local base = import "k8s/configs/base.libsonnet"; local secrets = import "k8s/configs/environments/dev/secrets.json"; local nginxIngress = import "k8s/configs/templates/core/network/nginx-ingress.libsonnet"; local postgres = import "k8s/configs/templates/core/storage/postgres.libsonnet"; local memcached = import "k8s/configs/templates/core/storage/memcached.libsonnet"; local n8n = import "k8s/configs/templates/core/workflow/n8n.libsonnet"; local codeServer = import "k8s/configs/templates/dev/ide/code-server.libsonnet"; local coder = import "k8s/configs/templates/dev/ide/coder.libsonnet"; local ollama = import "k8s/configs/templates/dev/ai/ollama.libsonnet"; local openWebUi = import "k8s/configs/templates/dev/ai/open-webui.libsonnet"; local openWebUiPipelines = import "k8s/configs/templates/dev/ai/open-webui-pipelines.libsonnet"; local tabbyml = import "k8s/configs/templates/dev/ai/tabbyml.libsonnet"; local openssh = import "k8s/configs/templates/dev/ops/openssh.libsonnet"; local forgejo = import "k8s/configs/templates/dev/ops/forgejo.libsonnet"; local forgejoRunner = import "k8s/configs/templates/dev/ops/forgejo-runner.libsonnet"; local harbor = import "k8s/configs/templates/dev/ops/harbor.libsonnet"; local binCache = import "k8s/configs/templates/dev/ops/bin-cache.libsonnet"; local browserless = import "k8s/configs/templates/dev/tools/browserless.libsonnet"; local hastebin = import "k8s/configs/templates/dev/tools/hastebin.libsonnet"; local hugo = import "k8s/configs/templates/dev/tools/hugo.libsonnet"; local whitebophir = import "k8s/configs/templates/dev/organization/whitebophir.libsonnet"; local vikunja = import "k8s/configs/templates/dev/organization/vikunja.libsonnet"; local lurker = import "k8s/configs/templates/personal/media/lurker.libsonnet"; local namespace = "dev"; local ctx = base.NewContext(base.helm); { namespace: { apiVersion: "v1", kind: "Namespace", metadata: { name: namespace, }, }, bazelClientCert: { apiVersion: 'cert-manager.io/v1', kind: 'Certificate', metadata: { name: 'bazel-client-cert', namespace: namespace, }, spec: { secretName: 'bazel-client-tls', commonName: 'bazel-client-dev', isCA: false, usages: [ 'client auth', ], issuerRef: { name: 'csbx-dev-grpc-ca-issuer', kind: 'ClusterIssuer', }, }, }, secrets: { coderPostgres: postgres.Secret(postgres.SecretParams{ name: "coder-postgres", namespace: "dev", password: secrets.coder_psql_db_pwd, }), coderDbUrl: base.Secret("dev", "coder-db-url") { type: "Opaque", data+: { "url": secrets.coder_db_url, }, }, vikunjaSecret: base.Secret("dev", "vikunja-secret") { type: "Opaque", data+: { "vikunja-db-pwd": secrets.vikunja_db_pwd, "vikunja-jwt-secret": secrets.vikunja_jwt_secret, }, }, forgejoRunnerSecret: base.Secret("dev", "forgejo-runner-secret") { type: "Opaque", data+: { "runner-token": secrets.forgejo_runner_token, }, }, harbor: harbor.Secret(harbor.SecretParams{ name: "harbor-secret", namespace: "dev", adminPassword: secrets.harbor_admin_pwd, secretKey: secrets.harbor_secret_key, registryPassword: secrets.harbor_registry_pwd, registryHtpassword: secrets.harbor_registry_htpasswd, databasePassword: secrets.harbor_db_pwd, }), forgejoApp: forgejo.Secret(forgejo.SecretParams{ name: "forgejo-app", namespace: "dev", psql_password: secrets.forgejo_psql_db_pwd, }), forgejoMemcached: memcached.Secret(memcached.SecretParams{ name: "forgejo-memcached", namespace: "dev", password: "", }), forgejoPostgres: postgres.Secret(postgres.SecretParams{ name: "forgejo-postgres", namespace: "dev", password: secrets.forgejo_psql_db_pwd, }), }, apps: { binCache: { pvc: base.RecoverableSimpleManyPvc(namespace, "bin-cache-data", "nfs-client", "50Gi", { volumeName: "pvc-e37b19f1-9833-4b43-b43f-17781ce77dc8", nfsPath: "/volume3/fs/dev-bin-cache-data-pvc-e37b19f1-9833-4b43-b43f-17781ce77dc8", nfsServer: "apollo1.dominion.lan", }), configMap: binCache.ConfigMap(binCache.Params { namespace: namespace, name: "bin-cache-config", dataClaimName: "bin-cache-data", configClaimName: "bin-cache-config", }), app: binCache.App(binCache.Params { namespace: namespace, name: "bin-cache", dataClaimName: "bin-cache-data", configClaimName: "bin-cache-config", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "bin-cache", hosts: [ "bin-cache.csbx.dev", ], serviceName: "bin-cache-http", servicePort: 80, annotations: { "nginx.ingress.kubernetes.io/proxy-buffer-size": "32k", "nginx.ingress.kubernetes.io/proxy-buffers": "4 32k", "nginx.ingress.kubernetes.io/proxy-busy-buffers-size": "64k", }, }), }, coder: { postgresPvc: base.RecoverableSimpleManyPvc(namespace, "coder-postgres-data", "nfs-client", "50Gi", { volumeName: "pvc-e1475b7d-e320-4ec4-bdd2-f4af9bae8d9d", nfsPath: "/volume3/fs/dev-coder-postgres-data-pvc-e1475b7d-e320-4ec4-bdd2-f4af9bae8d9d", nfsServer: "apollo1.dominion.lan", }), // 2024-10-09 // Having issues with db initializatoon // 2025-01-19 // In the process of upgrading postgres, I think I've root caused the failure to create // The data claim will need to be cleaned up and then recreated as postgres 17. dbApp: postgres.App(postgres.Params { namespace: namespace, name: "coder-pg", filePath: std.thisFile, dataClaimName: "coder-postgres-data", dbName: "coder", dbUser: "postgres", // Defined in "//kube/cfg/secrets/auth.jsonnet" dbPwdSecret: "coder-postgres", dbPwdSecretKey: "password", }), coder: coder.App(coder.Params { namespace: namespace, name: "coder", context: ctx, filePath: std.thisFile, coderPgUrlSecret: "coder-db-url", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "coder-ui", hosts: [ "coder.csbx.dev", ], // TODO: serviceName: "coder", // Has it's own auth. //annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), toolsPvc: base.RecoverableSimpleManyPvc(namespace, "tools-pvc", "nfs-client", "10Gi", { volumeName: "pvc-2c3aa050-1503-41a5-9389-4ac2bbce47a7", nfsPath: "/volume3/fs/dev-tools-pvc-pvc-2c3aa050-1503-41a5-9389-4ac2bbce47a7", nfsServer: "apollo1.dominion.lan", }), }, ollama: { ollamaStoragePvc: base.RecoverableSimpleManyPvc(namespace, "ollama-storage", "nfs-bulk", "100Gi", { volumeName: "pvc-4106e508-b04d-4d15-9b70-2a9c01d0d72c", nfsPath: "/volume4/fs-bulk/dev-ollama-storage-pvc-4106e508-b04d-4d15-9b70-2a9c01d0d72c", nfsServer: "apollo2.dominion.lan", }), ollamaFatStoragePvc: