Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

maubot on staging openshift - first attempt

Browse source 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
This commit is contained in:
Ryan Lercho 2023-08-16 14:15:00 +10:00
parent 590819397c
commit f30dec9e63
8 changed files with 269 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

53
playbooks/openshift-apps/maubot.yml Normal file
View file

@ -0,0 +1,53 @@
- name: make the app be real
hosts: os_control_stg
user: root
gather_facts: False
vars_files:
- /srv/web/infra/ansible/vars/global.yml
- "/srv/private/ansible/vars.yml"
- /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
roles:
- role: openshift/project
app: maubot
description: Maubot
appowners:
- ryanlerch
- kevin
- role: openshift/object
app: maubot
template: imagestream.yml
objectname: imagestream.yml
- role: openshift/object
app: maubot
template: buildconfig.yml
objectname: buildconfig.yml
- role: openshift/start-build
app: maubot
buildname: maubot-build
objectname: maubot-build
- role: openshift/object
app: maubot
file: service.yml
objectname: service.yml
- role: openshift/route
app: maubot
routename: web
host: host: "maubot.apps.ocp{{ env_suffix }}.fedoraproject.org"
serviceport: web
servicename: web
- role: openshift/object
app: maubot
file: deploymentconfig.yml
objectname: deploymentconfig.yml
- role: openshift/rollout
app: maubot
dcname: maubot

8
roles/openshift-apps/maubot/files/imagestream.yml Normal file
View file

@ -0,0 +1,8 @@
apiVersion: image.openshift.io/v1
kind: List
items:
# The main maubot image
- apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
name: maubot

15
roles/openshift-apps/maubot/files/service.yml Normal file
View file

@ -0,0 +1,15 @@
---
apiVersion: v1
kind: Service
metadata:
name: web
labels:
app: maubot
spec:
ports:
- name: web
port: 8080
targetPort: 8080
selector:
app: maubot
deploymentconfig: web

11
roles/openshift-apps/maubot/files/storage.yml Normal file
View file

@ -0,0 +1,11 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: data
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 1Gi
storageClassName: ocs-storagecluster-cephfs

28
roles/openshift-apps/maubot/templates/buildconfig.yml Normal file
View file

@ -0,0 +1,28 @@
{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
---
apiVersion: build.openshift.io/v1
kind: BuildConfig
metadata:
name: maubot-build
labels:
app: maubot
build: maubot
spec:
runPolicy: Serial
source:
dockerfile: |-
FROM fedora:38
RUN mkdir -p /maubot/plugins /maubot/trash /maubot/logs /maubot/crypto
RUN dnf -y install python3-pip && dnf -y clean all
RUN pip install maubot[encryption]
WORKDIR /maubot
ENTRYPOINT /usr/bin/python3 -m maubot -c /config/config.yml
type: Dockerfile
strategy:
type: Docker
dockerStrategy:
noCache: false
output:
to:
kind: ImageStreamTag
name: maubot:latest

81
roles/openshift-apps/maubot/templates/config.yml Normal file
View file

@ -0,0 +1,81 @@
database: sqlite:///maubot.db
crypto_database: default
database_opts:
min_size: 1
max_size: 10
plugin_directories:
upload: ./plugins
load:
- ./plugins
trash: ./trash
plugin_databases:
sqlite: ./plugins
postgres: null
postgres_max_conns_per_plugin: 3
postgres_opts: {}
server:
hostname: 0.0.0.0
port: 8080
public_url: http://maubot.apps.ocp{{env_suffix}}.fedoraproject.org/
ui_base_path: /
plugin_base_path: /plugin/
override_resource_path: false
unshared_secret: generate
homeservers:
fedora.im:
url: https://fedora.ems.host
secret: null
admins:
root: ""
{% if env == 'staging' %}
{{ maubot_stg_admin_username }}: "{{ maubot_stg_admin_password }}"
{% endif %}
api_features:
login: true
plugin: true
plugin_upload: true
instance: true
instance_database: true
client: true
client_proxy: true
client_auth: true
dev_open: true
log: true
logging:
version: 1
formatters:
colored:
(): maubot.lib.color_log.ColorFormatter
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
normal:
format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s"
handlers:
file:
class: logging.handlers.RotatingFileHandler
formatter: normal
filename: ./maubot.log
maxBytes: 10485760
backupCount: 10
console:
class: logging.StreamHandler
formatter: colored
loggers:
maubot:
level: INFO
mau:
level: INFO
aiohttp:
level: INFO
root:
level: DEBUG
handlers: [file, console]

15
roles/openshift-apps/maubot/templates/configmap.yml Normal file
View file

@ -0,0 +1,15 @@
{% macro load_file(filename) %}{% include filename %}{%- endmacro -%}
---
apiVersion: v1
kind: List
metadata: {}
items:
- apiVersion: v1
kind: ConfigMap
metadata:
name: config
labels:
app: maubot
data:
config.yml: |-
{{ load_file('config.yml') | indent(6) }}

58
roles/openshift-apps/maubot/templates/deploymentconfig.yml Normal file
View file

@ -0,0 +1,58 @@
---
apiVersion: apps.openshift.io/v1
kind: DeploymentConfig
metadata:
name: web
labels:
app: maubot
spec:
replicas: 1
selector:
app: maubot
deploymentconfig: web
strategy:
type: Rolling
activeDeadlineSeconds: 21600
rollingParams:
intervalSeconds: 1
maxSurge: 25%
maxUnavailable: 25%
timeoutSeconds: 600
updatePeriodSeconds: 1
template:
metadata:
creationTimestamp: null
labels:
app: maubot
deploymentconfig: web
spec:
containers:
- name: maubot
imagePullPolicy: Always
ports:
- containerPort: 8080
volumeMounts:
- name: data
mountPath: /maubot
- name: config
mountPath: /config
readOnly: true
readinessProbe:
timeoutSeconds: 1
initialDelaySeconds: 5
httpGet:
path: /
port: 8080
livenessProbe:
timeoutSeconds: 1
initialDelaySeconds: 20
httpGet:
path: /
port: 8080
volumes:
- name: config
configMap:
name: config
- name: data
persistentVolumeClaim:
claimName: data