From e1dbc3cf74667e699916136c4e371764487103b1 Mon Sep 17 00:00:00 2001 From: Radek Pietruszewski Date: Sun, 29 Oct 2023 22:21:35 +0100 Subject: [PATCH] personal/radex: wordpress Change-Id: Ia493d47ace83451169abb715f893325cba0ce5f7 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1756 --- personal/radex/wordpress/prod.jsonnet | 114 ++++++++++++++++++++++++++ 1 file changed, 114 insertions(+) create mode 100644 personal/radex/wordpress/prod.jsonnet diff --git a/personal/radex/wordpress/prod.jsonnet b/personal/radex/wordpress/prod.jsonnet new file mode 100644 index 00000000..e3f457c4 --- /dev/null +++ b/personal/radex/wordpress/prod.jsonnet @@ -0,0 +1,114 @@ +local kube = import "../../../kube/hscloud.libsonnet"; + +{ + local top = self, + local cfg = self.cfg, + + cfg:: { + name: "wordpress", + namespace: "personal-radex", + domain: "wordpress.hs.radex.io", + + storageClassName: "waw-hdd-redundant-3", + storageSize: "5Gi", + }, + + secrets:: { + mysql: { secretKeyRef: { name: cfg.name, key: 'mysql_password' } }, + wordpress: { secretKeyRef: { name: cfg.name, key: 'wordpress_password' } }, + }, + + ns: kube.Namespace(cfg.namespace), + + deployment: top.ns.Contain(kube.Deployment(cfg.name)) { + spec+: { + replicas: 1, + template+: { + spec+: { + containers_: { + default: kube.Container("default") { + image: 'bitnami/wordpress', + resources: { + requests: { cpu: "50m", memory: "128M" }, + limits: { cpu: "750m", memory: "256M" }, + }, + ports_: { + http: { containerPort: 8080 }, + }, + env_: { + WORDPRESS_DATABASE_HOST: 'wordpress-mysql', + WORDPRESS_DATABASE_NAME: 'wordpress', + WORDPRESS_DATABASE_USER: 'wordpress', + WORDPRESS_DATABASE_PASSWORD: top.secrets.mysql, + WORDPRESS_USERNAME: 'admin', + WORDPRESS_PASSWORD: top.secrets.wordpress, + }, + }, + }, + }, + }, + }, + }, + + service: top.ns.Contain(kube.Service(cfg.name)) { + target_pod:: top.deployment.spec.template, + }, + + ingress: top.ns.Contain(kube.SimpleIngress(cfg.name)) { + hosts:: [cfg.domain], + target_service:: top.service, + }, + + mysql: { + local mysql = self, + + volume: top.ns.Contain(kube.PersistentVolumeClaim("wordpress-mysql")) { + spec+: { + storageClassName: cfg.storageClassName, + accessModes: [ "ReadWriteOnce" ], + resources: { + requests: { + storage: cfg.storageSize, + }, + }, + }, + }, + + deployment: top.ns.Contain(kube.Deployment("wordpress-mysql")) { + spec+: { + replicas: 1, + template+: { + spec+: { + volumes_: { + data: kube.PersistentVolumeClaimVolume(mysql.volume), + }, + containers_: { + default: kube.Container("default") { + image: "mysql:8.2.0", + ports_: { + client: { containerPort: 3306 }, + }, + env_: { + MYSQL_RANDOM_ROOT_PASSWORD: "yes", + MYSQL_DATABASE: "wordpress", + MYSQL_USER: "wordpress", + MYSQL_PASSWORD: top.secrets.mysql, + }, + volumeMounts_: { + data: { mountPath: '/var/lib/mysql' }, + }, + } + }, + securityContext: { + runAsUser: 999, + }, + } + } + } + }, + + service: top.ns.Contain(kube.Service("wordpress-mysql")) { + target_pod:: mysql.deployment.spec.template, + }, + }, +}