mob2
This commit is contained in:
parent
64e01f1bd7
commit
fe8643b249
4 changed files with 18 additions and 31 deletions
|
@ -11,7 +11,7 @@
|
||||||
(def config-defaults {:issuer :staging})
|
(def config-defaults {:issuer :staging})
|
||||||
|
|
||||||
(def config? (s/keys :req-un [::shynet/fqdn]
|
(def config? (s/keys :req-un [::shynet/fqdn]
|
||||||
:opt-un [::shynet/issuer ::shynet/ingress-type]))
|
:opt-un [::shynet/issuer]))
|
||||||
|
|
||||||
(def auth? (s/keys :req-un [::shynet/django-secret-key
|
(def auth? (s/keys :req-un [::shynet/django-secret-key
|
||||||
::postgres/postgres-db-user ::postgres/postgres-db-password]))
|
::postgres/postgres-db-user ::postgres/postgres-db-password]))
|
||||||
|
@ -21,12 +21,13 @@
|
||||||
[]
|
[]
|
||||||
(concat
|
(concat
|
||||||
[(yaml/to-string (postgres/generate-config {:postgres-size :2gb :db-name "shynet"}))
|
[(yaml/to-string (postgres/generate-config {:postgres-size :2gb :db-name "shynet"}))
|
||||||
(yaml/to-string (postgres/generate-secret config))
|
(yaml/to-string (postgres/generate-secret config))]
|
||||||
(yaml/to-string (postgres/generate-persistent-volume {:postgres-data-volume-path "/var/postgres"}))
|
(when (contains? config :postgres-data-volume-path)
|
||||||
(yaml/to-string (postgres/generate-pvc))
|
[(yaml/to-string (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path])))])
|
||||||
(yaml/to-string (postgres/generate-deployment :postgres-image "postgres:14"))
|
[(yaml/to-string (postgres/generate-pvc))
|
||||||
(yaml/to-string (postgres/generate-service))]
|
(yaml/to-string (postgres/generate-deployment {:postgres-image "postgres:14"}))
|
||||||
[(yaml/to-string (shynet/generate-secret config))
|
(yaml/to-string (postgres/generate-service))
|
||||||
|
(yaml/to-string (shynet/generate-secret config))
|
||||||
(yaml/to-string (shynet/generate-webserver-deployment))
|
(yaml/to-string (shynet/generate-webserver-deployment))
|
||||||
(yaml/to-string (shynet/generate-celeryworker-deployment))
|
(yaml/to-string (shynet/generate-celeryworker-deployment))
|
||||||
(yaml/to-string (shynet/generate-ingress config))
|
(yaml/to-string (shynet/generate-ingress config))
|
||||||
|
|
|
@ -6,13 +6,8 @@
|
||||||
[dda.c4k-common.common :as cm]
|
[dda.c4k-common.common :as cm]
|
||||||
[dda.c4k-common.predicate :as pred]))
|
[dda.c4k-common.predicate :as pred]))
|
||||||
|
|
||||||
(defn ingress-type?
|
|
||||||
[input]
|
|
||||||
(contains? #{:traefik :nginx} input))
|
|
||||||
|
|
||||||
(s/def ::fqdn pred/fqdn-string?)
|
(s/def ::fqdn pred/fqdn-string?)
|
||||||
(s/def ::issuer pred/letsencrypt-issuer?)
|
(s/def ::issuer pred/letsencrypt-issuer?)
|
||||||
(s/def ::ingress-type ingress-type?)
|
|
||||||
(s/def ::django-secret-key pred/bash-env-string?)
|
(s/def ::django-secret-key pred/bash-env-string?)
