Added backup ns and moved spec to core.cljc
This commit is contained in:
parent
dd5d835b21
commit
bbf0e17004
4 changed files with 89 additions and 34 deletions
|
@ -6,4 +6,4 @@
|
||||||
[dda.c4k-common.uberjar :as uberjar]))
|
[dda.c4k-common.uberjar :as uberjar]))
|
||||||
|
|
||||||
(defn -main [& cmd-args]
|
(defn -main [& cmd-args]
|
||||||
(uberjar/main-common "c4k-gitea" gitea/config? gitea/auth? gitea/config-defaults core/k8s-objects cmd-args))
|
(uberjar/main-common "c4k-gitea" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))
|
||||||
|
|
46
src/main/cljc/dda/c4k_gitea/backup.cljc
Normal file
46
src/main/cljc/dda/c4k_gitea/backup.cljc
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
(ns dda.c4k-gitea.backup
|
||||||
|
(:require
|
||||||
|
[clojure.spec.alpha :as s]
|
||||||
|
#?(:cljs [shadow.resource :as rc])
|
||||||
|
[dda.c4k-common.yaml :as yaml]
|
||||||
|
[dda.c4k-common.base64 :as b64]
|
||||||
|
[dda.c4k-common.common :as cm]))
|
||||||
|
|
||||||
|
(s/def ::aws-access-key-id cm/bash-env-string?)
|
||||||
|
(s/def ::aws-secret-access-key cm/bash-env-string?)
|
||||||
|
(s/def ::restic-password cm/bash-env-string?)
|
||||||
|
(s/def ::restic-repository cm/bash-env-string?)
|
||||||
|
|
||||||
|
(def auth? (s/keys :req-un [::aws-access-key-id ::aws-secret-access-key ::restic-password ::restic-repository]))
|
||||||
|
|
||||||
|
#?(:cljs
|
||||||
|
(defmethod yaml/load-resource :backup [resource-name]
|
||||||
|
(case resource-name
|
||||||
|
"backup/config.yaml" (rc/inline "backup/config.yaml")
|
||||||
|
"backup/cron.yaml" (rc/inline "backup/cron.yaml")
|
||||||
|
"backup/secret.yaml" (rc/inline "backup/secret.yaml")
|
||||||
|
"backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml")
|
||||||
|
(throw (js/Error. "Undefined Resource!")))))
|
||||||
|
|
||||||
|
(defn generate-config [my-conf]
|
||||||
|
(let [{:keys [restic-repository]} my-conf]
|
||||||
|
(->
|
||||||
|
(yaml/from-string (yaml/load-resource "backup/config.yaml"))
|
||||||
|
(cm/replace-key-value :restic-repository restic-repository))))
|
||||||
|
|
||||||
|
(defn generate-cron []
|
||||||
|
(yaml/from-string (yaml/load-resource "backup/cron.yaml")))
|
||||||
|
|
||||||
|
(defn generate-backup-restore-deployment [my-conf]
|
||||||
|
(let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))]
|
||||||
|
(if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf)))
|
||||||
|
(cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt")
|
||||||
|
backup-restore-yaml)))
|
||||||
|
|
||||||
|
(defn generate-secret [my-auth]
|
||||||
|
(let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth]
|
||||||
|
(->
|
||||||
|
(yaml/from-string (yaml/load-resource "backup/secret.yaml"))
|
||||||
|
(cm/replace-key-value :aws-access-key-id (b64/encode aws-access-key-id))
|
||||||
|
(cm/replace-key-value :aws-secret-access-key (b64/encode aws-secret-access-key))
|
||||||
|
(cm/replace-key-value :restic-password (b64/encode restic-password)))))
|
|
@ -3,13 +3,32 @@
|
||||||
[dda.c4k-common.yaml :as yaml]
|
[dda.c4k-common.yaml :as yaml]
|
||||||
[dda.c4k-common.common :as cm]
|
[dda.c4k-common.common :as cm]
|
||||||
[dda.c4k-gitea.gitea :as gitea]
|
[dda.c4k-gitea.gitea :as gitea]
|
||||||
|
[dda.c4k-gitea.gitea :as backup]
|
||||||
[dda.c4k-common.postgres :as postgres]))
|
[dda.c4k-common.postgres :as postgres]))
|
||||||
|
|
||||||
|
(def config-defaults {:issuer "staging"})
|
||||||
|
|
||||||
|
(def config? (s/keys :req-un [::gitea/fqdn
|
||||||
|
::gitea/mailer-from
|
||||||
|
::gitea/mailer-host-port
|
||||||
|
