-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add charts for a self-hosted signet setup
- Loading branch information
Showing
24 changed files
with
745 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| # Example of values for signet bitcoind. | ||
| # This is a YAML-formatted file. | ||
| # Declare variables to be passed into your templates. | ||
| global: | ||
| network: signet | ||
| service: | ||
| ports: | ||
| rpc: 38332 | ||
|
|
||
| persistence: | ||
| enabled: true | ||
| size: 2Gi | ||
|
|
||
| service: | ||
| type: ClusterIP | ||
| ports: | ||
| zmqpubrawtx: 28333 | ||
| zmqpubrawblock: 28332 | ||
| p2p: 38333 | ||
|
|
||
| # these flags need to be here and not in bitcoindGenericConfig because they have to be present under a separate section inside bitcoind.conf when in testnet/regtest mode | ||
| bitcoindCustomConfig: | ||
| bind: 0.0.0.0 | ||
| rpcbind: 0.0.0.0 | ||
| rpcallowip: 0.0.0.0/0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| export KUBE_CONFIG_PATH=~/.kube/config | ||
| export KUBE_CTX=k3d-k3s-default |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| .terraform | ||
| .terraform.lock.hcl | ||
| terraform.tfstate* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| TF:=terraform | ||
|
|
||
| create-cluster: | ||
| k3d cluster create --k3s-arg "--disable=traefik@server:0" --k3s-arg "--disable=servicelb@server:0" | ||
|
|
||
| delete-cluster: | ||
| k3d cluster delete && rm terraform.tfstate | ||
|
|
||
| init: | ||
| terraform init | ||
|
|
||
| deploy-services: | ||
| $(TF) apply -target module.infra_services.helm_release.cert_manager -auto-approve | ||
| $(TF) apply -target module.infra_services -auto-approve | ||
|
|
||
| deploy: | ||
| $(TF) apply -auto-approve | ||
|
|
||
| fmt: | ||
| $(TF) fmt -recursive | ||
|
|
||
| all: create-cluster init deploy-services deploy | ||
|
|
||
| full: delete-cluster create-cluster init deploy-services deploy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| # Charts dev setup | ||
|
|
||
| Intended as a local environment to test changes to the charts. Not as a dev backend for the mobile app. | ||
| Currently successfully brings up charts - no guarantee that everything is working as in prod, but enough to do some refactorings or stuff like that. | ||
|
|
||
| ## How To | ||
|
|
||
| dependencies: | ||
| - k3d | ||
| - terraform | ||
| - kubectl | ||
|
|
||
| run in the `dev` folder: | ||
| ``` | ||
| direnv allow | ||
| make create-cluster | ||
| make init | ||
| make deploy-services | ||
| make deploy | ||
| ``` | ||
|
|
||
| Test if its working: | ||
| ``` | ||
| kubectl -n galoy-dev-ingress port-forward svc/ingress-nginx-controller 8080:80 | ||
| ``` | ||
| In other terminal: | ||
| ``` | ||
| $ curl 'localhost:8080/graphql' -H 'Content-Type: application/json' -H 'Accept: application/json' --data-binary '{"query":"mutation login($input: UserLoginInput!) { userLogin(input: $input) { authToken } }","variables":{"input":{"phone":"+59981730222","code":"111111"}}}' | ||
| {"data":{"userLogin":{"authToken":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiI2MTc2YmQ2NmQ0MmFkYWIzNjM2MmEyY2QiLCJuZXR3b3JrIjoibWFpbm5ldCIsImlhdCI6MTYzNTE3MTY4Nn0.n-p5sA9meAmZrVOdngYr216jG3LKOFsFdJmVw6XND3A"}}} | ||
| ``` | ||
|
|
||
| Currently incomplete functionality - but depending on what you want to hack on it'll work |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| resource "helm_release" "admin_panel" { | ||
| name = "admin-panel" | ||
| chart = "${path.module}/../../charts/admin-panel" | ||
