diff --git a/config/clusters/2i2c-aws-us/dask-staging.values.yaml b/config/clusters/2i2c-aws-us/dask-staging.values.yaml index aa8495d1c6..2c9bea2859 100644 --- a/config/clusters/2i2c-aws-us/dask-staging.values.yaml +++ b/config/clusters/2i2c-aws-us/dask-staging.values.yaml @@ -15,6 +15,14 @@ basehub: serverIP: fs-0b70db2b65209a77d.efs.us-west-2.amazonaws.com baseShareName: / jupyterhub: + ingress: + hosts: [dask-staging.aws.2i2c.cloud] + tls: + - hosts: [dask-staging.aws.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [dask-staging.aws.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c-aws-us/researchdelight.values.yaml b/config/clusters/2i2c-aws-us/researchdelight.values.yaml index cbb6eaaa59..cc5689533f 100644 --- a/config/clusters/2i2c-aws-us/researchdelight.values.yaml +++ b/config/clusters/2i2c-aws-us/researchdelight.values.yaml @@ -15,6 +15,14 @@ basehub: serverIP: fs-0b70db2b65209a77d.efs.us-west-2.amazonaws.com baseShareName: / jupyterhub: + ingress: + hosts: [researchdelight.2i2c.cloud] + tls: + - hosts: [researchdelight.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [researchdelight.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c-aws-us/staging.values.yaml b/config/clusters/2i2c-aws-us/staging.values.yaml index a6fed752cf..76eba96857 100644 --- a/config/clusters/2i2c-aws-us/staging.values.yaml +++ b/config/clusters/2i2c-aws-us/staging.values.yaml @@ -14,6 +14,14 @@ nfs: serverIP: fs-0b70db2b65209a77d.efs.us-west-2.amazonaws.com baseShareName: / jupyterhub: + ingress: + hosts: [staging.aws.2i2c.cloud] + tls: + - hosts: [staging.aws.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.aws.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c-uk/lis.values.yaml b/config/clusters/2i2c-uk/lis.values.yaml index d374ac891a..8000c51c0b 100644 --- a/config/clusters/2i2c-uk/lis.values.yaml +++ b/config/clusters/2i2c-uk/lis.values.yaml @@ -9,6 +9,14 @@ nfs: # Name of Google Filestore share baseShareName: /homes/ jupyterhub: + ingress: + hosts: [ds.lis.2i2c.cloud] + tls: + - hosts: [ds.lis.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [ds.lis.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c-uk/staging.values.yaml b/config/clusters/2i2c-uk/staging.values.yaml index 2dd7586b4a..357161f24f 100644 --- a/config/clusters/2i2c-uk/staging.values.yaml +++ b/config/clusters/2i2c-uk/staging.values.yaml @@ -9,6 +9,14 @@ nfs: # Name of Google Filestore share baseShareName: /homes/ jupyterhub: + ingress: + hosts: [staging.uk.2i2c.cloud] + tls: + - hosts: [staging.uk.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.uk.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/aup.values.yaml b/config/clusters/2i2c/aup.values.yaml index ba1f02e29f..422fe24016 100644 --- a/config/clusters/2i2c/aup.values.yaml +++ b/config/clusters/2i2c/aup.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - aup.pilot.2i2c.cloud + ingress: + hosts: + - aup.pilot.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - aup.pilot.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/catalyst-cooperative.values.yaml b/config/clusters/2i2c/catalyst-cooperative.values.yaml index 67ad7039a7..a95997a3bf 100644 --- a/config/clusters/2i2c/catalyst-cooperative.values.yaml +++ b/config/clusters/2i2c/catalyst-cooperative.values.yaml @@ -4,6 +4,17 @@ basehub: iam.gke.io/gcp-service-account: pilot-hubs-catalyst-coop@two-eye-two-see.iam.gserviceaccount.com jupyterhub: + proxy: + https: + hosts: + - catalyst-cooperative.pilot.2i2c.cloud + ingress: + hosts: + - catalyst-cooperative.pilot.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - catalyst-cooperative.pilot.2i2c.cloud singleuser: image: name: catalystcoop/pudl-jupyter diff --git a/config/clusters/2i2c/dask-staging.values.yaml b/config/clusters/2i2c/dask-staging.values.yaml index 6bce2c95bb..19a162b9aa 100644 --- a/config/clusters/2i2c/dask-staging.values.yaml +++ b/config/clusters/2i2c/dask-staging.values.yaml @@ -3,6 +3,17 @@ basehub: annotations: iam.gke.io/gcp-service-account: pilot-hubs-dask-staging@two-eye-two-see.iam.gserviceaccount.com jupyterhub: + proxy: + https: + hosts: + - dask-staging.2i2c.cloud + ingress: + hosts: + - dask-staging.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - dask-staging.2i2c.cloud custom: cloudResources: provider: gcp diff --git a/config/clusters/2i2c/demo.values.yaml b/config/clusters/2i2c/demo.values.yaml index 168605078d..b72e445f05 100644 --- a/config/clusters/2i2c/demo.values.yaml +++ b/config/clusters/2i2c/demo.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - demo.2i2c.cloud + ingress: + hosts: + - demo.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - demo.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/earthlab.values.yaml b/config/clusters/2i2c/earthlab.values.yaml index 599e948455..6c80c6970d 100644 --- a/config/clusters/2i2c/earthlab.values.yaml +++ b/config/clusters/2i2c/earthlab.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - earthlab.pilot.2i2c.cloud + ingress: + hosts: + - earthlab.pilot.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - earthlab.pilot.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/ohw.values.yaml b/config/clusters/2i2c/ohw.values.yaml index 957bdccdfa..df05b18eb9 100644 --- a/config/clusters/2i2c/ohw.values.yaml +++ b/config/clusters/2i2c/ohw.values.yaml @@ -14,6 +14,17 @@ basehub: annotations: iam.gke.io/gcp-service-account: pilot-hubs-ohw@two-eye-two-see.iam.gserviceaccount.com jupyterhub: + proxy: + https: + hosts: + - oceanhackweek.2i2c.cloud + ingress: + hosts: + - oceanhackweek.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - oceanhackweek.2i2c.cloud prePuller: continuous: # Todo: turn this off after the event @@ -74,6 +85,7 @@ basehub: add_staff_user_ids_to_admin_users: true add_staff_user_ids_of_type: "github" homepage: + gitRepoBranch: "2i2c-ohw" templateVars: org: name: OceanHackWeek diff --git a/config/clusters/2i2c/paleohack2021.values.yaml b/config/clusters/2i2c/paleohack2021.values.yaml index 94e4738b67..35e462cdb6 100644 --- a/config/clusters/2i2c/paleohack2021.values.yaml +++ b/config/clusters/2i2c/paleohack2021.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - paleohack2021.hackathon.2i2c.cloud + ingress: + hosts: + - paleohack2021.hackathon.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - paleohack2021.hackathon.2i2c.cloud scheduling: userScheduler: enabled: true diff --git a/config/clusters/2i2c/peddie.values.yaml b/config/clusters/2i2c/peddie.values.yaml index 61625b536f..a8ff068932 100644 --- a/config/clusters/2i2c/peddie.values.yaml +++ b/config/clusters/2i2c/peddie.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - peddie.pilot.2i2c.cloud + ingress: + hosts: + - peddie.pilot.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - peddie.pilot.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/pfw.values.yaml b/config/clusters/2i2c/pfw.values.yaml index 67c016ea2d..db3ddd7168 100644 --- a/config/clusters/2i2c/pfw.values.yaml +++ b/config/clusters/2i2c/pfw.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - pfw.pilot.2i2c.cloud + ingress: + hosts: + - pfw.pilot.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - pfw.pilot.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/staging.values.yaml b/config/clusters/2i2c/staging.values.yaml index 3c18f37a72..f363d74840 100644 --- a/config/clusters/2i2c/staging.values.yaml +++ b/config/clusters/2i2c/staging.values.yaml @@ -15,6 +15,17 @@ staticWebsite: enabled: false jupyterhub: + proxy: + https: + hosts: + - staging.2i2c.cloud + ingress: + hosts: + - staging.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - staging.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/temple.values.yaml b/config/clusters/2i2c/temple.values.yaml index 85a98b77de..3177c30ccf 100644 --- a/config/clusters/2i2c/temple.values.yaml +++ b/config/clusters/2i2c/temple.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - temple.2i2c.cloud + ingress: + hosts: + - temple.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - temple.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/2i2c/ucmerced.values.yaml b/config/clusters/2i2c/ucmerced.values.yaml index 1b22ca7d5f..efd7889e21 100644 --- a/config/clusters/2i2c/ucmerced.values.yaml +++ b/config/clusters/2i2c/ucmerced.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + proxy: + https: + hosts: + - ucmerced.2i2c.cloud + ingress: + hosts: + - ucmerced.2i2c.cloud + tls: + - secretName: https-auto-tls + hosts: + - ucmerced.2i2c.cloud custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/awi-ciroh/prod.values.yaml b/config/clusters/awi-ciroh/prod.values.yaml index d3abe33fab..55680c9e9e 100644 --- a/config/clusters/awi-ciroh/prod.values.yaml +++ b/config/clusters/awi-ciroh/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: awi-ciroh-prod@awi-ciroh.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [ciroh.awi.2i2c.cloud] + tls: + - hosts: [ciroh.awi.