me/c4k-forgejo
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Added backup ns and moved spec to core.cljc

Browse source
This commit is contained in:
Clemens Geibel 2022-08-19 12:56:52 +02:00
parent dd5d835b21
commit bbf0e17004
4 changed files with 89 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/main/clj/dda/c4k_gitea/uberjar.clj
View file

@ -6,4 +6,4 @@
[dda.c4k-common.uberjar :as uberjar]))
(defn -main [& cmd-args]
(uberjar/main-common "c4k-gitea" gitea/config? gitea/auth? gitea/config-defaults core/k8s-objects cmd-args))
(uberjar/main-common "c4k-gitea" core/config? core/auth? core/config-defaults core/k8s-objects cmd-args))

46
src/main/cljc/dda/c4k_gitea/backup.cljc Normal file
View file

@ -0,0 +1,46 @@
(ns dda.c4k-gitea.backup
(:require
[clojure.spec.alpha :as s]
#?(:cljs [shadow.resource :as rc])
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.common :as cm]))
(s/def ::aws-access-key-id cm/bash-env-string?)
(s/def ::aws-secret-access-key cm/bash-env-string?)
(s/def ::restic-password cm/bash-env-string?)
(s/def ::restic-repository cm/bash-env-string?)
(def auth? (s/keys :req-un [::aws-access-key-id ::aws-secret-access-key ::restic-password ::restic-repository]))
#?(:cljs
(defmethod yaml/load-resource :backup [resource-name]
(case resource-name
"backup/config.yaml" (rc/inline "backup/config.yaml")
"backup/cron.yaml" (rc/inline "backup/cron.yaml")
"backup/secret.yaml" (rc/inline "backup/secret.yaml")
"backup/backup-restore-deployment.yaml" (rc/inline "backup/backup-restore-deployment.yaml")
(throw (js/Error. "Undefined Resource!")))))
(defn generate-config [my-conf]
(let [{:keys [restic-repository]} my-conf]
(->
(yaml/from-string (yaml/load-resource "backup/config.yaml"))
(cm/replace-key-value :restic-repository restic-repository))))
(defn generate-cron []
(yaml/from-string (yaml/load-resource "backup/cron.yaml")))
(defn generate-backup-restore-deployment [my-conf]
(let [backup-restore-yaml (yaml/from-string (yaml/load-resource "backup/backup-restore-deployment.yaml"))]
(if (and (contains? my-conf :local-integration-test) (= true (:local-integration-test my-conf)))
(cm/replace-named-value backup-restore-yaml "CERTIFICATE_FILE" "/var/run/secrets/localstack-secrets/ca.crt")
backup-restore-yaml)))
(defn generate-secret [my-auth]
(let [{:keys [aws-access-key-id aws-secret-access-key restic-password]} my-auth]
(->
(yaml/from-string (yaml/load-resource "backup/secret.yaml"))
(cm/replace-key-value :aws-access-key-id (b64/encode aws-access-key-id))
(cm/replace-key-value :aws-secret-access-key (b64/encode aws-secret-access-key))
(cm/replace-key-value :restic-password (b64/encode restic-password)))))

28
src/main/cljc/dda/c4k_gitea/core.cljc
View file

@ -3,13 +3,32 @@
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
[dda.c4k-gitea.gitea :as gitea]
[dda.c4k-gitea.gitea :as backup]
[dda.c4k-common.postgres :as postgres]))
(def config-defaults {:issuer "staging"})
(def config? (s/keys :req-un [::gitea/fqdn
::gitea/mailer-from
::gitea/mailer-host-port
::gitea/service-noreply-address]
:opt-un [::gitea/issuer
::gitea/default-app-name
::gitea/service-domain-whitelist
::backup/restic-repository]))
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password
::gitea/mailer-user ::gitea/mailer-pw
::backup/aws-access-key-id ::backup/aws-secret-access-key
::backup/restic-password]))
(def vol? (s/keys :req-un [::gitea/volume-total-storage-size]))
(defn k8s-objects [config]
(let [storage-class (if (contains? config :postgres-data-volume-path) :manual :local-path)]
(cm/concat-vec
(map yaml/to-string
(filter #(not (nil? %))
(cm/concat-vec
[(postgres/generate-config {:postgres-size :2gb :db-name "gitea"})
(postgres/generate-secret config)
(when (contains? config :postgres-data-volume-path)
@ -27,4 +46,9 @@
(gitea/generate-appini-env config)
(gitea/generate-secrets config)
(gitea/generate-ingress config)
(gitea/generate-certificate config)])))))
(gitea/generate-certificate config)]
(when (contains? config :restic-repository)
[(backup/generate-config config)
(backup/generate-secret config)
(backup/generate-cron)
(backup/generate-backup-restore-deployment config)]))))))

