146 lines
3.4 KiB
Nix
146 lines
3.4 KiB
Nix
let
|
|
appName = "soju";
|
|
sojuImage = "git.gmem.ca/arch/soju:latest";
|
|
gamjaImage = "git.gmem.ca/arch/gamja:latest";
|
|
in {
|
|
kubernetes.resources.services.soju = {
|
|
spec = {
|
|
type = "NodePort";
|
|
selector.app = appName;
|
|
ports.tls = {
|
|
port = 6697;
|
|
targetPort = 6697;
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.services.soju-ws = {
|
|
spec = {
|
|
selector.app = appName;
|
|
ports.ws = {
|
|
port = 80;
|
|
targetPort = 80;
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.services.gamja = {
|
|
spec = {
|
|
selector.app = "gamja";
|
|
ports.http = {
|
|
port = 80;
|
|
targetPort = 80;
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.deployments.soju.spec = {
|
|
selector.matchLabels.app = appName;
|
|
template = {
|
|
metadata.labels.app = appName;
|
|
spec = {
|
|
volumes = {
|
|
config.configMap.name = "soju";
|
|
ssl.secret.secretName = "gmem-ca-wildcard";
|
|
};
|
|
containers = {
|
|
soju = {
|
|
image = sojuImage;
|
|
imagePullPolicy = "Always";
|
|
volumeMounts = [
|
|
{
|
|
name = "config";
|
|
mountPath = "/etc/soju/config";
|
|
subPath = "config";
|
|
}
|
|
{
|
|
name = "ssl";
|
|
mountPath = "/ssl";
|
|
}
|
|
];
|
|
ports.tls.containerPort = 6697;
|
|
ports.ws.containerPort = 80;
|
|
|
|
env.PGHOST.valueFrom.secretKeyRef = {
|
|
name = "hippo-pguser-soju";
|
|
key = "host";
|
|
};
|
|
env.PGPASSWORD.valueFrom.secretKeyRef = {
|
|
name = "hippo-pguser-soju";
|
|
key = "password";
|
|
};
|
|
env.PGUSER.valueFrom.secretKeyRef = {
|
|
name = "hippo-pguser-soju";
|
|
key = "user";
|
|
};
|
|
env.PGDATABASE.valueFrom.secretKeyRef = {
|
|
name = "hippo-pguser-soju";
|
|
key = "dbname";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
kubernetes.resources.deployments.gamja.spec = {
|
|
selector.matchLabels.app = "gamja";
|
|
template = {
|
|
metadata.labels.app = "gamja";
|
|
spec = {
|
|
containers = {
|
|
gamja = {
|
|
image = gamjaImage;
|
|
imagePullPolicy = "Always";
|
|
ports.http.containerPort = 80;
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
kubernetes.resources.ingresses.irc = {
|
|
metadata.annotations = {
|
|
"cert-manager.io/issuer" = "le-issuer";
|
|
};
|
|
spec = {
|
|
tls = [
|
|
{
|
|
hosts = ["irc.gmem.ca"];
|
|
secretName = "gmem-ca-wildcard";
|
|
}
|
|
];
|
|
rules = [
|
|
{
|
|
host = "irc.gmem.ca";
|
|
http.paths = [
|
|
{
|
|
path = "/";
|
|
pathType = "Prefix";
|
|
backend.service = {
|
|
name = "gamja";
|
|
port.number = 80;
|
|
};
|
|
}
|
|
{
|
|
path = "/socket";
|
|
pathType = "Prefix";
|
|
backend.service = {
|
|
name = "soju-ws";
|
|
port.number = 80;
|
|
};
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
};
|
|
|
|
kubernetes.resources.configMaps.soju.data.config = ''
|
|
listen ircs://
|
|
listen unix+admin:///app/admin
|
|
listen ws+insecure://
|
|
hostname irc.gmem.ca
|
|
title irc.gmem.ca
|
|
db postgres "dbname=soju"
|
|
message-store db
|
|
tls /ssl/tls.crt /ssl/tls.key
|
|
'';
|
|
}
|