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [ciroh.awi.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://awi-ciroh-scratch/$(JUPYTERHUB_USER) diff --git a/config/clusters/awi-ciroh/staging.values.yaml b/config/clusters/awi-ciroh/staging.values.yaml index 3a9341568d..931ae25e9d 100644 --- a/config/clusters/awi-ciroh/staging.values.yaml +++ b/config/clusters/awi-ciroh/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: awi-ciroh-staging@awi-ciroh.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.ciroh.awi.2i2c.cloud] + tls: + - hosts: [staging.ciroh.awi.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.ciroh.awi.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://awi-ciroh-scratch-staging/$(JUPYTERHUB_USER) diff --git a/config/clusters/callysto/prod.values.yaml b/config/clusters/callysto/prod.values.yaml index 595a6fac16..2210811a9f 100644 --- a/config/clusters/callysto/prod.values.yaml +++ b/config/clusters/callysto/prod.values.yaml @@ -1,5 +1,16 @@ jupyterhub: + ingress: + hosts: [2i2c.callysto.ca] + tls: + - hosts: [2i2c.callysto.ca] + secretName: https-auto-tls + proxy: + https: + hosts: [2i2c.callysto.ca] hub: config: CILogonOAuthenticator: oauth_callback_url: https://2i2c.callysto.ca/hub/oauth_callback + custom: + homepage: + gitRepoBranch: "callysto-prod" diff --git a/config/clusters/callysto/staging.values.yaml b/config/clusters/callysto/staging.values.yaml index 9d8709cab9..e574f16d42 100644 --- a/config/clusters/callysto/staging.values.yaml +++ b/config/clusters/callysto/staging.values.yaml @@ -1,5 +1,16 @@ jupyterhub: + ingress: + hosts: [staging.callysto.2i2c.cloud] + tls: + - hosts: [staging.callysto.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.callysto.2i2c.cloud] hub: config: CILogonOAuthenticator: oauth_callback_url: https://staging.callysto.2i2c.cloud/hub/oauth_callback + custom: + homepage: + gitRepoBranch: "callysto-staging" diff --git a/config/clusters/carbonplan/prod.values.yaml b/config/clusters/carbonplan/prod.values.yaml index c7de1151d2..b6fe6fcf7c 100644 --- a/config/clusters/carbonplan/prod.values.yaml +++ b/config/clusters/carbonplan/prod.values.yaml @@ -1,5 +1,13 @@ basehub: jupyterhub: + ingress: + hosts: [carbonplan.2i2c.cloud] + tls: + - hosts: [carbonplan.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [carbonplan.2i2c.cloud] hub: config: JupyterHub: diff --git a/config/clusters/carbonplan/staging.values.yaml b/config/clusters/carbonplan/staging.values.yaml index ba37f0016c..413aecea51 100644 --- a/config/clusters/carbonplan/staging.values.yaml +++ b/config/clusters/carbonplan/staging.values.yaml @@ -1,5 +1,13 @@ basehub: jupyterhub: + ingress: + hosts: [staging.carbonplan.2i2c.cloud] + tls: + - hosts: [staging.carbonplan.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.carbonplan.2i2c.cloud] hub: config: JupyterHub: diff --git a/config/clusters/cloudbank/avc.values.yaml b/config/clusters/cloudbank/avc.values.yaml index 2cdb26b0d8..9d9876f7db 100644 --- a/config/clusters/cloudbank/avc.values.yaml +++ b/config/clusters/cloudbank/avc.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [avc.cloudbank.2i2c.cloud] + tls: + - hosts: [avc.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [avc.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/ccsf.values.yaml b/config/clusters/cloudbank/ccsf.values.yaml index 1c71e9b4ad..0748f3daee 100644 --- a/config/clusters/cloudbank/ccsf.values.yaml +++ b/config/clusters/cloudbank/ccsf.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [ccsf.cloudbank.2i2c.cloud] + tls: + - hosts: [ccsf.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [ccsf.cloudbank.2i2c.cloud] singleuser: memory: # Increased to help deal with possible kernel restarts diff --git a/config/clusters/cloudbank/csm.values.yaml b/config/clusters/cloudbank/csm.values.yaml index d072dc8aee..68fd53637f 100644 --- a/config/clusters/cloudbank/csm.values.yaml +++ b/config/clusters/cloudbank/csm.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [csm.cloudbank.2i2c.cloud] + tls: + - hosts: [csm.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [csm.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/csu.values.yaml b/config/clusters/cloudbank/csu.values.yaml index d7b4b56d80..adfa17faab 100644 --- a/config/clusters/cloudbank/csu.values.yaml +++ b/config/clusters/cloudbank/csu.