.svc.host] },
|
|
{ name: "SECRET_KEY_BASE", valueFrom: kube.SecretKeyRef(frab.secret, "secretKeyBase") },
|
|
{ name: "FROM_EMAIL", value: cfg.smtp.from },
|
|
{ name: "SMTP_ADDRESS", value: cfg.smtp.server },
|
|
{ name: "SMTP_USERNAME", value: cfg.smtp.username },
|
|
{ name: "SMTP_PASSWORD", valueFrom: kube.SecretKeyRef(frab.secret, "smtpPassword") },
|
|
{ name: "SMTP_PORT", value: "587" },
|
|
{ name: "SMTP_NOTLS", value: "false" },
|
|
],
|
|
resources: {
|
|
// thicc RoR
|
|
requests: {
|
|
cpu: "100m",
|
|
memory: "512Mi",
|
|
},
|
|
limits: {
|
|
cpu: "1",
|
|
memory: "1Gi",
|
|
},
|
|
},
|
|
},
|
|
ports+: {
|
|
publicHTTP: {
|
|
web: {
|
|
port: 3000,
|
|
dns: cfg.webFQDN,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
|
|
secret: kube.Secret(frab.makeName("-secret")) {
|
|
metadata+: frab.metadata,
|
|
data: cfg.secret,
|
|
},
|
|
|
|
postgres: postgres {
|
|
cfg+: {
|
|
namespace: frab.metadata.namespace,
|
|
appName: "frab",
|
|
storageClassName: cfg.storageClassName,
|
|
prefix: frab.makeName("-postgres") + "-",
|
|
database: "frab",
|
|
username: "frab",
|
|
password: frab.cfg.pgpass,
|
|
},
|
|
},
|
|
|
|
volumePublic: kube.PersistentVolumeClaim(frab.makeName("-public")) {
|
|
metadata+: frab.metadata,
|
|
spec+: {
|
|
storageClassName: cfg.storageClassName,
|
|
accessModes: ["ReadWriteOnce"],
|
|
resources: {
|
|
requests: {
|
|
storage: "5Gi",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|