::gitea/service-noreply-address]
|
||||||
|
:opt-un [::gitea/issuer
|
||||||
|
::gitea/default-app-name
|
||||||
|
::gitea/service-domain-whitelist
|
||||||
|
::backup/restic-repository]))
|
||||||
|
|
||||||
|
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
|
||||||
|
::gitea/mailer-user ::gitea/mailer-pw
|
||||||
|
::backup/aws-access-key-id ::backup/aws-secret-access-key
|
||||||
|
::backup/restic-password]))
|
||||||
|
|
||||||
|
(def vol? (s/keys :req-un [::gitea/volume-total-storage-size]))
|
||||||
|
|
||||||
(defn k8s-objects [config]
|
(defn k8s-objects [config]
|
||||||
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
|
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
|
||||||
(cm/concat-vec
|
(map yaml/to-string
|
||||||
(map yaml/to-string
|
(filter #(not (nil? %))
|
||||||
(filter #(not (nil? %))
|
(cm/concat-vec
|
||||||
[(postgres/generate-config {:postgres-size :2gb :db-name "gitea"})
|
[(postgres/generate-config {:postgres-size :2gb :db-name "gitea"})
|
||||||
(postgres/generate-secret config)
|
(postgres/generate-secret config)
|
||||||
(when (contains? config :postgres-data-volume-path)
|
(when (contains? config :postgres-data-volume-path)
|
||||||
|
@ -27,4 +46,9 @@
|
||||||
(gitea/generate-appini-env config)
|
(gitea/generate-appini-env config)
|
||||||
(gitea/generate-secrets config)
|
(gitea/generate-secrets config)
|
||||||
(gitea/generate-ingress config)
|
(gitea/generate-ingress config)
|
||||||
(gitea/generate-certificate config)])))))
|
(gitea/generate-certificate config)]
|
||||||
|
(when (contains? config :restic-repository)
|
||||||
|
[(backup/generate-config config)
|
||||||
|
(backup/generate-secret config)
|
||||||
|
(backup/generate-cron)
|
||||||
|
(backup/generate-backup-restore-deployment config)]))))))
|
||||||
|
|
|
@ -10,8 +10,7 @@
|
||||||
[dda.c4k-common.yaml :as yaml]
|
[dda.c4k-common.yaml :as yaml]
|
||||||
[dda.c4k-common.common :as cm]
|
[dda.c4k-common.common :as cm]
|
||||||
[dda.c4k-common.base64 :as b64]
|
[dda.c4k-common.base64 :as b64]
|
||||||
[dda.c4k-common.predicate :as pred]
|
[dda.c4k-common.predicate :as pred]))
|
||||||
[dda.c4k-common.postgres :as postgres]))
|
|
||||||
|
|
||||||
(defn domain-list?
|
(defn domain-list?
|
||||||
[input]
|
[input]
|
||||||
|
@ -30,20 +29,6 @@
|
||||||
(s/def ::issuer pred/letsencrypt-issuer?)
|
(s/def ::issuer pred/letsencrypt-issuer?)
|
||||||
(s/def ::volume-total-storage-size (partial pred/int-gt-n? 5))
|
(s/def ::volume-total-storage-size (partial pred/int-gt-n? 5))
|
||||||
|
|
||||||
(def config-defaults {:issuer "staging"})
|
|
||||||
|
|
||||||
(def config? (s/keys :req-un [::fqdn
|
|
||||||
::mailer-from
|
|
||||||
::mailer-host-port
|
|
||||||
::service-noreply-address]
|
|
||||||
:opt-un [::issuer
|
|
||||||
::default-app-name
|
|
||||||
::service-domain-whitelist]))
|
|
||||||
|
|
||||||
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw]))
|
|
||||||
|
|
||||||
(def vol? (s/keys :req-un [::volume-total-storage-size]))
|
|
||||||
|
|
||||||
(defn-spec root-storage-by-volume-size int?
|
(defn-spec root-storage-by-volume-size int?
|
||||||
[volume-total-storage-size ::volume-total-storage-size]
|
[volume-total-storage-size ::volume-total-storage-size]
|
||||||
(cond
|
(cond
|
||||||
|
@ -74,8 +59,8 @@
|
||||||
(defmethod yaml/load-as-edn :gitea [resource-name]
|
(defmethod yaml/load-as-edn :gitea [resource-name]
|
||||||
(yaml/from-string (yaml/load-resource resource-name))))
|
(yaml/from-string (yaml/load-resource resource-name))))
|
||||||
|
|
||||||
(defn-spec generate-appini-env pred/map-or-seq?
