From 303f7ae5f2a64ff2bf81862bea939120da51a6d6 Mon Sep 17 00:00:00 2001 From: leo Date: Tue, 10 Aug 2021 10:43:04 +0200 Subject: [PATCH] renamed namespaces to nextcloud --- main/resources/backup/backup-restore.yaml | 59 ------------ main/resources/backup/config.yaml | 9 -- main/resources/backup/configure-as-user.sh | 9 -- main/resources/backup/cron.yaml | 65 ------------- main/resources/backup/secret.yaml | 9 -- main/resources/cloud/certificate.yaml | 13 --- main/resources/cloud/cloud-pod.yml.template | 45 --------- main/resources/cloud/ingress.yaml | 26 ------ main/resources/cloud/persistent-volume.yaml | 15 --- main/resources/cloud/pvc.yaml | 16 ---- main/resources/cloud/service.yaml | 9 -- main/resources/cloud/verify.sh.template | 15 --- main/resources/postgres/configure-as-user.sh | 15 --- main/resources/postgres/verify.sh | 8 -- main/src/meissa/pallet/meissa_cloud/app.clj | 61 ------------ .../meissa/pallet/meissa_cloud/convention.clj | 93 ------------------- .../pallet/meissa_cloud/convention/bash.clj | 10 -- .../meissa_cloud/convention/bash_php.clj | 11 --- main/src/meissa/pallet/meissa_cloud/infra.clj | 51 ---------- .../pallet/meissa_cloud/infra/backup.clj | 39 -------- .../pallet/meissa_cloud/infra/cloud.clj | 57 ------------ .../pallet/meissa_cloud/infra/postgres.clj | 47 ---------- project.clj | 4 +- .../{c4k_cloud => c4k_nextcloud}/uberjar.clj | 6 +- .../{c4k_cloud => c4k_nextcloud}/backup.cljc | 2 +- .../{c4k_cloud => c4k_nextcloud}/cloud.cljc | 35 +++---- .../{c4k_cloud => c4k_nextcloud}/core.cljc | 26 +++--- .../{c4k_cloud => c4k_nextcloud}/browser.cljs | 31 ++++--- src/main/resources/backup/backup-restore.yaml | 27 +++--- src/main/resources/backup/cron.yaml | 33 +++---- src/main/resources/backup/secret.yaml | 2 +- .../resources/cloud/configure-as-user.sh | 0 src/main/resources/cloud/deployment.yaml | 50 ++++++---- src/main/resources/cloud/ingress.yaml | 2 +- .../cloud/install-as-root.sh.template | 0 .../resources/cloud/persistent-volume.yaml | 3 +- .../main}/resources/cloud/pod-running.sh | 0 src/main/resources/cloud/pvc.yaml | 5 +- .../main}/resources/cloud/secret.yaml | 0 src/main/resources/cloud/service.yaml | 4 +- src/main/resources/logback.xml | 50 ---------- .../postgres/install-as-root.sh.template | 0 .../resources/postgres/postgres-config.yaml | 0 .../postgres/postgres-deployment.yaml | 0 .../postgres/postgres-persistent-volume.yaml | 0 .../main/resources/postgres/postgres-pvc.yaml | 0 .../resources/postgres/postgres-secret.yaml | 0 .../resources/postgres/postgres-service.yaml | 0 src/test/cljc/dda/c4k_cloud/backup_test.cljc | 93 ------------------- src/test/cljc/dda/c4k_cloud/cloud_test.cljc | 80 ---------------- src/test/cljc/dda/c4k_cloud/core_test.cljc | 35 ------- .../meissa/pallet/meissa_cloud/app_test.clj | 8 +- .../src/meissa/pallet/meissa_cloud/main.clj | 12 +-- 53 files changed, 131 insertions(+), 1059 deletions(-) delete mode 100644 main/resources/backup/backup-restore.yaml delete mode 100644 main/resources/backup/config.yaml delete mode 100644 main/resources/backup/configure-as-user.sh delete mode 100644 main/resources/backup/cron.yaml delete mode 100644 main/resources/backup/secret.yaml delete mode 100644 main/resources/cloud/certificate.yaml delete mode 100644 main/resources/cloud/cloud-pod.yml.template delete mode 100644 main/resources/cloud/ingress.yaml delete mode 100644 main/resources/cloud/persistent-volume.yaml delete mode 100644 main/resources/cloud/pvc.yaml delete mode 100644 main/resources/cloud/service.yaml delete mode 100644 main/resources/cloud/verify.sh.template delete mode 100644 main/resources/postgres/configure-as-user.sh delete mode 100644 main/resources/postgres/verify.sh delete mode 100644 main/src/meissa/pallet/meissa_cloud/app.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/convention.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/convention/bash.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/convention/bash_php.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/infra.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/infra/backup.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/infra/cloud.clj delete mode 100644 main/src/meissa/pallet/meissa_cloud/infra/postgres.clj rename src/main/clj/dda/{c4k_cloud => c4k_nextcloud}/uberjar.clj (93%) rename src/main/cljc/dda/{c4k_cloud => c4k_nextcloud}/backup.cljc (98%) rename src/main/cljc/dda/{c4k_cloud => c4k_nextcloud}/cloud.cljc (50%) rename src/main/cljc/dda/{c4k_cloud => c4k_nextcloud}/core.cljc (66%) rename src/main/cljs/dda/{c4k_cloud => c4k_nextcloud}/browser.cljs (65%) rename {main => src/main}/resources/cloud/configure-as-user.sh (100%) rename {main => src/main}/resources/cloud/install-as-root.sh.template (100%) rename {main => src/main}/resources/cloud/pod-running.sh (100%) mode change 100755 => 100644 rename {main => src/main}/resources/cloud/secret.yaml (100%) delete mode 100644 src/main/resources/logback.xml rename {main => src/main}/resources/postgres/install-as-root.sh.template (100%) rename main/resources/postgres/postgres-config.yml => src/main/resources/postgres/postgres-config.yaml (100%) rename main/resources/postgres/postgres-deployment.yml.template => src/main/resources/postgres/postgres-deployment.yaml (100%) rename main/resources/postgres/postgres-persistent-volume.yml => src/main/resources/postgres/postgres-persistent-volume.yaml (100%) rename main/resources/postgres/postgres-pvc.yml => src/main/resources/postgres/postgres-pvc.yaml (100%) rename main/resources/postgres/postgres-secret.yml.template => src/main/resources/postgres/postgres-secret.yaml (100%) rename main/resources/postgres/postgres-service.yml => src/main/resources/postgres/postgres-service.yaml (100%) delete mode 100644 src/test/cljc/dda/c4k_cloud/backup_test.cljc delete mode 100644 src/test/cljc/dda/c4k_cloud/cloud_test.cljc delete mode 100644 src/test/cljc/dda/c4k_cloud/core_test.cljc diff --git a/main/resources/backup/backup-restore.yaml b/main/resources/backup/backup-restore.yaml deleted file mode 100644 index c13e166..0000000 --- a/main/resources/backup/backup-restore.yaml +++ /dev/null @@ -1,59 +0,0 @@ -kind: Pod -apiVersion: v1 -metadata: - name: backup-restore - labels: - app.kubernetes.io/name: backup-restore - app.kubernetes.io/part-of: cloud -spec: - containers: - - name: backup-app - image: domaindrivenarchitecture/c4k-cloud-backup - imagePullPolicy: IfNotPresent - command: ["/entrypoint-start-and-wait.sh"] - env: - - name: POSTGRES_USER_FILE - value: /var/run/secrets/cloud-secrets/postgres-user - - name: POSTGRES_DB_FILE - value: /var/run/secrets/cloud-secrets/postgres-db - - name: POSTGRES_PASSWORD_FILE - value: /var/run/secrets/cloud-secrets/postgres-password - - name: POSTGRES_HOST - value: "postgresql-service:5432" - - name: POSTGRES_SERVICE - value: "postgresql-service" - - name: POSTGRES_PORT - value: "5432" - - name: AWS_DEFAULT_REGION - value: eu-central-1 - - name: AWS_ACCESS_KEY_ID_FILE - value: /var/run/secrets/backup-secrets/aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY_FILE - value: /var/run/secrets/backup-secrets/aws-secret-access-key - - name: RESTIC_REPOSITORY - valueFrom: - configMapKeyRef: - name: backup-config - key: restic-repository - - name: RESTIC_PASSWORD_FILE - value: /var/run/secrets/backup-secrets/restic-password - volumeMounts: - - name: cloud-data-volume - mountPath: /var/backups - - name: backup-secret-volume - mountPath: /var/run/secrets/backup-secrets - readOnly: true - - name: cloud-secret-volume - mountPath: /var/run/secrets/cloud-secrets - readOnly: true - volumes: - - name: cloud-data-volume - persistentVolumeClaim: - claimName: cloud-pvc - - name: cloud-secret-volume - secret: - secretName: cloud-secret - - name: backup-secret-volume - secret: - secretName: backup-secret - restartPolicy: OnFailure \ No newline at end of file diff --git a/main/resources/backup/config.yaml b/main/resources/backup/config.yaml deleted file mode 100644 index 17aa35c..0000000 --- a/main/resources/backup/config.