Use common ingress
This commit is contained in:
parent
f8638137d7
commit
87ac203528
4 changed files with 3 additions and 58 deletions
|
@ -30,7 +30,6 @@
|
||||||
(shynet/generate-webserver-deployment)
|
(shynet/generate-webserver-deployment)
|
||||||
(shynet/generate-celeryworker-deployment)
|
(shynet/generate-celeryworker-deployment)
|
||||||
(shynet/generate-ingress config)
|
(shynet/generate-ingress config)
|
||||||
(shynet/generate-certificate config)
|
|
||||||
(shynet/generate-service-redis)
|
(shynet/generate-service-redis)
|
||||||
(shynet/generate-service-webserver)
|
(shynet/generate-service-webserver)
|
||||||
(shynet/generate-statefulset)])))
|
(shynet/generate-statefulset)])))
|
||||||
|
|
|
@ -4,7 +4,8 @@
|
||||||
#?(:cljs [shadow.resource :as rc])
|
#?(:cljs [shadow.resource :as rc])
|
||||||
[dda.c4k-common.yaml :as yaml]
|
[dda.c4k-common.yaml :as yaml]
|
||||||
[dda.c4k-common.common :as cm]
|
[dda.c4k-common.common :as cm]
|
||||||
[dda.c4k-common.predicate :as pred]))
|
[dda.c4k-common.predicate :as pred]
|
||||||
|
[dda.c4k-common.ingress :as ing]))
|
||||||
|
|
||||||
(s/def ::fqdn pred/fqdn-string?)
|
(s/def ::fqdn pred/fqdn-string?)
|
||||||
(s/def ::issuer pred/letsencrypt-issuer?)
|
(s/def ::issuer pred/letsencrypt-issuer?)
|
||||||
|
@ -16,7 +17,6 @@
|
||||||
"shynet/secret.yaml" (rc/inline "shynet/secret.yaml")
|
"shynet/secret.yaml" (rc/inline "shynet/secret.yaml")
|
||||||
"shynet/certificate.yaml" (rc/inline "shynet/certificate.yaml")
|
"shynet/certificate.yaml" (rc/inline "shynet/certificate.yaml")
|
||||||
"shynet/deployments.yaml" (rc/inline "shynet/deployments.yaml")
|
"shynet/deployments.yaml" (rc/inline "shynet/deployments.yaml")
|
||||||
"shynet/ingress.yaml" (rc/inline "shynet/ingress.yaml")
|
|
||||||
"shynet/service-redis.yaml" (rc/inline "shynet/service-redis.yaml")
|
"shynet/service-redis.yaml" (rc/inline "shynet/service-redis.yaml")
|
||||||
"shynet/service-webserver.yaml" (rc/inline "shynet/service-webserver.yaml")
|
"shynet/service-webserver.yaml" (rc/inline "shynet/service-webserver.yaml")
|
||||||
"shynet/statefulset.yaml" (rc/inline "shynet/statefulset.yaml")
|
"shynet/statefulset.yaml" (rc/inline "shynet/statefulset.yaml")
|
||||||
|
@ -32,15 +32,6 @@
|
||||||
(assoc-in [:stringData :DB_USER] postgres-db-user)
|
(assoc-in [:stringData :DB_USER] postgres-db-user)
|
||||||
(assoc-in [:stringData :DB_PASSWORD] postgres-db-password))))
|
(assoc-in [:stringData :DB_PASSWORD] postgres-db-password))))
|
||||||
|
|
||||||
(defn generate-certificate [config]
|
|
||||||
(let [{:keys [fqdn issuer]} config
|
|
||||||
letsencrypt-issuer (name issuer)]
|
|
||||||
(->
|
|
||||||
(yaml/load-as-edn "shynet/certificate.yaml")
|
|
||||||
(assoc-in [:spec :commonName] fqdn)
|
|
||||||
(assoc-in [:spec :dnsNames] [fqdn])
|
|
||||||
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer))))
|
|
||||||
|
|
||||||
(defn generate-webserver-deployment []
|
(defn generate-webserver-deployment []
|
||||||
(let [shynet-application "shynet-webserver"]
|
(let [shynet-application "shynet-webserver"]
|
||||||
(-> (yaml/load-as-edn "shynet/deployments.yaml")
|
(-> (yaml/load-as-edn "shynet/deployments.yaml")
|
||||||
|
@ -53,13 +44,7 @@
|
||||||
(cm/replace-all-matching "shynet-application" shynet-application))))
|
(cm/replace-all-matching "shynet-application" shynet-application))))
|
||||||
|
|
||||||
(defn generate-ingress [config]
|
(defn generate-ingress [config]
|
||||||
(let [{:keys [fqdn issuer]
|
(ing/generate-ingress-and-cert config))
|
||||||
:or {issuer :staging}} config
|
|
||||||
letsencrypt-issuer (name issuer)]
|
|
||||||
(->
|
|
||||||
(yaml/load-as-edn "shynet/ingress.yaml")
|
|
||||||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
|
||||||
(cm/replace-all-matching "fqdn" fqdn))))
|
|
||||||
|
|
||||||
(defn generate-statefulset []
|
(defn generate-statefulset []
|
||||||
(yaml/load-as-edn "shynet/statefulset.yaml"))
|
(yaml/load-as-edn "shynet/statefulset.yaml"))
|
||||||
|
|
|
@ -1,15 +0,0 @@
|
||||||
apiVersion: cert-manager.io/v1
|
|
||||||
kind: Certificate
|
|
||||||
metadata:
|
|
||||||
name: shynet-cert
|
|
||||||
namespace: default
|
|
||||||
spec:
|
|
||||||
secretName: shynet-cert
|
|
||||||
commonName: fqdn
|
|
||||||
duration: 2160h # 90d
|
|
||||||
renewBefore: 360h # 15d
|
|
||||||
dnsNames:
|
|
||||||
- fqdn
|
|
||||||
issuerRef:
|
|
||||||
name: REPLACEME
|
|
||||||
kind: ClusterIssuer
|
|
|
@ -1,24 +0,0 @@
|
||||||
apiVersion: networking.k8s.io/v1
|
|
||||||
kind: Ingress
|
|
||||||
metadata:
|
|
||||||
name: shynet-webserver-ingress
|
|
||||||
annotations:
|
|
||||||
ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
||||||
ingress.kubernetes.io/ssl-redirect: "true"
|
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
|
|
||||||
spec:
|
|
||||||
tls:
|
|
||||||
- hosts:
|
|
||||||
- fqdn
|
|
||||||
secretName: shynet-cert
|
|
||||||
rules:
|
|
||||||
- host: fqdn
|
|
||||||
http:
|
|
||||||
paths:
|
|
||||||
- backend:
|
|
||||||
service:
|
|
||||||
name: shynet-webserver-service
|
|
||||||
port:
|
|
||||||
number: 8080
|
|
||||||
path: /
|
|
||||||
pathType: Prefix
|
|
Loading…
Reference in a new issue