Added backup ns and moved spec to core.cljc

This commit is contained in:
Clemens Geibel 2022-08-19 12:56:52 +02:00
parent dd5d835b21
commit bbf0e17004
4 changed files with 89 additions and 34 deletions

View file

@ -6,4 +6,4 @@
[dda.c4k-common.uberjar :as uberjar])) [dda.c4k-common.uberjar :as uberjar]))
(defn -main [& cmd-args] (defn -main [& cmd-args]
(uberjar/main-common "c4k-gitea" gitea/config? gitea/auth? gitea/config-defaults core/k8s-objects cmd-args)) (uberjar/main-common "c4k-gitea" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))

View file

@ -0,0 +1,46 @@
(ns dda.c4k-gitea.backup
(:require
[clojure.spec.alpha :as s]
#?(:cljs [shadow.resource :as rc])
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.common :as cm]))
(s/def ::aws-access-key-id cm/bash-env-string?)
(s/def ::aws-secret-access-key cm/bash-env-string?)
(s/def ::restic-password cm/bash-env-string?)
(s/def ::restic-repository cm/bash-env-string?)
(def auth? (s/keys :req-un [::aws-access-key-id ::aws-secret-access-key ::restic-password ::restic-repository]))
#?(:cljs
(defmethod yaml/load-resource :backup [resource-name]
(case resource-name
"backup/config.yaml" (rc/inline "backup/config.yaml")
"backup/cron.yaml" (rc/inline "backup/cron.yaml")
"backup/secret.yaml" (rc/inline "backup/secret.yaml")
"backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml")
(throw (js/Error. "Undefined Resource!")))))
(defn generate-config [my-conf]
(let [{:keys [restic-repository]} my-conf]
(->
(yaml/from-string (yaml/load-resource "backup/config.yaml"))
(cm/replace-key-value :restic-repository restic-repository))))
(defn generate-cron []
(yaml/from-string (yaml/load-resource "backup/cron.yaml")))
(defn generate-backup-restore-deployment [my-conf]
(let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))]
(if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf)))
(cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt")
backup-restore-yaml)))
(defn generate-secret [my-auth]
(let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth]
(->
(yaml/from-string (yaml/load-resource "backup/secret.yaml"))
(cm/replace-key-value :aws-access-key-id (b64/encode aws-access-key-id))
(cm/replace-key-value :aws-secret-access-key (b64/encode aws-secret-access-key))
(cm/replace-key-value :restic-password (b64/encode restic-password)))))

View file

@ -3,13 +3,32 @@
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-gitea.gitea :as gitea] [dda.c4k-gitea.gitea :as gitea]
[dda.c4k-gitea.gitea :as backup]
[dda.c4k-common.postgres :as postgres])) [dda.c4k-common.postgres :as postgres]))
(def config-defaults {:issuer "staging"})
(def config? (s/keys :req-un [::gitea/fqdn
::gitea/mailer-from
::gitea/mailer-host-port
::gitea/service-noreply-address]
:opt-un [::gitea/issuer
::gitea/default-app-name
::gitea/service-domain-whitelist
::backup/restic-repository]))
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
::gitea/mailer-user ::gitea/mailer-pw
::backup/aws-access-key-id ::backup/aws-secret-access-key
::backup/restic-password]))
(def vol? (s/keys :req-un [::gitea/volume-total-storage-size]))
(defn k8s-objects [config] (defn k8s-objects [config]
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)] (let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
(cm/concat-vec (map yaml/to-string
(map yaml/to-string (filter #(not (nil? %))
(filter #(not (nil? %)) (cm/concat-vec
[(postgres/generate-config {:postgres-size :2gb :db-name "gitea"}) [(postgres/generate-config {:postgres-size :2gb :db-name "gitea"})
(postgres/generate-secret config) (postgres/generate-secret config)
(when (contains? config :postgres-data-volume-path) (when (contains? config :postgres-data-volume-path)
@ -27,4 +46,9 @@
(gitea/generate-appini-env config) (gitea/generate-appini-env config)
(gitea/generate-secrets config) (gitea/generate-secrets config)
(gitea/generate-ingress config) (gitea/generate-ingress config)
(gitea/generate-certificate config)]))))) (gitea/generate-certificate config)]
(when (contains? config :restic-repository)
[(backup/generate-config config)
(backup/generate-secret config)
(backup/generate-cron)
(backup/generate-backup-restore-deployment config)]))))))

