yesod-mirror/experimental/users/acmcarther/k8s/configs/environments/vault/main.jsonnet

local base = import "k8s/configs/base.libsonnet";
local nginxIngress = import "k8s/configs/templates/core/network/nginx-ingress.libsonnet";
local vault = import "k8s/configs/templates/core/security/vault.libsonnet";

local namespace = "vault";
local ctx = base.NewContext(base.helm);
{
    namespace: {
        apiVersion: "v1",
        kind: "Namespace",
        metadata: {
            name: namespace,
        },
    },
    apps: {
        /*
        consul: consul.App(consul.Params {
            namespace: namespace,
            context: ctx,
            bootstrapTokenSecretName: "consul-bootstrap-acl-token",
        }),
        */
        vault: vault.App(vault.Params {
            namespace: namespace,
            context: ctx,
        }),
        /*
        vaultIngress1: nginxIngress.Ingress(nginxIngress.IngressParams {
            namespace: namespace,
            name: "vault",
            hosts: [
                "vault.cheapassbox.com",
            ],
            serviceName: "vault", # TODO
            annotations: nginxIngress.KubeOauthProxyAnnotations,
        }),
        */
        vaultIngress2: nginxIngress.Ingress(nginxIngress.IngressParams {
            namespace: namespace,
            name: "vault-csbx",
            hosts: [
                "vault.csbx.dev",
            ],
            serviceName: "vault-ui", # TODO
            servicePort: 8200,
            annotations: nginxIngress.KubeCsbxOauthProxyAnnotations,
        }),
    },
    volumes: {
        data0: base.RecoverableSimplePvc(namespace, "data-vault-0", "nfs-client", "10Gi", {
            volumeName: "pvc-0aa9f845-baef-476b-971f-8cd30932b874",
            nfsPath: "/volume3/fs/vault-data-vault-0-pvc-0aa9f845-baef-476b-971f-8cd30932b874",
            nfsServer: "apollo1.dominion.lan",
        }),
        data1: base.RecoverableSimplePvc(namespace, "data-vault-1", "nfs-client", "10Gi", {
            volumeName: "pvc-90241eff-1ed4-49e0-87bb-8485cd0f6aca",
            nfsPath: "/volume3/fs/vault-data-vault-1-pvc-90241eff-1ed4-49e0-87bb-8485cd0f6aca",
            nfsServer: "apollo1.dominion.lan",
        }),
        data2: base.RecoverableSimplePvc(namespace, "data-vault-2", "nfs-client", "10Gi", {
            volumeName: "pvc-5c23b9b5-3fbf-4898-9784-83d9bbef185c",
            nfsPath: "/volume3/fs/vault-data-vault-2-pvc-5c23b9b5-3fbf-4898-9784-83d9bbef185c",
            nfsServer: "apollo1.dominion.lan",
        }),
        audit0: base.RecoverableSimplePvc(namespace, "audit-vault-0", "nfs-client", "10Gi", {
            volumeName: "pvc-1d037ee0-836c-4079-a96f-f61ed13c9626",
            nfsPath: "/volume3/fs/vault-audit-vault-0-pvc-1d037ee0-836c-4079-a96f-f61ed13c9626",
            nfsServer: "apollo1.dominion.lan",
        }),
        audit1: base.RecoverableSimplePvc(namespace, "audit-vault-1", "nfs-client", "10Gi", {
            volumeName: "pvc-6f63b89d-b007-440a-adea-b503b885b914",
            nfsPath: "/volume3/fs/vault-audit-vault-1-pvc-6f63b89d-b007-440a-adea-b503b885b914",
            nfsServer: "apollo1.dominion.lan",
        }),
        audit2: base.RecoverableSimplePvc(namespace, "audit-vault-2", "nfs-client", "10Gi", {
            volumeName: "pvc-44121280-3a8c-4252-abe2-95e177e78efc",
            nfsPath: "/volume3/fs/vault-audit-vault-2-pvc-44121280-3a8c-4252-abe2-95e177e78efc",
            nfsServer: "apollo1.dominion.lan",
        }),

    },

}