base.RecoverableSimpleManyPvc(namespace, "ollama-fat-storage", "nfs-bulk", "100Gi", { volumeName: "pvc-34e9dec4-b2c2-4b32-85e8-a409b671087f", nfsPath: "/volume4/fs-bulk/dev-ollama-fat-storage-pvc-34e9dec4-b2c2-4b32-85e8-a409b671087f", nfsServer: "apollo2.dominion.lan", }), openWebUIStoragePvc: base.RecoverableSimpleManyPvc(namespace, "open-webui-storage", "nfs-client", "10Gi", { volumeName: "pvc-6b420a30-2c60-486e-977d-baa8bcb17842", nfsPath: "/volume3/fs/dev-open-webui-storage-pvc-6b420a30-2c60-486e-977d-baa8bcb17842", nfsServer: "apollo1.dominion.lan", }), openWebUIPipelinesStoragePvc: base.RecoverableSimpleManyPvc(namespace, "open-webui-pipelines-storage", "nfs-client", "10Gi", { volumeName: "pvc-4ebe8cab-1712-4292-8543-fd28e30409f7", nfsPath: "/volume3/fs/dev-open-webui-pipelines-storage-pvc-4ebe8cab-1712-4292-8543-fd28e30409f7", nfsServer: "apollo1.dominion.lan", }), /* ollamaApp: ollama.App(ollama.Params { namespace: namespace, name: "ollama", filePath: std.thisFile, storageClaimName: "ollama-storage", }), */ /* ollamaFatApp: ollama.App(ollama.Params { namespace: namespace, name: "ollama-fat", filePath: std.thisFile, storageClaimName: "ollama-fat-storage", gpuNodeSelectorName: "nvidia-fat" }), */ // TODO: // - Cron for ollama and ollama-fat to rsync ollama local to ollama remote /* openWebUIApp: openWebUi.App(openWebUi.Params { namespace: namespace, name: "ollama-open-ui", filePath: std.thisFile, ollamaHost: "http://ollama-ui." + namespace + ".svc.cluster.local:80", storageClaimName: "open-webui-storage", }), openWebUIPipelinesApp: openWebUiPipelines.App(openWebUiPipelines.Params { namespace: namespace, name: "ollama-open-ui-pipelines", filePath: std.thisFile, storageClaimName: "open-webui-pipelines-storage", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "ollama-open-ui", hosts: [ "llama.csbx.dev", ], serviceName: "ollama-open-ui-ui", // Has it's own auth. //annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), */ }, tabbyml: { storagePvc: base.RecoverableSimpleManyPvc(namespace, "tabbyml-storage", "nfs-client", "10Gi", { volumeName: "pvc-c21eadff-2d8e-419e-bf2f-1fc6262b4dcd", nfsPath: "/volume3/fs/dev-tabbyml-storage-pvc-c21eadff-2d8e-419e-bf2f-1fc6262b4dcd", nfsServer: "apollo1.dominion.lan", }), // TODO: Not working -- not becoming available on the port. /* tabbyml: tabbyml.App(tabbyml.Params { namespace: namespace, name: "tabbyml", filePath: std.thisFile, storageClaimName: "tabbyml-storage", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "tabbyml-ui", hosts: [ "tabbyml.csbx.dev", ], serviceName: "tabbyml-ui", }), */ }, lurker: { dataPvc: base.RecoverableSimpleManyPvc(namespace, "lurker-data", "nfs-client", "100Gi", { volumeName: "pvc-5f906263-252f-43cf-8298-7a61d58321b2", nfsPath: "/volume3/fs/dev-lurker-data-pvc-5f906263-252f-43cf-8298-7a61d58321b2", nfsServer: "apollo1.dominion.lan", }), app: lurker.App(lurker.Params { namespace: namespace, name: "lurker", filePath: std.thisFile, dataClaimName: "lurker-data", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "lurker", hosts: [ "lurker.csbx.dev", ], serviceName: "lurker-ui", #annotations: nginxIngress.KubeOauthProxyAnnotations, }), }, /* browserless: { browserlessApp: browserless.App(browserless.Params { namespace: namespace, name: "browserless", filePath: std.thisFile, }), browserlessIngress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "browserless", hosts: [ "browserless.csbx.dev", ], serviceName: "browserless-ui", annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), }, n8n: { n8nPvc: base.RecoverableSimpleManyPvc(namespace, "n8n-data", "nfs-client", "10Gi", { volumeName: "pvc-f9970c88-1b5f-4bbd-845a-3a1e685aa123", nfsPath: "/volume3/fs/dev-n8n-data-pvc-f9970c88-1b5f-4bbd-845a-3a1e685aa123", nfsServer: "apollo1.dominion.lan", }), n8nPostgresPvc: base.RecoverableSimpleManyPvc(namespace, "n8n-postgres-data", "nfs-client", "10Gi", { volumeName: "pvc-4e48a218-d9e5-41b9-8e9f-8bb1a7d4def7", nfsPath: "/volume3/fs/dev-n8n-postgres-data-pvc-4e48a218-d9e5-41b9-8e9f-8bb1a7d4def7", nfsServer: "apollo1.dominion.lan", }), dbApp: postgres.App(postgres.Params { namespace: namespace, name: "n8n-pg", filePath: std.thisFile, // Defined in "//kube/cfg/secrets/dev.jsonnet" dataClaimName: "n8n-postgres-data", dbName: "n8n", dbUser: "root", // Defined in "//kube/cfg/secrets/dev.jsonnet" dbPwdSecret: "n8n-secret", dbPwdSecretKey: "n8n-db-pwd", }), app: n8n.App(n8n.Params { namespace: namespace, name: "n8n", filePath: std.thisFile, dataClaimName: "n8n-data", ingressBaseUrl: "n8n.csbx.dev", postgresHost: "n8n-pg.dev.svc.cluster.local", dbPwdSecret: "n8n-secret", dbPwdSecretKey: "n8n-db-pwd", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "n8n", hosts: [ "n8n.csbx.dev", ], serviceName: "n8n-ui", //annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), }, */ codeServer: { configPvc: base.RecoverableSimpleManyPvc(namespace, "code-server-config", "nfs-client", "100Gi", { volumeName: "pvc-9f72afed-69ba-4009-ab6e-81cef350f886", nfsPath: "/volume3/fs/dev-code-server-config-pvc-9f72afed-69ba-4009-ab6e-81cef350f886", nfsServer: "apollo1.dominion.lan", }), app: codeServer.App(codeServer.Params { namespace: namespace, name: "code-server", filePath: std.thisFile, // Defined in "//kube/cfg/dominion/pvc.jsonnet" configClaimName: "code-server-config", }), /* hugoDocs: hugo.App(hugo.Params { namespace: namespace, name: "hugo-infra", filePath: std.thisFile, dataClaimName: "code-server-config", mountSubPath: "workspace/infra2/dominion-notes/", }), */ ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "code-server", hosts: [ "cs.cheapassbox.com", ], serviceName: "code-server-ui", annotations: nginxIngress.KubeOauthProxyAnnotations, }), ingress2: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "code-server-csbx", hosts: [ "cs.csbx.dev", ], serviceName: "code-server-ui", annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), /* hugoIngress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "hugo-infra", hosts: [ "infra-docs.csbx.dev", ], serviceName: "hugo-infra-ui", annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }) */ }, /* vikunja: { vikunjaPvc: base.RecoverableSimpleManyPvc(namespace, "vikunja-data", "nfs-client", "10Gi", { volumeName: "pvc-87dd9045-276f-45b6-bda0-6a4c88289517", nfsPath: "/volume3/fs/dev-vikunja-data-pvc-87dd9045-276f-45b6-bda0-6a4c88289517", nfsServer: "apollo1.dominion.lan", }), vikunjaPostgresPvc: base.RecoverableSimpleManyPvc(namespace, "vikunja-postgres-data", "nfs-client", "10Gi", { volumeName: "pvc-68d9b640-d4ea-447f-a6a3-bc3a1ea41c0a", nfsPath: "/volume3/fs/dev-vikunja-postgres-data-pvc-68d9b640-d4ea-447f-a6a3-bc3a1ea41c0a", nfsServer: "apollo1.dominion.lan", }), dbApp: postgres.App(postgres.Params { namespace: namespace, name: "vikunja-pg", filePath: std.thisFile, // Defined in "//kube/cfg/secrets/dev.jsonnet" dataClaimName: "vikunja-postgres-data", dbName: "vikunja", dbUser: "vikunja", // Defined in "//kube/cfg/secrets/dev.jsonnet" dbPwdSecret: "vikunja-secret", dbPwdSecretKey: "vikunja-db-pwd", }), vikunja: vikunja.App(vikunja.Params { namespace: namespace, name: "vikunja", filePath: std.thisFile, dataClaimName: "vikunja-data", ingressBaseUrl: "https://vikunja.csbx.dev/", postgresHost: "vikunja-pg.dev.svc.cluster.local", secretName: "vikunja-secret", },), vikunja_ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "vikunja-csbx", hosts: [ "vikunja.csbx.dev", ], serviceName: "vikunja-ui", annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), }, */ forgejo: { postgres17Pvc: base.RecoverableSimpleManyPvc(namespace, "forgejo-postgres-17-data", "nfs-client", "50Gi", { volumeName: "pvc-18f8a0b8-7aef-4d07-ab45-59b99377c7f2", nfsPath: "/volume3/fs/dev-forgejo-postgres-17-data-pvc-18f8a0b8-7aef-4d07-ab45-59b99377c7f2", nfsServer: "apollo1.dominion.lan", }), dataPvc: base.RecoverableSimpleManyPvc(namespace, "forgejo-data", "nfs-bulk", "200Gi", { volumeName: "pvc-d92af937-297d-4bee-981f-1b7f9a8530a0", nfsPath: "/volume4/fs-bulk/dev-forgejo-data-pvc-d92af937-297d-4bee-981f-1b7f9a8530a0", nfsServer: "apollo2.dominion.lan", }), memcachedApp: memcached.App(memcached.Params { namespace: namespace, name: "forgejo-memcached", filePath: std.thisFile, secretName: "forgejo-memcached", }), db17App: postgres.App(postgres.Params { namespace: namespace, name: "forgejo-pg-17", // TODO: image: "docker.io/bitnami/postgresql:17.2.0", filePath: std.thisFile, dataClaimName: "forgejo-postgres-17-data", dbName: "forgejo", dbUser: "forgejo", // Defined in "//kube/cfg/secrets/auth.jsonnet" dbPwdSecret: "forgejo-postgres", dbPwdSecretKey: "password", }), forgejoConfig: forgejo.ConfigMap(forgejo.ConfigMapParams { namespace: namespace, name: "forgejo-config", ingressHost: "forgejo.csbx.dev", memcacheService: "forgejo-memcached", postgresDbService: "forgejo-pg-17", }), forgejoApp: forgejo.App(forgejo.Params { namespace: namespace, name: "forgejo", filePath: std.thisFile, ingressHost: "forgejo.csbx.dev", memcacheService: "forgejo-memcached", postgresService: "forgejo-pg-17", postgresUser: "forgejo", postgresDatabase: "forgejo", postgresNamespace: namespace, secretName: "forgejo-app", secretDbPwdKey: "psql-password", configClaimName: "forgejo-config", dataClaimName: "forgejo-data", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "forgejo", hosts: [ "forgejo.csbx.dev", ], serviceName: "forgejo-ui", annotations: { "nginx.ingress.kubernetes.io/proxy-body-size": "4g" }, }), }, forgejoRunner: { configMap: forgejoRunner.ConfigMap(forgejoRunner.ConfigMapParams { name: "forgejo-runner-config", namespace: namespace, }), pvc1: base.RecoverableSimpleManyPvc(namespace, "forgejo-runner-data", "nfs-client", "1Gi", { volumeName: "pvc-479c2f6a-8d70-4597-9498-f945f2edd0f4", nfsPath: "/volume3/fs/dev-forgejo-runner-data-pvc-479c2f6a-8d70-4597-9498-f945f2edd0f4", nfsServer: "apollo1.dominion.lan", }), pvc2: base.RecoverableSimpleManyPvc(namespace, "forgejo-runner-2-data", "nfs-client", "1Gi", { volumeName: "pvc-c38ebd42-ced7-4b48-91ca-2097ef581f4d", nfsPath: "/volume3/fs/dev-forgejo-runner-2-data-pvc-c38ebd42-ced7-4b48-91ca-2097ef581f4d", nfsServer: "apollo1.dominion.lan", }), runner1: forgejoRunner.App(forgejoRunner.Params { name: "forgejo-runner", namespace: namespace, dataClaimName: "forgejo-runner-data", configClaimName: "forgejo-runner-config", runnerLabels: [ "docker-builder", ], tokenSecretName: "forgejo-runner-secret", tokenSecretKey: "runner-token", }), runner2: forgejoRunner.App(forgejoRunner.Params { name: "forgejo-runner-2", namespace: namespace, dataClaimName: "forgejo-runner-2-data", configClaimName: "forgejo-runner-config", runnerLabels: [ "docker-builder", ], tokenSecretName: "forgejo-runner-secret", tokenSecretKey: "runner-token", }), }, /* harbor: { pvcs: { registry: base.RecoverableSimpleManyPvc(namespace, "harbor-registry", "nfs-bulk", "200Gi", { volumeName: "pvc-1111e99b-d549-47ff-849d-cdffcdeb481c", nfsPath: "/volume4/fs-bulk/dev-harbor-registry-pvc-1111e99b-d549-47ff-849d-cdffcdeb481c", nfsServer: "apollo2.dominion.lan", }), jobServiceJobLog: base.RecoverableSimpleManyPvc(namespace, "harbor-job-service-job-log", "nfs-client", "50Gi", { volumeName: "pvc-cfb8393f-fec8-4b00-86e7-32232d94a442", nfsPath: "/volume3/fs/dev-harbor-job-service-job-log-pvc-cfb8393f-fec8-4b00-86e7-32232d94a442", nfsServer: "apollo1.dominion.lan", }), redis: base.RecoverableSimpleManyPvc(namespace, "harbor-redis", "nfs-client", "50Gi", { volumeName: "pvc-3e2d7fd6-1eca-4066-b3e9-012da312ae4b", nfsPath: "/volume3/fs/dev-harbor-redis-pvc-3e2d7fd6-1eca-4066-b3e9-012da312ae4b", nfsServer: "apollo1.dominion.lan", }), trivy: base.RecoverableSimpleManyPvc(namespace, "harbor-trivy", "nfs-client", "50Gi", { volumeName: "pvc-91dde8a2-c681-4539-af04-2ceef00322f8", nfsPath: "/volume3/fs/dev-harbor-trivy-pvc-91dde8a2-c681-4539-af04-2ceef00322f8", nfsServer: "apollo1.dominion.lan", }), postgres: base.RecoverableSimpleManyPvc(namespace, "harbor-db-data", "nfs-client", "50Gi", { volumeName: "pvc-a76e6c48-f065-4359-9805-fe77a3443fd5", nfsPath: "/volume3/fs/dev-harbor-db-data-pvc-a76e6c48-f065-4359-9805-fe77a3443fd5", nfsServer: "apollo1.dominion.lan", }), }, database: postgres.App(postgres.Params { namespace: namespace, name: "harbor-pg", filePath: std.thisFile, dataClaimName: "harbor-db-data", dbName: "harbor", dbUser: "harbor", // Defined in "//kube/cfg/secrets/auth.jsonnet" dbPwdSecret: "harbor-secret", dbPwdSecretKey: "password", // required by the harbor template... }), app: harbor.App(harbor.Params { namespace: namespace, context: ctx, filePath: std.thisFile, // Ingress