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: backup-config - labels: - app.kubernetes.io/name: backup - app.kubernetes.io/part-of: cloud -data: - restic-repository: restic-repository \ No newline at end of file diff --git a/main/resources/backup/configure-as-user.sh b/main/resources/backup/configure-as-user.sh deleted file mode 100644 index a5a099c..0000000 --- a/main/resources/backup/configure-as-user.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -kubectl delete --ignore-not-found=true -f backup-secret.yml -kubectl delete --ignore-not-found=true -f backup-config.yml -kubectl delete --ignore-not-found=true -f backup-cron.yml - -kubectl apply -f backup-secret.yml -kubectl apply -f backup-config.yml -kubectl apply -f backup-cron.yml diff --git a/main/resources/backup/cron.yaml b/main/resources/backup/cron.yaml deleted file mode 100644 index 8bb54bc..0000000 --- a/main/resources/backup/cron.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: batch/v1beta1 -kind: CronJob -metadata: - name: cloud-backup - labels: - app.kubernetes.part-of: cloud -spec: - schedule: "10 23 * * *" - successfulJobsHistoryLimit: 0 - failedJobsHistoryLimit: 0 - jobTemplate: - spec: - template: - spec: - containers: - - name: backup-app - image: domaindrivenarchitecture/meissa-cloud-backup - imagePullPolicy: IfNotPresent - command: ["/entrypoint.sh"] - env: - - name: POSTGRES_USER_FILE - value: /var/run/secrets/cloud-secrets/postgres-user - - name: POSTGRES_DB_FILE - value: /var/run/secrets/cloud-secrets/postgres-db - - name: POSTGRES_PASSWORD_FILE - value: /var/run/secrets/cloud-secrets/postgres-password - - name: POSTGRES_HOST - value: "postgresql-service:5432" - - name: POSTGRES_SERVICE - value: "postgresql-service" - - name: POSTGRES_PORT - value: "5432" - - name: AWS_DEFAULT_REGION - value: eu-central-1 - - name: AWS_ACCESS_KEY_ID_FILE - value: /var/run/secrets/backup-secrets/aws-access-key-id - - name: AWS_SECRET_ACCESS_KEY_FILE - value: /var/run/secrets/backup-secrets/aws-secret-access-key - - name: RESTIC_REPOSITORY - valueFrom: - configMapKeyRef: - name: backup-config - key: restic-repository - - name: RESTIC_PASSWORD_FILE - value: /var/run/secrets/backup-secrets/restic-password - volumeMounts: - - name: cloud-data-volume - mountPath: /var/backups - - name: backup-secret-volume - mountPath: /var/run/secrets/backup-secrets - readOnly: true - - name: cloud-secret-volume - mountPath: /var/run/secrets/cloud-secrets - readOnly: true - volumes: - - name: cloud-data-volume - persistentVolumeClaim: - claimName: cloud-pvc - - name: cloud-secret-volume - secret: - secretName: cloud-secret - - name: backup-secret-volume - secret: - secretName: backup-secret - restartPolicy: OnFailure \ No newline at end of file diff --git a/main/resources/backup/secret.yaml b/main/resources/backup/secret.yaml deleted file mode 100644 index 4b68578..0000000 --- a/main/resources/backup/secret.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: backup-secret -type: Opaque -stringData: - aws-access-key-id: aws-access-key-id - aws-secret-access-key: aws-secret-access-key - restic-password: restic-password \ No newline at end of file diff --git a/main/resources/cloud/certificate.yaml b/main/resources/cloud/certificate.yaml deleted file mode 100644 index 054965b..0000000 --- a/main/resources/cloud/certificate.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: cert-manager.io/v1alpha2 -kind: Certificate -metadata: - name: cloud-cert - namespace: default -spec: - secretName: cloud-secret - commonName: fqdn - dnsNames: - - fqdn - issuerRef: - name: letsencrypt-staging-issuer - kind: ClusterIssuer \ No newline at end of file diff --git a/main/resources/cloud/cloud-pod.yml.template b/main/resources/cloud/cloud-pod.yml.template deleted file mode 100644 index eac26ec..0000000 --- a/main/resources/cloud/cloud-pod.yml.template +++ /dev/null @@ -1,45 +0,0 @@ -kind: Pod -apiVersion: v1 -metadata: - name: cloud - labels: - app.kubernetes.io/name: cloud -spec: - shareProcessNamespace: true - containers: - - name: cloud-app - image: domaindrivenarchitecture/meissa-cloud-app - imagePullPolicy: IfNotPresent - ports: - - containerPort: 80 - env: - - name: NEXTCLOUD_ADMIN_USER_FILE - value: /var/run/secrets/cloud-secrets/nextcloud-admin-user - - name: NEXTCLOUD_ADMIN_PASSWORD_FILE - value: /var/run/secrets/cloud-secrets/nextcloud-admin-password - - name: NEXTCLOUD_TRUSTED_DOMAINS - value: "{{fqdn}}" - - name: POSTGRES_USER_FILE - value: /var/run/secrets/cloud-secrets/postgres-user - - name: POSTGRES_PASSWORD_FILE - value: /var/run/secrets/cloud-secrets/postgres-password - - name: POSTGRES_DB_FILE - value: /var/run/secrets/cloud-secrets/postgres-db - - name: POSTGRES_HOST - value: "postgresql-service:5432" - volumeMounts: - - name: cloud-data-volume - mountPath: /var/www/html - - name: cloud-secret-volume - mountPath: /var/run/secrets/cloud-secrets - readOnly: true - volumes: - - name: cloud-data-volume - persistentVolumeClaim: - claimName: cloud-pvc - - name: cloud-secret-volume - secret: - secretName: cloud-secret - - name: backup-secret-volume - secret: - secretName: backup-secret diff --git a/main/resources/cloud/ingress.yaml b/main/resources/cloud/ingress.yaml deleted file mode 100644 index cc5a0df..0000000 --- a/main/resources/cloud/ingress.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: ingress-cloud - annotations: - cert-manager.io/cluster-issuer: letsencrypt-staging-issuer - nginx.ingress.kubernetes.io/proxy-body-size: "256m" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/proxy-connect-timeout: "300" - nginx.ingress.kubernetes.io/proxy-send-timeout: "300" - nginx.ingress.kubernetes.io/proxy-read-timeout: "300" - namespace: default -spec: - tls: - - hosts: - - fqdn - secretName: cloud-secret - rules: - - host: fqdn - http: - paths: - - path: / - backend: - serviceName: cloud-service - servicePort: 80 diff --git a/main/resources/cloud/persistent-volume.yaml b/main/resources/cloud/persistent-volume.yaml deleted file mode 100644 index 7c3f89e..0000000 --- a/main/resources/cloud/persistent-volume.yaml +++ /dev/null @@ -1,15 +0,0 @@ -kind: PersistentVolume -apiVersion: v1 -metadata: - name: cloud-pv-volume - labels: - type: local - app: cloud -spec: - storageClassName: manual - accessModes: - - ReadWriteOnce - capacity: - storage: {{storage-size}}Gi #??? 30Gi? - hostPath: - path: "/var/cloud" diff --git a/main/resources/cloud/pvc.yaml b/main/resources/cloud/pvc.yaml deleted file mode 100644 index d4f7e04..0000000 --- a/main/resources/cloud/pvc.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: cloud-pvc - labels: - app: cloud -spec: - storageClassName: manual - accessModes: - - ReadWriteOnce - resources: - requests: - storage: {{storage-size}}Gi #??? 