jaggar/iac-cljs-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Change nextcloud to better consume from openbao

Browse Source
This commit is contained in:
GigiaJ
2025-08-29 10:15:49 -05:00
parent 8a086a3e9d
commit f8ace3aa3a
1 changed files with 28 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
iac/src/main/k8s/services/nextcloud/nextcloud.cljs
View File

@@ -13,35 +13,34 @@
[secret-promise key] [secret-promise key]
(.then secret-promise #(aget (.-data %) key))) (.then secret-promise #(aget (.-data %) key)))
(defn deploy-nextcloud-app (defn deploy-nextcloud
"Deploy Nextcloud using Vaultmanaged secrets and a Helm chart." "Deploy Nextcloud using direct vault connection info."
[provider] [provider vault-params]
(let [core-v1 (.. k8s -core -v1) (let [core-v1 (.. k8s -core -v1)
helm-v3 (.. k8s -helm -v3) helm-v3 (.. k8s -helm -v3)
vault-cfg (pulumi/Config. "vault") vault-provider (new vault/Provider
vault-provider (vault/Provider.
"vault-provider" "vault-provider"
(clj->js {:address (.require vault-cfg "address") (clj->js vault-params))
:token (.requireSecret vault-cfg "token")}))
nextcloud-secrets (.getSecret (.-generic vault) nextcloud-secrets (.getSecret (.-generic vault)
(clj->js {:path "secret/nextcloud"}) (clj->js {:path "secret/nextcloud"})
(clj->js {:provider vault-provider})) (clj->js {:provider vault-provider
:dependsOn [(get vault-params :vault-port-forward)]}))
ns ((.. core-v1 -Namespace) ns (new (.. core-v1 -Namespace)
"nextcloud-ns" "nextcloud-ns"
(clj->js {:metadata {:name "nextcloud"}}) (clj->js {:metadata {:name "nextcloud"}})
(clj->js {:provider provider})) (clj->js {:provider provider}))
admin-secret ((.. core-v1 -Secret) admin-secret (new (.. core-v1 -Secret)
"nextcloud-admin-secret" "nextcloud-admin-secret"
(clj->js {:metadata {:name "nextcloud-admin-secret" (clj->js {:metadata {:name "nextcloud-admin-secret"
:namespace (.. ns -metadata -name)} :namespace (.. ns -metadata -name)}
:stringData {:password (get-secret-val nextcloud-secrets "adminPassword")}}) :stringData {:password (get-secret-val nextcloud-secrets "adminPassword")}})
(clj->js {:provider provider})) (clj->js {:provider provider}))
db-secret ((.. core-v1 -Secret) db-secret (new (.. core-v1 -Secret)
"nextcloud-db-secret" "nextcloud-db-secret"
(clj->js {:metadata {:name "nextcloud-db-secret" (clj->js {:metadata {:name "nextcloud-db-secret"
:namespace (.. ns -metadata -name)} :namespace (.. ns -metadata -name)}
@@ -49,7 +48,7 @@
"mariadb-password" (get-secret-val nextcloud-secrets "dbPassword")}}) "mariadb-password" (get-secret-val nextcloud-secrets "dbPassword")}})
(clj->js {:provider provider})) (clj->js {:provider provider}))
values-path (.join path js/__dirname "values.yaml") values-path (.join path js/__dirname "resources" "nextcloud.yml")
helm-values (-> values-path helm-values (-> values-path
(fs/readFileSync "utf8") (fs/readFileSync "utf8")
(yaml/load)) (yaml/load))
@@ -57,14 +56,14 @@
"host" "host"
(get-secret-val nextcloud-secrets "host")) (get-secret-val nextcloud-secrets "host"))
chart ((.. helm-v3 -Chart) chart (new (.. helm-v3 -Chart)
"my-nextcloud" "my-nextcloud"
(clj->js {:chart "nextcloud" (clj->js {:chart "nextcloud"
:fetchOpts {:repo "https://nextcloud.github.io/helm/"} :fetchOpts {:repo "https://nextcloud.github.io/helm/"}
:namespace (.. ns -metadata -name) :namespace (.. ns -metadata -name)
:values helm-values}) :values helm-values})
(clj->js {:provider provider (clj->js {:provider provider
:dependsOn [admin-secret db-secret]}))] :dependsOn [admin-secret db-secret (clj->js (get vault-params :vault-port-forward))]}))]
{:namespace ns {:namespace ns
:admin-secret admin-secret :admin-secret admin-secret