4
0
Fork 2
mirror of https://gerrit.hackerspace.pl/hscloud synced 2025-01-24 15:23:53 +00:00

app/codehosting: clean up

Use "modern" hscloud helpers and conventions in line with the rest of the codebase

Change-Id: I3b706869fbeddc72056fb04535e096da5fdba8bc
Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2020
Reviewed-by: informatic <informatic@hackerspace.pl>
This commit is contained in:
radex 2024-11-02 09:03:46 +01:00
parent e6d36fd20a
commit 2fac2a3fbb

View file

@ -24,12 +24,12 @@
*/
local kube = import "../../kube/kube.libsonnet";
local kube = import "../../kube/hscloud.libsonnet";
local postgres = import "../../kube/postgres.libsonnet";
{
local forgejo = self,
local cfg = forgejo.cfg,
local top = self,
local cfg = top.cfg,
cfg:: {
namespace: error "namespace must be set",
prefix: "",
@ -76,7 +76,7 @@ local postgres = import "../../kube/postgres.libsonnet";
},
name(suffix):: cfg.prefix + suffix,
ns: kube.Namespace(cfg.namespace),
local ns = kube.Namespace(cfg.namespace),
postgres: postgres {
cfg+: {
@ -90,7 +90,7 @@ local postgres = import "../../kube/postgres.libsonnet";
},
},
configMap: forgejo.ns.Contain(kube.ConfigMap(forgejo.name("forgejo"))) {
configMap: ns.Contain(kube.ConfigMap(top.name("forgejo"))) {
data: {
"app.ini.template": importstr 'app.ini.template',
"entrypoint.sh": importstr 'entrypoint.sh',
@ -98,26 +98,19 @@ local postgres = import "../../kube/postgres.libsonnet";
},
},
dataVolume: forgejo.ns.Contain(kube.PersistentVolumeClaim(forgejo.name("forgejo"))) {
spec+: {
storageClassName: cfg.storageClassName,
accessModes: [ "ReadWriteOnce" ],
resources: {
requests: {
storage: cfg.storageSize.git,
},
},
},
dataVolume: ns.Contain(kube.PersistentVolumeClaim(top.name("forgejo"))) {
storageClass:: cfg.storageClassName,
storage:: cfg.storageSize.git,
},
forgejoCustom: forgejo.ns.Contain(kube.ConfigMap(forgejo.name("forgejo-custom"))) {
forgejoCustom: ns.Contain(kube.ConfigMap(top.name("forgejo-custom"))) {
data: {
"signin_inner.tmpl": importstr 'signin_inner.tmpl',
"robots.txt": importstr 'robots.txt',
},
},
statefulSet: forgejo.ns.Contain(kube.StatefulSet(forgejo.name("forgejo"))) {
statefulSet: ns.Contain(kube.StatefulSet(top.name("forgejo"))) {
spec+: {
replicas: 1,
template+: {
@ -128,13 +121,13 @@ local postgres = import "../../kube/postgres.libsonnet";
fsGroup: 1000,
},
volumes_: {
configmap: kube.ConfigMapVolume(forgejo.configMap),
custom: kube.ConfigMapVolume(forgejo.forgejoCustom),
data: kube.PersistentVolumeClaimVolume(forgejo.dataVolume),
configmap: top.configMap.volume,
custom: top.forgejoCustom.volume,
data: top.dataVolume.volume,
empty: kube.EmptyDirVolume(),
},
containers_: {
server: kube.Container(forgejo.name("forgejo")) {
server: kube.Container(top.name("forgejo")) {
image: cfg.image,
command: [ "bash", "/usr/bin/entrypoint" ],
ports_: {
@ -157,13 +150,13 @@ local postgres = import "../../kube/postgres.libsonnet";
SECRET_KEY: { secretKeyRef: { name: "forgejo", key: "secret_key" } },
DB_TYPE: "postgres",
DB_HOST: "postgres:5432",
DB_USER: forgejo.postgres.cfg.username,
DB_PASSWD: forgejo.postgres.cfg.password,
DB_NAME: forgejo.postgres.cfg.appName,
