From 56f5a82c240c291f299d2a09f8e35e9c8c0859c8 Mon Sep 17 00:00:00 2001 From: mrjk Date: Fri, 29 Jul 2022 02:23:23 -0400 Subject: [PATCH] Add: Paasify filters --- .paasify/plugins/docker-net-provider.jsonnet | 64 ++++++++ .paasify/plugins/docker-svc-restart.jsonnet | 31 ++++ .paasify/plugins/docker-svc-tz.jsonnet | 46 ++++++ .paasify/plugins/docker-svc-ugid.jsonnet | 49 ++++++ .paasify/plugins/paasify-dump.jsonnet | 20 +++ .paasify/plugins/sidecar-mysql.jsonnet | 102 ++++++++++++ .paasify/plugins/traefik-svc.jsonnet | 154 +++++++++++++++++++ .paasify/plugins/traefik-svc.schema.json | 34 ++++ 8 files changed, 500 insertions(+) create mode 100644 .paasify/plugins/docker-net-provider.jsonnet create mode 100644 .paasify/plugins/docker-svc-restart.jsonnet create mode 100644 .paasify/plugins/docker-svc-tz.jsonnet create mode 100644 .paasify/plugins/docker-svc-ugid.jsonnet create mode 100644 .paasify/plugins/paasify-dump.jsonnet create mode 100644 .paasify/plugins/sidecar-mysql.jsonnet create mode 100644 .paasify/plugins/traefik-svc.jsonnet create mode 100644 .paasify/plugins/traefik-svc.schema.json diff --git a/.paasify/plugins/docker-net-provider.jsonnet b/.paasify/plugins/docker-net-provider.jsonnet new file mode 100644 index 0000000..1d39a59 --- /dev/null +++ b/.paasify/plugins/docker-net-provider.jsonnet @@ -0,0 +1,64 @@ +# Tag to add a shared network +# +# Examples: + +# Default imports +local user_data = std.parseJson(std.extVar('user_data')); +local docker_data = std.parseJson(std.extVar('docker_data')); + +# Internal vars +local docker_services = std.get(docker_data, 'services', default={}); +local docker_services_names = std.objectFields(docker_services); + +# User options with defaults +local default_svcs = std.get(user_data, 'PAASIFY_STACK_SVCS'); +local default_network = std.get(user_data, 'APP_NETWORK_NAME', 'default'); + +# Build default config +local config_default = { + APP_SERVICES: default_svcs, + APP_NETWORK_NAME: default_network, + APP_NETWORK_IDENT: default_network, +}; + +local conf = config_default + user_data; +local services_names = std.split(conf.APP_SERVICES, ',') ; + + +# Process +docker_data + +{ + networks+: { + [conf.APP_NETWORK_IDENT]: { + name: conf.APP_NETWORK_NAME, + } + }, + services+: { + [svc_name]+: { networks+: { [conf.APP_NETWORK_IDENT]: null } } for svc_name in services_names + }, +} + + + + +###############3 +## +## +## +### Internal vars +##local docker_services = std.get(docker_data, 'services', default={}); +##local docker_services_names = std.objectFields(docker_services); +# +## System options +#local service_ns = std.get(user_data, 'namespace', default=std.get(stack_data, 'namespace', default='')); +#local service_stack = std.get(user_data, 'name', default=std.get(stack_data, 'current_stack', default='')); +# +#local default_name = if std.isString(service_ns) then service_ns + "_" + service_stack else service_stack; +# +## User options with defaults +#local network_name = std.get(user_data, 'network_name', default='default'); +#local service_name = std.get(user_data, 'service', default='app'); +#local services_names = std.get(user_data, 'services', default=[service_name]); + + + diff --git a/.paasify/plugins/docker-svc-restart.jsonnet b/.paasify/plugins/docker-svc-restart.jsonnet new file mode 100644 index 0000000..dae187a --- /dev/null +++ b/.paasify/plugins/docker-svc-restart.jsonnet @@ -0,0 +1,31 @@ +# Tag to add a restart policy on all containers +# +# Examples: +# tags: +# - docker-services-restart: +# policy: always +# services: +# - srv1 +# - mysqldb + +# Default imports +local user_data = std.parseJson(std.extVar('user_data')); +local docker_data = std.parseJson(std.extVar('docker_data')); + +# Internal vars +local docker_services = std.get(docker_data, 'services', default={}); +local docker_services_names = std.objectFields(docker_services); + +# User options with defaults +local services_names = std.get(user_data, 'services', default=docker_services_names); +local policy = std.get(user_data, 'policy', default='unless-stopped'); + +# Process +docker_data + +{ + services+: { + [svc_name]+: { restart: policy } for svc_name in services_names + }, +} + + diff --git a/.paasify/plugins/docker-svc-tz.jsonnet b/.paasify/plugins/docker-svc-tz.jsonnet new file mode 100644 index 0000000..de91746 --- /dev/null +++ b/.paasify/plugins/docker-svc-tz.jsonnet @@ -0,0 +1,46 @@ +# Tag to add a restart policy on all containers +# +# Examples: +# tags: +# - docker-svc-tz: +# policy: always +# services: +# - srv1 +# - mysqldb + +# Default imports +local user_data = std.parseJson(std.extVar('user_data')); +local docker_data = std.parseJson(std.extVar('docker_data')); + +# Init defaults +local default_svcs = std.get(user_data, 'PAASIFY_STACK_SVCS'); +#local default_tz = 'UTC'; +#local default_tz = 'Europe/Paris'; +local default_tz = 'America/Toronto'; +local default_mount = false; +local default_mounts = '/etc/timezone:/etc/timezone:ro,/etc/localtime:/etc/localtime:ro'; + +# Build default config +local config_default = { + APP_SERVICES: default_svcs, + APP_TZ: default_tz, + APP_TZ_MOUNT: default_mount, + APP_TZ_MOUNTS: default_mounts, +}; + +local conf = config_default + user_data; +local services_names = std.split(conf.APP_SERVICES, ',') ; + +# Process +docker_data + +{ + services+: { + [svc_name]+: { + environment+: { + TZ: conf.APP_TZ + } + } for svc_name in services_names + }, +} + + diff --git a/.paasify/plugins/docker-svc-ugid.jsonnet b/.paasify/plugins/docker-svc-ugid.jsonnet new file mode 100644 index 0000000..2df9f0b --- /dev/null +++ b/.paasify/plugins/docker-svc-ugid.jsonnet @@ -0,0 +1,49 @@ +# Tag to set UID and GID to container +# +# Examples: +# tags: +# - docker-svc-tz: +# policy: always +# services: +# - srv1 +# - mysqldb + +# Default imports +local user_data = std.parseJson(std.extVar('user_data')); +local docker_data = std.parseJson(std.extVar('docker_data')); + +# Init defaults +local default_svcs = std.get(user_data, 'PAASIFY_STACK_SVCS'); + +# Build default config +local config_default = { + APP_SERVICES: default_svcs, + APP_PUID: 1000, + APP_PGID: 1000, + APP_PUID_VAR: 'APP_PUID', + APP_PGID_VAR: 'APP_PGID', +}; + +local conf = config_default + user_data; +local services_names = std.split(conf.APP_SERVICES, ',') ; + +# Internal functions +local ServiceUGI(var, val) = + if std.isString(val) || std.isNumber(val) then + { + [var]: std.toString(val), + } else {}; + + +# Process +docker_data + +{ + services+: { + [svc_name]+: { + environment+: + ServiceUGI(conf.APP_PUID_VAR, conf.APP_PUID) + + ServiceUGI(conf.APP_PGID_VAR, conf.APP_PGID), + } for svc_name in services_names + }, +} + diff --git a/.paasify/plugins/paasify-dump.jsonnet b/.paasify/plugins/paasify-dump.jsonnet new file mode 100644 index 0000000..5686299 --- /dev/null +++ b/.paasify/plugins/paasify-dump.jsonnet @@ -0,0 +1,20 @@ +# Dump meta-data in docker files +# +# Examples: +# tags: +# - paasify-dump + +# Default imports +local docker_data = std.parseJson(std.extVar('docker_data')); +local user_data = std.parseJson(std.extVar('user_data')); + +# Process +docker_data + +{ + ["x-paasify"]+: { + "user_data": user_data, +# "docker_data": docker_data, + } +} + + diff --git a/.paasify/plugins/sidecar-mysql.jsonnet b/.paasify/plugins/sidecar-mysql.jsonnet new file mode 100644 index 0000000..867fa1d --- /dev/null +++ b/.paasify/plugins/sidecar-mysql.jsonnet @@ -0,0 +1,102 @@ +# Tag to add mysql sidecar +# +# Examples: +# tags: +# - docker-services-restart: +# policy: always +# services: +# - srv1 +# - mysqldb + +# Default imports +local stack_data = std.parseJson(std.extVar('stack_data')); +local docker_data = std.parseJson(std.extVar('docker_data')); +local user_data = std.parseJson(std.extVar('user_data')); + +## Internal vars +local docker_service = std.get(docker_data, 'service', default={}); +local docker_services = std.get(docker_data, 'services', default={docker_service: null }); +local docker_services_names = std.objectFields(docker_services); +local