diff --git a/src/main/cljc/dda/c4k_shynet/core.cljc b/src/main/cljc/dda/c4k_shynet/core.cljc index d0d5a63..9cf940d 100644 --- a/src/main/cljc/dda/c4k_shynet/core.cljc +++ b/src/main/cljc/dda/c4k_shynet/core.cljc @@ -11,7 +11,7 @@ (def config-defaults {:issuer :staging}) (def config? (s/keys :req-un [::shynet/fqdn] - :opt-un [::shynet/issuer ::shynet/ingress-type])) + :opt-un [::shynet/issuer])) (def auth? (s/keys :req-un [::shynet/django-secret-key ::postgres/postgres-db-user ::postgres/postgres-db-password])) @@ -21,12 +21,13 @@ [] (concat [(yaml/to-string (postgres/generate-config {:postgres-size :2gb :db-name "shynet"})) - (yaml/to-string (postgres/generate-secret config)) - (yaml/to-string (postgres/generate-persistent-volume {:postgres-data-volume-path "/var/postgres"})) - (yaml/to-string (postgres/generate-pvc)) - (yaml/to-string (postgres/generate-deployment :postgres-image "postgres:14")) - (yaml/to-string (postgres/generate-service))] - [(yaml/to-string (shynet/generate-secret config)) + (yaml/to-string (postgres/generate-secret config))] + (when (contains? config :postgres-data-volume-path) + [(yaml/to-string (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path])))]) + [(yaml/to-string (postgres/generate-pvc)) + (yaml/to-string (postgres/generate-deployment {:postgres-image "postgres:14"})) + (yaml/to-string (postgres/generate-service)) + (yaml/to-string (shynet/generate-secret config)) (yaml/to-string (shynet/generate-webserver-deployment)) (yaml/to-string (shynet/generate-celeryworker-deployment)) (yaml/to-string (shynet/generate-ingress config)) diff --git a/src/main/cljc/dda/c4k_shynet/shynet.cljc b/src/main/cljc/dda/c4k_shynet/shynet.cljc index 3975be1..ba8e6d5 100644 --- a/src/main/cljc/dda/c4k_shynet/shynet.cljc +++ b/src/main/cljc/dda/c4k_shynet/shynet.cljc @@ -6,13 +6,8 @@ [dda.c4k-common.common :as cm] [dda.c4k-common.predicate :as pred])) -(defn ingress-type? - [input] - (contains? #{:traefik :nginx} input)) - (s/def ::fqdn pred/fqdn-string?) (s/def ::issuer pred/letsencrypt-issuer?) -(s/def ::ingress-type ingress-type?) (s/def ::django-secret-key pred/bash-env-string?) #?(:cljs @@ -58,14 +53,12 @@ (cm/replace-all-matching-values-by-new-value "shynet-application" shynet-application)))) (defn generate-ingress [config] - (let [{:keys [fqdn issuer ingress-type] - :or {issuer :staging ingress-type :default}} config - letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer") - ingress-kind (if (= :default ingress-type) "" (name ingress-type))] + (let [{:keys [fqdn issuer] + :or {issuer :staging}} config + letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")] (-> (yaml/from-string (yaml/load-resource "shynet/ingress.yaml")) (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer) - (assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind) (cm/replace-all-matching-values-by-new-value "fqdn" fqdn)))) (defn generate-statefulset [] diff --git a/src/main/cljs/dda/c4k_shynet/browser.cljs b/src/main/cljs/dda/c4k_shynet/browser.cljs index 6e30d3d..a93174b 100644 --- a/src/main/cljs/dda/c4k_shynet/browser.cljs +++ b/src/main/cljs/dda/c4k_shynet/browser.cljs @@ -1,5 +1,6 @@ (ns dda.c4k-shynet.browser (:require + [clojure.string :as st] [clojure.tools.reader.edn :as edn] [dda.c4k-shynet.core :as core] [dda.c4k-shynet.shynet :as shynet] @@ -38,7 +39,6 @@ (generate-group "provider" (concat-vec - (br/generate-input-field "ingress-type" "(Optional) Your ingress type (traefik/nginx):" "") (br/generate-input-field "postgres-data-volume-path" "(Optional) Your postgres-data-volume-path if Persistent Volumes are not generated by an Operator:" ""))) (generate-group "credentials" @@ -61,22 +61,19 @@ (defn config-from-document [] (let [postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true) - issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword) - ingress-type (br/get-content-from-element "ingress-type" :optional true :deserializer keyword)] + issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword)] + (js/console.log postgres-data-volume-path) (merge {:fqdn (br/get-content-from-element "fqdn")} - (when (some? postgres-data-volume-path) + (when (not (st/blank? postgres-data-volume-path)) {:postgres-data-volume-path postgres-data-volume-path}) - (when (some? issuer) + (when (not (st/blank? issuer)) {:issuer issuer}) - (when (some? ingress-type) - {:ingress-type ingress-type}) ))) (defn validate-all! [] (br/validate! "fqdn" ::shynet/fqdn) (br/validate! "issuer" ::shynet/issuer :optional true :deserializer keyword) - (br/validate! "ingress-type" ::shynet/ingress-type :optional true :deserializer keyword) (br/validate! "postgres-data-volume-path" ::pgc/postgres-data-volume-path :optional true) (br/validate! "auth" core/auth? :deserializer edn/read-string) (br/set-validated!)) diff --git a/src/main/resources/shynet/ingress.yaml b/src/main/resources/shynet/ingress.yaml index 08fd7ac..22c011b 100644 --- a/src/main/resources/shynet/ingress.yaml +++ b/src/main/resources/shynet/ingress.yaml @@ -3,13 +3,9 @@ kind: Ingress metadata: name: shynet-webserver-ingress annotations: + ingress.kubernetes.io/force-ssl-redirect: true + ingress.kubernetes.io/ssl-redirect: true cert-manager.io/cluster-issuer: letsencrypt-staging-issuer - nginx.ingress.kubernetes.io/proxy-body-size: "256m" - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/rewrite-target: / - nginx.ingress.kubernetes.io/proxy-connect-timeout: "300" - nginx.ingress.kubernetes.io/proxy-send-timeout: "300" - nginx.ingress.kubernetes.io/proxy-read-timeout: "300" spec: tls: - hosts: