jaggar/iac-cljs-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change nextcloud to better consume from openbao

Browse Source
This commit is contained in:
GigiaJ
2025-08-29 10:15:49 -05:00
parent 8a086a3e9d
commit f8ace3aa3a
1 changed files with 28 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
iac/src/main/k8s/services/nextcloud/nextcloud.cljs
View File

@@ -13,35 +13,34 @@
[secret-promise key]
(.then secret-promise #(aget (.-data %) key)))
(defn deploy-nextcloud-app
"Deploy Nextcloud using Vaultmanaged secrets and a Helm chart."
[provider]
(defn deploy-nextcloud
"Deploy Nextcloud using direct vault connection info."
[provider vault-params]
(let [core-v1 (.. k8s -core -v1)
helm-v3 (.. k8s -helm -v3)
helm-v3 (.. k8s -helm -v3)
vault-cfg (pulumi/Config. "vault")
vault-provider (vault/Provider.
vault-provider (new vault/Provider
"vault-provider"
(clj->js {:address (.require vault-cfg "address")
:token (.requireSecret vault-cfg "token")}))
(clj->js vault-params))
nextcloud-secrets (.getSecret (.-generic vault)
(clj->js {:path "secret/nextcloud"})
(clj->js {:provider vault-provider}))
nextcloud-secrets (.getSecret (.-generic vault)
(clj->js {:path "secret/nextcloud"})
(clj->js {:provider vault-provider
:dependsOn [(get vault-params :vault-port-forward)]}))
ns ((.. core-v1 -Namespace)
ns (new (.. core-v1 -Namespace)
"nextcloud-ns"
(clj->js {:metadata {:name "nextcloud"}})
(clj->js {:provider provider}))
admin-secret ((.. core-v1 -Secret)
admin-secret (new (.. core-v1 -Secret)
"nextcloud-admin-secret"
(clj->js {:metadata {:name "nextcloud-admin-secret"
:namespace (.. ns -metadata -name)}
:stringData {:password (get-secret-val nextcloud-secrets "adminPassword")}})
(clj->js {:provider provider}))
db-secret ((.. core-v1 -Secret)
db-secret (new (.. core-v1 -Secret)
"nextcloud-db-secret"
(clj->js {:metadata {:name "nextcloud-db-secret"
:namespace (.. ns -metadata -name)}
@@ -49,26 +48,26 @@
"mariadb-password" (get-secret-val nextcloud-secrets "dbPassword")}})
(clj->js {:provider provider}))
values-path (.join path js/__dirname "values.yaml")
helm-values (-> values-path
(fs/readFileSync "utf8")
(yaml/load))
_ (aset (aget (aget (aget helm-values "ingress") "hosts") 0)
"host"
(get-secret-val nextcloud-secrets "host"))
values-path (.join path js/__dirname "resources" "nextcloud.yml")
helm-values (-> values-path
(fs/readFileSync "utf8")
(yaml/load))
_ (aset (aget (aget (aget helm-values "ingress") "hosts") 0)
"host"
(get-secret-val nextcloud-secrets "host"))
chart ((.. helm-v3 -Chart)
chart (new (.. helm-v3 -Chart)
"my-nextcloud"
(clj->js {:chart "nextcloud"
:fetchOpts {:repo "https://nextcloud.github.io/helm/"}
:namespace (.. ns -metadata -name)
:values helm-values})
(clj->js {:provider provider
:dependsOn [admin-secret db-secret]}))]
:dependsOn [admin-secret db-secret (clj->js (get vault-params :vault-port-forward))]}))]
{:namespace ns
:admin-secret admin-secret
:db-secret db-secret
:chart chart
:nextcloud-url (.then nextcloud-secrets
#(str "https://" (aget (.-data %) "host")))}))
{:namespace ns
:admin-secret admin-secret
:db-secret db-secret
:chart chart
:nextcloud-url (.then nextcloud-secrets
#(str "https://" (aget (.-data %) "host")))}))