30Gi? - selector: - matchLabels: - app: cloud diff --git a/main/resources/cloud/service.yaml b/main/resources/cloud/service.yaml deleted file mode 100644 index 7fcd0d7..0000000 --- a/main/resources/cloud/service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: cloud-service -spec: - selector: - app.kubernetes.io/name: cloud #??? - ports: - - port: 80 diff --git a/main/resources/cloud/verify.sh.template b/main/resources/cloud/verify.sh.template deleted file mode 100644 index ad362e5..0000000 --- a/main/resources/cloud/verify.sh.template +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -echo -e "\n====================\n" -echo -e "cloud is running, ingress exists" -echo -e "\n====================\n" -kubectl get all - -echo -e "\n====================\n" -echo -e "shows certificate with subject" -echo -e "CN={{fqdn}}" -echo -e "issuer: CN=Fake LE Intermediate X1" -echo -e "\n====================\n" -curl --insecure -v https://{{fqdn}} - -echo -e "\n" diff --git a/main/resources/postgres/configure-as-user.sh b/main/resources/postgres/configure-as-user.sh deleted file mode 100644 index 3d76fbe..0000000 --- a/main/resources/postgres/configure-as-user.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash - -kubectl delete --ignore-not-found=true -f postgres-deployment.yml -kubectl delete --ignore-not-found=true -f postgres-pvc.yml -kubectl delete --ignore-not-found=true -f postgres-service.yml -kubectl delete --ignore-not-found=true -f postgres-config.yml -kubectl delete --ignore-not-found=true -f postgres-secret.yml -kubectl delete --ignore-not-found=true -f postgres-persistent-volume.yml - -kubectl apply -f postgres-persistent-volume.yml -kubectl apply -f postgres-secret.yml -kubectl apply -f postgres-config.yml -kubectl apply -f postgres-service.yml -kubectl apply -f postgres-pvc.yml -kubectl apply -f postgres-deployment.yml diff --git a/main/resources/postgres/verify.sh b/main/resources/postgres/verify.sh deleted file mode 100644 index b9f0730..0000000 --- a/main/resources/postgres/verify.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -echo -e "\n====================\n" -echo -e "postgres is running" -echo -e "\n====================\n" -kubectl get all - -echo -e "\n" diff --git a/main/src/meissa/pallet/meissa_cloud/app.clj b/main/src/meissa/pallet/meissa_cloud/app.clj deleted file mode 100644 index 1547082..0000000 --- a/main/src/meissa/pallet/meissa_cloud/app.clj +++ /dev/null @@ -1,61 +0,0 @@ -(ns meissa.pallet.meissa-cloud.app - (:require - [schema.core :as s] - [dda.pallet.commons.secret :as secret] - [dda.config.commons.map-utils :as mu] - [dda.pallet.core.app :as core-app] - [dda.pallet.dda-config-crate.infra :as config-crate] - [dda.pallet.dda-user-crate.app :as user] - [dda.pallet.dda-k8s-crate.app :as k8s] - [meissa.pallet.meissa-cloud.convention :as convention] - [meissa.pallet.meissa-cloud.infra :as infra])) - -(def with-cloud infra/with-cloud) - -(def CloudConvention convention/CloudConvention) - -(def CloudConventionResolved convention/CloudConventionResolved) - -(def InfraResult convention/InfraResult) - -(def CloudApp - {:group-specific-config - {s/Keyword (merge InfraResult - user/InfraResult - k8s/InfraResult)}}) - -(s/defn ^:always-validate - app-configuration-resolved :- CloudApp - [resolved-convention-config :- CloudConventionResolved - & options] - (let [{:keys [group-key] :or {group-key infra/facility}} options] - (mu/deep-merge - (k8s/app-configuration-resolved - (convention/k8s-convention-configuration resolved-convention-config) :group-key group-key) - {:group-specific-config - {group-key - (convention/infra-configuration resolved-convention-config)}}))) - -(s/defn ^:always-validate - app-configuration :- CloudApp - [convention-config :- CloudConvention - & options] - (let [resolved-convention-config (secret/resolve-secrets convention-config CloudConvention)] - (apply app-configuration-resolved resolved-convention-config options))) - -(s/defmethod ^:always-validate - core-app/group-spec infra/facility - [crate-app - convention-config :- CloudConventionResolved] - (let [app-config (app-configuration-resolved convention-config)] - (core-app/pallet-group-spec - app-config [(config-crate/with-config app-config) - user/with-user - k8s/with-k8s - with-cloud]))) - -(def crate-app (core-app/make-dda-crate-app - :facility infra/facility - :convention-schema CloudConvention - :convention-schema-resolved CloudConventionResolved - :default-convention-file "cloud.edn")) diff --git a/main/src/meissa/pallet/meissa_cloud/convention.clj b/main/src/meissa/pallet/meissa_cloud/convention.clj deleted file mode 100644 index 17223f4..0000000 --- a/main/src/meissa/pallet/meissa_cloud/convention.clj +++ /dev/null @@ -1,93 +0,0 @@ -(ns meissa.pallet.meissa-cloud.convention - (:require - [schema.core :as s] - [dda.pallet.commons.secret :as secret] - [dda.config.commons.map-utils :as mu] - [clojure.spec.alpha :as sp] - [clojure.spec.test.alpha :as st] - [dda.pallet.dda-k8s-crate.convention :as k8s-convention] - [meissa.pallet.meissa-cloud.infra :as infra] - [clojure.string :as str] - [meissa.pallet.meissa-cloud.convention.bash :as bash] - [meissa.pallet.meissa-cloud.convention.bash-php :as bash-php])) - -(def InfraResult {infra/facility infra/MeissaCloudInfra}) - -(s/def CloudConvention - {:user s/Keyword - :external-ip s/Str - :fqdn s/Str - :cert-manager (s/enum :letsencrypt-prod-issuer :letsencrypt-staging-issuer) - :db-user-password secret/Secret - :admin-user s/Str - :admin-password secret/Secret - :storage-size s/Int - :restic-repository s/Str - :aws-access-key-id secret/Secret - :aws-secret-access-key secret/Secret - :restic-password secret/Secret - (s/optional-key :u18-04) (s/enum true)}) - -(def CloudConventionResolved (secret/create-resolved-schema CloudConvention)) - -(sp/def ::user keyword?) -(sp/def ::external-ip string?) -(sp/def ::fqdn string?) -(sp/def ::cert-manager #{:letsencrypt-prod-issuer :letsencrypt-staging-issuer}) -(sp/def ::db-user-password bash-php/bash-php-env-string?) -(sp/def ::admin-user bash-php/bash-php-env-string?) -(sp/def ::admin-password bash-php/bash-php-env-string?) -(sp/def ::storage-size int?) -(sp/def ::restic-repository string?) -(sp/def ::restic-password bash/bash-env-string?) -(sp/def ::aws-access-key-id bash/bash-env-string?) -(sp/def ::aws-secret-access-key bash/bash-env-string?) -(sp/def ::u18-04 #{true}) -(def cloud-convention-resolved? (sp/keys :req-un [::user ::external-ip ::fqdn ::cert-manager - ::db-user-password ::admin-user ::admin-password - ::storage-size ::restic-repository ::restic-password - ::aws-access-key-id ::aws-secret-access-key ] - :opt-un [::u18-04])) - -(def cloud-spec-resolved nil) - -(s/defn k8s-convention-configuration :- k8s-convention/k8sConventionResolved - [convention-config :- CloudConventionResolved] - {:pre [(sp/valid? cloud-convention-resolved? convention-config)]} - (let [{:keys [cert-manager external-ip user u18-04]} convention-config - cluster-issuer (name cert-manager)] - (if u18-04 - {:user user - :k8s {:external-ip external-ip - :u18-04 true} - :cert-manager cert-manager} - {:user user - :k8s {:external-ip external-ip} - :cert-manager cert-manager}))) - - -(s/defn ^:always-validate - infra-configuration :- InfraResult - [convention-config :- CloudConventionResolved] - (let [{:keys [cert-manager fqdn user db-user-password admin-user admin-password storage-size - restic-repository aws-access-key-id aws-secret-access-key restic-password]} convention-config - cluster-issuer (name cert-manager) - db-user-name "cloud"] - {infra/facility - {:user user - :backup {:restic-repository restic-repository - :aws-access-key-id aws-access-key-id - :aws-secret-access-key aws-secret-access-key - :restic-password restic-password} - :cloud {:fqdn fqdn - :secret-name (str/replace fqdn #"\." "-") - :cluster-issuer cluster-issuer - :db-name "cloud" - :db-user-password db-user-password - :db-user-name db-user-name - :admin-user admin-user - :admin-password admin-password - :storage-size (str storage-size)} - :postgres {:db-user-password db-user-password - :db-user-name db-user-name}}})) - diff --git a/main/src/meissa/pallet/meissa_cloud/convention/bash.clj b/main/src/meissa/pallet/meissa_cloud/convention/bash.clj deleted file mode 100644 index 5d1ef2c..0000000 --- a/main/src/meissa/pallet/meissa_cloud/convention/bash.clj +++ /dev/null @@ -1,10 +0,0 @@ -(ns meissa.pallet.meissa-cloud.convention.bash - (:require - [clojure.spec.alpha :as s])) - -(defn bash-env-string? - [input] - (and (string? input) - (not (re-matches #".