jleach/gist:7d51b6e00f3da09003411897d185a7fe

## gistfile1.txt
# Copyright 2021 The Province of British Columbia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
---
apiVersion: template.openshift.io/v1
kind: Template
metadata:
  annotations:
    description: |
      Deployment template for the RocketChat reverse proxy.
  name: ${NAME}
objects:
  - apiVersion: v1
    kind: Route
    metadata:
      labels:
        app: ${NAME}
      name: ${NAME}
    spec:
      host: ${SOURCE_HOST_NAME}
      port:
        targetPort: 2015-tcp
      tls:
        termination: edge
      to:
        kind: Service
        name: ${NAME}
        weight: 100
  - apiVersion: v1
    kind: ConfigMap
    metadata:
      name: ${NAME}-config
      labels:
        app: ${NAME}
    data:
      Caddyfile: |

        http://${SOURCE_HOST_NAME}:2015 {
            @internal {
              remote_ip forwarded 76.67.240.52
            }

            handle @internal {
             respond 403
            }

            reverse_proxy * https://${DESTINATION_HOST_NAME} {
                header_up Host {http.reverse_proxy.upstream.hostport}
                header_up Sec-WebSocket-Protocol {>Sec-WebSocket-Protocol}
                header_up X-Real-IP {remote_host}
                header_up X-Forwarded-For {remote_host}
                header_up X-Forwarded-Proto {scheme}
                flush_interval -1
            }
            respond /healthz 200

            log {
                # errors stdout
                output stdout
                #format single_field common_log
                level DEBUG
          }
        }

        :2015 {
            respond /healthz 200

            log {
              # errors stdout
              output stdout
              #format single_field common_log
              level DEBUG
          }
        }
  - apiVersion: v1
    kind: Service
    metadata:
      labels:
        app: ${NAME}
      name: ${NAME}
    spec:
      selector:
        role: proxy
      ports:
        - name: 2015-tcp
          port: 2015
          protocol: TCP
          targetPort: 2015
  - apiVersion: v1
    kind: DeploymentConfig
    metadata:
      labels:
        app: ${NAME}
      name: ${NAME}
    spec:
      strategy:
        type: Rolling
      triggers:
        - type: ConfigChange
      replicas: ${{REPLICA_COUNT}}
      selector:
        role: proxy
      template:
        metadata:
          labels:
            app: ${NAME}
            role: proxy
          name: ${NAME}
        spec:
          containers:
            - name: ${NAME}
              imagePullPolicy: Always
              image: "caddy:latest"
              env:
                - name: XDG_DATA_HOME
                  value: /tmp
              startupProbe:
                httpGet:
                  path: /healthz
                  port: 2015
                  scheme: HTTP
                failureThreshold: 5
                periodSeconds: 3
              readinessProbe:
                httpGet:
                  path: /healthz
                  port: 2015
                timeoutSeconds: 10
              ports:
                - containerPort: 2015
              resources:
                limits:
                  cpu: 100m
                  memory: 92Mi
                requests:
                  cpu: 20m
                  memory: 48Mi
              volumeMounts:
                - name: config-vol
                  mountPath: /etc/caddy/Caddyfile
                  subPath: Caddyfile
          volumes:
            - name: config-vol
              configMap:
                name: ${NAME}-config
          # imagePullSecrets:
          #   - name: bcdevops-dockercfg
  # - apiVersion: autoscaling/v1
  #   kind: HorizontalPodAutoscaler
  #   metadata:
  #     labels:
  #       app: ${NAME}
  #     name: ${NAME}
  #   spec:
  #     scaleTargetRef:
  #       apiVersion: apps/v1
  #       kind: DeploymentConfig
  #       name: ${NAME}
  #     minReplicas: ${{ROCKETCHAT_MIN_HPA}}
  #     maxReplicas: ${{ROCKETCHAT_MAX_HPA}}
  #     metrics:
  #     - type: Resource¡
  #       resource:
  #         name: cpu
  #         target:
  #           type: Utilization
  #           averageUtilization: 60
parameters:
  - description:
      The name assigned to all of the objects defined in this template.  You
      should keep this as default unless your know what your doing.
    displayName: Name
    name: NAME
    required: true
    value: maintenance-proxy
  - name: DESTINATION_HOST_NAME
    description:
      The destination address that is being proxied.
    displayName: Redirect Destination
    required: true
  - name: SOURCE_HOST_NAME
    description: |
      The route that will be redirected to the destination URL.
    displayName: Front Door Route
    required: true
  - name: REPLICA_COUNT
    description: The number of PROXY pods to start
    displayName: Replica Count
    value: "1"
  # - name: PROXY_MIN_HPA
  #   description: Min Number of PROXY pods for HPA
  #   displayName: PROXY Min HPA
  #   value: 3
  # - name: PROXY_MAX_HPA
  #   description: Max Number of PROXY pods for HPA
  #   displayName: PROXY Max HPA
  #   value: 9
	# Copyright 2021 The Province of British Columbia
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#
	---
	apiVersion: template.openshift.io/v1
	kind: Template
	metadata:
	annotations:
	description: \|
	Deployment template for the RocketChat reverse proxy.
	name: ${NAME}
	objects:
	- apiVersion: v1
	kind: Route
	metadata:
	labels:
	app: ${NAME}
	name: ${NAME}
	spec:
	host: ${SOURCE_HOST_NAME}
	port:
	targetPort: 2015-tcp
	tls:
	termination: edge
	to:
	kind: Service
	name: ${NAME}
	weight: 100
	- apiVersion: v1
	kind: ConfigMap
	metadata:
	name: ${NAME}-config
	labels:
	app: ${NAME}
	data:
	Caddyfile: \|

