forked from hswaw/hscloud
Radek Pietruszewski
f5844311eb
Change-Id: Iddcac629b9938f228dd93b32e58bb14606d5c6e5 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1745 Reviewed-by: q3k <q3k@hackerspace.pl>
101 lines
2.7 KiB
Text
101 lines
2.7 KiB
Text
local kube = import "../../kube/hscloud.libsonnet";
|
|
local postgres = import '../../kube/postgres_v.libsonnet';
|
|
|
|
{
|
|
local top = self,
|
|
local cfg = top.cfg,
|
|
|
|
cfg:: {
|
|
name: 'inventory',
|
|
namespace: 'inventory',
|
|
domain: 'inventory.hackerspace.pl',
|
|
|
|
image: 'registry.k0.hswaw.net/palid/spejstore:1694280421',
|
|
db: {
|
|
name: 'inventory',
|
|
username: 'inventory',
|
|
},
|
|
oauthClientId: '82fffb65-0bbd-4d18-becd-0ce0b31373cf',
|
|
storageClassName: 'waw-hdd-redundant-3',
|
|
|
|
mediaPath: '/var/www/media',
|
|
},
|
|
|
|
secrets:: {
|
|
postgres: { secretKeyRef: { name: cfg.name, key: 'postgres_password' } },
|
|
oauth: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } },
|
|
},
|
|
|
|
ns: kube.Namespace(cfg.namespace),
|
|
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
|
|
spec+: {
|
|
template+: {
|
|
spec+: {
|
|
volumes_: {
|
|
media: kube.PersistentVolumeClaimVolume(top.media),
|
|
},
|
|
containers_: {
|
|
default: kube.Container('default') {
|
|
image: cfg.image,
|
|
ports_: {
|
|
web: { containerPort: 8000 },
|
|
},
|
|
env_: {
|
|
SPEJSTORE_ENV: 'prod',
|
|
SPEJSTORE_DB_NAME: cfg.db.name,
|
|
SPEJSTORE_DB_USER: cfg.db.username,
|
|
SPEJSTORE_DB_PASSWORD: top.secrets.postgres,
|
|
SPEJSTORE_DB_HOST: top.psql.svc.host,
|
|
SPEJSTORE_DB_PORT: top.psql.svc.port,
|
|
SPEJSTORE_ALLOWED_HOSTS: cfg.domain,
|
|
SPEJSTORE_CLIENT_ID: cfg.oauthClientId,
|
|
SPEJSTORE_SECRET: top.secrets.oauth,
|
|
SPEJSTORE_MEDIA_ROOT: cfg.mediaPath,
|
|
SPEJSTORE_REQUIRE_AUTH: 'true',
|
|
SPEJSTORE_LAN_ALLOWED_ADDRESS_SPACE: '185.236.240.5',
|
|
},
|
|
volumeMounts_: {
|
|
media: { mountPath: cfg.mediaPath },
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
|
|
media: top.ns.Contain(kube.PersistentVolumeClaim(cfg.name)) {
|
|
spec+: {
|
|
storageClassName: cfg.storageClassName,
|
|
accessModes: ['ReadWriteOnce'],
|
|
resources: {
|
|
requests: {
|
|
storage: '20Gi',
|
|
},
|
|
},
|
|
},
|
|
},
|
|
|
|
psql: postgres {
|
|
cfg+: {
|
|
namespace: cfg.namespace,
|
|
appName: cfg.name,
|
|
storageClassName: cfg.storageClassName,
|
|
version: '15.4',
|
|
|
|
database: cfg.db.name,
|
|
username: cfg.db.username,
|
|
password: top.secrets.postgres,
|
|
},
|
|
bouncer: {},
|
|
},
|
|
|
|
service: top.ns.Contain(kube.Service(cfg.name)) {
|
|
target_pod:: top.deployment.spec.template,
|
|
},
|
|
|
|
ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
|
|
hosts:: [cfg.domain],
|
|
target_service:: top.service,
|
|
},
|
|
}
|