| repository = "https://galoymoney.github.io/charts/" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| dealer: | ||
| graphqlUri: http://fake-galoyapi.${addons_namespace}.svc.cluster.local:4000/graphql | ||
| postgresql: | ||
| enabled: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| locals { | ||
| postgres_password = "postgres" | ||
| postgres_db_uri = "postgres://postgres:postgres@dealer-postgresql:5432/dealer" | ||
| okex5_key = "key" | ||
| okex5_secret = "secret" | ||
| okex5_password = "pwd" | ||
| okex5_fund_password = "none" | ||
| phone = "dealerphone" | ||
| code = "dealercode" | ||
| } | ||
|
|
||
| resource "kubernetes_secret" "okex5_creds" { | ||
| metadata { | ||
| name = "dealer-okex5" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| "okex5_key" : local.okex5_key | ||
| "okex5_secret" : local.okex5_secret | ||
| "okex5_password" : local.okex5_password | ||
| "okex5_fund_password" : local.okex5_fund_password | ||
| } | ||
| } | ||
|
|
||
| resource "kubernetes_secret" "postgres_creds" { | ||
| metadata { | ||
| name = "dealer-postgres" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| "postgresql-password" : local.postgres_password | ||
| "postgresql-db-uri" : local.postgres_db_uri | ||
| } | ||
| } | ||
|
|
||
| resource "kubernetes_secret" "dealer_creds" { | ||
| metadata { | ||
| name = "dealer-creds" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| "phone" : local.phone | ||
| "code" : local.code | ||
| } | ||
| } | ||
|
|
||
| resource "helm_release" "dealer" { | ||
| name = "dealer" | ||
| chart = "${path.module}/../../charts/dealer" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
|
|
||
| values = [ | ||
| templatefile("${path.module}/dealer-values.yml.tmpl", { | ||
| addons_namespace : kubernetes_namespace.addons.metadata[0].name | ||
| }) | ||
| ] | ||
|
|
||
| depends_on = [ | ||
| kubernetes_secret.postgres_creds, | ||
| kubernetes_secret.okex5_creds | ||
| ] | ||
|
|
||
| dependency_update = true | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| resource "helm_release" "galoy_pay" { | ||
| name = "galoy-pay" | ||
| chart = "${path.module}/../../charts/galoy-pay" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| variable "name_prefix" {} | ||
|
|
||
| locals { | ||
| addons_namespace = "${var.name_prefix}-addons" | ||
| } | ||
|
|
||
| resource "kubernetes_namespace" "addons" { | ||
| metadata { | ||
| name = local.addons_namespace | ||
| } | ||
| } | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| mobileLayout: | ||
| enabled: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| locals { | ||
| session_keys = "session_keys" | ||
| } | ||
|
|
||
| resource "kubernetes_secret" "web_wallet_secret" { | ||
| metadata { | ||
| name = "web-wallet" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| "session-keys" : local.session_keys | ||
| } | ||
| } | ||
|
|
||
| resource "kubernetes_secret" "web_wallet_mobile_secret" { | ||
| metadata { | ||
| name = "web-wallet-mobile" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| "session-keys" : local.session_keys | ||
| } | ||
| } | ||
|
|
||
| resource "helm_release" "web_wallet" { | ||
| name = "web-wallet" | ||
| chart = "${path.module}/../../charts/web-wallet" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
|
|
||
| depends_on = [kubernetes_secret.web_wallet_secret] | ||
| } | ||
|
|
||
| resource "helm_release" "web_wallet_mobile" { | ||
| name = "web-wallet-mobile" | ||
| chart = "${path.module}/../../charts/web-wallet" | ||
| namespace = kubernetes_namespace.addons.metadata[0].name | ||
|
|
||
| depends_on = [kubernetes_secret.web_wallet_mobile_secret] | ||