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [csu.cloudbank.2i2c.cloud] + tls: + - hosts: [csu.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [csu.cloudbank.2i2c.cloud] prePuller: continuous: enabled: true diff --git a/config/clusters/cloudbank/demo.values.yaml b/config/clusters/cloudbank/demo.values.yaml index 1570dc124f..c19a9bb852 100644 --- a/config/clusters/cloudbank/demo.values.yaml +++ b/config/clusters/cloudbank/demo.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [demo.cloudbank.2i2c.cloud] + tls: + - hosts: [demo.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [demo.cloudbank.2i2c.cloud] prePuller: continuous: enabled: true diff --git a/config/clusters/cloudbank/elcamino.values.yaml b/config/clusters/cloudbank/elcamino.values.yaml index 4a2e24628b..6866cd570a 100644 --- a/config/clusters/cloudbank/elcamino.values.yaml +++ b/config/clusters/cloudbank/elcamino.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [elcamino.cloudbank.2i2c.cloud] + tls: + - hosts: [elcamino.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [elcamino.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/fresno.values.yaml b/config/clusters/cloudbank/fresno.values.yaml index f5637795eb..f5dad82d57 100644 --- a/config/clusters/cloudbank/fresno.values.yaml +++ b/config/clusters/cloudbank/fresno.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [fresno.cloudbank.2i2c.cloud] + tls: + - hosts: [fresno.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [fresno.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/glendale.values.yaml b/config/clusters/cloudbank/glendale.values.yaml index cd65b9ef2b..001989f0e3 100644 --- a/config/clusters/cloudbank/glendale.values.yaml +++ b/config/clusters/cloudbank/glendale.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [glendale.cloudbank.2i2c.cloud] + tls: + - hosts: [glendale.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [glendale.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/howard.values.yaml b/config/clusters/cloudbank/howard.values.yaml index c23276e621..9d88b16d35 100644 --- a/config/clusters/cloudbank/howard.values.yaml +++ b/config/clusters/cloudbank/howard.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [howard.cloudbank.2i2c.cloud] + tls: + - hosts: [howard.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [howard.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/lacc.values.yaml b/config/clusters/cloudbank/lacc.values.yaml index d016f34562..1b3841d6f1 100644 --- a/config/clusters/cloudbank/lacc.values.yaml +++ b/config/clusters/cloudbank/lacc.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [lacc.cloudbank.2i2c.cloud] + tls: + - hosts: [lacc.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [lacc.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/laney.values.yaml b/config/clusters/cloudbank/laney.values.yaml index a68138b113..62d959d81c 100644 --- a/config/clusters/cloudbank/laney.values.yaml +++ b/config/clusters/cloudbank/laney.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [laney.cloudbank.2i2c.cloud] + tls: + - hosts: [laney.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [laney.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/lassen.values.yaml b/config/clusters/cloudbank/lassen.values.yaml index 9be3fbdc7c..7b9f41a028 100644 --- a/config/clusters/cloudbank/lassen.values.yaml +++ b/config/clusters/cloudbank/lassen.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [lassen.cloudbank.2i2c.cloud] + tls: + - hosts: [lassen.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [lassen.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/mills.values.yaml b/config/clusters/cloudbank/mills.values.yaml index ff3b2cd34f..f6b689b408 100644 --- a/config/clusters/cloudbank/mills.values.yaml +++ b/config/clusters/cloudbank/mills.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [datahub.mills.edu] + tls: + - hosts: [datahub.mills.edu] + secretName: https-auto-tls + proxy: + https: + hosts: [datahub.mills.edu] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/miracosta.values.yaml b/config/clusters/cloudbank/miracosta.values.yaml index add7d6980c..6165d5b922 100644 --- a/config/clusters/cloudbank/miracosta.values.yaml +++ b/config/clusters/cloudbank/miracosta.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [miracosta.cloudbank.2i2c.cloud] + tls: + - hosts: [miracosta.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [miracosta.