proxies helm

7a4ba0f6 · Rafael László · 2020a401 · 7a4ba0f6 · 7a4ba0f6 · 7a4ba0f6
Commit 7a4ba0f6 authored Jun 11, 2021 by Rafael László
--- a/helm/apps/values.yaml
+++ b/helm/apps/values.yaml
@@ -29,6 +29,12 @@ proxies:
      host: pfsense-nginx-proxy-service
      port: 80
    namespace: deploy
+  - name: bodysch-frontend
+    dns: body.maze.sch.bme.hu
+    service:
+      host: pfsense-nginx-proxy-service
+      port: 80
+    namespace: deploy
 http_proxies:
  - name: pve-nginx-proxy
@@ -55,3 +61,5 @@ http_proxies:
        memory: "512Mi"
        cpu: "300m"
    proxy_pass: https://192.168.99.254
--- a/helm/mongo/values.yml
+++ b/helm/mongo/values.yml
+image:
+  registry: docker.io
+  repository: bitnami/mongodb
+  tag: 4.4.6-debian-10-r8
+  pullPolicy: IfNotPresent
+  debug: false
+clusterDomain: cluster.local
+extraDeploy: []
+architecture: standalone
+useStatefulSet: false
+auth:
+  enabled: true
+  rootPassword: "AtQ2EfVqtAMmCSb"
+resources:
+  limits: 
+    cpu: 200m
+    memory: 512Mi
+  requests: 
+    cpu: 100m
+    memory: 128Mi
+persistence:
+  enabled: true
+  storageClass: "nfs-client"
+  size: 8Gi
--- a/helm/proxies/.helmignore
+++ b/helm/proxies/.helmignore
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/helm/proxies/Chart.yaml
+++ b/helm/proxies/Chart.yaml
+apiVersion: v2
+name: proxies
+description: A Helm chart for proxes
+type: application
+version: 0.3.0
+appVersion: "1.0.0"
--- a/helm/proxies/templates/_helpers.tpl
+++ b/helm/proxies/templates/_helpers.tpl
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "apps.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "apps.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "apps.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{/*
+Common labels
+*/}}
+{{- define "apps.labels" -}}
+helm.sh/chart: {{ include "apps.chart" . }}
+{{ include "apps.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+{{/*
+Selector labels
+*/}}
+{{- define "apps.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "apps.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "apps.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "apps.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}
--- a/helm/proxies/templates/certificates.yml
+++ b/helm/proxies/templates/certificates.yml
+{{ range .Values.certificates }}
+---
+kind: Certificate
+apiVersion: cert-manager.io/v1alpha2
+metadata:
+  name: {{ .name }}-cert
+  namespace: {{ .namespace | default "istio-system" }}
+spec:
+  commonName: {{ .commonName }}
+  dnsNames: 
+    {{- .dnsNames | default .commonName | toStrings | toYaml | nindent 2}}
+  issuerRef:
+    name: {{ .issuerRef_name | default "letsencrypt-issuer" }}
+  secretName: {{ .name }}-cert
+{{ end }}
\ No newline at end of file
--- a/helm/proxies/templates/gateways.yml
+++ b/helm/proxies/templates/gateways.yml
+{{ range .Values.gateways }}
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: Gateway
+metadata:
+  name: {{ .name }}-gw
+  namespace: {{ .namespace }}
+spec:
+  selector:
+    istio: ingressgateway
+  servers:
+  {{- if eq (default "simple" .kind) "simple-https"}}
+  - port:
+      number: 443
+      name: https
+      protocol: HTTPS
+    tls:
+      mode: SIMPLE
+      credentialName: {{ .credentialName }}
+    hosts:
+      - {{ .host }}
+  {{ else }}
+  {{- toYaml .servers | nindent 2 }}
+  {{ end }}
+{{ end }}
\ No newline at end of file
--- a/helm/proxies/templates/virtualservices.yml
+++ b/helm/proxies/templates/virtualservices.yml
+{{ range .Values.virtualservices }}
+---
+apiVersion: networking.istio.io/v1alpha3
+kind: VirtualService
+metadata:
+  name: {{ .name }}-vts
+  namespace: {{ .namespace }}
+spec:
+  {{- if eq (default "simple" .kind) "simple-https"}}
+  hosts:
+  - {{ .host }}
+  gateways:
+  - {{ .name }}-gw
+  http:
+  - match:
+    - uri:
+        prefix: /
+    route:
+    - destination:
+        {{- toYaml .destination | nindent 8 }}
+  {{ else }}
+  {{ toYaml .spec | nindent 2 }}
+  {{ end }}
+{{ end }}
\ No newline at end of file
--- a/helm/proxies/values.yaml
+++ b/helm/proxies/values.yaml
+certificates:
+  - name: something
+    # namespace: istio-system (default)
+    commonName: xy.maze.sch.bme.hu
+    # dnsNames: (default: commonName)
+    #   - xya.maze.sch.bme.hu
+    #   - xxy.maze.sch.bme.hu
+    # issuerRef_name: letsencrypt-issuer (default)
+gateways:
+  - name: something
+    namespace: somespace
+    kind: simple-https
+    credentialName: xy-cert
+    host: xy.maze.sch.bme.hu
+  - name: somewhat
+    namespace: somespace
+    servers:
+      - port:
+          number: 443
+          name: https
+          protocol: HTTPS
+        tls:
+          mode: SIMPLE
+          credentialName: epic-cert
+        hosts:
+          - epic.maze.sch.bme.hu
+virtualservices:
+  - name: something
+    namespace: somespace
+    kind: simple-https
+    host: xy.maze.sch.bme.hu
+    destination:
+      host: xy
+      port: { number: 8080 }
+  - name: somewhat
+    namespace: somespace
+    spec: 
+      hosts:
+        - xy.maze.sch.bme.hu
+      gateways:
+        - somewhat-gw
+      http:
+        - match:
+          - uri:
+              prefix: /
+          route:
+          - destination:
+              host: service
+              port: 
+                number: 8080