|
|
||
| values = [ | ||
| file("${path.module}/web-wallet-mobile-values.yml") | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| variable "name_prefix" {} | ||
|
|
||
| locals { | ||
| auth_namespace = "${var.name_prefix}-auth" | ||
|
|
||
| session_keys = "session_keys" | ||
| } | ||
|
|
||
| resource "kubernetes_namespace" "auth" { | ||
| metadata { | ||
| name = local.auth_namespace | ||
| } | ||
| } | ||
|
|
||
| resource "kubernetes_secret" "auth_backend_secret" { | ||
| metadata { | ||
| name = "auth-backend" | ||
| namespace = kubernetes_namespace.auth.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| "session-keys" : local.session_keys | ||
| } | ||
| } | ||
|
|
||
| resource "helm_release" "galoy_auth" { | ||
| name = "galoy-auth" | ||
| chart = "${path.module}/../../charts/galoy-auth" | ||
| namespace = kubernetes_namespace.auth.metadata[0].name | ||
|
|
||
| depends_on = [kubernetes_secret.auth_backend_secret] | ||
|
|
||
| dependency_update = true | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| global: | ||
| network: signet | ||
| service: | ||
| ports: | ||
| rpc: 38332 | ||
|
|
||
| secrets: | ||
| create: false | ||
|
|
||
| persistence: | ||
| enabled: true | ||
|
|
||
| service: | ||
| type: ClusterIP | ||
| ports: | ||
| zmqpubrawtx: 28333 | ||
| zmqpubrawblock: 28332 | ||
| p2p: 38333 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| resource "kubernetes_secret" "bitcoind" { | ||
| metadata { | ||
| name = "bitcoind-rpcpassword" | ||
| namespace = kubernetes_namespace.bitcoin.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| password = local.bitcoind_rpcpassword | ||
| } | ||
| } | ||
|
|
||
| resource "helm_release" "bitcoind" { | ||
| name = "bitcoind" | ||
| chart = "${path.module}/../../charts/bitcoind" | ||
| namespace = kubernetes_namespace.bitcoin.metadata[0].name | ||
|
|
||
| values = [ | ||
| file("${path.module}/bitcoind-values.yml") | ||
| ] | ||
|
|
||
| depends_on = [ | ||
| kubernetes_secret.bitcoind | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,33 @@ | ||
| image: | ||
| tag: v0.15.0-beta.rc6 | ||
|
|
||
| global: | ||
| network: signet | ||
|
|
||
| resources: | ||
| limits: | ||
| cpu: 150m | ||
| memory: 256Mi | ||
|
|
||
| terminationGracePeriodSeconds: 0 | ||
|
|
||
| persistence: | ||
| enabled: true | ||
|
|
||
| configmap: | ||
| customValues: | ||
| - bitcoin.signet=true | ||
| - bitcoin.defaultchanconfs=0 | ||
| - bitcoind.rpchost=bitcoind:38332 | ||
| - keysend-hold-time=2s | ||
| - tlsextradomain=lnd1.galoy-dev-bitcoin.svc.cluster.local | ||
| - debuglevel=info | ||
|
|
||
| loop: | ||
| enabled: false | ||
|
|
||
| lndmon: | ||
| enabled: false | ||
|
|
||
| autoGenerateSeed: | ||
| enabled: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| resource "kubernetes_secret" "lnd_pg_pass" { | ||
| metadata { | ||
| name = "postgres-creds" | ||
| namespace = kubernetes_namespace.bitcoin.metadata[0].name | ||
| } | ||
|
|
||
| data = { | ||
| uri = "postgres://postgres:password@lnd1-postgresql:5432/lnd" | ||
| "postgres-password" = "password" | ||
| } | ||
| } | ||
|
|
||
| resource "helm_release" "lnd" { | ||
| name = "lnd1" | ||
| chart = "${path.module}/../../charts/lnd" | ||
| namespace = kubernetes_namespace.bitcoin.metadata[0].name | ||
|
|
||
| dependency_update = true | ||
| timeout = 3600 | ||
| values = [ | ||
| file("${path.module}/lnd-values.yml") | ||
| ] | ||
|
|
||
| depends_on = [ | ||
| kubernetes_secret.bitcoind, | ||
| helm_release.bitcoind | ||
| ] | ||
| } |
Oops, something went wrong.