|
(defn generate-appini-env
|
||||||
[config config?]
|
[config]
|
||||||
(let [{:keys [default-app-name
|
(let [{:keys [default-app-name
|
||||||
fqdn
|
fqdn
|
||||||
mailer-from
|
mailer-from
|
||||||
|
@ -95,8 +80,8 @@
|
||||||
(cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist)
|
(cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist)
|
||||||
(cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address))))
|
(cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address))))
|
||||||
|
|
||||||
(defn-spec generate-secrets pred/map-or-seq?
|
(defn generate-secrets
|
||||||
[auth auth?]
|
[auth]
|
||||||
(let [{:keys [postgres-db-user
|
(let [{:keys [postgres-db-user
|
||||||
postgres-db-password
|
postgres-db-password
|
||||||
mailer-user
|
mailer-user
|
||||||
|
@ -115,8 +100,8 @@
|
||||||
(yaml/load-as-edn "gitea/ingress.yaml")
|
(yaml/load-as-edn "gitea/ingress.yaml")
|
||||||
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
|
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
|
||||||
|
|
||||||
(defn-spec generate-certificate pred/map-or-seq?
|
(defn generate-certificate
|
||||||
[config config?]
|
[config]
|
||||||
(let [{:keys [fqdn issuer]
|
(let [{:keys [fqdn issuer]
|
||||||
:or {issuer "staging"}} config
|
:or {issuer "staging"}} config
|
||||||
letsencrypt-issuer (name issuer)]
|
letsencrypt-issuer (name issuer)]
|
||||||
|
@ -125,16 +110,16 @@
|
||||||
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
|
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
|
||||||
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
|
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
|
||||||
|
|
||||||
(defn-spec generate-root-volume pred/map-or-seq?
|
(defn generate-root-volume
|
||||||
[config vol?]
|
[config]
|
||||||
(let [{:keys [volume-total-storage-size]} config
|
(let [{:keys [volume-total-storage-size]} config
|
||||||
root-storage-size (root-storage-by-volume-size volume-total-storage-size)]
|
root-storage-size (root-storage-by-volume-size volume-total-storage-size)]
|
||||||
(->
|
(->
|
||||||
(yaml/load-as-edn "gitea/rootvolume.yaml")
|
(yaml/load-as-edn "gitea/rootvolume.yaml")
|
||||||
(cm/replace-all-matching-values-by-new-value "ROOTSTORAGESIZE" (str (str root-storage-size) "Gi")))))
|
(cm/replace-all-matching-values-by-new-value "ROOTSTORAGESIZE" (str (str root-storage-size) "Gi")))))
|
||||||
|
|
||||||
(defn-spec generate-data-volume pred/map-or-seq?
|
(defn generate-data-volume
|
||||||
[config vol?]
|
[config]
|
||||||
(let [{:keys [volume-total-storage-size]} config
|
(let [{:keys [volume-total-storage-size]} config
|
||||||
root-storage-size (root-storage-by-volume-size volume-total-storage-size)
|
root-storage-size (root-storage-by-volume-size volume-total-storage-size)
|
||||||
data-storage-size (data-storage-by-volume-size volume-total-storage-size root-storage-size)]
|
data-storage-size (data-storage-by-volume-size volume-total-storage-size root-storage-size)]
|
||||||
|
@ -142,14 +127,14 @@
|
||||||
(yaml/load-as-edn "gitea/datavolume.yaml")
|
(yaml/load-as-edn "gitea/datavolume.yaml")
|
||||||
(cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi")))))
|
(cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi")))))
|
||||||
|
|
||||||
(defn-spec generate-deployment pred/map-or-seq?
|
(defn generate-deployment
|
||||||
[]
|
[]
|
||||||
(yaml/load-as-edn "gitea/deployment.yaml"))
|
(yaml/load-as-edn "gitea/deployment.yaml"))
|
||||||
|
|
||||||
(defn-spec generate-service pred/map-or-seq?
|
(defn generate-service
|
||||||
[]
|
[]
|
||||||
(yaml/load-as-edn "gitea/service.yaml"))
|
(yaml/load-as-edn "gitea/service.yaml"))
|
||||||
|
|
||||||
(defn-spec generate-service-ssh pred/map-or-seq?
|
(defn generate-service-ssh
|
||||||
[]
|
[]
|
||||||
(yaml/load-as-edn "gitea/service-ssh.yaml"))
|
(yaml/load-as-edn "gitea/service-ssh.yaml"))
|
||||||
|
|
Loading…
Reference in a new issue