mirror of
https://gerrit.hackerspace.pl/hscloud
synced 2025-01-21 22:03:54 +00:00
hswaw/walne: initial deployment
Co-authored-by: Palid <palid@hackerspace.pl> Change-Id: I7c5ef8a1d310821937c49598c4bd983f80a8fbcb Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1741 Reviewed-by: q3k <q3k@hackerspace.pl>
This commit is contained in:
parent
29a96ddcf7
commit
3fdda9c9a3
3 changed files with 65 additions and 0 deletions
3
app/walne/README.md
Normal file
3
app/walne/README.md
Normal file
|
@ -0,0 +1,3 @@
|
|||
# Walne (General Assembly Paperwork Generator™)
|
||||
|
||||
Source: https://code.hackerspace.pl/hswaw/walne
|
57
app/walne/prod.jsonnet
Normal file
57
app/walne/prod.jsonnet
Normal file
|
@ -0,0 +1,57 @@
|
|||
local kube = import '../../kube/hscloud.libsonnet';
|
||||
|
||||
{
|
||||
local top = self,
|
||||
local cfg = top.cfg,
|
||||
|
||||
cfg:: {
|
||||
name: 'walne',
|
||||
namespace: 'walne',
|
||||
domain: 'walne.hackerspace.pl',
|
||||
image: 'registry.k0.hswaw.net/radex/walne:1698228636',
|
||||
oauthClientId: '992f3daf-a30e-4409-baad-e7b0e4bc2a2e',
|
||||
},
|
||||
|
||||
// kubectl -n walne create secret generic walne --from-literal=ldap_password=xxx --from-literal=oauth_secret=xxx --from-literal=next_auth_secret=$(pwgen 32 1)
|
||||
secrets:: {
|
||||
ldap: { secretKeyRef: { name: cfg.name, key: 'ldap_password' },},
|
||||
ouath: { secretKeyRef: { name: cfg.name, key: 'oauth_secret' } },
|
||||
nextAuth: { secretKeyRef: { name: cfg.name, key: 'next_auth_secret' } },
|
||||
},
|
||||
|
||||
ns: kube.Namespace(cfg.namespace),
|
||||
deployment: top.ns.Contain(kube.Deployment(cfg.name)) {
|
||||
spec+: {
|
||||
template+: {
|
||||
spec+: {
|
||||
containers_: {
|
||||
default: kube.Container('default') {
|
||||
image: cfg.image,
|
||||
ports_: {
|
||||
web: { containerPort: 3000 },
|
||||
},
|
||||
env_: {
|
||||
LDAP_USER_DN: 'cn=walone-generator,ou=services,dc=hackerspace,dc=pl',
|
||||
LDAP_USER_PW: top.secrets.ldap,
|
||||
ALLOWED_LDAP_GROUPS: 'zarzad,rewizja,staff,walne-users',
|
||||
HSWAW_AUTH_CLIENT_ID: cfg.oauthClientId,
|
||||
HSWAW_AUTH_CLIENT_SECRET: top.secrets.ouath,
|
||||
AUTH_SECRET: top.secrets.nextAuth,
|
||||
REDIRECT_PROXY_URL: 'https://' + cfg.domain + '/auth',
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
service: top.ns.Contain(kube.Service(cfg.name)) {
|
||||
target_pod:: top.deployment.spec.template,
|
||||
},
|
||||
|
||||
ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) {
|
||||
hosts:: [cfg.domain],
|
||||
target_service:: top.service,
|
||||
},
|
||||
}
|
|
@ -330,6 +330,7 @@ local admins = import "lib/admins.libsonnet";
|
|||
{ namespace: "inventory", dns: "inventory.hackerspace.pl" },
|
||||
{ namespace: "capacifier", dns: "capacifier.hackerspace.pl" },
|
||||
{ namespace: "ldapweb", dns: "profile.hackerspace.pl" },
|
||||
{ namespace: "walne", dns: "walne.hackerspace.pl" },
|
||||
{ namespace: "devtools-prod", dns: "hackdoc.hackerspace.pl" },
|
||||
{ namespace: "devtools-prod", dns: "cs.hackerspace.pl" },
|
||||
{ namespace: "codehosting-prod", dns: "git.hackerspace.pl" },
|
||||
|
@ -393,6 +394,10 @@ local admins = import "lib/admins.libsonnet";
|
|||
"radex",
|
||||
"palid",
|
||||
],
|
||||
"walne": [
|
||||
"radex",
|
||||
"palid",
|
||||
],
|
||||
"site": [
|
||||
"ar",
|
||||
"radex",
|
||||
|
|
Loading…
Reference in a new issue