DB_USER: top.postgres.cfg.username,
DB_PASSWD: top.postgres.cfg.password,
DB_NAME: top.postgres.cfg.appName,
DOMAIN: cfg.server.domain,
SSH_DOMAIN: cfg.server.sshDomain,
SSH_LISTEN_PORT: "2222",
ROOT_URL: forgejo.cfg.server.rootURL,
ROOT_URL: top.cfg.server.rootURL,
DISABLE_REGISTRATION: cfg.service.disableRegistration,
ALLOW_ONLY_EXTERNAL_REGISTRATION: cfg.service.allowOnlyExternalRegistration,
OFFLINE_MODE: cfg.server.offlineMode,
@ -190,26 +183,27 @@ local postgres = import "../../kube/postgres.libsonnet";
],
},
},
local mainContainer = self.containers_.server,
initContainers: [
kube.Container(forgejo.name("forgejo-dbmigrate")) {
image: forgejo.statefulSet.spec.template.spec.containers_.server.image,
kube.Container(top.name("forgejo-dbmigrate")) {
image: mainContainer.image,
command: [ "bash", "/usr/bin/entrypoint", "/app/gitea/gitea", "migrate" ],
env_: forgejo.statefulSet.spec.template.spec.containers_.server.env_,
volumeMounts: forgejo.statefulSet.spec.template.spec.containers_.server.volumeMounts,
env_: mainContainer.env_,
volumeMounts: mainContainer.volumeMounts,
},
kube.Container(forgejo.name("forgejo-bootstrap-auth")) {
image: forgejo.statefulSet.spec.template.spec.containers_.server.image,
kube.Container(top.name("forgejo-bootstrap-auth")) {
image: mainContainer.image,
command: [
"bash", "/bootstrap-auth.sh"
],
env_: forgejo.statefulSet.spec.template.spec.containers_.server.env_ + {
env_: mainContainer.env_ + {
ADMIN_PASSWORD: { secretKeyRef: { name: "forgejo", key: "admin_password" } },
SSO_CLIENT_ID: { secretKeyRef: { name: "forgejo", key: "oauth2_client_id" } },
SSO_CLIENT_SECRET: { secretKeyRef: { name: "forgejo", key: "oauth2_client_secret" } },
LDAP_BIND_DN: { secretKeyRef: { name: "forgejo", key: "ldap_bind_dn" } },
LDAP_BIND_PASSWORD: { secretKeyRef: { name: "forgejo", key: "ldap_bind_password" } },
},
volumeMounts: forgejo.statefulSet.spec.template.spec.containers_.server.volumeMounts + [
volumeMounts: mainContainer.volumeMounts + [
{ name: "configmap", subPath: "bootstrap-auth.sh", mountPath: "/bootstrap-auth.sh" },
]
},
@ -219,8 +213,8 @@ local postgres = import "../../kube/postgres.libsonnet";
},
},
svc: forgejo.ns.Contain(kube.Service(forgejo.name("forgejo"))) {
target_pod:: forgejo.statefulSet.spec.template,
svc: ns.Contain(kube.Service(top.name("forgejo"))) {
target:: top.statefulSet,
spec+: {
ports: [
{ name: "server", port: 80, targetPort: 3000, protocol: "TCP" },
@ -229,30 +223,9 @@ local postgres = import "../../kube/postgres.libsonnet";
},
},
ingress: forgejo.ns.Contain(kube.Ingress(forgejo.name("forgejo"))) {
metadata+: {
annotations+: {
"kubernetes.io/tls-acme": "true",
"cert-manager.io/cluster-issuer": "letsencrypt-prod",
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
},
},
spec+: {
tls: [
{ hosts: [cfg.server.domain] + cfg.altDomains, secretName: forgejo.name("acme") },
],
rules: [
{
host: domain,
http: {
paths: [
{ path: "/", backend: forgejo.svc.name_port },
],
},
}
for domain in [cfg.server.domain] + cfg.altDomains
],
},
ingress: ns.Contain(kube.SimpleIngress(top.name("forgejo"))) {
hosts:: [cfg.server.domain] + cfg.altDomains,
target:: top.svc,
},
}