Merge branch 'refactor-uptodate' into 'master'
Refactoring See merge request domaindrivenarchitecture/c4k-nextcloud!6merge-requests/6/merge
commit
c13cecab46
@ -0,0 +1,17 @@
|
||||
# Upgrade major or minor versions of nextcloud
|
||||
|
||||
## Nextcloud versions of c4k-nextcloud docker images
|
||||
|
||||
- 4.0.3: nextcloud 22
|
||||
- 5.0.0: nextcloud 23
|
||||
- 6.0.0: nextcloud 24
|
||||
- 7.0.0: nextcloud 25
|
||||
|
||||
## Uprgrading process
|
||||
|
||||
1. Change the version of the docker image in the deployment to the next major version
|
||||
- `kubectl edit deploy cloud-deployment`
|
||||
- change `image: domaindrivenarchitecture/c4k-cloud:4.0.3`
|
||||
2. Wait for the pod to finish restarting
|
||||
3. Verify the website is working and https://URL/settings/admin/overview shows the correct version
|
||||
4. Repeat until desired version is reached
|
@ -1,55 +1,15 @@
|
||||
(ns dda.c4k-nextcloud.uberjar
|
||||
(:gen-class)
|
||||
(:require
|
||||
[clojure.spec.alpha :as s]
|
||||
[clojure.string :as cs]
|
||||
[clojure.tools.reader.edn :as edn]
|
||||
[expound.alpha :as expound]
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-nextcloud.core :as core]
|
||||
[dda.c4k-nextcloud.nextcloud :as nextcloud]))
|
||||
|
||||
(def usage
|
||||
"usage:
|
||||
|
||||
c4k-nextcloud {your configuraton file} {your authorization file}")
|
||||
|
||||
(s/def ::options (s/* #{"-h"}))
|
||||
(s/def ::filename (s/and string?
|
||||
#(not (cs/starts-with? % "-"))))
|
||||
(s/def ::cmd-args (s/cat :options ::options
|
||||
:args (s/?
|
||||
(s/cat :config ::filename
|
||||
:auth ::filename))))
|
||||
(defn invalid-args-msg
|
||||
[spec args]
|
||||
(s/explain spec args)
|
||||
(println (str "Bad commandline arguments\n" usage)))
|
||||
[dda.c4k-common.uberjar :as uberjar]
|
||||
[dda.c4k-nextcloud.nextcloud :as nextcloud]
|
||||
[dda.c4k-nextcloud.core :as core]))
|
||||
|
||||
(defn -main [& cmd-args]
|
||||
(let [parsed-args-cmd (s/conform ::cmd-args cmd-args)]
|
||||
(if (= ::s/invalid parsed-args-cmd)
|
||||
(invalid-args-msg ::cmd-args cmd-args)
|
||||
(let [{:keys [options args]} parsed-args-cmd
|
||||
{:keys [config auth]} args]
|
||||
(cond
|
||||
(some #(= "-h" %) options)
|
||||
(println usage)
|
||||
:default
|
||||
(let [config-str (slurp config)
|
||||
auth-str (slurp auth)
|
||||
config-parse-fn (if (yaml/is-yaml? config) yaml/from-string edn/read-string)
|
||||
auth-parse-fn (if (yaml/is-yaml? auth) yaml/from-string edn/read-string)
|
||||
parsed-config (config-parse-fn config-str)
|
||||
parsed-auth (auth-parse-fn auth-str)
|
||||
config-valid? (s/valid? ::core/config parsed-config)
|
||||
auth-valid? (s/valid? ::core/auth parsed-auth)]
|
||||
(if (and config-valid? auth-valid?)
|
||||
(println (core/generate parsed-config parsed-auth))
|
||||
(do
|
||||
(when (not config-valid?)
|
||||
(println
|
||||
(expound/expound-str ::core/config parsed-config {:print-specs? false})))
|
||||
(when (not auth-valid?)
|
||||
(println
|
||||
(expound/expound-str ::core/auth parsed-auth {:print-specs? false})))))))))))
|
||||
(uberjar/main-common
|
||||
"c4k-nextcloud"
|
||||
nextcloud/config?
|
||||
nextcloud/auth?