View file

@ -10,8 +10,7 @@
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.base64 :as b64] [dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred] [dda.c4k-common.predicate :as pred]))
[dda.c4k-common.postgres :as postgres]))
(defn domain-list? (defn domain-list?
[input] [input]
@ -30,20 +29,6 @@
(s/def ::issuer pred/letsencrypt-issuer?) (s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::volume-total-storage-size (partial pred/int-gt-n? 5)) (s/def ::volume-total-storage-size (partial pred/int-gt-n? 5))
(def config-defaults {:issuer "staging"})
(def config? (s/keys :req-un [::fqdn
::mailer-from
::mailer-host-port
::service-noreply-address]
:opt-un [::issuer
::default-app-name
::service-domain-whitelist]))
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw]))
(def vol? (s/keys :req-un [::volume-total-storage-size]))
(defn-spec root-storage-by-volume-size int? (defn-spec root-storage-by-volume-size int?
[volume-total-storage-size ::volume-total-storage-size] [volume-total-storage-size ::volume-total-storage-size]
(cond (cond
@ -74,8 +59,8 @@
(defmethod yaml/load-as-edn :gitea [resource-name] (defmethod yaml/load-as-edn :gitea [resource-name]
(yaml/from-string (yaml/load-resource resource-name)))) (yaml/from-string (yaml/load-resource resource-name))))
(defn-spec generate-appini-env pred/map-or-seq? (defn generate-appini-env
[config config?] [config]
(let [{:keys [default-app-name (let [{:keys [default-app-name
fqdn fqdn
mailer-from mailer-from
@ -95,8 +80,8 @@
(cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist) (cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist)
(cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address)))) (cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address))))
(defn-spec generate-secrets pred/map-or-seq? (defn generate-secrets
[auth auth?] [auth]
(let [{:keys [postgres-db-user (let [{:keys [postgres-db-user
postgres-db-password postgres-db-password
mailer-user mailer-user
@ -115,8 +100,8 @@
(yaml/load-as-edn "gitea/ingress.yaml") (yaml/load-as-edn "gitea/ingress.yaml")
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-certificate pred/map-or-seq? (defn generate-certificate
[config config?] [config]
(let [{:keys [fqdn issuer] (let [{:keys [fqdn issuer]
:or {issuer "staging"}} config :or {issuer "staging"}} config
letsencrypt-issuer (name issuer)] letsencrypt-issuer (name issuer)]
@ -125,16 +110,16 @@
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer) (assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn)))) (cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-root-volume pred/map-or-seq? (defn generate-root-volume
[config vol?] [config]
(let [{:keys [volume-total-storage-size]} config (let [{:keys [volume-total-storage-size]} config
root-storage-size (root-storage-by-volume-size volume-total-storage-size)] root-storage-size (root-storage-by-volume-size volume-total-storage-size)]
(-> (->
(yaml/load-as-edn "gitea/rootvolume.yaml") (yaml/load-as-edn "gitea/rootvolume.yaml")
(cm/replace-all-matching-values-by-new-value "ROOTSTORAGESIZE" (str (str root-storage-size) "Gi"))))) (cm/replace-all-matching-values-by-new-value "ROOTSTORAGESIZE" (str (str root-storage-size) "Gi")))))
(defn-spec generate-data-volume pred/map-or-seq? (defn generate-data-volume
[config vol?] [config]
(let [{:keys [volume-total-storage-size]} config (let [{:keys [volume-total-storage-size]} config
root-storage-size (root-storage-by-volume-size volume-total-storage-size) root-storage-size (root-storage-by-volume-size volume-total-storage-size)
data-storage-size (data-storage-by-volume-size volume-total-storage-size root-storage-size)] data-storage-size (data-storage-by-volume-size volume-total-storage-size root-storage-size)]
@ -142,14 +127,14 @@
(yaml/load-as-edn "gitea/datavolume.yaml") (yaml/load-as-edn "gitea/datavolume.yaml")
(cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi"))))) (cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi")))))
(defn-spec generate-deployment pred/map-or-seq? (defn generate-deployment
[] []
(yaml/load-as-edn "gitea/deployment.yaml")) (yaml/load-as-edn "gitea/deployment.yaml"))
(defn-spec generate-service pred/map-or-seq? (defn generate-service
[] []
(yaml/load-as-edn "gitea/service.yaml")) (yaml/load-as-edn "gitea/service.yaml"))
(defn-spec generate-service-ssh pred/map-or-seq? (defn generate-service-ssh
[] []
(yaml/load-as-edn "gitea/service-ssh.yaml")) (yaml/load-as-edn "gitea/service-ssh.yaml"))