| gio | 3cdee59 | 2024-04-17 10:15:56 +0400 | [diff] [blame] | 1 | import ( |
| 2 | "encoding/base64" |
| 3 | ) |
| 4 | |
| 5 | input: { |
| 6 | sshPrivateKey: string |
| 7 | } |
| Giorgi Lekveishvili | e009a5d | 2024-01-05 14:10:11 +0400 | [diff] [blame] | 8 | |
| Giorgi Lekveishvili | 03d6f4b | 2024-03-08 13:05:21 +0400 | [diff] [blame] | 9 | name: "ingress-public" |
| 10 | namespace: "ingress-public" |
| 11 | |
| gio | 7fbd4ad | 2024-08-27 10:06:39 +0400 | [diff] [blame] | 12 | out: { |
| 13 | images: { |
| 14 | ingressNginx: { |
| 15 | registry: "registry.k8s.io" |
| 16 | repository: "ingress-nginx" |
| 17 | name: "controller" |
| 18 | tag: "v1.8.0" |
| 19 | pullPolicy: "IfNotPresent" |
| 20 | } |
| 21 | portAllocator: { |
| 22 | repository: "giolekva" |
| 23 | name: "port-allocator" |
| 24 | tag: "latest" |
| 25 | pullPolicy: "Always" |
| Giorgi Lekveishvili | e009a5d | 2024-01-05 14:10:11 +0400 | [diff] [blame] | 26 | } |
| 27 | } |
| gio | 7fbd4ad | 2024-08-27 10:06:39 +0400 | [diff] [blame] | 28 | |
| 29 | charts: { |
| 30 | ingressNginx: { |
| 31 | kind: "GitRepository" |
| 32 | address: "https://code.v1.dodo.cloud/helm-charts" |
| 33 | branch: "main" |
| 34 | path: "charts/ingress-nginx" |
| 35 | } |
| 36 | portAllocator: { |
| 37 | kind: "GitRepository" |
| 38 | address: "https://code.v1.dodo.cloud/helm-charts" |
| 39 | branch: "main" |
| 40 | path: "charts/port-allocator" |
| 41 | } |
| 42 | } |
| 43 | |
| 44 | helm: { |
| 45 | "ingress-public": { |
| 46 | chart: charts.ingressNginx |
| 47 | values: { |
| 48 | fullnameOverride: "\(global.pcloudEnvName)-ingress-public" |
| 49 | controller: { |
| 50 | kind: "Deployment" |
| 51 | replicaCount: 1 // TODO(gio): configurable |
| 52 | topologySpreadConstraints: [{ |
| 53 | labelSelector: { |
| 54 | matchLabels: { |
| 55 | "app.kubernetes.io/instance": "ingress-public" |
| 56 | } |
| 57 | } |
| 58 | maxSkew: 1 |
| 59 | topologyKey: "kubernetes.io/hostname" |
| 60 | whenUnsatisfiable: "DoNotSchedule" |
| 61 | }] |
| 62 | hostNetwork: false |
| 63 | hostPort: enabled: false |
| 64 | updateStrategy: { |
| 65 | type: "RollingUpdate" |
| 66 | rollingUpdate: { |
| 67 | maxSurge: "100%" |
| 68 | maxUnavailable: "30%" |
| 69 | } |
| 70 | } |
| 71 | service: { |
| 72 | enabled: true |
| 73 | type: "NodePort" |
| 74 | nodePorts: { |
| 75 | http: 80 |
| 76 | https: 443 |
| 77 | tcp: { |
| 78 | "53": 53 |
| 79 | } |
| 80 | udp: { |
| 81 | "53": 53 |
| 82 | } |
| 83 | } |
| 84 | } |
| 85 | ingressClassByName: true |
| 86 | ingressClassResource: { |
| 87 | name: networks.public.ingressClass |
| 88 | enabled: true |
| 89 | default: false |
| 90 | controllerValue: "k8s.io/\(networks.public.ingressClass)" |
| 91 | } |
| 92 | config: { |
| 93 | "proxy-body-size": "200M" // TODO(giolekva): configurable |
| 94 | "server-snippet": """ |
| 95 | more_clear_headers "X-Frame-Options"; |
| 96 | """ |
| 97 | } |
| 98 | image: { |
| 99 | registry: images.ingressNginx.registry |
| 100 | image: images.ingressNginx.imageName |
| 101 | tag: images.ingressNginx.tag |
| 102 | pullPolicy: images.ingressNginx.pullPolicy |
| 103 | } |
| 104 | } |
| 105 | tcp: { |
| 106 | "53": "\(global.pcloudEnvName)-dns-gateway/coredns:53" |
| 107 | } |
| 108 | udp: { |
| 109 | "53": "\(global.pcloudEnvName)-dns-gateway/coredns:53" |
| 110 | } |
| 111 | } |
| 112 | } |
| 113 | "port-allocator": { |
| 114 | chart: charts.portAllocator |
| 115 | values: { |
| 116 | repoAddr: release.repoAddr |
| 117 | sshPrivateKey: base64.Encode(null, input.sshPrivateKey) |
| 118 | ingressNginxPath: "\(release.appDir)/ingress-public.yaml" |
| 119 | image: { |
| 120 | repository: images.portAllocator.fullName |
| 121 | tag: images.portAllocator.tag |
| 122 | pullPolicy: images.portAllocator.pullPolicy |
| 123 | } |
| gio | 3cdee59 | 2024-04-17 10:15:56 +0400 | [diff] [blame] | 124 | } |
| 125 | } |
| 126 | } |
| Giorgi Lekveishvili | e009a5d | 2024-01-05 14:10:11 +0400 | [diff] [blame] | 127 | } |