|
||||
core/config-defaults
|
||||
core/k8s-objects
|
||||
cmd-args))
|
||||
|
@ -1,60 +1,44 @@
|
||||
(ns dda.c4k-nextcloud.core
|
||||
(:require
|
||||
[clojure.string :as cs]
|
||||
[clojure.spec.alpha :as s]
|
||||
#?(:clj [orchestra.core :refer [defn-spec]]
|
||||
:cljs [orchestra.core :refer-macros [defn-spec]])
|
||||
[dda.c4k-common.common :as cm]
|
||||
[dda.c4k-common.predicate :as cp]
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-common.postgres :as postgres]
|
||||
[dda.c4k-nextcloud.nextcloud :as nextcloud]
|
||||
[dda.c4k-nextcloud.backup :as backup]))
|
||||
[dda.c4k-nextcloud.backup :as backup]
|
||||
[dda.c4k-common.monitoring :as mon]))
|
||||
|
||||
(def default-storage-class :local-path)
|
||||
|
||||
(def config-defaults {:issuer "staging"})
|
||||
|
||||
(def config? (s/keys :req-un [::nextcloud/fqdn]
|
||||
:opt-un [::nextcloud/issuer
|
||||
::nextcloud/restic-repository
|
||||
::nextcloud/pv-storage-size-gb
|
||||
::nextcloud/pvc-storage-class-name]))
|
||||
|
||||
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
|
||||
::nextcloud/nextcloud-admin-user ::nextcloud/nextcloud-admin-password
|
||||
::aws-access-key-id ::aws-secret-access-key
|
||||
::restic-password]))
|
||||
|
||||
(s/def ::config config?)
|
||||
(s/def ::auth auth?)
|
||||
|
||||
(defn-spec k8s-objects any?
|
||||
[config (s/merge config? auth?)]
|
||||
(defn-spec k8s-objects cp/map-or-seq?
|
||||
[config nextcloud/config?
|
||||
auth nextcloud/auth?]
|
||||
(let [nextcloud-default-storage-config {:pvc-storage-class-name default-storage-class
|
||||
:pv-storage-size-gb 200}]
|
||||
(into
|
||||
[]
|
||||
(concat [(yaml/to-string (postgres/generate-config {:postgres-size :8gb}))
|
||||
(yaml/to-string (postgres/generate-secret config))
|
||||
(yaml/to-string (postgres/generate-pvc {:pv-storage-size-gb 50
|
||||
:pvc-storage-class-name default-storage-class}))
|
||||
(yaml/to-string (postgres/generate-deployment))
|
||||
(yaml/to-string (postgres/generate-service))
|
||||
(yaml/to-string (nextcloud/generate-secret config))
|
||||
(yaml/to-string (nextcloud/generate-pvc (merge nextcloud-default-storage-config config)))
|
||||
(yaml/to-string (nextcloud/generate-deployment config))
|
||||
(yaml/to-string (nextcloud/generate-service))
|
||||
(yaml/to-string (nextcloud/generate-certificate config))
|
||||
(yaml/to-string (nextcloud/generate-ingress config))]
|
||||
(when (contains? config :restic-repository)
|
||||
[(yaml/to-string (backup/generate-config config))
|
||||
(yaml/to-string (backup/generate-secret config))
|
||||
(yaml/to-string (backup/generate-cron))
|
||||
(yaml/to-string (backup/generate-backup-restore-deployment config))])))))
|
||||
|
||||
(defn-spec generate any?
|
||||
[my-config config?
|
||||
my-auth auth?]
