Use common ingress
This commit is contained in:
parent
f8638137d7
commit
87ac203528
4 changed files with 3 additions and 58 deletions
|
@ -30,7 +30,6 @@
|
|||
(shynet/generate-webserver-deployment)
|
||||
(shynet/generate-celeryworker-deployment)
|
||||
(shynet/generate-ingress config)
|
||||
(shynet/generate-certificate config)
|
||||
(shynet/generate-service-redis)
|
||||
(shynet/generate-service-webserver)
|
||||
(shynet/generate-statefulset)])))
|
||||
|
|
|
@ -4,7 +4,8 @@
|
|||
#?(:cljs [shadow.resource :as rc])
|
||||
[dda.c4k-common.yaml :as yaml]
|
||||
[dda.c4k-common.common :as cm]
|
||||
[dda.c4k-common.predicate :as pred]))
|
||||
[dda.c4k-common.predicate :as pred]
|
||||
[dda.c4k-common.ingress :as ing]))
|
||||
|
||||
(s/def ::fqdn pred/fqdn-string?)
|
||||
(s/def ::issuer pred/letsencrypt-issuer?)
|
||||
|
@ -16,7 +17,6 @@
|
|||
"shynet/secret.yaml" (rc/inline "shynet/secret.yaml")
|
||||
"shynet/certificate.yaml" (rc/inline "shynet/certificate.yaml")
|
||||
"shynet/deployments.yaml" (rc/inline "shynet/deployments.yaml")
|
||||
"shynet/ingress.yaml" (rc/inline "shynet/ingress.yaml")
|
||||
"shynet/service-redis.yaml" (rc/inline "shynet/service-redis.yaml")
|
||||
"shynet/service-webserver.yaml" (rc/inline "shynet/service-webserver.yaml")
|
||||
"shynet/statefulset.yaml" (rc/inline "shynet/statefulset.yaml")
|
||||
|
@ -32,15 +32,6 @@
|
|||
(assoc-in [:stringData :DB_USER] postgres-db-user)
|
||||
(assoc-in [:stringData :DB_PASSWORD] postgres-db-password))))
|
||||
|
||||
(defn generate-certificate [config]
|
||||
(let [{:keys [fqdn issuer]} config
|
||||
letsencrypt-issuer (name issuer)]
|
||||
(->
|
||||
(yaml/load-as-edn "shynet/certificate.yaml")
|
||||
(assoc-in [:spec :commonName] fqdn)
|
||||
(assoc-in [:spec :dnsNames] [fqdn])
|
||||
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer))))
|
||||
|
||||
(defn generate-webserver-deployment []
|
||||
(let [shynet-application "shynet-webserver"]
|
||||
(-> (yaml/load-as-edn "shynet/deployments.yaml")
|
||||
|
@ -53,13 +44,7 @@
|
|||
(cm/replace-all-matching "shynet-application" shynet-application))))
|
||||
|
||||
(defn generate-ingress [config]
|
||||
(let [{:keys [fqdn issuer]
|
||||
:or {issuer :staging}} config
|
||||
letsencrypt-issuer (name issuer)]
|
||||
(->
|
||||
(yaml/load-as-edn "shynet/ingress.yaml")
|
||||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
||||
(cm/replace-all-matching "fqdn" fqdn))))
|
||||
(ing/generate-ingress-and-cert config))
|
||||
|
||||
(defn generate-statefulset []
|
||||
(yaml/load-as-edn "shynet/statefulset.yaml"))
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
apiVersion: cert-manager.io/v1
|
||||
kind: Certificate
|
||||
metadata:
|
||||
name: shynet-cert
|
||||
namespace: default
|
||||
spec:
|
||||
secretName: shynet-cert
|
||||
commonName: fqdn
|
||||
duration: 2160h # 90d
|
||||
renewBefore: 360h # 15d
|
||||
dnsNames:
|
||||
- fqdn
|
||||
issuerRef:
|
||||
name: REPLACEME
|
||||
kind: ClusterIssuer
|
|
@ -1,24 +0,0 @@
|
|||
apiVersion: networking.k8s.io/v1
|
||||
kind: Ingress
|
||||
metadata:
|
||||
name: shynet-webserver-ingress
|
||||
annotations:
|
||||
ingress.kubernetes.io/force-ssl-redirect: "true"
|
||||
ingress.kubernetes.io/ssl-redirect: "true"
|
||||
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
|
||||
spec:
|
||||
tls:
|
||||
- hosts:
|
||||
- fqdn
|
||||
secretName: shynet-cert
|
||||
rules:
|
||||
- host: fqdn
|
||||
http:
|
||||
paths:
|
||||
- backend:
|
||||
service:
|
||||
name: shynet-webserver-service
|
||||
port:
|
||||
number: 8080
|
||||
path: /
|
||||
pathType: Prefix
|
Loading…
Reference in a new issue