This commit is contained in:
jerger 2022-02-11 16:03:53 +01:00
parent 64e01f1bd7
commit fe8643b249
4 changed files with 18 additions and 31 deletions

View file

@ -11,7 +11,7 @@
(def config-defaults {:issuer :staging}) (def config-defaults {:issuer :staging})
(def config? (s/keys :req-un [::shynet/fqdn] (def config? (s/keys :req-un [::shynet/fqdn]
:opt-un [::shynet/issuer ::shynet/ingress-type])) :opt-un [::shynet/issuer]))
(def auth? (s/keys :req-un [::shynet/django-secret-key (def auth? (s/keys :req-un [::shynet/django-secret-key
::postgres/postgres-db-user ::postgres/postgres-db-password])) ::postgres/postgres-db-user ::postgres/postgres-db-password]))
@ -21,12 +21,13 @@
[] []
(concat (concat
[(yaml/to-string (postgres/generate-config {:postgres-size :2gb :db-name "shynet"})) [(yaml/to-string (postgres/generate-config {:postgres-size :2gb :db-name "shynet"}))
(yaml/to-string (postgres/generate-secret config)) (yaml/to-string (postgres/generate-secret config))]
(yaml/to-string (postgres/generate-persistent-volume {:postgres-data-volume-path "/var/postgres"})) (when (contains? config :postgres-data-volume-path)
(yaml/to-string (postgres/generate-pvc)) [(yaml/to-string (postgres/generate-persistent-volume (select-keys config [:postgres-data-volume-path])))])
(yaml/to-string (postgres/generate-deployment :postgres-image "postgres:14")) [(yaml/to-string (postgres/generate-pvc))
(yaml/to-string (postgres/generate-service))] (yaml/to-string (postgres/generate-deployment {:postgres-image "postgres:14"}))
[(yaml/to-string (shynet/generate-secret config)) (yaml/to-string (postgres/generate-service))
(yaml/to-string (shynet/generate-secret config))
(yaml/to-string (shynet/generate-webserver-deployment)) (yaml/to-string (shynet/generate-webserver-deployment))
(yaml/to-string (shynet/generate-celeryworker-deployment)) (yaml/to-string (shynet/generate-celeryworker-deployment))
(yaml/to-string (shynet/generate-ingress config)) (yaml/to-string (shynet/generate-ingress config))

View file

@ -6,13 +6,8 @@
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.predicate :as pred])) [dda.c4k-common.predicate :as pred]))
(defn ingress-type?
[input]
(contains? #{:traefik :nginx} input))
(s/def ::fqdn pred/fqdn-string?) (s/def ::fqdn pred/fqdn-string?)
(s/def ::issuer pred/letsencrypt-issuer?) (s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::ingress-type ingress-type?)
(s/def ::django-secret-key pred/bash-env-string?) (s/def ::django-secret-key pred/bash-env-string?)
#?(:cljs #?(:cljs
@ -58,14 +53,12 @@
(cm/replace-all-matching-values-by-new-value "shynet-application" shynet-application)))) (cm/replace-all-matching-values-by-new-value "shynet-application" shynet-application))))
(defn generate-ingress [config] (defn generate-ingress [config]
(let [{:keys [fqdn issuer ingress-type] (let [{:keys [fqdn issuer]
:or {issuer :staging ingress-type :default}} config :or {issuer :staging}} config
letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer") letsencrypt-issuer (str "letsencrypt-" (name issuer) "-issuer")]
ingress-kind (if (= :default ingress-type) "" (name ingress-type))]
(-> (->
(yaml/from-string (yaml/load-resource "shynet/ingress.yaml")) (yaml/from-string (yaml/load-resource "shynet/ingress.yaml"))
(assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer) (assoc-in [:metadata :annotations :cert-manager.io/cluster-issuer] letsencrypt-issuer)
(assoc-in [:metadata :annotations :kubernetes.io/ingress.class] ingress-kind)
(cm/replace-all-matching-values-by-new-value "fqdn" fqdn)))) (cm/replace-all-matching-values-by-new-value "fqdn" fqdn))))
(defn generate-statefulset [] (defn generate-statefulset []

View file

@ -1,5 +1,6 @@
(ns dda.c4k-shynet.browser (ns dda.c4k-shynet.browser
(:require (:require
[clojure.string :as st]
[clojure.tools.reader.edn :as edn] [clojure.tools.reader.edn :as edn]
[dda.c4k-shynet.core :as core] [dda.c4k-shynet.core :as core]
[dda.c4k-shynet.shynet :as shynet] [dda.c4k-shynet.shynet :as shynet]
@ -38,7 +39,6 @@
(generate-group (generate-group
"provider" "provider"
(concat-vec (concat-vec
(br/generate-input-field "ingress-type" "(Optional) Your ingress type (traefik/nginx):" "")
(br/generate-input-field "postgres-data-volume-path" "(Optional) Your postgres-data-volume-path if Persistent Volumes are not generated by an Operator:" ""))) (br/generate-input-field "postgres-data-volume-path" "(Optional) Your postgres-data-volume-path if Persistent Volumes are not generated by an Operator:" "")))
(generate-group (generate-group
"credentials" "credentials"
@ -61,22 +61,19 @@
(defn config-from-document [] (defn config-from-document []
(let [postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true) (let [postgres-data-volume-path (br/get-content-from-element "postgres-data-volume-path" :optional true)
issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword) issuer (br/get-content-from-element "issuer" :optional true :deserializer keyword)]
ingress-type (br/get-content-from-element "ingress-type" :optional true :deserializer keyword)] (js/console.log postgres-data-volume-path)
(merge (merge
{:fqdn (br/get-content-from-element "fqdn")} {:fqdn (br/get-content-from-element "fqdn")}
(when (some? postgres-data-volume-path) (when (not (st/blank? postgres-data-volume-path))
{:postgres-data-volume-path postgres-data-volume-path}) {:postgres-data-volume-path postgres-data-volume-path})
(when (some? issuer) (when (not (st/blank? issuer))
{:issuer issuer}) {:issuer issuer})
(when (some? ingress-type)
{:ingress-type ingress-type})
))) )))
(defn validate-all! [] (defn validate-all! []
(br/validate! "fqdn" ::shynet/fqdn) (br/validate! "fqdn" ::shynet/fqdn)
(br/validate! "issuer" ::shynet/issuer :optional true :deserializer keyword) (br/validate! "issuer" ::shynet/issuer :optional true :deserializer keyword)
(br/validate! "ingress-type" ::shynet/ingress-type :optional true :deserializer keyword)
(br/validate! "postgres-data-volume-path" ::pgc/postgres-data-volume-path :optional true) (br/validate! "postgres-data-volume-path" ::pgc/postgres-data-volume-path :optional true)
(br/validate! "auth" core/auth? :deserializer edn/read-string) (br/validate! "auth" core/auth? :deserializer edn/read-string)
(br/set-validated!)) (br/set-validated!))

View file

@ -3,13 +3,9 @@ kind: Ingress
metadata: metadata:
name: shynet-webserver-ingress name: shynet-webserver-ingress
annotations: annotations:
ingress.kubernetes.io/force-ssl-redirect: true
ingress.kubernetes.io/ssl-redirect: true
cert-manager.io/cluster-issuer: letsencrypt-staging-issuer cert-manager.io/cluster-issuer: letsencrypt-staging-issuer
nginx.ingress.kubernetes.io/proxy-body-size: "256m"
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/rewrite-target: /
nginx.ingress.kubernetes.io/proxy-connect-timeout: "300"
nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
spec: spec:
tls: tls:
- hosts: - hosts: