diff --git a/.paasify/plugins/README.md b/.paasify/plugins/README.md new file mode 100644 index 0000000..0cd8c07 --- /dev/null +++ b/.paasify/plugins/README.md @@ -0,0 +1,35 @@ +# Paasify plugins + +## Input data + +* Plugins meta: + * Desc: Return plugin metadata informations + * `action`: `'metadata'` + * `schema`: `` + * `version`: `<>` + * `author`: `<>` + * `name`: `<>` + * `description`: `<>` + * `require`: `[,]`, Future ! + * Returns: Dict of all static data + +* Docker compose vars build + * Desc: Return plugin configuration + * `action`: `'vars_docker'` + * `user_data`: `` + * Returns: + * new_settings only + * merged_config + +* Docker compose file build + * Desc: Transform docker data with plugin configuration + * `action`: `'docker_transform'` + * `user_data`: `` + * `docker_data`: `` + * Returns: + * new_settings only + * merged_config + +## Template + + diff --git a/.paasify/plugins/_paasify.jsonnet b/.paasify/plugins/_paasify.jsonnet new file mode 100644 index 0000000..e6900a8 --- /dev/null +++ b/.paasify/plugins/_paasify.jsonnet @@ -0,0 +1,259 @@ + +# Helpers functions +# ------------------------------------- + + + +# Internal Tag functions +# ------------------------------------- + +local BuildConfImage(image, name, version, prefix) = + local array = if std.isString(image) then + std.splitLimit(image, ':', 2) + else [name, version]; + + local app_name = if std.length(array) > 0 then array[0] else name; + local app_version = if std.length(array) > 1 then array[1] else version; + local app_image = app_name + ':' + app_version; + + { + #app_image_INPUT: [image, name, version, prefix], + #app_image_prefix: prefix, + #app_image_name: prefix + app_name, + #app_image_version: app_version, + #app_image: prefix + app_image, + + _app_image_prefix: prefix, + _app_image_name: prefix + app_name, + _app_image_version: app_version, + _app_image: prefix + app_image, + }; + +# --- + +local Sanitize(str) = + std.strReplace(str, '_', '-'); + +local ParseFQDN(fqdn, name, domain) = + local array = if std.isString(fqdn) then + std.splitLimit(fqdn, '.', 2) + else []; + { + # Deprecated + _app_name: if std.length(array) > 1 then array[0] else name, + _app_domain: if std.length(array) > 1 then array[1] else domain, + _app_fqdn: if std.length(array) > 1 then fqdn else name + '.' + domain, + + }; + +local BuildConfDomain(fqdn, name, domain) = + local conf = ParseFQDN(fqdn, name, domain); + { [x]: Sanitize(conf[x]) for x in std.objectFields(conf) }; + + + +# Base functions +# ------------------------------------- + +# Provides plugin metadata +local metadata = { + name: '', + description: '', + + author: '', + email: '', + license: '', + version: '', + + require: '', + api: 1, + schema: {}, + }; + +# Provides global vars +local global_vars_default(runtime) = + # Only the usage of paasify.X vars is allowed + assert std.isString(runtime.paasify_stack); + + local app_ident = runtime.paasify_ns + runtime.paasify_sep + runtime.paasify_stack; + { + app_ident: app_ident, + + app_name: runtime.paasify_stack, + app_domain: runtime.paasify_ns, + app_fqdn: null, + + app_image_name: runtime.paasify_stack, + app_image_version: 'latest', + app_image_prefix: '', + app_image: null, + + + ########################## + app_service: runtime.paasify_stack, + + app_network: 'default', + app_network_external: false, + app_network_name: app_ident, + + ######### + + app_expose: false, + app_expose_ip: '0.0.0.0', + app_expose_port: null, + + app_port: '80', + app_prot: 'tcp', + + app_puid: '1000', + app_pgid: '1000', + + app_tz: 'UTC', + app_tz_var: 'TZ', + app_tz_mount: false, + app_tz_mounts: '/etc/timezone:/etc/timezone:ro,/etc/localtime:/etc/localtime:ro', + + app_debug: 'false', + + app_dir_conf: './conf', + app_dir_data: './data', + app_dir_logs: './logs', + app_dir_share: './share', + app_dir_tmp: './tmp', + app_dir_secrets: './secrets', + + # TOFIX: Merging data, SHOULD BEIN OVERRIDE !!! + app_admin_login: 'admin', + app_admin_email: 'admin@' + self.app_domain, + app_admin_passwd: 'admin', + + app_user_login: 'user', + app_user_email: 'user@' + self.app_domain, + app_user_passwd: 'user', + + # Other implementations standard: + # mysql_network_name + # pgsql_network_name + # ldap_network_name + # wireguard_network_name + # traefik_network_name + # Like: + # traefik_network_name: ns + sep + 'traefik', + + #FUTURE app_dir_prefix: std.get(user_data, 'app_dir_prefix', './') + # app_dir_logs: ResolvePath(std.get(user_data, 'app_dir_logs', './logs/'), cwd), + # app_dir_conf: ResolvePath(std.get(user_data, 'app_dir_conf', './conf/'), cwd), + # app_dir_data: ResolvePath(std.get(user_data, 'app_dir_data', './data/'), cwd), + # app_dir_share: ResolvePath(std.get(user_data, 'app_dir_share', './share/'), cwd), + # app_dir_tmp: ResolvePath(std.get(user_data, 'app_dir_tmp', './tmp/'), cwd), + + } +; + +# Provides global var overrides +local global_vars_override(conf) = + # Any plugin user configuration can be used here + # No usage of paasify.X is permitted here at anytime ! + # Forbidden to change existing vars, only new vars with _PREFIX + + BuildConfImage( + conf.app_image, + conf.app_image_name, + conf.app_image_version, + conf.app_image_prefix) + + + BuildConfDomain( + conf.app_fqdn, + conf.app_name, + conf.app_domain) + ; + + +# Provides docker data override +local docker_transform(conf_raw, docker_data) = + assert std.isString(conf_raw.paasify_stack_service); + local conf = global_vars_default(conf_raw) + conf_raw + global_vars_override(conf_raw); + + #local service_name = std.prune( conf.tag_name , conf.paasify_service); + local service_name = conf.paasify_stack_service; + local services_names = std.split(conf.paasify_stack_services, ',') ; + + { + services+: { + [svc_name]+: { + restart: 'always', + environment+: { + [conf.app_tz_var]: conf.app_tz, + }, + } for svc_name in services_names + }, + + #[service_name]+: { + # comment: 'only on main container', + #}, + # + + #['x-paasify']+: { + # config_dump: conf, + #} + } +; + + +# Return result +# ------------------------------------- + + +local main() = + + local getConf(name) = std.parseJson(std.extVar(name)); + local action = getConf('action'); + + if action == 'metadata' then + metadata + + # TOFIX IN CODE: else if action == 'docker_vars' then + # else if action == 'vars_docker_v1' then + # local user_data = getConf('user_data'); + + # local default_data = global_vars_override(global_vars_default(user_data)); + # local common = { [x]: std.get(user_data, std.lstripChars(x, '_'), default_data[x] ) for x in std.objectFields(default_data) }; + # #local common = { [std.lstripChars(x, '_')]: std.get(user_data, std.lstripChars(x, '_'), default_data[x] ) for x in std.objectFields(default_data) }; + # { + # input: user_data, + + # base: global_vars_override(default_data), + # diff: global_vars_override(default_data + common ), + # merged: global_vars_override(default_data + user_data ), + # } + + + else if action == 'vars_docker' then + local user_data = getConf('user_data'); + # ??? local runtime = { [key]: user_data[key] for key in std.objectFields(user_data) if std.startsWith(key, 'paasify_') }; + + local default_data = global_vars_default(user_data); + + local common = { [x]: std.get(user_data, std.lstripChars(x, '_'), default_data[x] ) for x in std.objectFields(default_data) }; + #local common = { [std.lstripChars(x, '_')]: std.get(user_data, std.lstripChars(x, '_'), default_data[x] ) for x in std.objectFields(default_data) }; + { + input: user_data, + + diff: default_data + common + global_vars_override(default_data + user_data ), + merged: user_data + global_vars_override(default_data + user_data ), + } + + else if action == 'docker_transform' then + local user_data = getConf('user_data'); + local docker_data = getConf('docker_data'); + + { + input: user_data, + + #diff: docker_transform(user_data + global_vars_override(user_data), docker_data), + diff: docker_transform(user_data, docker_data), + merged: docker_data + self.diff, + }; + +# Run main script ! +main() diff --git a/.paasify/plugins/_template.jsonnet b/.paasify/plugins/_template.jsonnet new file mode 100644 index 0000000..a900095 --- /dev/null +++ b/.paasify/plugins/_template.jsonnet @@ -0,0 +1,137 @@ + +# Helpers functions +# ------------------------------------- + + +# Base functions +# ------------------------------------- + +# Provides plugin metadata +local metadata = { + name: '', + description: '', + + author: '', + email: '', + license: '', + version: '', + + require: '', + api: 1, + schema: {}, + }; + +# Provides global vars +local global_vars_default(runtime) = + # Only the usage of paasify.X vars is allowed + assert std.isString(runtime.paasify_stack); + + { + app_name; runtime.paasify_stack, + app_domain: runtime.paasify_ns, + app_ident: runtime.paasify_ns + runtime.paasify_sep + runtime.paasify_stack, + + app_fqdn: null, + + app_image_name: runtime.paasify_stack, + app_image_version: 'latest', + app_image_prefix: '', + app_image: null, + } +; + +# Provides global var overrides +local global_vars_override(conf) = + # Any user configuration can be used here + # no usage of paasify.X is permitted here at anytime ! + + local default_fqdn = [ + std.get(conf, 'app_fqdn'), + conf.app_name + '.' + conf.app_domain]; + local default_image = [ + std.get(conf, 'app_image'), + conf.app_image_name + '.' + conf.app_image_version]; + + conf + { + + # FQDN management + app_fqdn: std.prune(default_fqdn), + _app_fqdn_parts:: std.splitLimit(self.app_fqdn, '.', 2), + + app_name: self._app_fqdn_parts[0], + app_domain: self._app_fqdn_parts[1], + + # Image management + _app_image: std.prune(default_image), + _app_image_parts:: std.splitLimit(self.app_image, ':', 2), + + app_image: conf.app_image_prefix + self._app_image, + app_image_name: conf.app_image_prefix + self._app_image_parts[0], + app_image_version: self._app_image_parts[1] if std.lenght(self._app_image_parts) > 1 else conf.app_image_version, + } +; + + +# Provides docker data override +local docker_transform(conf, docker_data) = + assert std.isString(conf.paasify_stack_service); + + #local service_name = std.prune( conf.tag_name , conf.paasify_service); + local service_name = conf.paasify_service; + local services_names = std.split(conf.paasify_services, ',') ; + + { + services+: { + [service_name]+: { + comment: 'only on main container', + } + [svc_name]+: { + restart: 'always', + } for svc_name in services_names + }, + + ['x-paasify']+: { + config_dump: conf, + } + } +; + + +# Return result +# ------------------------------------- + + +local main() = + + local getConf(name) = std.parseJson(std.extVar(name)); + local action = getConf('action'); + + if action == 'metadata' then + metadata + + else if action == 'docker_vars' then + local user_data = getConf('user_data'); + + local default_data = global_vars_override(global_vars_default(user_data)); + local common = { [x]: std.get(user_data, std.lstripChars(x, '_'), default_data[x] ) for x in std.objectFields(default_data) }; + { + input: user_data, + + base: global_vars_override(default_data), + diff: global_vars_override(default_data + common ), + merged: global_vars_override(default_data + user_data ), + } + + else if action == 'docker_transform' then + local user_data = getConf('user_data'); + local docker_data = getConf('docker_data'); + + { + input: user_data, + + diff: docker_transform(global_vars_override(user_data), docker_data), + merged: docker_data + self.diff, + }; + +# Run main script ! +main() diff --git a/.paasify/plugins/docker-net-provider.jsonnet b/.paasify/plugins/docker-net-provider.jsonnet index 1d39a59..7665ce2 100644 --- a/.paasify/plugins/docker-net-provider.jsonnet +++ b/.paasify/plugins/docker-net-provider.jsonnet @@ -3,6 +3,7 @@ # Examples: # Default imports +local action = std.parseJson(std.extVar('action')); local user_data = std.parseJson(std.extVar('user_data')); local docker_data = std.parseJson(std.extVar('docker_data')); @@ -12,31 +13,72 @@ local docker_services_names = std.objectFields(docker_services); # User options with defaults local default_svcs = std.get(user_data, 'PAASIFY_STACK_SVCS'); -local default_network = std.get(user_data, 'APP_NETWORK_NAME', 'default'); # Build default config -local config_default = { - APP_SERVICES: default_svcs, - APP_NETWORK_NAME: default_network, - APP_NETWORK_IDENT: default_network, +local default_vars(user_data) = + local ns = std.get(user_data, 'paasify_ns', 'NS'); + local stack = std.get(user_data, 'paasify_stack', 'APP'); + local sep = std.get(user_data, 'paasify_sep', '_'); + local default_name = ns + sep + stack ; + { + app_network_ident: std.get(user_data, 'app_network', 'default'), + app_network_name: std.get(user_data, 'app_network_name', default_name), + app_network_external: std.get(user_data, 'app_network_external',true), }; -local conf = config_default + user_data; -local services_names = std.split(conf.APP_SERVICES, ',') ; +#local conf = config_default + user_data; + +local conf_override(conf) = + #local conf = default_vars(user_data) + user_data; + conf + default_vars(conf) ; + # Process -docker_data + -{ - networks+: { - [conf.APP_NETWORK_IDENT]: { - name: conf.APP_NETWORK_NAME, - } - }, - services+: { - [svc_name]+: { networks+: { [conf.APP_NETWORK_IDENT]: null } } for svc_name in services_names +local docker_transform(conf, docker_data) = + local service = std.get(conf, 'paasify_stack_service'); + local services = std.split(std.get(conf, 'paasify_stack_services', service), ','); + #docker_data + { + # 'zz': conf, + #}; + { + networks+: { + [conf.app_network_ident]: { + name: conf.app_network_name, + external: conf.app_network_external, + } }, -} + services+: { + [svc_name]+: { networks+: { [conf.app_network_ident]: null } } for svc_name in services + }, + }; + + +# Return result +# ------------------------------------- + +if action == 'conf_schema' then + # Return the schema + {} # conf_schema + +else if action == 'vars_docker' then + local default_data = default_vars(user_data); + local common = { [x]: std.get(user_data, x, default_data[x] ) for x in std.objectFields(default_data) }; + { + input: user_data, + + # Mendatory fields + diff: conf_override( common ), + merged: conf_override( default_data + user_data ), + } + +else if action == 'docker_transform' then + { + # input: user_data, + diff: docker_transform(conf_override(user_data), docker_data), + merged: docker_data + self.diff, + } + @@ -60,5 +102,14 @@ docker_data + #local service_name = std.get(user_data, 'service', default='app'); #local services_names = std.get(user_data, 'services', default=[service_name]); - +# if action == 'vars_docker' then +# vars_docker(user_data) +# #conf_override(user_data) +# else if action == 'docker_transform' then +# { +# diff: docker_transform( +# conf_override(user_data), +# docker_data), +# merged: docker_data + self.diff, +# } diff --git a/.paasify/plugins/docker-svc-restart.jsonnet b/.paasify/plugins/docker-svc-restart.jsonnet deleted file mode 100644 index dae187a..0000000 --- a/.paasify/plugins/docker-svc-restart.jsonnet +++ /dev/null @@ -1,31 +0,0 @@ -# Tag to add a restart policy on all containers -# -# Examples: -# tags: -# - docker-services-restart: -# policy: always -# services: -# - srv1 -# - mysqldb - -# Default imports -local user_data = std.parseJson(std.extVar('user_data')); -local docker_data = std.parseJson(std.extVar('docker_data')); - -# Internal vars -local docker_services = std.get(docker_data, 'services', default={}); -local docker_services_names = std.objectFields(docker_services); - -# User options with defaults -local services_names = std.get(user_data, 'services', default=docker_services_names); -local policy = std.get(user_data, 'policy', default='unless-stopped'); - -# Process -docker_data + -{ - services+: { - [svc_name]+: { restart: policy } for svc_name in services_names - }, -} - - diff --git a/.paasify/plugins/docker-svc-tz.jsonnet b/.paasify/plugins/docker-svc-tz.jsonnet deleted file mode 100644 index de91746..0000000 --- a/.paasify/plugins/docker-svc-tz.jsonnet +++ /dev/null @@ -1,46 +0,0 @@ -# Tag to add a restart policy on all containers -# -# Examples: -# tags: -# - docker-svc-tz: -# policy: always -# services: -# - srv1 -# - mysqldb - -# Default imports -local user_data = std.parseJson(std.extVar('user_data')); -local docker_data = std.parseJson(std.extVar('docker_data')); - -# Init defaults -local default_svcs = std.get(user_data, 'PAASIFY_STACK_SVCS'); -#local default_tz = 'UTC'; -#local default_tz = 'Europe/Paris'; -local default_tz = 'America/Toronto'; -local default_mount = false; -local default_mounts = '/etc/timezone:/etc/timezone:ro,/etc/localtime:/etc/localtime:ro'; - -# Build default config -local config_default = { - APP_SERVICES: default_svcs, - APP_TZ: default_tz, - APP_TZ_MOUNT: default_mount, - APP_TZ_MOUNTS: default_mounts, -}; - -local conf = config_default + user_data; -local services_names = std.split(conf.APP_SERVICES, ',') ; - -# Process -docker_data + -{ - services+: { - [svc_name]+: { - environment+: { - TZ: conf.APP_TZ - } - } for svc_name in services_names - }, -} - - diff --git a/.paasify/plugins/traefik-svc.jsonnet b/.paasify/plugins/traefik-svc.jsonnet index ba15af1..08b4e0e 100644 --- a/.paasify/plugins/traefik-svc.jsonnet +++ b/.paasify/plugins/traefik-svc.jsonnet @@ -12,40 +12,108 @@ # ------------------------------------- # Import from external data +local action = std.parseJson(std.extVar('action')); local docker_data = std.parseJson(std.extVar('docker_data')); local user_data = std.parseJson(std.extVar('user_data')); -# Init defaults -local default_ns = std.get(user_data, 'PAASIFY_STACK_NS'); -local default_name = std.get(user_data, 'PAASIFY_STACK_NAME'); -local default_service = std.get(user_data, 'PAASIFY_STACK_SVC'); -local default_domain = std.get(user_data, 'PAASIFY_STACK_DOMAIN'); - -# We replace app name by 'app', just for nice looking -local default_service_name = if default_service != default_name then default_service else 'app'; - +# +# Default config +# ------------------------------------- # Build default config -local config_default = { - TRAEFIK_NET_IDENT: 'default', - TRAEFIK_NET_NAME: std.get(user_data, 'APP_PROXY_NETWORK', default_ns + '_' + default_name), - TRAEFIK_NET_EXTERNAL: true, +local global_vars_default(user_data) = + assert std.isString(user_data.paasify_ns); - TRAEFIK_SVC_IDENT: default_service, - #TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service, - TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service_name, - TRAEFIK_SVC_DOMAIN: default_service + '.' + default_domain, - TRAEFIK_SVC_PORT: 80, - TRAEFIK_SVC_ENTRYPOINTS: std.get(user_data, 'TRAEFIK_SVC_ENTRYPOINTS', default=null), - TRAEFIK_SVC_AUTH: std.get(user_data, 'TRAEFIK_SVC_AUTH', default=null), - TRAEFIK_SVC_TLS: std.get(user_data, 'TRAEFIK_SVC_TLS', default=false), - TRAEFIK_SVC_CERTRESOLVER: std.get(user_data, 'TRAEFIK_SVC_CERTRESOLVER', default=null), + # Init defaults + local ns = std.get(user_data, 'paasify_ns', ''); + local stack = std.get(user_data, 'paasify_stack', ''); + local sep = std.get(user_data, 'paasify_sep', '_'); + + # Runtime vars + local default_name = std.get(user_data, 'app_name', stack); + local default_top_domain = std.get(user_data, 'app_domain', ns); + + # We replace app name by 'app', just for nice looking + local traefik_ident = if stack != default_name then default_name else 'app'; + #local traefik_ident = stack; + + { + + # Required by API: + traefik_network_name: ns + sep + 'traefik', + traefik_net_ident: 'default', + traefik_net_external: true, + traefik_svc_ident: stack , + traefik_svc_port: 80, + + traefik_svc_name: null, + traefik_svc_domain: null, + traefik_svc_entrypoints: null, + traefik_svc_auth: null, + traefik_svc_tls: null, + traefik_svc_certresolver: null, }; -local conf = config_default + user_data; +local global_vars_override(conf) = + + local default_ident = conf.paasify_ns + conf.paasify_sep + conf.paasify_stack; + local default_svc_name = [ + std.get(conf, 'traefik_svc_name'), + default_ident + ]; + local default_svc_domain = [ + std.get(conf, 'traefik_svc_domain'), + std.get(conf, 'app_fqdn'), + std.get(conf, 'app_name', conf.paasify_stack) + '.' + std.get(conf, 'app_domain', conf.paasify_ns), + ]; + + local default_svc_entrypoints = [ + std.get(conf, 'traefik_svc_entrypoints'), + "web", + ]; + + + { + _traefik_svc_name: std.prune(default_svc_name)[0], + _traefik_svc_domain: std.prune(default_svc_domain)[0], + #_traefik_svc_domain: std.prune(default_svc_domain), #[0], + #_traefik_svc_domain2: conf, + + _traefik_svc_entrypoints: std.prune(default_svc_entrypoints)[0], + _traefik_svc_auth: std.get(conf, 'traefik_svc_auth', default=null), + _traefik_svc_tls: std.get(conf, 'traefik_svc_tls', default=false), + _traefik_svc_certresolver: std.get(conf, 'traefik_svc_certresolver', default=null), + #zz_conf: conf , + } + ; + + + + +######### OLD , new => global_vars_override +#local conf_override(user_data) = +# +# local ns = std.get(user_data, 'paasify_ns'); +# local stack = std.get(user_data, 'paasify_stack'); +# local sep = std.get(user_data, 'paasify_sep'); +# +# # Runtime vars +# local default_name = std.get(user_data, 'app_name', stack); +# local default_top_domain = std.get(user_data, 'app_domain', ns); +# local traefik_ident = if stack != default_name then default_name else 'app'; +# #local svc_name = ns + sep + default_name + sep + traefik_ident; +# local svc_name = traefik_ident + ns + default_name ; +# +# # Build config +# user_data +# + { +# _traefik_svc_domain: std.get(user_data, 'traefik_svc_domain', default_name + '.' + default_top_domain), +# _traefik_svc_name: std.get(user_data, 'traefik_svc_name', svc_name), +# } +# ; # Internal functions @@ -63,7 +131,7 @@ local LabelsTraefik(svc, domain, entrypoints, port) = # Middleware local LabelsTraefikAuthelia(svc, authservice) = - if std.isString(authservice) then + if std.isString(authservice) && std.length(authservice) > 0 then { ["traefik.http.routers." + svc + ".middlewares"]: authservice + '@docker', } else {}; @@ -76,7 +144,7 @@ local LabelsTraefikTls(svc, status) = } else {}; local LabelsTraefikCertResolver(svc, name) = - if std.isString(name) then + if std.isString(name) && std.length(name) > 0 then LabelsTraefikTls(svc, true) + { ["traefik.http.routers." + svc + ".tls.certresolver"]: name, } else {}; @@ -106,49 +174,134 @@ local TraefikPrjNetwork(id, name, external) = # Return result # ------------------------------------- -docker_data + -{ - # Append stack network - #networks+: TraefikPrjNetwork(svc_network_id, svc_network), - networks+: TraefikPrjNetwork( - conf.TRAEFIK_NET_IDENT, - conf.TRAEFIK_NET_NAME, - conf.TRAEFIK_NET_EXTERNAL), +local docker_transform(conf_raw, docker_data) = + assert std.isString(conf_raw.paasify_stack_service); + local conf = conf_raw + global_vars_override(conf_raw); - # Apply per services labels - services+: { - [conf.TRAEFIK_SVC_IDENT]+: { - labels+: - LabelsTraefik( - conf.TRAEFIK_SVC_NAME, - conf.TRAEFIK_SVC_DOMAIN, - conf.TRAEFIK_SVC_ENTRYPOINTS, - conf.TRAEFIK_SVC_PORT) - + LabelsTraefikAuthelia( - conf.TRAEFIK_SVC_NAME, - conf.TRAEFIK_SVC_AUTH) - + LabelsTraefikTls( - conf.TRAEFIK_SVC_NAME, - conf.TRAEFIK_SVC_TLS) - + LabelsTraefikCertResolver( - conf.TRAEFIK_SVC_NAME, - conf.TRAEFIK_SVC_CERTRESOLVER) - , - networks+: TraefikSvcNetwork( - conf.TRAEFIK_NET_IDENT, - conf.TRAEFIK_NET_NAME), + #local paasify_stack_service = std.get(conf, 'traefik_svc_ident', conf.paasify_stack_service ); + local service = std.get(conf, 'traefik_svc_ident', conf.paasify_stack_service ); + local services = std.split(std.get(conf, 'paasify_stack_services', service), ','); + + { + # Append stack network + #networks+: TraefikPrjNetwork(svc_network_id, svc_network), + networks+: TraefikPrjNetwork( + conf.traefik_net_ident, + conf.traefik_network_name, + conf.traefik_net_external), + + # Apply per services labels + services+: { + [conf.traefik_svc_ident]+: { + labels+: + LabelsTraefik( + conf.traefik_svc_name, + conf._traefik_svc_domain, + conf.traefik_svc_entrypoints, + conf.traefik_svc_port) + + LabelsTraefikAuthelia( + conf.traefik_svc_name, + conf.traefik_svc_auth) + + LabelsTraefikTls( + conf.traefik_svc_name, + conf.traefik_svc_tls) + + LabelsTraefikCertResolver( + conf.traefik_svc_name, + conf.traefik_svc_certresolver) + , + networks+: TraefikSvcNetwork( + conf.traefik_net_ident, + conf.traefik_network_name), + }, }, - }, - - #["x-paasify"]: { - # #stack_data: stack_data, - # #user_data: user_data, - # #config: config, - # config2: conf, - # #env_data: env_data, - #}, - - -} + + #["x-paasify"]: { + # #stack_data: stack_data, + # #user_data: user_data, + # #config: config, + # config2: conf, + # #env_data: env_data, + #}, + + }; + +# Return result +# ------------------------------------- + + +local main() = + + local getConf(name) = std.parseJson(std.extVar(name)); + local action = getConf('action'); + + if action == 'metadata' then + {} + + # TOFIX IN CODE: else if action == 'docker_vars' then + else if action == 'vars_docker' then + local user_data = getConf('user_data'); + #local runtime = { [key]: user_data[key] for key in std.objectFields(user_data) if std.startsWith(key, 'paasify_') }; + + #local default_data = global_vars_override(runtime, global_vars_default(user_data)); + local default_data = global_vars_default(user_data); + + local common = { [x]: std.get(user_data, std.lstripChars(x, '_'), default_data[x] ) for x in std.objectFields(default_data) }; + { + input: user_data, + default_data: default_data, + + diff: default_data + common + global_vars_override(default_data + user_data ), + merged: user_data + global_vars_override(default_data + user_data ), + + # PROD + #diff_OLD: global_vars_override(runtime, default_data + common ), + } + + else if action == 'docker_transform' then + local user_data = getConf('user_data'); + local docker_data = getConf('docker_data'); + + { + input: user_data, + + #diff: docker_transform(user_data + global_vars_override(user_data), docker_data), + diff: docker_transform(user_data, docker_data), + merged: docker_data + self.diff, + }; + +# Run main script ! +main() + + + +# +# +#if action == 'conf_schema' then +# {} +#else if action == 'vars_docker' then # Fetch default variables +# +# local default_data = global_vars_default(user_data); +# local common = { [x]: std.get(user_data, x, default_data[x] ) for x in std.objectFields(default_data) }; +# { +# #input: user_data, +# +# # Mendatory fields +# diff: conf_override( common ), +# merged: conf_override( default_data + user_data ), +# } +# +#else if action == 'docker_transform' then +# { +# conf_in: user_data, +# conf_out: conf_override(user_data), +# diff: docker_transform(conf_override(user_data), docker_data), +# merged: docker_data + self.diff, +# } +# +# # + { +# # 'zz_diff': docker_transform(conf_override(user_data), {}) +# # } +# +# diff --git a/.paasify/plugins/traefik-svc.schema.json b/.paasify/plugins/traefik-svc.schema.json deleted file mode 100644 index 253f13a..0000000 --- a/.paasify/plugins/traefik-svc.schema.json +++ /dev/null @@ -1,34 +0,0 @@ -# TRAEFIK_NET_IDENT: 'default', -# TRAEFIK_NET_NAME: default_ns + '_' + default_name, -# TRAEFIK_NET_EXTERNAL: true, -# -# TRAEFIK_SVC_IDENT: default_service, -# TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service, -# TRAEFIK_SVC_DOMAIN: default_service + '.' + default_domain, -# TRAEFIK_SVC_PORT: 80, -# TRAEFIK_SVC_ENTRYPOINTS: std.get(user_data, 'TRAEFIK_SVC_ENTRYPOINTS', default=null), -# TRAEFIK_SVC_AUTH: std.get(user_data, 'TRAEFIK_SVC_AUTH', default=null), -# TRAEFIK_SVC_TLS: std.get(user_data, 'TRAEFIK_SVC_TLS', default=false), -# TRAEFIK_SVC_CERTRESOLVER: std.get(user_data, 'TRAEFIK_SVC_CERTRESOLVER', default=null), -# - - - -{ - "$schema": "http://json-schema.org/draft-07/schema#", - "additionalProperties": false, - "description": "Main paasify project settings", - "properties": { - "TRAEFIK_NET_IDENT": { - "title": "Network name", - "description": "Network name in docker compose" - } - }, - "required": [ - "" - ], - "title": "Traefik auto-proxy", - "type": "object" - -} - diff --git a/minio/docker-compose.ldap.yml b/minio/docker-compose.ldap.yml new file mode 100644 index 0000000..fbbc44f --- /dev/null +++ b/minio/docker-compose.ldap.yml @@ -0,0 +1,19 @@ + +networks: + ldap: + name: ${APP_LDAP_NETWORK:-s3} + +services: + minio: + networks: + ldap: + environment: + - MINIO_IDENTITY_LDAP_LOOKUP_BIND_DN + - MINIO_IDENTITY_LDAP_LOOKUP_BIND_PASSWORD + - MINIO_IDENTITY_LDAP_USER_DN_SEARCH_BASE_DN + - MINIO_IDENTITY_LDAP_USER_DN_SEARCH_FILTER + + - MINIO_IDENTITY_LDAP_USERNAME_FORMAT + - MINIO_IDENTITY_LDAP_GROUP_SEARCH_BASE_DN + - MINIO_IDENTITY_LDAP_GROUP_SEARCH_FILTER + diff --git a/minio/docker-compose.traefik.yml b/minio/docker-compose.traefik.yml index 9c2368d..500f382 100644 --- a/minio/docker-compose.traefik.yml +++ b/minio/docker-compose.traefik.yml @@ -10,25 +10,25 @@ services: front: default: environment: - - MINIO_DOMAIN=minio.$APP_TOP_DOMAIN - - MINIO_SERVER_URL=https://minio.$APP_TOP_DOMAIN - - MINIO_BROWSER_REDIRECT_URL=https://minio-console.$APP_TOP_DOMAIN + - MINIO_DOMAIN=minio.$app_domain + - MINIO_SERVER_URL=https://minio.$app_domain + - MINIO_BROWSER_REDIRECT_URL=https://minio-console.$app_domain labels: - "traefik.enable=true" # Console - - "traefik.http.routers.minio-console.rule=Host(`minio-console.$APP_TOP_DOMAIN`)" + - "traefik.http.routers.minio-console.rule=Host(`minio-console.$app_domain`)" - "traefik.http.routers.minio-console.entrypoints=front-https" - "traefik.http.routers.minio-console.tls=true" - - "traefik.http.routers.minio-console.tls.certresolver=$TRAEFIK_CERTRESOLV" + - "traefik.http.routers.minio-console.tls.certresolver=${traefik_svc_certresolver:-}" - "traefik.http.routers.minio-console.service=minio-console" - "traefik.http.services.minio-console.loadbalancer.server.port=9001" # APi - - "traefik.http.routers.minio.rule=Host(`minio.$APP_TOP_DOMAIN`)" + - "traefik.http.routers.minio.rule=Host(`minio.$app_domain`)" - "traefik.http.routers.minio.entrypoints=front-https" - "traefik.http.routers.minio.tls=true" - - "traefik.http.routers.minio.tls.certresolver=$TRAEFIK_CERTRESOLV" + - "traefik.http.routers.minio.tls.certresolver=${traefik_svc_certresolver:-}" - "traefik.http.routers.minio.service=minio" - "traefik.http.services.minio.loadbalancer.server.port=9000" diff --git a/minio/docker-compose.yml b/minio/docker-compose.yml index a6beb50..f40a62f 100644 --- a/minio/docker-compose.yml +++ b/minio/docker-compose.yml @@ -14,9 +14,11 @@ services: - ./data:/data - ./config:/root/.minio environment: - - MINIO_ROOT_USER=$MINIO_ROOT_USER - - MINIO_ROOT_PASSWORD=$MINIO_ROOT_PASSWORD - - MINIO_DOMAIN=minio.$APP_TOP_DOMAIN - - MINIO_SERVER_URL=https://minio.$APP_TOP_DOMAIN - - MINIO_BROWSER_REDIRECT_URL=https://minio-console.$APP_TOP_DOMAIN + - MINIO_ROOT_USER=$app_admin_login + - MINIO_ROOT_PASSWORD=$app_admin_passwd + #- MINIO_DOMAIN=minio.$app_domain + #- MINIO_DOMAIN=http://localhost:9000 + #- MINIO_SERVER_URL=http://minio.$app_domain + - MINIO_SERVER_URL=http://minio:9000 + - MINIO_BROWSER_REDIRECT_URL=https://minio-console.