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/palomar.values.yaml b/config/clusters/cloudbank/palomar.values.yaml index 1a384c74ef..2671922403 100644 --- a/config/clusters/cloudbank/palomar.values.yaml +++ b/config/clusters/cloudbank/palomar.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [palomar.cloudbank.2i2c.cloud] + tls: + - hosts: [palomar.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [palomar.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/pasadena.values.yaml b/config/clusters/cloudbank/pasadena.values.yaml index 9609d9f96c..a4cc63c9f6 100644 --- a/config/clusters/cloudbank/pasadena.values.yaml +++ b/config/clusters/cloudbank/pasadena.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [pasadena.cloudbank.2i2c.cloud] + tls: + - hosts: [pasadena.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [pasadena.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/sbcc.values.yaml b/config/clusters/cloudbank/sbcc.values.yaml index 787a3a10a4..a21e1ea493 100644 --- a/config/clusters/cloudbank/sbcc.values.yaml +++ b/config/clusters/cloudbank/sbcc.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [sbcc.cloudbank.2i2c.cloud] + tls: + - hosts: [sbcc.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [sbcc.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/sjcc.values.yaml b/config/clusters/cloudbank/sjcc.values.yaml index 13a3a77a65..7e30838ef3 100644 --- a/config/clusters/cloudbank/sjcc.values.yaml +++ b/config/clusters/cloudbank/sjcc.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [sjcc.cloudbank.2i2c.cloud] + tls: + - hosts: [sjcc.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [sjcc.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/skyline.values.yaml b/config/clusters/cloudbank/skyline.values.yaml index 584f55bf18..add3265c9f 100644 --- a/config/clusters/cloudbank/skyline.values.yaml +++ b/config/clusters/cloudbank/skyline.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [skyline.cloudbank.2i2c.cloud] + tls: + - hosts: [skyline.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [skyline.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/staging.values.yaml b/config/clusters/cloudbank/staging.values.yaml index c133290cea..32da6fa842 100644 --- a/config/clusters/cloudbank/staging.values.yaml +++ b/config/clusters/cloudbank/staging.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [staging.cloudbank.2i2c.cloud] + tls: + - hosts: [staging.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/cloudbank/tuskegee.values.yaml b/config/clusters/cloudbank/tuskegee.values.yaml index 20d5e6fd85..ee8aa4601e 100644 --- a/config/clusters/cloudbank/tuskegee.values.yaml +++ b/config/clusters/cloudbank/tuskegee.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [tuskegee.cloudbank.2i2c.cloud] + tls: + - hosts: [tuskegee.cloudbank.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [tuskegee.cloudbank.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/gridsst/prod.values.yaml b/config/clusters/gridsst/prod.values.yaml index 1c52c16640..38cf424d9b 100644 --- a/config/clusters/gridsst/prod.values.yaml +++ b/config/clusters/gridsst/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::993998403439:role/gridsst-prod jupyterhub: + ingress: + hosts: [gridsst.2i2c.cloud] + tls: + - hosts: [gridsst.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [gridsst.2i2c.cloud] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/gridsst/staging.values.yaml b/config/clusters/gridsst/staging.values.yaml index f2c68be925..2228444116 100644 --- a/config/clusters/gridsst/staging.values.yaml +++ b/config/clusters/gridsst/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::993998403439:role/gridsst-staging jupyterhub: + ingress: + hosts: [staging.gridsst.2i2c.cloud] + tls: + - hosts: [staging.gridsst.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.gridsst.2i2c.cloud] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/leap/prod.values.yaml b/config/clusters/leap/prod.values.yaml index d2e3ae6e8b..9ca568401e 100644 --- a/config/clusters/leap/prod.values.yaml +++ b/config/clusters/leap/prod.values.yaml @@ -13,7 +13,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: leap-prod@leap-pangeo.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [leap.2i2c.cloud] + tls: + - hosts: [leap.2i2c.cloud] + secretName: https-auto-tls proxy: + https: + hosts: [leap.2i2c.cloud] chp: resources: requests: diff --git a/config/clusters/leap/staging.values.yaml b/config/clusters/leap/staging.values.yaml index 572ba61e11..0f1349159d 100644 --- a/config/clusters/leap/staging.values.yaml +++ b/config/clusters/leap/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: leap-staging@leap-pangeo.