services_names = std.get(user_data, 'services', default=docker_services_names); + +# +# +## System options +#local service_ns = std.get(stack_data, 'namespace', default=''); +#local service_stack = std.get(stack_data, 'current_stack', default=''); + +# User options with defaults +#local service_default_net = service_ns + "_traefik"; +#local service_network = std.get(user_data, 'network', default=service_default_net ); + + +#local service_top_domain = std.get(user_data, 'top_domain', default='dev.box'); +local service_name = std.get(user_data, 'name', default='mysql'); +local service_image = std.get(user_data, 'image', default='mariadb:10'); + +# MySQL settings +local service_root_password = std.get(user_data, 'root_password', default=''); +local service_root_password_random = std.get(user_data, 'root_password_random', default=false); +local service_user_password = std.get(user_data, 'user_password', default=''); +local service_user_name = std.get(user_data, 'user_name', default=std.get(stack_data, 'current_stack', default='db')); +local service_user_db = std.get(user_data, 'user_db', default=service_user_name); + + +#local service_port = std.get(user_data, 'port', default='80'); +#local service_entrypoints = std.get(user_data, 'entrypoints', default='front-http'); +# +#local service_app = std.get(user_data, 'name', default=service_name); +#local service_domain = std.get(user_data, 'domain', default=service_app + '.' + service_top_domain); +# +#local service_tls = std.get(user_data, 'tls', default=false); +#local service_certresolver = std.get(user_data, 'certresolver', default=null); +#local service_auth = std.get(user_data, 'auth', default=null); + + + + +# This would eventually also contain stack name to avoid collisions +#local service_id = service_ns + "_" + service_name; +#local service_id = service_ns + "_" + service_stack + "_" + service_name; + + +# Process +docker_data ++ { + # Append mysql network to the list of networks + networks+: { + mysql: null + }, + + # Append mysql netwok to all requested services + services+: { + [svc_name]+: { networks+: { mysql: null } } for svc_name in services_names + }, +} ++ { + # Append mysql sidecar + services+: { + [service_name]+: { + environment: { + MYSQL_RANDOM_ROOT_PASSWORD: service_root_password_random, + MYSQL_ROOT_PASSWORD: service_root_password, + MYSQL_PASSWORD: service_user_password, + MYSQL_USER: service_user_name, + MYSQL_DATABASE: service_user_db, + }, + image: service_image, + networks: { + mysql: null, + }, + volumes: [], + }, + }, + + // zzz: { + // a1: stack_data, + // a2: user_data, + // }, + +} + + diff --git a/.paasify/plugins/traefik-svc.jsonnet b/.paasify/plugins/traefik-svc.jsonnet new file mode 100644 index 0000000..ba15af1 --- /dev/null +++ b/.paasify/plugins/traefik-svc.jsonnet @@ -0,0 +1,154 @@ +# Tag to add a restart policy on all containers +# +# Examples: +# tags: +# - docker-services-restart: +# policy: always +# services: +# - srv1 +# - mysqldb + +# Default imports +# ------------------------------------- + +# Import from external data +local docker_data = std.parseJson(std.extVar('docker_data')); +local user_data = std.parseJson(std.extVar('user_data')); + + +# Init defaults +local default_ns = std.get(user_data, 'PAASIFY_STACK_NS'); +local default_name = std.get(user_data, 'PAASIFY_STACK_NAME'); +local default_service = std.get(user_data, 'PAASIFY_STACK_SVC'); +local default_domain = std.get(user_data, 'PAASIFY_STACK_DOMAIN'); + +# We replace app name by 'app', just for nice looking +local default_service_name = if default_service != default_name then default_service else 'app'; + + +# Build default config +local config_default = { + TRAEFIK_NET_IDENT: 'default', + TRAEFIK_NET_NAME: std.get(user_data, 'APP_PROXY_NETWORK', default_ns + '_' + default_name), + TRAEFIK_NET_EXTERNAL: true, + + TRAEFIK_SVC_IDENT: default_service, + #TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service, + TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service_name, + TRAEFIK_SVC_DOMAIN: default_service + '.' + default_domain, + TRAEFIK_SVC_PORT: 80, + TRAEFIK_SVC_ENTRYPOINTS: std.get(user_data, 'TRAEFIK_SVC_ENTRYPOINTS', default=null), + TRAEFIK_SVC_AUTH: std.get(user_data, 'TRAEFIK_SVC_AUTH', default=null), + TRAEFIK_SVC_TLS: std.get(user_data, 'TRAEFIK_SVC_TLS', default=false), + TRAEFIK_SVC_CERTRESOLVER: std.get(user_data, 'TRAEFIK_SVC_CERTRESOLVER', default=null), + + }; + +local conf = config_default + user_data; + + + +# Internal functions +# ------------------------------------- + +# Base routing +local LabelsTraefik(svc, domain, entrypoints, port) = + { + ["traefik.enable"]: "true", + ["traefik.http.routers." + svc + ".rule"]: 'Host(`' + domain + '`)', + ["traefik.http.routers." + svc + ".entrypoints"]: entrypoints, + ["traefik.http.routers." + svc + ".service"]: svc, + ["traefik.http.services." + svc + ".loadbalancer.server.port"]: std.format("%s", port), + }; + +# Middleware +local LabelsTraefikAuthelia(svc, authservice) = + if std.isString(authservice) then + { + ["traefik.http.routers." + svc + ".middlewares"]: authservice + '@docker', + } else {}; + +# TLS management +local LabelsTraefikTls(svc, status) = + if status == true then + { + ["traefik.http.routers." + svc + ".tls"]: "true", + } else {}; + +local LabelsTraefikCertResolver(svc, name) = + if std.isString(name) then + LabelsTraefikTls(svc, true) + { + ["traefik.http.routers." + svc + ".tls.certresolver"]: name, + } else {}; + +# Networking +local TraefikSvcNetwork(id, name) = + if std.isString(id) then + { + [id]: null, + } else {}; + +local TraefikPrjNetwork(id, name, external) = + if std.isString(id) then + { + [id]+: { + name: name + }, + } + + if external == true then + { + [id]+: { + external: true, + }, + } else {} + else {}; + + +# Return result +# ------------------------------------- +docker_data + +{ + # Append stack network + #networks+: TraefikPrjNetwork(svc_network_id, svc_network), + networks+: TraefikPrjNetwork( + conf.TRAEFIK_NET_IDENT, + conf.TRAEFIK_NET_NAME, + conf.TRAEFIK_NET_EXTERNAL), + + # Apply per services labels + services+: { + [conf.TRAEFIK_SVC_IDENT]+: { + labels+: + LabelsTraefik( + conf.TRAEFIK_SVC_NAME, + conf.TRAEFIK_SVC_DOMAIN, + conf.TRAEFIK_SVC_ENTRYPOINTS, + conf.TRAEFIK_SVC_PORT) + + LabelsTraefikAuthelia( + conf.TRAEFIK_SVC_NAME, + conf.TRAEFIK_SVC_AUTH) + + LabelsTraefikTls( + conf.TRAEFIK_SVC_NAME, + conf.TRAEFIK_SVC_TLS) + + LabelsTraefikCertResolver( + conf.TRAEFIK_SVC_NAME, + conf.TRAEFIK_SVC_CERTRESOLVER) + , + networks+: TraefikSvcNetwork( + conf.TRAEFIK_NET_IDENT, + conf.TRAEFIK_NET_NAME), + }, + }, + + #["x-paasify"]: { + # #stack_data: stack_data, + # #user_data: user_data, + # #config: config, + # config2: conf, + # #env_data: env_data, + #}, + + +} + + diff --git a/.paasify/plugins/traefik-svc.schema.json b/.paasify/plugins/traefik-svc.schema.json new file mode 100644 index 0000000..253f13a --- /dev/null +++ b/.paasify/plugins/traefik-svc.schema.json @@ -0,0 +1,34 @@ +# TRAEFIK_NET_IDENT: 'default', +# TRAEFIK_NET_NAME: default_ns + '_' + default_name, +# TRAEFIK_NET_EXTERNAL: true, +# +# TRAEFIK_SVC_IDENT: default_service, +# TRAEFIK_SVC_NAME: default_ns + '_' + default_name + '_' + default_service, +# TRAEFIK_SVC_DOMAIN: default_service + '.' + default_domain, +# TRAEFIK_SVC_PORT: 80, +# TRAEFIK_SVC_ENTRYPOINTS: std.get(user_data, 'TRAEFIK_SVC_ENTRYPOINTS', default=null), +# TRAEFIK_SVC_AUTH: std.get(user_data, 'TRAEFIK_SVC_AUTH', default=null), +# TRAEFIK_SVC_TLS: std.get(user_data, 'TRAEFIK_SVC_TLS', default=false), +# TRAEFIK_SVC_CERTRESOLVER: std.get(user_data, 'TRAEFIK_SVC_CERTRESOLVER', default=null), +# + + + +{ + "$schema": "http://json-schema.org/draft-07/schema#", + "additionalProperties": false, + "description": "Main paasify project settings", + "properties": { + "TRAEFIK_NET_IDENT": { + "title": "Network name", + "description": "Network name in docker compose" + } + }, + "required": [ + "" + ], + "title": "Traefik auto-proxy", + "type": "object" + +} +