$app_domain diff --git a/openldap/docker-compose.expose.yml b/openldap/docker-compose.expose.yml index ec28f19..7112566 100644 --- a/openldap/docker-compose.expose.yml +++ b/openldap/docker-compose.expose.yml @@ -1,5 +1,5 @@ services: openldap: ports: - - 389:389 - \ No newline at end of file + - $app_expose_ip:${app_expose_port:-389}:389 + diff --git a/openldap/docker-compose.yml b/openldap/docker-compose.yml index 051bc3b..7d56130 100644 --- a/openldap/docker-compose.yml +++ b/openldap/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.9" networks: default: - name: ${APP_NETWORK} + name: ${app_network_name} services: @@ -22,6 +22,6 @@ services: - "LDAP_TLS_VERIFY_CLIENT=never" - "LDAP_TLS=false" volumes: - - ./ldap_data:/var/lib/ldap - - ./ldap_config:/etc/ldap/slapd.d + - $app_dir_conf:/etc/ldap/slapd.d + - $app_dir_data:/var/lib/ldap diff --git a/traefik/.env b/traefik/.env index 9df03d4..bc17724 100644 --- a/traefik/.env +++ b/traefik/.env @@ -1,7 +1,7 @@ APP_IMAGE=traefik APP_VERSION=v2.6.1 -APP_PUBLIC_IP="127.0.0.1" +app_expose_ip="127.0.0.1" APP_NETWORK='' APP_DOMAIN=dev diff --git a/traefik/docker-compose.ep_dns.yml b/traefik/docker-compose.ep_dns.yml index 35f1b5d..988557f 100644 --- a/traefik/docker-compose.ep_dns.yml +++ b/traefik/docker-compose.ep_dns.yml @@ -4,8 +4,8 @@ version: "3.7" services: traefik: ports: - - "$APP_PUBLIC_IP:53:53/tcp" - - "$APP_PUBLIC_IP:53:53/udp" + - "$app_expose_ip:53:53/tcp" + - "$app_expose_ip:53:53/udp" environment: # Entrypoints diff --git a/traefik/docker-compose.ep_http.yml b/traefik/docker-compose.ep_http.yml index ddce9b7..5d1ec70 100644 --- a/traefik/docker-compose.ep_http.yml +++ b/traefik/docker-compose.ep_http.yml @@ -3,5 +3,5 @@ services: traefik: ports: - - "$APP_PUBLIC_IP:80:80" + - "$app_expose_ip:80:80" diff --git a/traefik/docker-compose.ep_https.yml b/traefik/docker-compose.ep_https.yml index 356198d..1bdb738 100644 --- a/traefik/docker-compose.ep_https.yml +++ b/traefik/docker-compose.ep_https.yml @@ -3,7 +3,7 @@ services: traefik: ports: - - "$APP_PUBLIC_IP:443:443" + - "$app_expose_ip:443:443" #labels: # - "traefik.http.routers.dashboard.tls=true" environment: diff --git a/traefik/docker-compose.expose_admin.yml b/traefik/docker-compose.expose_admin.yml index 01ac7cf..362be31 100644 --- a/traefik/docker-compose.expose_admin.yml +++ b/traefik/docker-compose.expose_admin.yml @@ -3,5 +3,5 @@ services: traefik: ports: - - "$APP_PUBLIC_IP:8080:8080" + - "$app_expose_ip:8080:8080" diff --git a/traefik/docker-compose.yml b/traefik/docker-compose.yml index 0a826b7..83ff228 100644 --- a/traefik/docker-compose.yml +++ b/traefik/docker-compose.yml @@ -1,13 +1,19 @@ --- version: "3.7" -#networks: -# default: -# name: ${APP_NETWORK} +x-paasify-tests: + v1: $VAR1 + v1: ${VAR2} + v1: ${VAR3:-VAL3} + v2: ${VAR4:-${VAR5:-VAL5 with space}:${VAR6:-VAL6}} + + v1: ${VAR6:-${VAR7}} + v1: ${VAR8:-${VAR9:-VAL9}} + services: traefik: - image: ${APP_IMAGE:-traefik}:${APP_VERSION:-v2.6.1} + image: ${app_image} restart: always #networks: # default: @@ -30,9 +36,11 @@ services: - TRAEFIK_PROVIDERS_DOCKER=true - TRAEFIK_PROVIDERS_DOCKER_WATCH=true - TRAEFIK_PROVIDERS_DOCKER_EXPOSEDBYDEFAULT=false - - TRAEFIK_PROVIDERS_DOCKER_NETWORK=$APP_NETWORK + - TRAEFIK_PROVIDERS_DOCKER_NETWORK=$app_network_name - TRAEFIK_PROVIDERS_DOCKER_ENDPOINT=unix:///var/run/docker.sock - TRAEFIK_PROVIDERS_DOCKER_SWARMMODE=false + - TRAEFIK_PROVIDERS_FILE_DIRECTORY=/etc/traefik + # File provider #- TRAEFIK_PROVIDERS.FILE.DIRECTORY=/etc/traefik/configs @@ -41,19 +49,8 @@ services: - TRAEFIK_ENTRYPOINTS_front-http_ADDRESS=:80 # <== Defining an entrypoint for port :80 named front volumes: - - ./config:/etc/traefik - - ./data:/data - - ./logs:/logs + - $app_dir_conf:/etc/traefik + - $app_dir_data:/data + - $app_dir_logs:/logs - /var/run/docker.sock:/var/run/docker.sock -# labels: -# #### Labels define the behavior and rules of the traefik proxy for this container #### -# - "traefik.enable=true" # <== Enable traefik on itself to view dashboard and assign subdomain to view it -# - "traefik.http.routers.dashboard.rule=Host(`${APP_DOMAIN}`)" # <== Setting the domain for the dashboard -# #- "traefik.http.routers.dashboard.service=api@internal" # <== Enabling the api to be a service to access -# - "traefik.http.routers.dashboard.service=dashboard" # <== Enabling the api to be a service to access -# - "traefik.http.routers.dashboard.entrypoints=$TRAEFIK_ENTRYPOINTS" -# #- "traefik.http.routers.dashboard.tls=true" -# - "traefik.http.routers.dashboard.tls.certresolver=$TRAEFIK_CERTRESOLV" -# - "traefik.http.services.dashboard.loadbalancer.server.port=8080" -