43
src/main/cljc/dda/c4k_gitea/gitea.cljc
View file

@ -10,8 +10,7 @@
[dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred]
[dda.c4k-common.postgres :as postgres]))
[dda.c4k-common.predicate :as pred]))
(defn domain-list?
[input]
@ -30,20 +29,6 @@
(s/def ::issuer pred/letsencrypt-issuer?)
(s/def ::volume-total-storage-size (partial pred/int-gt-n? 5))
(def config-defaults {:issuer "staging"})
(def config? (s/keys :req-un [::fqdn
::mailer-from
::mailer-host-port
::service-noreply-address]
:opt-un [::issuer
::default-app-name
::service-domain-whitelist]))
(def auth? (s/keys :req-un [::postgres/postgres-db-user ::postgres/postgres-db-password ::mailer-user ::mailer-pw]))
(def vol? (s/keys :req-un [::volume-total-storage-size]))
(defn-spec root-storage-by-volume-size int?
[volume-total-storage-size ::volume-total-storage-size]
(cond
@ -74,8 +59,8 @@
(defmethod yaml/load-as-edn :gitea [resource-name]
(yaml/from-string (yaml/load-resource resource-name))))
(defn-spec generate-appini-env pred/map-or-seq?
[config config?]
(defn generate-appini-env
[config]
(let [{:keys [default-app-name
fqdn
mailer-from
@ -95,8 +80,8 @@
(cm/replace-all-matching-values-by-new-value "WHITELISTDOMAINS" service-domain-whitelist)
(cm/replace-all-matching-values-by-new-value "NOREPLY" service-noreply-address))))
(defn-spec generate-secrets pred/map-or-seq?
[auth auth?]
(defn generate-secrets
[auth]
(let [{:keys [postgres-db-user
postgres-db-password
mailer-user
@ -115,8 +100,8 @@
(yaml/load-as-edn "gitea/ingress.yaml")
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-certificate pred/map-or-seq?
[config config?]
(defn generate-certificate
[config]
(let [{:keys [fqdn issuer]
:or {issuer "staging"}} config
letsencrypt-issuer (name issuer)]
@ -125,16 +110,16 @@
(assoc-in [:spec :issuerRef :name] letsencrypt-issuer)
(cm/replace-all-matching-values-by-new-value "FQDN" fqdn))))
(defn-spec generate-root-volume pred/map-or-seq?
[config vol?]
(defn generate-root-volume
[config]
(let [{:keys [volume-total-storage-size]} config
root-storage-size (root-storage-by-volume-size volume-total-storage-size)]
(->
(yaml/load-as-edn "gitea/rootvolume.yaml")
(cm/replace-all-matching-values-by-new-value "ROOTSTORAGESIZE" (str (str root-storage-size) "Gi")))))
(defn-spec generate-data-volume pred/map-or-seq?
[config vol?]
(defn generate-data-volume
[config]
(let [{:keys [volume-total-storage-size]} config
root-storage-size (root-storage-by-volume-size volume-total-storage-size)
data-storage-size (data-storage-by-volume-size volume-total-storage-size root-storage-size)]
@ -142,14 +127,14 @@
(yaml/load-as-edn "gitea/datavolume.yaml")
(cm/replace-all-matching-values-by-new-value "DATASTORAGESIZE" (str (str data-storage-size) "Gi")))))
(defn-spec generate-deployment pred/map-or-seq?
(defn generate-deployment
[]
(yaml/load-as-edn "gitea/deployment.yaml"))
(defn-spec generate-service pred/map-or-seq?
(defn generate-service
[]
(yaml/load-as-edn "gitea/service.yaml"))
(defn-spec generate-service-ssh pred/map-or-seq?
(defn generate-service-ssh
[]
(yaml/load-as-edn "gitea/service-ssh.yaml"))