mirror of
https://gerrit.hackerspace.pl/hscloud
synced 2025-01-24 15:23:53 +00:00
app/codehosting: clean up
Use "modern" hscloud helpers and conventions in line with the rest of the codebase Change-Id: I3b706869fbeddc72056fb04535e096da5fdba8bc Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/2020 Reviewed-by: informatic <informatic@hackerspace.pl>
This commit is contained in:
parent
e6d36fd20a
commit
2fac2a3fbb
1 changed files with 32 additions and 59 deletions
|
@ -24,12 +24,12 @@
|
|||
|
||||
*/
|
||||
|
||||
local kube = import "../../kube/kube.libsonnet";
|
||||
local kube = import "../../kube/hscloud.libsonnet";
|
||||
local postgres = import "../../kube/postgres.libsonnet";
|
||||
|
||||
{
|
||||
local forgejo = self,
|
||||
local cfg = forgejo.cfg,
|
||||
local top = self,
|
||||
local cfg = top.cfg,
|
||||
cfg:: {
|
||||
namespace: error "namespace must be set",
|
||||
prefix: "",
|
||||
|
@ -76,7 +76,7 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
},
|
||||
|
||||
name(suffix):: cfg.prefix + suffix,
|
||||
ns: kube.Namespace(cfg.namespace),
|
||||
local ns = kube.Namespace(cfg.namespace),
|
||||
|
||||
postgres: postgres {
|
||||
cfg+: {
|
||||
|
@ -90,7 +90,7 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
},
|
||||
},
|
||||
|
||||
configMap: forgejo.ns.Contain(kube.ConfigMap(forgejo.name("forgejo"))) {
|
||||
configMap: ns.Contain(kube.ConfigMap(top.name("forgejo"))) {
|
||||
data: {
|
||||
"app.ini.template": importstr 'app.ini.template',
|
||||
"entrypoint.sh": importstr 'entrypoint.sh',
|
||||
|
@ -98,26 +98,19 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
},
|
||||
},
|
||||
|
||||
dataVolume: forgejo.ns.Contain(kube.PersistentVolumeClaim(forgejo.name("forgejo"))) {
|
||||
spec+: {
|
||||
storageClassName: cfg.storageClassName,
|
||||
accessModes: [ "ReadWriteOnce" ],
|
||||
resources: {
|
||||
requests: {
|
||||
storage: cfg.storageSize.git,
|
||||
},
|
||||
},
|
||||
},
|
||||
dataVolume: ns.Contain(kube.PersistentVolumeClaim(top.name("forgejo"))) {
|
||||
storageClass:: cfg.storageClassName,
|
||||
storage:: cfg.storageSize.git,
|
||||
},
|
||||
|
||||
forgejoCustom: forgejo.ns.Contain(kube.ConfigMap(forgejo.name("forgejo-custom"))) {
|
||||
forgejoCustom: ns.Contain(kube.ConfigMap(top.name("forgejo-custom"))) {
|
||||
data: {
|
||||
"signin_inner.tmpl": importstr 'signin_inner.tmpl',
|
||||
"robots.txt": importstr 'robots.txt',
|
||||
},
|
||||
},
|
||||
|
||||
statefulSet: forgejo.ns.Contain(kube.StatefulSet(forgejo.name("forgejo"))) {
|
||||
statefulSet: ns.Contain(kube.StatefulSet(top.name("forgejo"))) {
|
||||
spec+: {
|
||||
replicas: 1,
|
||||
template+: {
|
||||
|
@ -128,13 +121,13 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
fsGroup: 1000,
|
||||
},
|
||||
volumes_: {
|
||||
configmap: kube.ConfigMapVolume(forgejo.configMap),
|
||||
custom: kube.ConfigMapVolume(forgejo.forgejoCustom),
|
||||
data: kube.PersistentVolumeClaimVolume(forgejo.dataVolume),
|
||||
configmap: top.configMap.volume,
|
||||
custom: top.forgejoCustom.volume,
|
||||
data: top.dataVolume.volume,
|
||||
empty: kube.EmptyDirVolume(),
|
||||
},
|
||||
containers_: {
|
||||
server: kube.Container(forgejo.name("forgejo")) {
|
||||
server: kube.Container(top.name("forgejo")) {
|
||||
image: cfg.image,
|
||||
command: [ "bash", "/usr/bin/entrypoint" ],
|
||||
ports_: {
|
||||
|
@ -157,13 +150,13 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
SECRET_KEY: { secretKeyRef: { name: "forgejo", key: "secret_key" } },
|
||||
DB_TYPE: "postgres",
|
||||
DB_HOST: "postgres:5432",
|
||||
DB_USER: forgejo.postgres.cfg.username,
|
||||
DB_PASSWD: forgejo.postgres.cfg.password,
|
||||
DB_NAME: forgejo.postgres.cfg.appName,
|
||||
DB_USER: top.postgres.cfg.username,
|
||||