|
||||||
|
|
||||||
#?(:cljs
|
#?(:cljs
|
||||||
|
@ -58,14 +53,12 @@
|
||||||
(cm/replace-all-matching-values-by-new-value "shynet-application" shynet-application))))
|
(cm/replace-all-matching-values-by-new-value "shynet-application" shynet-application))))
|
||||||
|
|
||||||
(defn generate-ingress [config]
|
(defn generate-ingress [config]
|
||||||
(let [{:keys [fqdn issuer ingress-type]
|
(let [{:keys [fqdn issuer]
|
||||||
:or {issuer :staging ingress-type :default}} config
|
:or {issuer :staging}} config
|
||||||
letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")
|
letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")]
|
||||||
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
|
|
||||||
(->
|
(->
|
||||||
(yaml/from-string (yaml/load-resource "shynet/ingress.yaml"))
|
(yaml/from-string (yaml/load-resource "shynet/ingress.yaml"))
|
||||||
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
|
||||||
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
|
|
||||||
(cm/replace-all-matching-values-by-new-value "fqdn" fqdn))))
|
(cm/replace-all-matching-values-by-new-value "fqdn" fqdn))))
|
||||||
|
|
||||||
(defn generate-statefulset []
|
(defn generate-statefulset []
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
(ns dda.c4k-shynet.browser
|
(ns dda.c4k-shynet.browser
|
||||||
(:require
|
(:require
|
||||||
|
[clojure.string :as st]
|
||||||
[clojure.tools.reader.edn :as edn]
|
[clojure.tools.reader.edn :as edn]
|
||||||
[dda.c4k-shynet.core :as core]
|
[dda.c4k-shynet.core :as core]
|
||||||
[dda.c4k-shynet.shynet :as shynet]
|
[dda.c4k-shynet.shynet :as shynet]
|
||||||
|
@ -38,7 +39,6 @@
|
||||||
(generate-group
|
(generate-group
|
||||||
"provider"
|
"provider"
|
||||||
(concat-vec
|
(concat-vec
|
||||||
(br/generate-input-field "ingress-type" "(Optional) Your ingress type (traefik/nginx):" "")
|
|
||||||
(br/generate-input-field "postgres-data-volume-path" "(Optional) Your postgres-data-volume-path if Persistent Volumes are not generated by an Operator:" "")))
|
(br/generate-input-field "postgres-data-volume-path" "(Optional) Your postgres-data-volume-path if Persistent Volumes are not generated by an Operator:" "")))
|
||||||
(generate-group
|
(generate-group
|
||||||
"credentials"
|
"credentials"
|
||||||
|
@ -61,22 +61,19 @@
|
||||||
|
|
||||||
(defn config-from-document []
|
(defn config-from-document []
|
||||||
(let [postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true)
|
(let [postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true)
|
||||||
issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword)
|
issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword)]
|
||||||
ingress-type (br/get-content-from-element "ingress-type" :optional true :deserializer keyword)]
|
(js/console.log postgres-data-volume-path)
|
||||||
(merge
|
(merge
|
||||||
{:fqdn (br/get-content-from-element "fqdn")}
|
{:fqdn (br/get-content-from-element "fqdn")}
|
||||||
(when (some? postgres-data-volume-path)
|
(when (not (st/blank? postgres-data-volume-path))
|
||||||
{:postgres-data-volume-path postgres-data-volume-path})
|
{:postgres-data-volume-path postgres-data-volume-path})
|
||||||
(when (some? issuer)
|
(when (not (st/blank? issuer))
|
||||||
{:issuer issuer})
|
{:issuer issuer})
|
||||||
(when (some? ingress-type)
|
|
||||||
{:ingress-type ingress-type})
|
|
||||||
)))
|
)))
|
||||||
|
|
||||||
(defn validate-all! []
|
(defn validate-all! []
|
||||||
(br/validate! "fqdn" ::shynet/fqdn)
|
(br/validate! "fqdn" ::shynet/fqdn)
|
||||||
(br/validate! "issuer" ::shynet/issuer :optional true :deserializer keyword)
|
(br/validate! "issuer" ::shynet/issuer :optional true :deserializer keyword)
|
||||||
(br/validate! "ingress-type" ::shynet/ingress-type :optional true :deserializer keyword)
|
|
||||||
(br/validate! "postgres-data-volume-path" ::pgc/postgres-data-volume-path :optional true)
|
(br/validate! "postgres-data-volume-path" ::pgc/postgres-data-volume-path :optional true)
|
||||||
(br/validate! "auth" core/auth? :deserializer edn/read-string)
|
(br/validate! "auth" core/auth? :deserializer edn/read-string)
|
||||||
(br/set-validated!))
|
(br/set-validated!))
|
||||||
|
|
|
@ -3,13 +3,9 @@ kind: Ingress
|
||||||
metadata:
|
metadata:
|
||||||
name: shynet-webserver-ingress
|
name: shynet-webserver-ingress
|
||||||
annotations:
|
annotations:
|
||||||
|
ingress.kubernetes.io/force-ssl-redirect: true
|
||||||
|
ingress.kubernetes.io/ssl-redirect: true
|
||||||
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
|
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
|
||||||
nginx.ingress.kubernetes.io/proxy-body-size: "256m"
|
|
||||||
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
||||||
nginx.ingress.kubernetes.io/rewrite-target: /
|
|
||||||
nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
|
|
||||||
nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
|
|
||||||
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
|
|
||||||
spec:
|
spec:
|
||||||
tls:
|
tls:
|
||||||
- hosts:
|
- hosts:
|
||||||
|
|
Loading…
Reference in a new issue