now cloud container is starting
This commit is contained in:
parent
cce1fdc207
commit
456f17562b
9 changed files with 107 additions and 29 deletions
|
@ -17,6 +17,7 @@
|
|||
::nextcloud/storage-size]))
|
||||
|
||||
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
|
||||
::nextcloud/nextcloud-admin-user ::nextcloud/nextcloud-admin-password
|
||||
::aws-access-key-id ::aws-secret-access-key
|
||||
::restic-password]))
|
||||
|
||||
|
@ -32,12 +33,12 @@
|
|||
(yaml/to-string (postgres/generate-service))]
|
||||
(when (contains? config :nextcloud-data-volume-path)
|
||||
[(yaml/to-string (nextcloud/generate-persistent-volume config))])
|
||||
[(yaml/to-string (nextcloud/generate-pvc))
|
||||
[(yaml/to-string (nextcloud/generate-secret config))
|
||||
(yaml/to-string (nextcloud/generate-pvc))
|
||||
(yaml/to-string (nextcloud/generate-deployment config))
|
||||
(yaml/to-string (nextcloud/generate-service))
|
||||
(yaml/to-string (nextcloud/generate-certificate config))
|
||||
(yaml/to-string (nextcloud/generate-ingress config))
|
||||
(yaml/to-string (nextcloud/generate-service))]
|
||||
(yaml/to-string (nextcloud/generate-ingress config))]
|
||||
(when (contains? config :restic-repository)
|
||||
[(yaml/to-string (backup/generate-config config))
|
||||
(yaml/to-string (backup/generate-secret config))
|
||||
|
|
|
@ -3,12 +3,16 @@
|
|||
[clojure.spec.alpha :as s]
|
||||
#?(:cljs [shadow.resource :as rc])
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-common.base64 :as b64]
|
||||
[dda.c4k-common.prefixes :as cp]
|
||||
[dda.c4k-common.common :as cm]))
|
||||
|
||||
(s/def ::fqdn cm/fqdn-string?)
|
||||
(s/def ::issuer cm/letsencrypt-issuer?)
|
||||
(s/def ::fqdn cp/fqdn-string?)
|
||||
(s/def ::issuer cp/letsencrypt-issuer?)
|
||||
(s/def ::restic-repository string?)
|
||||
(s/def ::nextcloud-data-volume-path string?)
|
||||
(s/def ::nextcloud-admin-user cp/bash-env-string?)
|
||||
(s/def ::nextcloud-admin-password cp/bash-env-string?)
|
||||
|
||||
#?(:cljs
|
||||
(defmethod yaml/load-resource :nextcloud [resource-name]
|
||||
|
@ -19,6 +23,7 @@
|
|||
"nextcloud/persistent-volume.yaml" (rc/inline "nextcloud/persistent-volume.yaml")
|
||||
"nextcloud/pvc.yaml" (rc/inline "nextcloud/pvc.yaml")
|
||||
"nextcloud/service.yaml" (rc/inline "nextcloud/service.yaml")
|
||||
"nextcloud/secret.yaml" (rc/inline "nextcloud/secret.yaml")
|
||||
(throw (js/Error. "Undefined Resource!")))))
|
||||
|
||||
(defn generate-certificate [config]
|
||||
|
@ -57,3 +62,10 @@
|
|||
|
||||
(defn generate-service []
|
||||
(yaml/from-string (yaml/load-resource "nextcloud/service.yaml")))
|
||||
|
||||
(defn generate-secret [config]
|
||||
(let [{:keys [nextcloud-admin-user nextcloud-admin-password]} config]
|
||||
(->
|
||||
(yaml/from-string (yaml/load-resource "nextcloud/secret.yaml"))
|
||||
(cm/replace-key-value :nextcloud-admin-user (b64/encode nextcloud-admin-user))
|
||||
(cm/replace-key-value :nextcloud-admin-password (b64/encode nextcloud-admin-password)))))
|
||||
|
|
|
@ -14,7 +14,7 @@ spec:
|
|||
spec:
|
||||
containers:
|
||||
- name: backup-app
|
||||
image: domaindrivenarchitecture/meissa-cloud-backup
|
||||
image: domaindrivenarchitecture/c4k-cloud-backup
|
||||
imagePullPolicy: IfNotPresent
|
||||
command: ["/entrypoint.sh"]
|
||||
env:
|
||||
|
|
|
@ -14,7 +14,7 @@ spec:
|
|||
app: cloud
|
||||
spec:
|
||||
containers:
|
||||
- image: domaindrivenarchitecture/meissa-cloud-app
|
||||
- image: domaindrivenarchitecture/c4k-cloud-app
|
||||
name: cloud-app
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
|
@ -27,11 +27,11 @@ spec:
|
|||
- name: NEXTCLOUD_TRUSTED_DOMAINS
|
||||
value: fqdn
|
||||
- name: POSTGRES_USER_FILE
|
||||
value: /var/run/secrets/cloud-secrets/postgres-user
|
||||
value: /var/run/secrets/postgres-secret/postgres-user
|
||||
- name: POSTGRES_PASSWORD_FILE
|
||||
value: /var/run/secrets/cloud-secrets/postgres-password
|
||||
value: /var/run/secrets/postgres-secret/postgres-password
|
||||
- name: POSTGRES_DB_FILE
|
||||
value: /var/run/secrets/cloud-secrets/postgres-db
|
||||
value: /var/run/configs/postgres-config/postgres-db
|
||||
- name: POSTGRES_HOST
|
||||
value: "postgresql-service:5432"
|
||||
volumeMounts:
|
||||
|
@ -40,6 +40,12 @@ spec:
|
|||
- name: cloud-secret-volume
|
||||
mountPath: /var/run/secrets/cloud-secrets
|
||||
readOnly: true
|
||||
- name: postgres-secret-volume
|
||||
mountPath: /var/run/secrets/postgres-secret
|
||||
readOnly: true
|
||||
- name: postgres-config-volume
|
||||
mountPath: /var/run/configs/postgres-config
|
||||
readOnly: true
|
||||
volumes:
|
||||
- name: cloud-data-volume
|
||||
persistentVolumeClaim:
|
||||
|
@ -47,6 +53,15 @@ spec:
|
|||
- name: cloud-secret-volume
|
||||
secret:
|
||||
secretName: cloud-secret
|
||||
- name: postgres-secret-volume
|
||||
secret:
|
||||
secretName: postgres-secret
|
||||
- name: postgres-config-volume
|
||||
configMap:
|
||||
name: postgres-config
|
||||
items:
|
||||
- key: postgres-db
|
||||
path: postgres-db
|
||||
- name: backup-secret-volume
|
||||
secret:
|
||||
secretName: backup-secret
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
apiVersion: extensions/v1beta1
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: ingress-cloud
|
||||
|
@ -21,6 +21,9 @@ spec:
|
|||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
serviceName: cloud-service
|
||||
servicePort: 80
|
||||
service:
|
||||
name: cloud-service
|
||||
port:
|
||||
number: 80
|
||||
|
|
|
@ -4,8 +4,5 @@ metadata:
|
|||
name: cloud-secret
|
||||
type: Opaque
|
||||
stringData:
|
||||
postgres-db: db-name
|
||||
postgres-user: db-user-name
|
||||
postgres-password: db-user-password
|
||||
nextcloud-admin-user: admin-user
|
||||
nextcloud-admin-password: admin-password
|
||||
|
|
|
@ -9,6 +9,8 @@
|
|||
(count (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer :prod
|
||||
:nextcloud-data-volume-path "/var/nextcloud"
|
||||
:postgres-data-volume-path "/var/postgres"
|
||||
|
@ -20,6 +22,8 @@
|
|||
(count (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer :prod
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
|
@ -29,6 +33,8 @@
|
|||
(count (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer :prod
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
|
|
|
@ -4,6 +4,17 @@
|
|||
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
|
||||
[dda.c4k-nextcloud.nextcloud :as cut]))
|
||||
|
||||
(deftest should-generate-secret
|
||||
(is (= {:apiVersion "v1"
|
||||
:kind "Secret"
|
||||
:metadata {:name "cloud-secret"}
|
||||
:type "Opaque"
|
||||
:stringData
|
||||
{:nextcloud-admin-user "Y2xvdWRhZG1pbg=="
|
||||
:nextcloud-admin-password "Y2xvdWRwYXNzd29yZA=="}}
|
||||
(cut/generate-secret {:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"}))))
|
||||
|
||||
(deftest should-generate-certificate
|
||||
(is (= {:apiVersion "cert-manager.io/v1alpha2"
|
||||
:kind "Certificate"
|
||||
|
@ -17,7 +28,7 @@
|
|||
(cut/generate-certificate {:fqdn "xx" :issuer :prod}))))
|
||||
|
||||
(deftest should-generate-ingress
|
||||
(is (= {:apiVersion "extensions/v1beta1"
|
||||
(is (= {:apiVersion "networking.k8s.io/v1"
|
||||
:kind "Ingress"
|
||||
:metadata
|
||||
{:name "ingress-cloud"
|
||||
|
@ -38,8 +49,10 @@
|
|||
:http
|
||||
{:paths
|
||||
[{:path "/"
|
||||
:pathType "Prefix"
|
||||
:backend
|
||||
{:serviceName "cloud-service", :servicePort 80}}]}}]}}
|
||||
{:service
|
||||
{:name "cloud-service", :port {:number 80}}}}]}}]}}
|
||||
(cut/generate-ingress {:fqdn "xx"}))))
|
||||
|
||||
(deftest should-generate-persistent-volume
|
||||
|
@ -69,18 +82,47 @@
|
|||
:imagePullPolicy "IfNotPresent"
|
||||
:ports [{:containerPort 80}]
|
||||
:env
|
||||
[{:name "NEXTCLOUD_ADMIN_USER_FILE", :value "/var/run/secrets/cloud-secrets/nextcloud-admin-user"}
|
||||
{:name "NEXTCLOUD_ADMIN_PASSWORD_FILE", :value "/var/run/secrets/cloud-secrets/nextcloud-admin-password"}
|
||||
[{:name "NEXTCLOUD_ADMIN_USER_FILE"
|
||||
:value
|
||||
"/var/run/secrets/cloud-secrets/nextcloud-admin-user"}
|
||||
{:name "NEXTCLOUD_ADMIN_PASSWORD_FILE"
|
||||
:value
|
||||
"/var/run/secrets/cloud-secrets/nextcloud-admin-password"}
|
||||
{:name "NEXTCLOUD_TRUSTED_DOMAINS", :value "xx"}
|
||||
{:name "POSTGRES_USER_FILE", :value "/var/run/secrets/cloud-secrets/postgres-user"}
|
||||
{:name "POSTGRES_PASSWORD_FILE", :value "/var/run/secrets/cloud-secrets/postgres-password"}
|
||||
{:name "POSTGRES_DB_FILE", :value "/var/run/secrets/cloud-secrets/postgres-db"}
|
||||
{:name "POSTGRES_HOST", :value "postgresql-service:5432"}]
|
||||
{:name "POSTGRES_USER_FILE"
|
||||
:value
|
||||
"/var/run/secrets/postgres-secret/postgres-user"}
|
||||
{:name "POSTGRES_PASSWORD_FILE"
|
||||
:value
|
||||
"/var/run/secrets/postgres-secret/postgres-password"}
|
||||
{:name "POSTGRES_DB_FILE"
|
||||
:value
|
||||
"/var/run/configs/postgres-config/postgres-db"}
|
||||
{:name "POSTGRES_HOST"
|
||||
:value "postgresql-service:5432"}]
|
||||
:volumeMounts
|
||||
[{:name "cloud-data-volume", :mountPath "/var/www/html"}
|
||||
{:name "cloud-secret-volume", :mountPath "/var/run/secrets/cloud-secrets", :readOnly true}]}]
|
||||
[{:name "cloud-data-volume"
|
||||
:mountPath "/var/www/html"}
|
||||
{:name "cloud-secret-volume"
|
||||
:mountPath "/var/run/secrets/cloud-secrets"
|
||||
:readOnly true}
|
||||
{:name "postgres-secret-volume"
|
||||
:mountPath "/var/run/secrets/postgres-secret"
|
||||
:readOnly true}
|
||||
{:name "postgres-config-volume"
|
||||
:mountPath "/var/run/configs/postgres-config"
|
||||
:readOnly true}]}]
|
||||
:volumes
|
||||
[{:name "cloud-data-volume", :persistentVolumeClaim {:claimName "cloud-pvc"}}
|
||||
{:name "cloud-secret-volume", :secret {:secretName "cloud-secret"}}
|
||||
{:name "backup-secret-volume", :secret {:secretName "backup-secret"}}]}}}}
|
||||
[{:name "cloud-data-volume"
|
||||
:persistentVolumeClaim {:claimName "cloud-pvc"}}
|
||||
{:name "cloud-secret-volume"
|
||||
:secret {:secretName "cloud-secret"}}
|
||||
{:name "postgres-secret-volume"
|
||||
:secret {:secretName "postgres-secret"}}
|
||||
{:name "postgres-config-volume"
|
||||
:configMap
|
||||
{:name "postgres-config"
|
||||
:items [{:key "postgres-db", :path "postgres-db"}]}}
|
||||
{:name "backup-secret-volume"
|
||||
:secret {:secretName "backup-secret"}}]}}}}
|
||||
(cut/generate-deployment {:fqdn "xx"}))))
|
||||
|
|
|
@ -1,5 +1,7 @@
|
|||
{:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
:restic-password "restic-password"}
|
Loading…
Reference in a new issue