DB_PASSWD: top.postgres.cfg.password,
|
||||
DB_NAME: top.postgres.cfg.appName,
|
||||
DOMAIN: cfg.server.domain,
|
||||
SSH_DOMAIN: cfg.server.sshDomain,
|
||||
SSH_LISTEN_PORT: "2222",
|
||||
ROOT_URL: forgejo.cfg.server.rootURL,
|
||||
ROOT_URL: top.cfg.server.rootURL,
|
||||
DISABLE_REGISTRATION: cfg.service.disableRegistration,
|
||||
ALLOW_ONLY_EXTERNAL_REGISTRATION: cfg.service.allowOnlyExternalRegistration,
|
||||
OFFLINE_MODE: cfg.server.offlineMode,
|
||||
|
@ -190,26 +183,27 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
],
|
||||
},
|
||||
},
|
||||
local mainContainer = self.containers_.server,
|
||||
initContainers: [
|
||||
kube.Container(forgejo.name("forgejo-dbmigrate")) {
|
||||
image: forgejo.statefulSet.spec.template.spec.containers_.server.image,
|
||||
kube.Container(top.name("forgejo-dbmigrate")) {
|
||||
image: mainContainer.image,
|
||||
command: [ "bash", "/usr/bin/entrypoint", "/app/gitea/gitea", "migrate" ],
|
||||
env_: forgejo.statefulSet.spec.template.spec.containers_.server.env_,
|
||||
volumeMounts: forgejo.statefulSet.spec.template.spec.containers_.server.volumeMounts,
|
||||
env_: mainContainer.env_,
|
||||
volumeMounts: mainContainer.volumeMounts,
|
||||
},
|
||||
kube.Container(forgejo.name("forgejo-bootstrap-auth")) {
|
||||
image: forgejo.statefulSet.spec.template.spec.containers_.server.image,
|
||||
kube.Container(top.name("forgejo-bootstrap-auth")) {
|
||||
image: mainContainer.image,
|
||||
command: [
|
||||
"bash", "/bootstrap-auth.sh"
|
||||
],
|
||||
env_: forgejo.statefulSet.spec.template.spec.containers_.server.env_ + {
|
||||
env_: mainContainer.env_ + {
|
||||
ADMIN_PASSWORD: { secretKeyRef: { name: "forgejo", key: "admin_password" } },
|
||||
SSO_CLIENT_ID: { secretKeyRef: { name: "forgejo", key: "oauth2_client_id" } },
|
||||
SSO_CLIENT_SECRET: { secretKeyRef: { name: "forgejo", key: "oauth2_client_secret" } },
|
||||
LDAP_BIND_DN: { secretKeyRef: { name: "forgejo", key: "ldap_bind_dn" } },
|
||||
LDAP_BIND_PASSWORD: { secretKeyRef: { name: "forgejo", key: "ldap_bind_password" } },
|
||||
},
|
||||
volumeMounts: forgejo.statefulSet.spec.template.spec.containers_.server.volumeMounts + [
|
||||
volumeMounts: mainContainer.volumeMounts + [
|
||||
{ name: "configmap", subPath: "bootstrap-auth.sh", mountPath: "/bootstrap-auth.sh" },
|
||||
]
|
||||
},
|
||||
|
@ -219,8 +213,8 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
},
|
||||
},
|
||||
|
||||
svc: forgejo.ns.Contain(kube.Service(forgejo.name("forgejo"))) {
|
||||
target_pod:: forgejo.statefulSet.spec.template,
|
||||
svc: ns.Contain(kube.Service(top.name("forgejo"))) {
|
||||
target:: top.statefulSet,
|
||||
spec+: {
|
||||
ports: [
|
||||
{ name: "server", port: 80, targetPort: 3000, protocol: "TCP" },
|
||||
|
@ -229,30 +223,9 @@ local postgres = import "../../kube/postgres.libsonnet";
|
|||
},
|
||||
},
|
||||
|
||||
ingress: forgejo.ns.Contain(kube.Ingress(forgejo.name("forgejo"))) {
|
||||
metadata+: {
|
||||
annotations+: {
|
||||
"kubernetes.io/tls-acme": "true",
|
||||
"cert-manager.io/cluster-issuer": "letsencrypt-prod",
|
||||
"nginx.ingress.kubernetes.io/proxy-body-size": "0",
|
||||
},
|
||||
},
|
||||
spec+: {
|
||||
tls: [
|
||||
{ hosts: [cfg.server.domain] + cfg.altDomains, secretName: forgejo.name("acme") },
|
||||
],
|
||||
rules: [
|
||||
{
|
||||
host: domain,
|
||||
http: {
|
||||
paths: [
|
||||
{ path: "/", backend: forgejo.svc.name_port },
|
||||
],
|
||||
},
|
||||
}
|
||||
for domain in [cfg.server.domain] + cfg.altDomains
|
||||
],
|
||||
},
|
||||
ingress: ns.Contain(kube.SimpleIngress(top.name("forgejo"))) {
|
||||
hosts:: [cfg.server.domain] + cfg.altDomains,
|
||||
target:: top.svc,
|
||||
},
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue