forked from hswaw/hscloud
Sergiusz Bazanski
d0ec2c6ac7
This breaks up hswaw.jsonnet into a component-per-file pattern. Change-Id: I1b83d44146ae6c3d3f7c5d02abc2c9b764cc0e8e
81 lines
2.8 KiB
Text
81 lines
2.8 KiB
Text
local mirko = import "../../kube/mirko.libsonnet";
|
|
local kube = import "../../kube/kube.libsonnet";
|
|
|
|
{
|
|
cfg:: {
|
|
secret: {
|
|
twilio_token: error "twilio_token must be set",
|
|
},
|
|
image: "registry.k0.hswaw.net/q3k/smsgs:1570049853-05c5b491c45de6d960979d4aee8635768f3178e9",
|
|
webhookFQDN: error "webhookFQDN must be set",
|
|
},
|
|
|
|
component(cfg, env):: mirko.Component(env, "smsgw") {
|
|
local smsgw = self,
|
|
cfg+: {
|
|
image: cfg.image,
|
|
container: smsgw.GoContainer("main", "/smsgw/smsgw") {
|
|
env_: {
|
|
TWILIO_TOKEN: kube.SecretKeyRef(smsgw.secret, "twilio_token"),
|
|
},
|
|
command+: [
|
|
"-twilio_friendly_phone", "48732168371",
|
|
"-twilio_sid", "AC806ed4bf4b6c80c8f8ea686379b69518",
|
|
"-twilio_token", "$(TWILIO_TOKEN)",
|
|
"-webhook_listen", "0.0.0.0:5000",
|
|
"-webhook_public", "https://%s/" % [ cfg.webhookFQDN ],
|
|
],
|
|
},
|
|
ports+: {
|
|
publicHTTP: {
|
|
webhook: {
|
|
port: 5000,
|
|
dns: cfg.webhookFQDN,
|
|
}
|
|
},
|
|
},
|
|
},
|
|
|
|
secret: kube.Secret("smsgw") {
|
|
metadata+: smsgw.metadata,
|
|
data: cfg.secret,
|
|
},
|
|
|
|
// Temporary machinery to access gRPC from outsite.
|
|
// In the future, this will be handled by a proxy/API gateway.
|
|
// For now, we need this running.
|
|
// TODO(q3k): remove this when we have an API GW or proxy.
|
|
stopgap: {
|
|
local stopgap = self,
|
|
|
|
rpcLB: kube.Service("smsgw-tcp-rpc") {
|
|
metadata+: smsgw.metadata,
|
|
target_pod: smsgw.deployment.spec.template,
|
|
spec+: {
|
|
type: "LoadBalancer",
|
|
ports: [
|
|
{ name: "grpc-external", port: 443, targetPort: 4200 },
|
|
],
|
|
},
|
|
},
|
|
|
|
mkClientCert(name, cn):: kube.Certificate(name) {
|
|
metadata+: smsgw.metadata,
|
|
spec: {
|
|
secretName: name,
|
|
duration: "35040h0m0s", // 4 years
|
|
issuerRef: {
|
|
// Contract with cluster/lib/pki.libsonnet.
|
|
// Copied over.
|
|
name: "pki-ca",
|
|
kind: "ClusterIssuer",
|
|
},
|
|
commonName: cn,
|
|
},
|
|
},
|
|
|
|
kasownikCert: stopgap.mkClientCert("smsgw-tcp-rpc-consumer", "kasownik.external.hswaw.net"),
|
|
piorekfCert: stopgap.mkClientCert("smsgw-tcp-rpc-piorekf", "piorekf.person.hswaw.net"),
|
|
}
|
|
},
|
|
}
|