Use common ingress

This commit is contained in:
bom 2024-07-02 15:34:35 +02:00
parent f8638137d7
commit 87ac203528
4 changed files with 3 additions and 58 deletions

View file

@ -30,7 +30,6 @@
(shynet/generate-webserver-deployment) (shynet/generate-webserver-deployment)
(shynet/generate-celeryworker-deployment) (shynet/generate-celeryworker-deployment)
(shynet/generate-ingress config) (shynet/generate-ingress config)
(shynet/generate-certificate config)
(shynet/generate-service-redis) (shynet/generate-service-redis)
(shynet/generate-service-webserver) (shynet/generate-service-webserver)
(shynet/generate-statefulset)]))) (shynet/generate-statefulset)])))

View file

@ -4,7 +4,8 @@
#?(:cljs [shadow.resource :as rc]) #?(:cljs [shadow.resource :as rc])
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.predicate :as pred])) [dda.c4k-common.predicate :as pred]
[dda.c4k-common.ingress :as ing]))
(s/def ::fqdn pred/fqdn-string?) (s/def ::fqdn pred/fqdn-string?)
(s/def ::issuer pred/letsencrypt-issuer?) (s/def ::issuer pred/letsencrypt-issuer?)
@ -16,7 +17,6 @@
"shynet/secret.yaml" (rc/inline "shynet/secret.yaml") "shynet/secret.yaml" (rc/inline "shynet/secret.yaml")
"shynet/certificate.yaml" (rc/inline "shynet/certificate.yaml") "shynet/certificate.yaml" (rc/inline "shynet/certificate.yaml")
"shynet/deployments.yaml" (rc/inline "shynet/deployments.yaml") "shynet/deployments.yaml" (rc/inline "shynet/deployments.yaml")
"shynet/ingress.yaml" (rc/inline "shynet/ingress.yaml")
"shynet/service-redis.yaml" (rc/inline "shynet/service-redis.yaml") "shynet/service-redis.yaml" (rc/inline "shynet/service-redis.yaml")
"shynet/service-webserver.yaml" (rc/inline "shynet/service-webserver.yaml") "shynet/service-webserver.yaml" (rc/inline "shynet/service-webserver.yaml")
"shynet/statefulset.yaml" (rc/inline "shynet/statefulset.yaml") "shynet/statefulset.yaml" (rc/inline "shynet/statefulset.yaml")
@ -32,15 +32,6 @@
(assoc-in [:stringData :DB_USER] postgres-db-user) (assoc-in [:stringData :DB_USER] postgres-db-user)
(assoc-in [:stringData :DB_PASSWORD] postgres-db-password)))) (assoc-in [:stringData :DB_PASSWORD] postgres-db-password))))
(defn generate-certificate [config]
(let [{:keys [fqdn issuer]} config
letsencrypt-issuer (name issuer)]
(->
(yaml/load-as-edn "shynet/certificate.yaml")
(assoc-in [:spec :commonName] fqdn)
(assoc-in [:spec :dnsNames] [fqdn])
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer))))
(defn generate-webserver-deployment [] (defn generate-webserver-deployment []
(let [shynet-application "shynet-webserver"] (let [shynet-application "shynet-webserver"]
(-> (yaml/load-as-edn "shynet/deployments.yaml") (-> (yaml/load-as-edn "shynet/deployments.yaml")
@ -53,13 +44,7 @@
(cm/replace-all-matching "shynet-application" shynet-application)))) (cm/replace-all-matching "shynet-application" shynet-application))))
(defn generate-ingress [config] (defn generate-ingress [config]
(let [{:keys [fqdn issuer] (ing/generate-ingress-and-cert config))
:or {issuer :staging}} config
letsencrypt-issuer (name issuer)]
(->
(yaml/load-as-edn "shynet/ingress.yaml")
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
(cm/replace-all-matching "fqdn" fqdn))))
(defn generate-statefulset [] (defn generate-statefulset []
(yaml/load-as-edn "shynet/statefulset.yaml")) (yaml/load-as-edn "shynet/statefulset.yaml"))

View file

@ -1,15 +0,0 @@
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: shynet-cert
namespace: default
spec:
secretName: shynet-cert
commonName: fqdn
duration: 2160h # 90d
renewBefore: 360h # 15d
dnsNames:
- fqdn
issuerRef:
name: REPLACEME
kind: ClusterIssuer

View file

@ -1,24 +0,0 @@
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: shynet-webserver-ingress
annotations:
ingress.kubernetes.io/force-ssl-redirect: "true"
ingress.kubernetes.io/ssl-redirect: "true"
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
spec:
tls:
- hosts:
- fqdn
secretName: shynet-cert
rules:
- host: fqdn
http:
paths:
- backend:
service:
name: shynet-webserver-service
port:
number: 8080
path: /
pathType: Prefix