ingressHost: "hrbr.csbx.dev", ingressClassName: "nginx", ingressAnnotations: nginxIngress.KubeCsbxOauthProxyAnnotations, // Volume claims registryExistingClaim: "harbor-registry", jobServiceJobLogExistingClaim: "harbor-job-service-job-log", redisExistingClaim: "harbor-redis", trivyExistingClaim: "harbor-trivy", // Credentials existingSecretAdminPassword: "harbor-secret", existingSecretSecretKey: "harbor-secret", //coreSecretName: "harbor-secret", registryCredentialsExistingSecret: "harbor-secret", // Database databaseHost: "harbor-pg.dev.svc.cluster.local", databasePort: 5432, databaseExistingSecret: "harbor-secret", // TODO: coreSecret: "example-16-chara", jobserviceSecret: "example-16-chara", registrySecret: "example-16-chara", }), }, */ hastebin: { pvc: base.RecoverableSimpleManyPvc(namespace, "hastebin-data", "nfs-client", "50Gi", { volumeName: "pvc-67e8031c-97e3-11ea-8974-b8aeed7dc356", nfsPath: "/volume3/fs/dev-hastebin-data-pvc-67e8031c-97e3-11ea-8974-b8aeed7dc356", nfsServer: "apollo1.dominion.lan", }), app: hastebin.App(hastebin.Params { namespace: namespace, name: "hastebin", filePath: std.thisFile, // Defined in "//kube/cfg/dominion/pvc.jsonnet" dataClaimName: "hastebin-data", ingressHost: "hastebin.cheapassbox.com", resources: { requests: { cpu: "30m", memory: "128Mi", }, limits: { cpu: "60m", memory: "256Mi", }, }, }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "hastebin", hosts: [ "hastebin.cheapassbox.com", "hastebin.csbx.dev", ], serviceName: "hastebin-ui", }), }, openssh: { configPvc: base.RecoverableSimpleManyPvc(namespace, "openssh-config", "nfs-client", "1Gi", { volumeName: "pvc-fc53f3fa-ed15-4ea7-9e7b-3c0c5cf0629c", nfsPath: "/volume3/fs/dev-openssh-config-pvc-fc53f3fa-ed15-4ea7-9e7b-3c0c5cf0629c", nfsServer: "apollo1.dominion.lan", }), app: openssh.App(openssh.Params { namespace: namespace, name: "openssh", filePath: std.thisFile, sshNodePort: 31500, claimNames: ["code-server-config"], username: "acmcarther", configClaim: "openssh-config", publicKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCpnYmsUDSkhvy1imOLee/3qlySIRUn9kKkTGaet2wjNSQ4n8muFhjMtXI6+qWW0Vv6edY4MLEwegXGbaZA/7yAbSOpPmQ+Z4d0GE1Kns/1OoTt5XhXpr8OhgqPL3S/foqQlf5RXywlqzYJkJL0yk1jg2CguIYVMTE4aJwd0Mt2t25fwzEuDvSGJ41wVWrueKy6EELYXbQ5FMcN/bZLERNLGp4hTsdXdBtSX7vq0VC+qG+EmTTXOt5+DvWu6UkLq8Mb1540Mi3AK7+vsXUTPghIS7BLLrU8bb4QQ0z0IZjI39wXeSegoPRt6y2f0yrBR+S+vQ1qrGB1riYZ6f4ZUzQh acmcarther@gmail.com" }), }, whitebophir: { whitebophirDataPvc: base.RecoverableSimpleManyPvc(namespace, "whitebophir-data", "nfs-client", "10Gi", { volumeName: "pvc-672040d0-9303-4194-b79c-1e1b25c4345d", nfsPath: "/volume3/fs/dev-whitebophir-data-pvc-672040d0-9303-4194-b79c-1e1b25c4345d", nfsServer: "apollo1.dominion.lan", }), app: whitebophir.App(whitebophir.Params { namespace: namespace, name: "whitebophir", filePath: std.thisFile, storageClaimName: "whitebophir-data", }), ingress: nginxIngress.Ingress(nginxIngress.IngressParams { namespace: namespace, name: "whitebophir", hosts: [ "whiteboard.csbx.dev", ], serviceName: "whitebophir-ui", annotations: nginxIngress.KubeCsbxOauthProxyAnnotations, }), }, }, }