From 127992c3de5dd893f7ff7d6757433524fe3353c1 Mon Sep 17 00:00:00 2001 From: Karn Wong Date: Mon, 28 Oct 2024 10:20:19 +0700 Subject: [PATCH] qa-discord-bot: switch to qa-api-rs --- caddy/config/Caddyfile | 2 +- caddy/main.go | 101 +++++++++--------- .../helm/deployments/bots/qa-discord-bot.yaml | 2 +- .../snikt/secrets/qa-discord-bot.sops.yaml | 7 +- 4 files changed, 56 insertions(+), 56 deletions(-) diff --git a/caddy/config/Caddyfile b/caddy/config/Caddyfile index 3f24911e..5d6bdcc9 100644 --- a/caddy/config/Caddyfile +++ b/caddy/config/Caddyfile @@ -53,7 +53,7 @@ plausible.karnwong.me { reverse_proxy 192.168.1.36:30044 } qa-api.karnwong.me { - reverse_proxy 192.168.1.36:30043 + reverse_proxy 192.168.1.36:30045 } rustpad.karnwong.me { reverse_proxy 192.168.1.36:30019 diff --git a/caddy/main.go b/caddy/main.go index f90abcf3..ad306b31 100644 --- a/caddy/main.go +++ b/caddy/main.go @@ -6,56 +6,6 @@ import ( "sort" ) -func generateConfig(services map[string]int) string { - config := "" - - keys := make([]string, 0, len(services)) - - for k := range services { - keys = append(keys, k) - } - sort.Strings(keys) - - for _, k := range keys { - config += fmt.Sprintf(`%s.karnwong.me { - reverse_proxy 192.168.1.36:%v -} -`, k, services[k]) - } - - return config -} - -func generateConfigForwardAuth(services map[string]int) string { - config := "" - - keys := make([]string, 0, len(services)) - - for k := range services { - keys = append(keys, k) - } - sort.Strings(keys) - - for _, k := range keys { - config += fmt.Sprintf(`%s.karnwong.me { - route { - reverse_proxy /outpost.goauthentik.io/* http://192.168.1.36:30047 - - forward_auth http://192.168.1.36:30047 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version - trusted_proxies private_ranges - } - - reverse_proxy 192.168.1.36:%v - } -} -`, k, services[k]) - } - - return config -} - func main() { services := map[string]int{ "audiobookshelf": 30027, @@ -76,7 +26,7 @@ func main() { "ntfy": 30022, "pdf": 30040, "plausible": 30044, - "qa-api": 30043, + "qa-api": 30045, "rustpad": 30019, "secrets": 30025, "share": 30017, @@ -107,5 +57,54 @@ func main() { panic(err) } fmt.Println("Caddyfile configured") +} + +func generateConfig(services map[string]int) string { + config := "" + keys := make([]string, 0, len(services)) + + for k := range services { + keys = append(keys, k) + } + sort.Strings(keys) + + for _, k := range keys { + config += fmt.Sprintf(`%s.karnwong.me { + reverse_proxy 192.168.1.36:%v +} +`, k, services[k]) + } + + return config +} + +func generateConfigForwardAuth(services map[string]int) string { + config := "" + + keys := make([]string, 0, len(services)) + + for k := range services { + keys = append(keys, k) + } + sort.Strings(keys) + + for _, k := range keys { + config += fmt.Sprintf(`%s.karnwong.me { + route { + reverse_proxy /outpost.goauthentik.io/* http://192.168.1.36:30047 + + forward_auth http://192.168.1.36:30047 { + uri /outpost.goauthentik.io/auth/caddy + copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name X-Authentik-Uid X-Authentik-Jwt X-Authentik-Meta-Jwks X-Authentik-Meta-Outpost X-Authentik-Meta-Provider X-Authentik-Meta-App X-Authentik-Meta-Version + trusted_proxies private_ranges + } + + reverse_proxy 192.168.1.36:%v + } +} +`, k, services[k]) + } + + return config } diff --git a/kubernetes/clusters/snikt/helm/deployments/bots/qa-discord-bot.yaml b/kubernetes/clusters/snikt/helm/deployments/bots/qa-discord-bot.yaml index 3dff2415..94b70108 100644 --- a/kubernetes/clusters/snikt/helm/deployments/bots/qa-discord-bot.yaml +++ b/kubernetes/clusters/snikt/helm/deployments/bots/qa-discord-bot.yaml @@ -18,7 +18,7 @@ spec: spec: containers: - name: qa-discord-bot - image: ghcr.io/kahnwong/qa-discord-bot:422d78a + image: ghcr.io/kahnwong/qa-discord-bot:5e67a32 envFrom: - secretRef: name: qa-discord-bot diff --git a/kubernetes/clusters/snikt/secrets/qa-discord-bot.sops.yaml b/kubernetes/clusters/snikt/secrets/qa-discord-bot.sops.yaml index f74259c3..5963da5b 100644 --- a/kubernetes/clusters/snikt/secrets/qa-discord-bot.sops.yaml +++ b/kubernetes/clusters/snikt/secrets/qa-discord-bot.sops.yaml @@ -1,5 +1,6 @@ DISCORD_AUTHENTICATION_TOKEN: ENC[AES256_GCM,data:tULNBO+e8bcb0dL0QolEoKcAaMsCJ6eumc8qf2RXtPWgLeBPn5cWd9QfySJ9/OCnfLoak8DbCeoVCfAD48KWFN4BhZz+VUvh,iv:jqGzEQHwZzzaBZTXEkqmPh+GbSBoR2TZ2jruh/+shWQ=,tag:iNKqPImPE64Bd39uaU+VJA==,type:str] -QA_API_ENDPOINT: ENC[AES256_GCM,data:IOc8zc23pngTAE7qgAY7qbon18mtsW6iWaE=,iv:gGungag6MBE+cvbT4jLnD982o8uvXVC6lxjqY3ULADk=,tag:59inJJuon0TsChABZFGAxQ==,type:str] +#ENC[AES256_GCM,data:WEBaz7ortQmutaLPCUiaSPoOzbhMcCD00QT44OHThv7c7FfPg8v4iKRMTg==,iv:hptMbm6rK8oDPs5yJzPKTKpzOUAy5LW0ZHgBw0/Zpw8=,tag:L6gRK1etJH57fjwAWZmVow==,type:comment] +QA_API_ENDPOINT: ENC[AES256_GCM,data:+B8s1umXtBa/GA2wsqjm2oNt2lgBA+13ZyIn3SrWPzzhmjblKwBh3Ugifxs=,iv:zyHscK2XVxTdJXojq9kqve3e9cL9+dpWJ897YDVP/Rs=,tag:v+t4jeOMAJlCq7TqEk1X9A==,type:str] QA_API_KEY: ENC[AES256_GCM,data:CW9rYdk02mLJybOaW7hZGdToRKQ3T6Q1rrXOvKA+jD9wZvrZmqjAptTnk7U9Tr27B3KYPNTXKRaO/uNNsvMgug==,iv:WAWi1e1G91vdXcVtU3cucl/UUh6U5W9qnJ4NSrvlTZM=,tag:pCytCO2ucTVZtLIftXAh9Q==,type:str] sops: kms: [] @@ -16,8 +17,8 @@ sops: RkhQVDhGVVIrTUMxTllSVGpBVTdubXMKzESIly0b39A2ujHkApmwwO4xqFCSqcKp CfmQ1jxnV/YlmucGCVsGoHFiBQHxXQGb/BRuyEbXmKIYpL3wo9VCLw== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-17T06:14:31Z" - mac: ENC[AES256_GCM,data:9hqdFFwuxBJOxkv6gk7sODmD0rHUD0KUxEZPx/34WvDWAlMozq5h7ZHdyUHjHBsUxe2Tqm3ROHIV/usWj3voarurcy4o/XGa2UzMh7x+jgcHD7YxP8tcxin4QJmeO+YxVBGkshn3j6zPOTxcg9TGphUFaa7RdpJlKVV18MNE2jg=,iv:9oBBYB4pkHfIOsEY9QSTRgT5Ga4hZKiKdMsck5mqoNA=,tag:WRqnM0Yc9pzSJ4nLvTtweQ==,type:str] + lastmodified: "2024-10-28T03:11:54Z" + mac: ENC[AES256_GCM,data:kvz/Ju+XE3O9NamNWGIEhXeMYjUTEOV1YuUB7eYb/D1f/f1ccPfpXu/nDlcrxGfhGXKg4i6vjQQEGeOmXmavuLVsC7blaL+fWev0gr154fUMere+wkG7Cr4lWTeZ05rO3IciOoPivqneWawzU19ff13Ku0U/uuofrHL4tPQpG2A=,iv:BwEB7mhM9aMJdHcuE66524yJ51wKmu5jcVnAfH2UQPM=,tag:g44hRC2A5W4TTFFkzJDbow==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0