diff --git a/clusters/atlas/flux-system/applications/typhon/kustomization.yaml b/clusters/atlas/flux-system/applications/typhon/kustomization.yaml index 987e87a1..a4b857b1 100644 --- a/clusters/atlas/flux-system/applications/typhon/kustomization.yaml +++ b/clusters/atlas/flux-system/applications/typhon/kustomization.yaml @@ -13,6 +13,7 @@ spec: name: flux-system targetNamespace: climate dependsOn: + - name: vault - name: vault-csi - name: monitoring healthChecks: diff --git a/services/typhon/deployment.yaml b/services/typhon/deployment.yaml index b47ea844..e8deb652 100644 --- a/services/typhon/deployment.yaml +++ b/services/typhon/deployment.yaml @@ -30,11 +30,36 @@ spec: vault.hashicorp.com/agent-inject-secret-aci-env.sh: "kv/data/atlas/climate/typhon/ac-infinity" vault.hashicorp.com/agent-inject-template-aci-env.sh: | {{- with secret "kv/data/atlas/climate/typhon/ac-infinity" -}} - export ACI_EMAIL="{{ .Data.data.ACI_EMAIL }}" - export ACI_PASSWORD="{{ .Data.data.ACI_PASSWORD }}" + {{- if index .Data.data "ACI_EMAIL" }} + export ACI_EMAIL="{{ index .Data.data "ACI_EMAIL" }}" + {{- end }} + {{- if index .Data.data "ACI_PASSWORD" }} + export ACI_PASSWORD="{{ index .Data.data "ACI_PASSWORD" }}" + {{- end }} {{- if index .Data.data "ACI_HOST" }} export ACI_HOST="{{ index .Data.data "ACI_HOST" }}" {{- end }} + {{- if index .Data.data "TYPHON_MODE" }} + export TYPHON_MODE="{{ index .Data.data "TYPHON_MODE" }}" + {{- end }} + {{- if index .Data.data "ENABLE_CONTROL_API" }} + export ENABLE_CONTROL_API="{{ index .Data.data "ENABLE_CONTROL_API" }}" + {{- end }} + {{- if index .Data.data "TY_BLE_DEFAULT_MAC" }} + export TY_BLE_DEFAULT_MAC="{{ index .Data.data "TY_BLE_DEFAULT_MAC" }}" + {{- end }} + {{- if index .Data.data "TY_BLE_ALLOWED_MACS" }} + export TY_BLE_ALLOWED_MACS="{{ index .Data.data "TY_BLE_ALLOWED_MACS" }}" + {{- end }} + {{- if index .Data.data "TY_BLE_DEVICE_TYPE" }} + export TY_BLE_DEVICE_TYPE="{{ index .Data.data "TY_BLE_DEVICE_TYPE" }}" + {{- end }} + {{- if index .Data.data "TY_BLE_SCAN_TIMEOUT_MS" }} + export TY_BLE_SCAN_TIMEOUT_MS="{{ index .Data.data "TY_BLE_SCAN_TIMEOUT_MS" }}" + {{- end }} + {{- if index .Data.data "TY_BLE_PORT_BASE" }} + export TY_BLE_PORT_BASE="{{ index .Data.data "TY_BLE_PORT_BASE" }}" + {{- end }} {{- end -}} typhon.bstein.dev/restart-rev: "2" spec: @@ -52,20 +77,38 @@ spec: args: - | set -eu - . /vault/secrets/aci-env.sh + if [ -f /vault/secrets/aci-env.sh ]; then + . /vault/secrets/aci-env.sh + fi + : "${TYPHON_MODE:=cloud}" + : "${ENABLE_CONTROL_API:=false}" exec node dist/index.js env: + - name: TYPHON_MODE + value: "cloud" + - name: ENABLE_CONTROL_API + value: "false" - name: POLL_INTERVAL_SECONDS value: "30" - name: REQUEST_TIMEOUT_MS value: "10000" - name: LISTEN_PORT value: "9108" + - name: CONTROL_LISTEN_PORT + value: "9110" + - name: TY_BLE_DEVICE_TYPE + value: "11" + - name: TY_BLE_SCAN_TIMEOUT_MS + value: "20000" + - name: TY_BLE_PORT_BASE + value: "1" - name: LOG_LEVEL value: "info" ports: - name: metrics containerPort: 9108 + - name: control + containerPort: 9110 volumeMounts: - name: tmp mountPath: /tmp diff --git a/services/typhon/networkpolicy.yaml b/services/typhon/networkpolicy.yaml index a8ca7f0e..a5fcf675 100644 --- a/services/typhon/networkpolicy.yaml +++ b/services/typhon/networkpolicy.yaml @@ -19,6 +19,13 @@ spec: ports: - protocol: TCP port: 9108 + - from: + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: climate + ports: + - protocol: TCP + port: 9110 egress: - to: - namespaceSelector: diff --git a/services/typhon/service.yaml b/services/typhon/service.yaml index d7af6b85..77bd7fb8 100644 --- a/services/typhon/service.yaml +++ b/services/typhon/service.yaml @@ -16,3 +16,6 @@ spec: - name: metrics port: 9108 targetPort: metrics + - name: control + port: 9110 + targetPort: control