|
||||
(let [resulting-config (merge config-defaults my-config my-auth)]
|
||||
(cs/join
|
||||
"\n---\n"
|
||||
(k8s-objects resulting-config))))
|
||||
(map yaml/to-string
|
||||
(filter
|
||||
#(not (nil? %))
|
||||
(cm/concat-vec
|
||||
[(postgres/generate-config {:postgres-size :8gb :db-name "nextcloud"})
|
||||
(postgres/generate-secret auth)
|
||||
(postgres/generate-pvc {:pv-storage-size-gb 50
|
||||
:pvc-storage-class-name default-storage-class})
|
||||
(postgres/generate-deployment)
|
||||
(postgres/generate-service)
|
||||
(nextcloud/generate-secret auth)
|
||||
(nextcloud/generate-pvc (merge nextcloud-default-storage-config config))
|
||||
(nextcloud/generate-deployment config)
|
||||
(nextcloud/generate-service)]
|
||||
(nextcloud/generate-ingress-and-cert config)
|
||||
(when (:contains? config :restic-repository)
|
||||
[(backup/generate-config config)
|
||||
(backup/generate-secret auth)
|
||||
(backup/generate-cron)
|
||||
(backup/generate-backup-restore-deployment config)])
|
||||
(when (:contains? config :mon-cfg)
|
||||
(mon/generate (:mon-cfg config) (:mon-auth auth))))))))
|
||||
|
@ -1,15 +0,0 @@
|
||||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: cloud-cert
|
||||
namespace: default
|
||||
spec:
|
||||
secretName: cloud-cert
|
||||
duration: 2160h # 90d
|
||||
renewBefore: 360h # 15d
|
||||
commonName: fqdn
|
||||
dnsNames:
|
||||
- fqdn
|
||||
issuerRef:
|
||||
name: staging
|
||||
kind: ClusterIssuer
|
@ -1,29 +0,0 @@
|
||||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: ingress-cloud
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
ingress.kubernetes.io/rewrite-target: /
|
||||
ingress.kubernetes.io/proxy-body-size: "256m"
|
||||
ingress.kubernetes.io/proxy-connect-timeout: "300"
|
||||
ingress.kubernetes.io/proxy-send-timeout: "300"
|
||||
ingress.kubernetes.io/proxy-read-timeout: "300"
|
||||
namespace: default
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- fqdn
|
||||
secretName: cloud-cert
|
||||
rules:
|
||||
- host: fqdn
|
||||
http:
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
backend:
|
||||
service:
|
||||
name: cloud-service
|
||||
port:
|
||||
number: 80
|
@ -1,55 +0,0 @@
|
||||
(ns dda.c4k-nextcloud.core-test
|
||||
(:require
|
||||
#?(:clj [clojure.test :refer [deftest is are testing run-tests]]
|
||||
:cljs [cljs.test :refer-macros [deftest is are testing run-tests]])
|
||||
[clojure.string :as st]
|
||||
[dda.c4k-nextcloud.core :as cut]
|
||||
))
|
||||
|
||||
(deftest should-k8s-objects
|
||||
(is (= 15
|
||||
(count (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer "prod"
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
:restic-password "restic-pw"
|
||||
:restic-repository "restic-repository"}))))
|
||||
(is (= 11
|
||||
(count (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer "prod"
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
:restic-password "restic-pw"}))))
|
||||
(is (st/includes?
|
||||
(get-in (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer "prod"
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
:restic-password "restic-pw"})
|
||||
[0])
|
||||
"max_connections = 700"))
|
||||
(is (st/includes?
|
||||
(get-in (cut/k8s-objects {:fqdn "nextcloud-neu.prod.meissa-gmbh.de"
|
||||
:postgres-db-user "nextcloud"
|
||||
:postgres-db-password "nextcloud-db-password"
|
||||
:nextcloud-admin-user "cloudadmin"
|
||||
:nextcloud-admin-password "cloudpassword"
|
||||
:issuer "prod"
|
||||
:aws-access-key-id "aws-id"
|
||||
:aws-secret-access-key "aws-secret"
|
||||
:restic-password "restic-pw"})
|
||||
[6])
|
||||
"storageClassName: local-path"))
|
||||
)
|
@ -1,5 +1,5 @@
|
||||
fqdn: "cloud.test.meissa-gmbh.de"
|
||||
issuer: "staging"
|
||||
fqdns: "cloud.test.meissa-gmbh.de"
|
||||
issuer: "none"
|
||||
nextcloud-data-volume-path: "/var/cloud"
|
||||
postgres-data-volume-path: "/var/postgres"
|
||||
restic-repository: "s3:s3.amazonaws.com/your-bucket/your-folder"
|
@ -0,0 +1,10 @@
|
||||
postgres-db-user: "nextcloud"
|
||||
postgres-db-password: "nextcloud-db-password"
|
||||
nextcloud-admin-user: "cloudadmin"
|
||||
nextcloud-admin-password: "cloudpassword"
|
||||
aws-access-key-id: "aws-id"
|
||||
aws-secret-access-key: "aws-secret"
|
||||
restic-password: "restic-password"
|
||||
mon-auth:
|
||||
grafana-cloud-user: "user"
|
||||
grafana-cloud-password: "password"
|
@ -0,0 +1,9 @@
|
||||
fqdn: "cloud.test.meissa-gmbh.de"
|
||||
issuer: "staging"
|
||||
nextcloud-data-volume-path: "/var/cloud"
|
||||
postgres-data-volume-path: "/var/postgres"
|
||||
restic-repository: "s3:s3.amazonaws.com/your-bucket/your-folder"
|
||||
mon-cfg:
|
||||
grafana-cloud-url: "url-for-your-prom-remote-write-endpoint"
|
||||
cluster-name: "keycloak"
|
||||
cluster-stage: "test"
|
Loading…
Reference in New Issue