	http://${SOURCE_HOST_NAME}:2015 {
	@internal {
	remote_ip forwarded 76.67.240.52
	}

	handle @internal {
	respond 403
	}

	reverse_proxy * https://${DESTINATION_HOST_NAME} {
	header_up Host {http.reverse_proxy.upstream.hostport}
	header_up Sec-WebSocket-Protocol {>Sec-WebSocket-Protocol}
	header_up X-Real-IP {remote_host}
	header_up X-Forwarded-For {remote_host}
	header_up X-Forwarded-Proto {scheme}
	flush_interval -1
	}
	respond /healthz 200

	log {
	# errors stdout
	output stdout
	#format single_field common_log
	level DEBUG
	}
	}

	:2015 {
	respond /healthz 200

	log {
	# errors stdout
	output stdout
	#format single_field common_log
	level DEBUG
	}
	}
	- apiVersion: v1
	kind: Service
	metadata:
	labels:
	app: ${NAME}
	name: ${NAME}
	spec:
	selector:
	role: proxy
	ports:
	- name: 2015-tcp
	port: 2015
	protocol: TCP
	targetPort: 2015
	- apiVersion: v1
	kind: DeploymentConfig
	metadata:
	labels:
	app: ${NAME}
	name: ${NAME}
	spec:
	strategy:
	type: Rolling
	triggers:
	- type: ConfigChange
	replicas: ${{REPLICA_COUNT}}
	selector:
	role: proxy
	template:
	metadata:
	labels:
	app: ${NAME}
	role: proxy
	name: ${NAME}
	spec:
	containers:
	- name: ${NAME}
	imagePullPolicy: Always
	image: "caddy:latest"
	env:
	- name: XDG_DATA_HOME
	value: /tmp
	startupProbe:
	httpGet:
	path: /healthz
	port: 2015
	scheme: HTTP
	failureThreshold: 5
	periodSeconds: 3
	readinessProbe:
	httpGet:
	path: /healthz
	port: 2015
	timeoutSeconds: 10
	ports:
	- containerPort: 2015
	resources:
	limits:
	cpu: 100m
	memory: 92Mi
	requests:
	cpu: 20m
	memory: 48Mi
	volumeMounts:
	- name: config-vol
	mountPath: /etc/caddy/Caddyfile
	subPath: Caddyfile
	volumes:
	- name: config-vol
	configMap:
	name: ${NAME}-config
	# imagePullSecrets:
	# - name: bcdevops-dockercfg
	# - apiVersion: autoscaling/v1
	# kind: HorizontalPodAutoscaler
	# metadata:
	# labels:
	# app: ${NAME}
	# name: ${NAME}
	# spec:
	# scaleTargetRef:
	# apiVersion: apps/v1
	# kind: DeploymentConfig
	# name: ${NAME}
	# minReplicas: ${{ROCKETCHAT_MIN_HPA}}
	# maxReplicas: ${{ROCKETCHAT_MAX_HPA}}
	# metrics:
	# - type: Resource¡
	# resource:
	# name: cpu
	# target:
	# type: Utilization
	# averageUtilization: 60
	parameters:
	- description:
	The name assigned to all of the objects defined in this template. You
	should keep this as default unless your know what your doing.
	displayName: Name
	name: NAME
	required: true
	value: maintenance-proxy
	- name: DESTINATION_HOST_NAME
	description:
	The destination address that is being proxied.
	displayName: Redirect Destination
	required: true
	- name: SOURCE_HOST_NAME
	description: \|
	The route that will be redirected to the destination URL.
	displayName: Front Door Route
	required: true
	- name: REPLICA_COUNT
	description: The number of PROXY pods to start
	displayName: Replica Count
	value: "1"
	# - name: PROXY_MIN_HPA
	# description: Min Number of PROXY pods for HPA
	# displayName: PROXY Min HPA
	# value: 3
	# - name: PROXY_MAX_HPA
	# description: Max Number of PROXY pods for HPA
	# displayName: PROXY Max HPA
	# value: 9