*['\"\$]+.*" input)))) - -(s/def ::plain bash-env-string?) diff --git a/main/src/meissa/pallet/meissa_cloud/convention/bash_php.clj b/main/src/meissa/pallet/meissa_cloud/convention/bash_php.clj deleted file mode 100644 index d065a66..0000000 --- a/main/src/meissa/pallet/meissa_cloud/convention/bash_php.clj +++ /dev/null @@ -1,11 +0,0 @@ -(ns meissa.pallet.meissa-cloud.convention.bash-php - (:require - [clojure.spec.alpha :as s] - [meissa.pallet.meissa-cloud.convention.bash :as bash])) - -(defn bash-php-env-string? - [input] - (and (bash/bash-env-string? input) - (not (re-matches #".*[\-\\\\]+.*" input)))) - -(s/def ::plain bash-php-env-string?) diff --git a/main/src/meissa/pallet/meissa_cloud/infra.clj b/main/src/meissa/pallet/meissa_cloud/infra.clj deleted file mode 100644 index a964dc3..0000000 --- a/main/src/meissa/pallet/meissa_cloud/infra.clj +++ /dev/null @@ -1,51 +0,0 @@ -(ns meissa.pallet.meissa-cloud.infra - (:require - [schema.core :as s] - [dda.pallet.core.infra :as core-infra] - [meissa.pallet.meissa-cloud.infra.backup :as backup] - [meissa.pallet.meissa-cloud.infra.cloud :as cloud] - [meissa.pallet.meissa-cloud.infra.postgres :as postgres])) - -(def facility :meissa-cloud) - -(def MeissaCloudInfra - (merge - {:user s/Keyword} - backup/MeissaBackupInfra - cloud/MeissaCloudInfra - postgres/MeissaPostgresInfra)) - -(s/defmethod core-infra/dda-init facility - [dda-crate config] - (let [facility (:facility dda-crate) - {:keys [user backup postgres cloud]} config - user-str (name user)] - (postgres/init facility user-str postgres) - (cloud/init facility user-str cloud) - (backup/init facility user-str backup))) - -(s/defmethod core-infra/dda-install facility - [dda-crate config] - (let [facility (:facility dda-crate) - {:keys [user backup postgres cloud]} config - user-str (name user)] - (postgres/install facility user-str postgres) - (cloud/install facility user-str cloud) - (backup/install facility user-str backup))) - -(s/defmethod core-infra/dda-configure facility - [dda-crate config] - (let [facility (:facility dda-crate) - {:keys [user backup postgres cloud]} config - user-str (name user)] - (postgres/configure facility user-str postgres) - (cloud/configure facility user-str cloud) - (backup/configure facility user-str backup))) - -(def meissa-cloud - (core-infra/make-dda-crate-infra - :facility facility - :infra-schema MeissaCloudInfra)) - -(def with-cloud - (core-infra/create-infra-plan meissa-cloud)) diff --git a/main/src/meissa/pallet/meissa_cloud/infra/backup.clj b/main/src/meissa/pallet/meissa_cloud/infra/backup.clj deleted file mode 100644 index c80ead6..0000000 --- a/main/src/meissa/pallet/meissa_cloud/infra/backup.clj +++ /dev/null @@ -1,39 +0,0 @@ -(ns meissa.pallet.meissa-cloud.infra.backup - (:require - [schema.core :as s] - [dda.provision :as p] - [dda.provision.pallet :as pp])) - -(s/def Backup - {:restic-repository s/Str - :aws-access-key-id s/Str - :aws-secret-access-key s/Str - :restic-password s/Str}) - -(def MeissaBackupInfra {:backup Backup}) - -(def backup "backup") - -(defn init [facility user config]) - -(defn install - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name backup - ::p/info "install") - (p/copy-resources-to-user - ::pp/pallet user facility-name backup - [{:filename "backup-secret.yml" :config config} - {:filename "backup-config.yml" :config config} - {:filename "configure-as-user.sh"} - {:filename "backup-restore.yml"} - {:filename "backup-cron.yml"}]))) - -(defn configure - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name backup - ::p/info "configure") - (p/exec-file-on-target-as-user - ::pp/pallet user facility-name backup "configure-as-user.sh") - )) diff --git a/main/src/meissa/pallet/meissa_cloud/infra/cloud.clj b/main/src/meissa/pallet/meissa_cloud/infra/cloud.clj deleted file mode 100644 index ed11188..0000000 --- a/main/src/meissa/pallet/meissa_cloud/infra/cloud.clj +++ /dev/null @@ -1,57 +0,0 @@ -(ns meissa.pallet.meissa-cloud.infra.cloud - (:require - [schema.core :as s] - [dda.provision :as p] - [dda.provision.pallet :as pp])) - -(s/def Cloud - {:fqdn s/Str - :secret-name s/Str - :cluster-issuer s/Str - :db-name s/Str - :db-user-name s/Str - :db-user-password s/Str - :admin-user s/Str - :admin-password s/Str - :storage-size s/Str}) - -(def MeissaCloudInfra {:cloud Cloud}) - -(def cloud "cloud") - -(defn init - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name cloud - ::p/info "init") - (p/copy-resources-to-tmp - ::pp/pallet facility-name cloud - [{:filename "install-as-root.sh" :config {:user user}}]))) - - -(defn install - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name cloud - ::p/info "install") - (p/copy-resources-to-user - ::pp/pallet user facility-name cloud - [{:filename "pod-running.sh"} - {:filename "cloud-persistent-volume.yml" :config config} - {:filename "cloud-secret.yml" :config config} - {:filename "cloud-service.yml"} - {:filename "cloud-pvc.yml" :config config} - {:filename "cloud-pod.yml" :config config} - {:filename "cloud-ingress.yml" :config config} - {:filename "configure-as-user.sh"} - {:filename "verify.sh" :config config}]) - (p/exec-file-on-target-as-root - ::pp/pallet facility-name cloud "install-as-root.sh"))) - -(defn configure - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name cloud - ::p/info "configure") - (p/exec-file-on-target-as-user - ::pp/pallet user facility-name cloud "configure-as-user.sh"))) diff --git a/main/src/meissa/pallet/meissa_cloud/infra/postgres.clj b/main/src/meissa/pallet/meissa_cloud/infra/postgres.clj deleted file mode 100644 index 60a3e8b..0000000 --- a/main/src/meissa/pallet/meissa_cloud/infra/postgres.clj +++ /dev/null @@ -1,47 +0,0 @@ -(ns meissa.pallet.meissa-cloud.infra.postgres - (:require - [schema.core :as s] - [dda.provision :as p] - [dda.provision.pallet :as pp])) - -(s/def Postgres {:db-user-name s/Str :db-user-password s/Str}) - -(def MeissaPostgresInfra {:postgres Postgres}) - -(def postgres "postgres") - -(defn init - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name postgres - ::p/info "init") - (p/copy-resources-to-tmp - ::pp/pallet facility-name postgres - [{:filename "install-as-root.sh" :config {:user user}}]))) - - -(defn install - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name postgres - ::p/info "install") - (p/copy-resources-to-user - ::pp/pallet user facility-name postgres - [{:filename "postgres-persistent-volume.yml"} - {:filename "postgres-secret.yml" :config config} - {:filename "postgres-config.yml"} - {:filename "postgres-service.yml"} - {:filename "postgres-pvc.yml"} - {:filename "postgres-deployment.yml" :config config} - {:filename "configure-as-user.sh"} - {:filename "verify.sh"}]) - (p/exec-file-on-target-as-root - ::pp/pallet facility-name postgres "install-as-root.sh"))) - -(defn configure - [facility user config] - (let [facility-name (name facility)] - (p/provision-log ::pp/pallet facility-name postgres - ::p/info "configure") - (p/exec-file-on-target-as-user - ::pp/pallet user facility-name postgres "configure-as-user.sh"))) diff --git a/project.clj b/project.clj index 4d4e476..be010d3 100644 --- a/project.clj +++ b/project.clj @@ -38,8 +38,8 @@ :uberjar {:source-paths ["uberjar/src"] :resource-paths ["uberjar/resources"] :aot :all - :main meissa.pallet.meissa-cloud.main - :uberjar-name "meissa-cloud-standalone.jar" + :main dda.c4k-nextcloud.uberjar + :uberjar-name "c4k-nextcloud-standalone.jar" :dependencies [[org.clojure/tools.cli "1.0.194"] [ch.qos.logback/logback-classic "1.3.0-alpha5"] [org.slf4j/jcl-over-slf4j "2.0.0-alpha1"]]}} diff --git a/src/main/clj/dda/c4k_cloud/uberjar.clj b/src/main/clj/dda/c4k_nextcloud/uberjar.clj similarity index 93% rename from src/main/clj/dda/c4k_cloud/uberjar.clj rename to src/main/clj/dda/c4k_nextcloud/uberjar.clj index 49f37b0..4c5a766 100644 --- a/src/main/clj/dda/c4k_cloud/uberjar.clj +++ b/src/main/clj/dda/c4k_nextcloud/uberjar.clj @@ -1,16 +1,16 @@ -(ns dda.c4k-cloud.uberjar +(ns dda.c4k-nextcloud.uberjar (:gen-class) (:require [clojure.spec.alpha :as s] [clojure.string :as cs] [clojure.tools.reader.edn :as edn] [expound.alpha :as expound] - [dda.c4k-cloud.core :as core])) + [dda.c4k-nextcloud.core :as core])) (def usage "usage: - c4k-cloud {your configuraton file} {your authorization file}") + c4k-nextcloud {your configuraton file} {your authorization file}") (s/def ::options (s/* #{"-h"})) (s/def ::filename (s/and string? diff --git a/src/main/cljc/dda/c4k_cloud/backup.cljc b/src/main/cljc/dda/c4k_nextcloud/backup.cljc similarity index 98% rename from src/main/cljc/dda/c4k_cloud/backup.cljc rename to src/main/cljc/dda/c4k_nextcloud/backup.cljc index 1876e10..19973c1 100644 --- a/src/main/cljc/dda/c4k_cloud/backup.cljc +++ b/src/main/cljc/dda/c4k_nextcloud/backup.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-cloud.backup +(ns dda.c4k-nextcloud.backup (:require [clojure.spec.alpha :as s] #?(:cljs [shadow.resource :as rc]) diff --git a/src/main/cljc/dda/c4k_cloud/cloud.cljc b/src/main/cljc/dda/c4k_nextcloud/cloud.cljc similarity index 50% rename from src/main/cljc/dda/c4k_cloud/cloud.cljc rename to src/main/cljc/dda/c4k_nextcloud/cloud.cljc index 79b74f8..4f715ed 100644 --- a/src/main/cljc/dda/c4k_cloud/cloud.cljc +++ b/src/main/cljc/dda/c4k_nextcloud/cloud.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-cloud.cloud +(ns dda.c4k-nextcloud.nextcloud (:require [clojure.spec.alpha :as s] #?(:cljs [shadow.resource :as rc]) @@ -7,31 +7,32 @@ (s/def ::fqdn cm/fqdn-string?) (s/def ::issuer cm/letsencrypt-issuer?) -(s/def ::cloud-data-volume-path string?) +(s/def ::restic-repository string?) +(s/def ::nextcloud-data-volume-path string?) #?(:cljs - (defmethod yaml/load-resource :cloud [resource-name] + (defmethod yaml/load-resource :nextcloud [resource-name] (case resource-name - "cloud/certificate.yaml" (rc/inline "cloud/certificate.yaml") - "cloud/deployment.yaml" (rc/inline "cloud/deployment.yaml") - "cloud/ingress.yaml" (rc/inline "cloud/ingress.yaml") - "cloud/persistent-volume.yaml" (rc/inline "cloud/persistent-volume.yaml") - "cloud/pvc.yaml" (rc/inline "cloud/pvc.yaml") - "cloud/service.yaml" (rc/inline "cloud/service.yaml") + "nextcloud/certificate.yaml" (rc/inline "nextcloud/certificate.yaml") + "nextcloud/deployment.yaml" (rc/inline "nextcloud/deployment.yaml") + "nextcloud/ingress.yaml" (rc/inline "nextcloud/ingress.yaml") + "nextcloud/persistent-volume.yaml" (rc/inline "nextcloud/persistent-volume.yaml") + "nextcloud/pvc.yaml" (rc/inline "nextcloud/pvc.yaml") + "nextcloud/service.yaml" (rc/inline "nextcloud/service.yaml") (throw (js/Error. "Undefined Resource!"))))) (defn generate-certificate [config] (let [{:keys [fqdn issuer]} config letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")] (-> - (yaml/from-string (yaml/load-resource "cloud/certificate.yaml")) + (yaml/from-string (yaml/load-resource "nextcloud/certificate.yaml")) (assoc-in [:spec :commonName] fqdn) (assoc-in [:spec :dnsNames] [fqdn]) (assoc-in [:spec :issuerRef :name] letsencrypt-issuer)))) (defn generate-deployment [config] (let [{:keys [fqdn]} config] - (-> (yaml/from-string (yaml/load-resource "cloud/deployment.yaml")) + (-> (yaml/from-string (yaml/load-resource "nextcloud/deployment.yaml")) (cm/replace-named-value "FQDN" fqdn)))) (defn generate-ingress [config] @@ -39,18 +40,18 @@ :or {issuer :staging}} config letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")] (-> - (yaml/from-string (yaml/load-resource "cloud/ingress.yaml")) + (yaml/from-string (yaml/load-resource "nextcloud/ingress.yaml")) (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer) (cm/replace-all-matching-values-by-new-value "fqdn" fqdn)))) (defn generate-persistent-volume [config] - (let [{:keys [cloud-data-volume-path]} config] + (let [{:keys [nextcloud-data-volume-path]} config] (-> - (yaml/from-string (yaml/load-resource "cloud/persistent-volume.yaml")) - (assoc-in [:spec :hostPath :path] cloud-data-volume-path)))) + (yaml/from-string (yaml/load-resource "nextcloud/persistent-volume.yaml")) + (assoc-in [:spec :hostPath :path] nextcloud-data-volume-path)))) (defn generate-pvc [] - (yaml/from-string (yaml/load-resource "cloud/pvc.yaml"))) + (yaml/from-string (yaml/load-resource "nextcloud/pvc.yaml"))) (defn generate-service [] - (yaml/from-string (yaml/load-resource "cloud/service.yaml"))) + (yaml/from-string (yaml/load-resource "nextcloud/service.yaml"))) diff --git a/src/main/cljc/dda/c4k_cloud/core.cljc b/src/main/cljc/dda/c4k_nextcloud/core.cljc similarity index 66% rename from src/main/cljc/dda/c4k_cloud/core.cljc rename to src/main/cljc/dda/c4k_nextcloud/core.cljc index 3397657..047a6ad 100644 --- a/src/main/cljc/dda/c4k_cloud/core.cljc +++ b/src/main/cljc/dda/c4k_nextcloud/core.cljc @@ -1,4 +1,4 @@ -(ns dda.c4k-cloud.core +(ns dda.c4k-nextcloud.core (:require [clojure.string :as cs] [clojure.spec.alpha :as s] @@ -6,13 +6,13 @@ :cljs [orchestra.core :refer-macros [defn-spec]]) [dda.c4k-common.yaml :as yaml] [dda.c4k-common.postgres :as postgres] - [dda.c4k-cloud.cloud :as cloud] - [dda.c4k-cloud.backup :as backup])) + [dda.c4k-nextcloud.nextcloud :as nextcloud] + [dda.c4k-nextcloud.backup :as backup])) (def config-defaults {:issuer :staging}) -(def config? (s/keys :req-un [::cloud/fqdn] - :opt-un [::cloud/issuer ::cloud/cloud-data-volume-path +(def config? (s/keys :req-un [::nextcloud/fqdn] + :opt-un [::nextcloud/issuer ::nextcloud/nextcloud-data-volume-path ::postgres/postgres-data-volume-path ::restic-repository])) (def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password @@ -29,14 +29,14 @@ [(yaml/to-string (postgres/generate-pvc)) (yaml/to-string (postgres/generate-deployment)) (yaml/to-string (postgres/generate-service))] - (when (contains? config :cloud-data-volume-path) - [(yaml/to-string (cloud/generate-persistent-volume config))]) - [(yaml/to-string (cloud/generate-pvc)) - (yaml/to-string (cloud/generate-deployment config)) - (yaml/to-string (cloud/generate-service)) - (yaml/to-string (cloud/generate-certificate config)) - (yaml/to-string (cloud/generate-ingress config)) - (yaml/to-string (cloud/generate-service))] + (when (contains? config :nextcloud-data-volume-path) + [(yaml/to-string (nextcloud/generate-persistent-volume config))]) + [(yaml/to-string (nextcloud/generate-pvc)) + (yaml/to-string (nextcloud/generate-deployment config)) + (yaml/to-string (nextcloud/generate-service)) + (yaml/to-string (nextcloud/generate-certificate config)) + (yaml/to-string (nextcloud/generate-ingress config)) + (yaml/to-string (nextcloud/generate-service))] (when (contains? config :restic-repository) [(yaml/to-string (backup/generate-config config)) (yaml/to-string (backup/generate-secret config)) diff --git a/src/main/cljs/dda/c4k_cloud/browser.cljs b/src/main/cljs/dda/c4k_nextcloud/browser.cljs similarity index 65% rename from src/main/cljs/dda/c4k_cloud/browser.cljs rename to src/main/cljs/dda/c4k_nextcloud/browser.cljs index 1380b19..94012b6 100644 --- a/src/main/cljs/dda/c4k_cloud/browser.cljs +++ b/src/main/cljs/dda/c4k_nextcloud/browser.cljs @@ -1,19 +1,20 @@ -(ns dda.c4k-cloud.browser +(ns dda.c4k-nextcloud.browser (:require [clojure.tools.reader.edn :as edn] - [dda.c4k-cloud.core :as core] - [dda.c4k-cloud.cloud :as cloud] - [dda.c4k-common.browser :as br])) + [dda.c4k-nextcloud.core :as core] + [dda.c4k-nextcloud.nextcloud :as nextcloud] + [dda.c4k-common.browser :as br] + [dda.c4k-common.postgres :as pgc])) (defn config-from-document [] - (let [cloud-data-volume-path (br/get-content-from-element "cloud-data-volume-path" :optional true :deserializer keyword) - postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true :deserializer keyword) - restic-repository (br/get-content-from-element "restic-repository" :optional true :deserializer keyword) + (let [nextcloud-data-volume-path (br/get-content-from-element "nextcloud-data-volume-path" :optional true) + postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true) + restic-repository (br/get-content-from-element "restic-repository" :optional true) issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword)] (merge {:fqdn (br/get-content-from-element "fqdn")} - (when (some? cloud-data-volume-path) - {:cloud-data-volume-path cloud-data-volume-path}) + (when (some? nextcloud-data-volume-path) + {:nextcloud-data-volume-path nextcloud-data-volume-path}) (when (some? postgres-data-volume-path) {:postgres-data-volume-path postgres-data-volume-path}) (when (some? restic-repository) @@ -23,11 +24,11 @@ ))) (defn validate-all! [] - (br/validate! "fqdn" ::cloud/fqdn) - (br/validate! "cloud-data-volume-path" ::cloud/cloud-data-volume-path :optional true :deserializer keyword) - (br/validate! "postgres-data-volume-path" ::cloud/cloud-data-volume-path :optional true :deserializer keyword) - (br/validate! "restic-repository" ::cloud/restic-repository :optional true :deserializer keyword) - (br/validate! "issuer" ::cloud/issuer :optional true :deserializer keyword) + (br/validate! "fqdn" ::nextcloud/fqdn) + (br/validate! "nextcloud-data-volume-path" ::nextcloud/nextcloud-data-volume-path :optional true) + (br/validate! "postgres-data-volume-path" ::pgc/postgres-data-volume-path :optional true) + (br/validate! "restic-repository" ::nextcloud/restic-repository :optional true) + (br/validate! "issuer" ::nextcloud/issuer :optional true :deserializer keyword) (br/validate! "auth" core/auth? :deserializer edn/read-string) (br/set-validated!)) @@ -43,7 +44,7 @@ (-> (br/get-element-by-id "fqdn") (.addEventListener "blur" #(do (validate-all!)))) - (-> (br/get-element-by-id "cloud-data-volume-path") + (-> (br/get-element-by-id "nextcloud-data-volume-path") (.addEventListener "blur" #(do (validate-all!)))) (-> (br/get-element-by-id "postgres-data-volume-path") diff --git a/src/main/resources/backup/backup-restore.yaml b/src/main/resources/backup/backup-restore.yaml index bcce528..c13e166 100644 --- a/src/main/resources/backup/backup-restore.yaml +++ b/src/main/resources/backup/backup-restore.yaml @@ -12,21 +12,12 @@ spec: imagePullPolicy: IfNotPresent command: ["/entrypoint-start-and-wait.sh"] env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-user - - name: POSTGRES_DB - valueFrom: - configMapKeyRef: - name: postgres-config - key: postgres-db - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-password + - name: POSTGRES_USER_FILE + value: /var/run/secrets/cloud-secrets/postgres-user + - name: POSTGRES_DB_FILE + value: /var/run/secrets/cloud-secrets/postgres-db + - name: POSTGRES_PASSWORD_FILE + value: /var/run/secrets/cloud-secrets/postgres-password - name: POSTGRES_HOST value: "postgresql-service:5432" - name: POSTGRES_SERVICE @@ -52,10 +43,16 @@ spec: - name: backup-secret-volume mountPath: /var/run/secrets/backup-secrets readOnly: true + - name: cloud-secret-volume + mountPath: /var/run/secrets/cloud-secrets + readOnly: true volumes: - name: cloud-data-volume persistentVolumeClaim: claimName: cloud-pvc + - name: cloud-secret-volume + secret: + secretName: cloud-secret - name: backup-secret-volume secret: secretName: backup-secret diff --git a/src/main/resources/backup/cron.yaml b/src/main/resources/backup/cron.yaml index a914d37..8bb54bc 100644 --- a/src/main/resources/backup/cron.yaml +++ b/src/main/resources/backup/cron.yaml @@ -6,33 +6,24 @@ metadata: app.kubernetes.part-of: cloud spec: schedule: "10 23 * * *" - successfulJobsHistoryLimit: 1 - failedJobsHistoryLimit: 1 + successfulJobsHistoryLimit: 0 + failedJobsHistoryLimit: 0 jobTemplate: spec: template: spec: containers: - name: backup-app - image: domaindrivenarchitecture/c4k-cloud-backup + image: domaindrivenarchitecture/meissa-cloud-backup imagePullPolicy: IfNotPresent command: ["/entrypoint.sh"] env: - - name: POSTGRES_USER - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-user - - name: POSTGRES_PASSWORD - valueFrom: - secretKeyRef: - name: postgres-secret - key: postgres-password - - name: POSTGRES_DB - valueFrom: - configMapKeyRef: - name: postgres-config - key: postgres-db + - name: POSTGRES_USER_FILE + value: /var/run/secrets/cloud-secrets/postgres-user + - name: POSTGRES_DB_FILE + value: /var/run/secrets/cloud-secrets/postgres-db + - name: POSTGRES_PASSWORD_FILE + value: /var/run/secrets/cloud-secrets/postgres-password - name: POSTGRES_HOST value: "postgresql-service:5432" - name: POSTGRES_SERVICE @@ -58,10 +49,16 @@ spec: - name: backup-secret-volume mountPath: /var/run/secrets/backup-secrets readOnly: true + - name: cloud-secret-volume + mountPath: /var/run/secrets/cloud-secrets + readOnly: true volumes: - name: cloud-data-volume persistentVolumeClaim: claimName: cloud-pvc + - name: cloud-secret-volume + secret: + secretName: cloud-secret - name: backup-secret-volume secret: secretName: backup-secret diff --git a/src/main/resources/backup/secret.yaml b/src/main/resources/backup/secret.yaml index c5809e0..4b68578 100644 --- a/src/main/resources/backup/secret.yaml +++ b/src/main/resources/backup/secret.yaml @@ -3,7 +3,7 @@ kind: Secret metadata: name: backup-secret type: Opaque -data: +stringData: aws-access-key-id: aws-access-key-id aws-secret-access-key: aws-secret-access-key restic-password: restic-password \ No newline at end of file diff --git a/main/resources/cloud/configure-as-user.sh b/src/main/resources/cloud/configure-as-user.sh similarity index 100% rename from main/resources/cloud/configure-as-user.sh rename to src/main/resources/cloud/configure-as-user.sh diff --git a/src/main/resources/cloud/deployment.yaml b/src/main/resources/cloud/deployment.yaml index bc719c9..1e05dda 100644 --- a/src/main/resources/cloud/deployment.yaml +++ b/src/main/resources/cloud/deployment.yaml @@ -14,27 +14,39 @@ spec: app: cloud spec: containers: - - image: domaindrivenarchitecture/c4k-cloud + - image: domaindrivenarchitecture/meissa-cloud-app name: cloud-app imagePullPolicy: IfNotPresent + ports: + - containerPort: 80 env: - - name: DB_USERNAME_FILE - value: /var/run/secrets/postgres-secret/postgres-user - - name: DB_PASSWORD_FILE - value: /var/run/secrets/postgres-secret/postgres-password - - name: FQDN - value: fqdn - command: ["/app/entrypoint.sh"] - volumeMounts: - - mountPath: /var/cloud - name: cloud-data-volume - - name: postgres-secret-volume - mountPath: /var/run/secrets/postgres-secret + - name: NEXTCLOUD_ADMIN_USER_FILE + value: /var/run/secrets/cloud-secrets/nextcloud-admin-user + - name: NEXTCLOUD_ADMIN_PASSWORD_FILE + value: /var/run/secrets/cloud-secrets/nextcloud-admin-password + - name: NEXTCLOUD_TRUSTED_DOMAINS + value: "{{fqdn}}" + - name: POSTGRES_USER_FILE + value: /var/run/secrets/cloud-secrets/postgres-user + - name: POSTGRES_PASSWORD_FILE + value: /var/run/secrets/cloud-secrets/postgres-password + - name: POSTGRES_DB_FILE + value: /var/run/secrets/cloud-secrets/postgres-db + - name: POSTGRES_HOST + value: "postgresql-service:5432" + volumeMounts: + - name: cloud-data-volume + mountPath: /var/www/html + - name: cloud-secret-volume + mountPath: /var/run/secrets/cloud-secrets readOnly: true volumes: - - name: cloud-data-volume - persistentVolumeClaim: - claimName: cloud-pvc - - name: postgres-secret-volume - secret: - secretName: postgres-secret + - name: cloud-data-volume + persistentVolumeClaim: + claimName: cloud-pvc + - name: cloud-secret-volume + secret: + secretName: cloud-secret + - name: backup-secret-volume + secret: + secretName: backup-secret diff --git a/src/main/resources/cloud/ingress.yaml b/src/main/resources/cloud/ingress.yaml index f206da2..cc5a0df 100644 --- a/src/main/resources/cloud/ingress.yaml +++ b/src/main/resources/cloud/ingress.yaml @@ -23,4 +23,4 @@ spec: - path: / backend: serviceName: cloud-service - servicePort: 8080 + servicePort: 80 diff --git a/main/resources/cloud/install-as-root.sh.template b/src/main/resources/cloud/install-as-root.sh.template similarity index 100% rename from main/resources/cloud/install-as-root.sh.template rename to src/main/resources/cloud/install-as-root.sh.template diff --git a/src/main/resources/cloud/persistent-volume.yaml b/src/main/resources/cloud/persistent-volume.yaml index f39a2ec..7c3f89e 100644 --- a/src/main/resources/cloud/persistent-volume.yaml +++ b/src/main/resources/cloud/persistent-volume.yaml @@ -4,11 +4,12 @@ metadata: name: cloud-pv-volume labels: type: local + app: cloud spec: storageClassName: manual accessModes: - ReadWriteOnce capacity: - storage: 30Gi + storage: {{storage-size}}Gi #??? 30Gi? hostPath: path: "/var/cloud" diff --git a/main/resources/cloud/pod-running.sh b/src/main/resources/cloud/pod-running.sh old mode 100755 new mode 100644 similarity index 100% rename from main/resources/cloud/pod-running.sh rename to src/main/resources/cloud/pod-running.sh diff --git a/src/main/resources/cloud/pvc.yaml b/src/main/resources/cloud/pvc.yaml index 3285ef6..d4f7e04 100644 --- a/src/main/resources/cloud/pvc.yaml +++ b/src/main/resources/cloud/pvc.yaml @@ -10,4 +10,7 @@ spec: - ReadWriteOnce resources: requests: - storage: 30Gi \ No newline at end of file + storage: {{storage-size}}Gi #??? 30Gi? + selector: + matchLabels: + app: cloud diff --git a/main/resources/cloud/secret.yaml b/src/main/resources/cloud/secret.yaml similarity index 100% rename from main/resources/cloud/secret.yaml rename to src/main/resources/cloud/secret.yaml diff --git a/src/main/resources/cloud/service.yaml b/src/main/resources/cloud/service.yaml index 2c05a15..7fcd0d7 100644 --- a/src/main/resources/cloud/service.yaml +++ b/src/main/resources/cloud/service.yaml @@ -4,6 +4,6 @@ metadata: name: cloud-service spec: selector: - app: cloud + app.kubernetes.io/name: cloud #??? ports: - - port: 8080 + - port: 80 diff --git a/src/main/resources/logback.xml b/src/main/resources/logback.xml deleted file mode 100644 index 8985f2b..0000000 --- a/src/main/resources/logback.xml +++ /dev/null @@ -1,50 +0,0 @@ - - - - %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n - - - INFO - - - - - logs/pallet.log - - logs/old/pallet.%d{yyyy-MM-dd}.log - 3 - - - %date %level [%thread] %logger{10} %msg%n - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/main/resources/postgres/install-as-root.sh.template b/src/main/resources/postgres/install-as-root.sh.template similarity index 100% rename from main/resources/postgres/install-as-root.sh.template rename to src/main/resources/postgres/install-as-root.sh.template diff --git a/main/resources/postgres/postgres-config.yml b/src/main/resources/postgres/postgres-config.yaml similarity index 100% rename from main/resources/postgres/postgres-config.yml rename to src/main/resources/postgres/postgres-config.yaml diff --git a/main/resources/postgres/postgres-deployment.yml.template b/src/main/resources/postgres/postgres-deployment.yaml similarity index 100% rename from main/resources/postgres/postgres-deployment.yml.template rename to src/main/resources/postgres/postgres-deployment.yaml diff --git a/main/resources/postgres/postgres-persistent-volume.yml b/src/main/resources/postgres/postgres-persistent-volume.yaml similarity index 100% rename from main/resources/postgres/postgres-persistent-volume.yml rename to src/main/resources/postgres/postgres-persistent-volume.yaml diff --git a/main/resources/postgres/postgres-pvc.yml b/src/main/resources/postgres/postgres-pvc.yaml similarity index 100% rename from main/resources/postgres/postgres-pvc.yml rename to src/main/resources/postgres/postgres-pvc.yaml diff --git a/main/resources/postgres/postgres-secret.yml.template b/src/main/resources/postgres/postgres-secret.yaml similarity index 100% rename from main/resources/postgres/postgres-secret.yml.template rename to src/main/resources/postgres/postgres-secret.yaml diff --git a/main/resources/postgres/postgres-service.yml b/src/main/resources/postgres/postgres-service.yaml similarity index 100% rename from main/resources/postgres/postgres-service.yml rename to src/main/resources/postgres/postgres-service.yaml diff --git a/src/test/cljc/dda/c4k_cloud/backup_test.cljc b/src/test/cljc/dda/c4k_cloud/backup_test.cljc deleted file mode 100644 index e9eec96..0000000 --- a/src/test/cljc/dda/c4k_cloud/backup_test.cljc +++ /dev/null @@ -1,93 +0,0 @@ -(ns dda.c4k-cloud.backup-test - (:require - #?(:clj [clojure.test :refer [deftest is are testing run-tests]] - :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) - [dda.c4k-cloud.backup :as cut])) - - -(deftest should-generate-secret - (is (= {:apiVersion "v1" - :kind "Secret" - :metadata {:name "backup-secret"} - :type "Opaque" - :data - {:aws-access-key-id "YXdzLWlk", :aws-secret-access-key "YXdzLXNlY3JldA==", :restic-password "cmVzdGljLXB3"}} - (cut/generate-secret {:aws-access-key-id "aws-id" :aws-secret-access-key "aws-secret" :restic-password "restic-pw"})))) - -(deftest should-generate-config - (is (= {:apiVersion "v1" - :kind "ConfigMap" - :metadata {:name "backup-config" - :labels {:app.kubernetes.io/name "backup" - :app.kubernetes.io/part-of "cloud"}} - :data - {:restic-repository "s3:restic-repository"}} - (cut/generate-config {:restic-repository "s3:restic-repository"})))) - -(deftest should-generate-cron - (is (= {:apiVersion "batch/v1beta1" - :kind "CronJob" - :metadata {:name "cloud-backup" - :labels {:app.kubernetes.part-of "cloud"}} - :spec {:schedule "10 23 * * *" - :successfulJobsHistoryLimit 1 - :failedJobsHistoryLimit 1 - :jobTemplate - {:spec - {:template - {:spec - {:containers - [{:name "backup-app" - :image "domaindrivenarchitecture/c4k-cloud-backup" - :imagePullPolicy "IfNotPresent" - :command ["/entrypoint.sh"] - :env - [{:name "POSTGRES_USER" - :valueFrom - {:secretKeyRef - {:name "postgres-secret" - :key "postgres-user"}}} - {:name "POSTGRES_PASSWORD" - :valueFrom - {:secretKeyRef - {:name "postgres-secret" - :key "postgres-password"}}} - {:name "POSTGRES_DB" - :valueFrom - {:configMapKeyRef - {:name "postgres-config" - :key "postgres-db"}}} - {:name "POSTGRES_HOST" - :value "postgresql-service:5432"} - {:name "POSTGRES_SERVICE" - :value "postgresql-service"} - {:name "POSTGRES_PORT" - :value "5432"} - {:name "AWS_DEFAULT_REGION" - :value "eu-central-1"} - {:name "AWS_ACCESS_KEY_ID_FILE" - :value "/var/run/secrets/backup-secrets/aws-access-key-id"} - {:name "AWS_SECRET_ACCESS_KEY_FILE" - :value "/var/run/secrets/backup-secrets/aws-secret-access-key"} - {:name "RESTIC_REPOSITORY" - :valueFrom - {:configMapKeyRef - {:name "backup-config" - :key "restic-repository"}}} - {:name "RESTIC_PASSWORD_FILE" - :value "/var/run/secrets/backup-secrets/restic-password"}] - :volumeMounts - [{:name "cloud-data-volume" - :mountPath "/var/backups"} - {:name "backup-secret-volume" - :mountPath "/var/run/secrets/backup-secrets" - :readOnly true}]}] - :volumes - [{:name "cloud-data-volume" - :persistentVolumeClaim - {:claimName "cloud-pvc"}} - {:name "backup-secret-volume" - :secret - {:secretName "backup-secret"}}] - :restartPolicy "OnFailure"}}}}}} - (cut/generate-cron)))) diff --git a/src/test/cljc/dda/c4k_cloud/cloud_test.cljc b/src/test/cljc/dda/c4k_cloud/cloud_test.cljc deleted file mode 100644 index b29c541..0000000 --- a/src/test/cljc/dda/c4k_cloud/cloud_test.cljc +++ /dev/null @@ -1,80 +0,0 @@ -(ns dda.c4k-cloud.cloud-test - (:require - #?(:clj [clojure.test :refer [deftest is are testing run-tests]] - :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) - [dda.c4k-cloud.cloud :as cut])) - -(deftest should-generate-certificate - (is (= {:apiVersion "cert-manager.io/v1alpha2" - :kind "Certificate" - :metadata {:name "cloud-cert", :namespace "default"} - :spec - {:secretName "cloud-secret" - :commonName "xx" - :dnsNames ["xx"] - :issuerRef - {:name "letsencrypt-prod-issuer", :kind "ClusterIssuer"}}} - (cut/generate-certificate {:fqdn "xx" :issuer :prod})))) - -(deftest should-generate-ingress - (is (= {:apiVersion "extensions/v1beta1" - :kind "Ingress" - :metadata - {:name "ingress-cloud" - :annotations - {:cert-manager.io/cluster-issuer - "letsencrypt-staging-issuer" - :nginx.ingress.kubernetes.io/proxy-body-size "256m" - :nginx.ingress.kubernetes.io/ssl-redirect "true" - :nginx.ingress.kubernetes.io/rewrite-target "/" - :nginx.ingress.kubernetes.io/proxy-connect-timeout "300" - :nginx.ingress.kubernetes.io/proxy-send-timeout "300" - :nginx.ingress.kubernetes.io/proxy-read-timeout "300"} - :namespace "default"} - :spec - {:tls [{:hosts ["xx"], :secretName "cloud-secret"}] - :rules - [{:host "xx" - :http - {:paths - [{:path "/" - :backend - {:serviceName "cloud-service", :servicePort 8080}}]}}]}} - (cut/generate-ingress {:fqdn "xx"})))) - -(deftest should-generate-persistent-volume - (is (= {:kind "PersistentVolume" - :apiVersion "v1" - :metadata {:name "cloud-pv-volume", :labels {:type "local"}} - :spec - {:storageClassName "manual" - :accessModes ["ReadWriteOnce"] - :capacity {:storage "30Gi"} - :hostPath {:path "xx"}}} - (cut/generate-persistent-volume {:cloud-data-volume-path "xx"})))) - -(deftest should-generate-deployment - (is (= {:containers - [{:image "domaindrivenarchitecture/c4k-cloud" - :name "cloud-app" - :imagePullPolicy "IfNotPresent" - :env - [{:name "DB_USERNAME_FILE" - :value - "/var/run/secrets/postgres-secret/postgres-user"} - {:name "DB_PASSWORD_FILE" - :value - "/var/run/secrets/postgres-secret/postgres-password"} - {:name "FQDN", :value "xx"}] - :command ["/app/entrypoint.sh"] - :volumeMounts - [{:mountPath "/var/cloud", :name "cloud-data-volume"} - {:name "postgres-secret-volume" - :mountPath "/var/run/secrets/postgres-secret" - :readOnly true}]}] - :volumes - [{:name "cloud-data-volume" - :persistentVolumeClaim {:claimName "cloud-pvc"}} - {:name "postgres-secret-volume" - :secret {:secretName "postgres-secret"}}]} - (get-in (cut/generate-deployment {:fqdn "xx"}) [:spec :template :spec])))) diff --git a/src/test/cljc/dda/c4k_cloud/core_test.cljc b/src/test/cljc/dda/c4k_cloud/core_test.cljc deleted file mode 100644 index 2fd1634..0000000 --- a/src/test/cljc/dda/c4k_cloud/core_test.cljc +++ /dev/null @@ -1,35 +0,0 @@ -(ns dda.c4k-cloud.core-test - (:require - #?(:clj [clojure.test :refer [deftest is are testing run-tests]] - :cljs [cljs.test :refer-macros [deftest is are testing run-tests]]) - [dda.c4k-cloud.core :as cut])) - -(deftest should-k8s-objects - (is (= 16 - (count (cut/k8s-objects {:fqdn "cloud-neu.prod.meissa-gmbh.de" - :postgres-db-user "cloud" - :postgres-db-password "cloud-db-password" - :issuer :prod - :cloud-data-volume-path "/var/cloud" - :postgres-data-volume-path "/var/postgres" - :aws-access-key-id "aws-id" - :aws-secret-access-key "aws-secret" - :restic-password "restic-pw" - :restic-repository "restic-repository"})))) - (is (= 14 - (count (cut/k8s-objects {:fqdn "cloud-neu.prod.meissa-gmbh.de" - :postgres-db-user "cloud" - :postgres-db-password "cloud-db-password" - :issuer :prod - :aws-access-key-id "aws-id" - :aws-secret-access-key "aws-secret" - :restic-password "restic-pw" - :restic-repository "restic-repository"})))) - (is (= 11 - (count (cut/k8s-objects {:fqdn "cloud-neu.prod.meissa-gmbh.de" - :postgres-db-user "cloud" - :postgres-db-password "cloud-db-password" - :issuer :prod - :aws-access-key-id "aws-id" - :aws-secret-access-key "aws-secret" - :restic-password "restic-pw"}))))) diff --git a/test/src/meissa/pallet/meissa_cloud/app_test.clj b/test/src/meissa/pallet/meissa_cloud/app_test.clj index 9daafa9..1cbda1b 100644 --- a/test/src/meissa/pallet/meissa_cloud/app_test.clj +++ b/test/src/meissa/pallet/meissa_cloud/app_test.clj @@ -1,8 +1,8 @@ -(ns meissa.pallet.meissa-cloud.app-test +(ns meissa.pallet.meissa-nextcloud.app-test (:require [clojure.test :refer :all] [schema.core :as s] - [meissa.pallet.meissa-cloud.app :as sut])) + [meissa.pallet.meissa-nextcloud.app :as sut])) (s/set-fn-validation! true) @@ -15,7 +15,7 @@ :admin-user "root" :admin-password "test1234" :storage-size 50 - :restic-repository "cloud" + :restic-repository "nextcloud" :aws-access-key-id "10" :aws-secret-access-key "secret" :restic-password "test4321"}) @@ -28,4 +28,4 @@ (deftest plan-def (testing "test plan-def" - (is (map? sut/with-cloud)))) + (is (map? sut/with-nextcloud)))) diff --git a/uberjar/src/meissa/pallet/meissa_cloud/main.clj b/uberjar/src/meissa/pallet/meissa_cloud/main.clj index 60a33f2..4ba35d6 100644 --- a/uberjar/src/meissa/pallet/meissa_cloud/main.clj +++ b/uberjar/src/meissa/pallet/meissa_cloud/main.clj @@ -1,11 +1,11 @@ -(ns meissa.pallet.meissa-cloud.main +(ns meissa.pallet.meissa-nextcloud.main (:gen-class) (:require [clojure.string :as str] [clojure.tools.cli :as cli] [dda.pallet.core.main-helper :as mh] [dda.pallet.core.app :as core-app] - [meissa.pallet.meissa-cloud.app :as app])) + [meissa.pallet.meissa-nextcloud.app :as app])) (def cli-options [["-h" "--help"] @@ -17,16 +17,16 @@ (defn usage [options-summary] (str/join \newline - ["meissa-cloud installs & configures a single host kubernetes cluster with Cloud installed" + ["meissa-nextcloud installs & configures a single host kubernetes cluster with nextcloud installed" "" - "Usage: java -jar meissa-cloud-standalone.jar [options] cloud.edn" + "Usage: java -jar meissa-nextcloud-standalone.jar [options] nextcloud.edn" "" "Options:" options-summary "" - "cloud.edn" + "nextcloud.edn" " - follows the edn format." - " - has to be a valid CloudConventionConfig" + " - has to be a valid nextcloudConventionConfig" ""])) (defn -main [& args]