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.leap.2i2c.cloud] + tls: + - hosts: [staging.leap.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.leap.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://leap-scratch-staging/$(JUPYTERHUB_USER) diff --git a/config/clusters/linked-earth/prod.values.yaml b/config/clusters/linked-earth/prod.values.yaml index e0bcf078b6..83ab8c25a6 100644 --- a/config/clusters/linked-earth/prod.values.yaml +++ b/config/clusters/linked-earth/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: linked-earth-prod@linked-earth-hubs.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [linkedearth.2i2c.cloud] + tls: + - hosts: [linkedearth.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [linkedearth.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://linked-earth-scratch/$(JUPYTERHUB_USER) diff --git a/config/clusters/linked-earth/staging.values.yaml b/config/clusters/linked-earth/staging.values.yaml index d24939d0c0..d5fe50384d 100644 --- a/config/clusters/linked-earth/staging.values.yaml +++ b/config/clusters/linked-earth/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: linked-earth-staging@linked-earth-hubs.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.linkedearth.2i2c.cloud] + tls: + - hosts: [staging.linkedearth.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.linkedearth.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://linked-earth-scratch-staging/$(JUPYTERHUB_USER) diff --git a/config/clusters/m2lines/prod.values.yaml b/config/clusters/m2lines/prod.values.yaml index 74e69df175..cb47b38c0f 100644 --- a/config/clusters/m2lines/prod.values.yaml +++ b/config/clusters/m2lines/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: m2lines-prod@m2lines-hub.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [m2lines.2i2c.cloud] + tls: + - hosts: [m2lines.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [m2lines.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://m2lines-scratch/$(JUPYTERHUB_USER) diff --git a/config/clusters/m2lines/staging.values.yaml b/config/clusters/m2lines/staging.values.yaml index ee31a07d03..b9ffef22b1 100644 --- a/config/clusters/m2lines/staging.values.yaml +++ b/config/clusters/m2lines/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: m2lines-staging@m2lines-hub.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.m2lines.2i2c.cloud] + tls: + - hosts: [staging.m2lines.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.m2lines.2i2c.cloud] singleuser: extraEnv: SCRATCH_BUCKET: gs://m2lines-scratch-staging/$(JUPYTERHUB_USER) diff --git a/config/clusters/meom-ige/drakkar-demo.values.yaml b/config/clusters/meom-ige/drakkar-demo.values.yaml index 0d9590243a..8fadd63d60 100644 --- a/config/clusters/meom-ige/drakkar-demo.values.yaml +++ b/config/clusters/meom-ige/drakkar-demo.values.yaml @@ -14,6 +14,14 @@ nfs: serverIP: nfs-server-01 baseShareName: /export/home-01/homes/ jupyterhub: + ingress: + hosts: [drakkar-demo.meom-ige.2i2c.cloud] + tls: + - hosts: [drakkar-demo.meom-ige.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [drakkar-demo.meom-ige.2i2c.cloud] custom: 2i2c: add_staff_user_ids_to_admin_users: true diff --git a/config/clusters/meom-ige/prod.values.yaml b/config/clusters/meom-ige/prod.values.yaml index 523302c619..54a1b7d928 100644 --- a/config/clusters/meom-ige/prod.values.yaml +++ b/config/clusters/meom-ige/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: meom-ige-prod@meom-ige-cnrs.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [meom-ige.2i2c.cloud] + tls: + - hosts: [meom-ige.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [meom-ige.2i2c.cloud] hub: config: JupyterHub: diff --git a/config/clusters/meom-ige/staging.values.yaml b/config/clusters/meom-ige/staging.values.yaml index 6c75c5ec30..482065a0e9 100644 --- a/config/clusters/meom-ige/staging.values.yaml +++ b/config/clusters/meom-ige/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: meom-ige-staging-workload-sa@meom-ige-cnrs.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.meom-ige.2i2c.cloud] + tls: + - hosts: [staging.meom-ige.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.meom-ige.2i2c.cloud] hub: config: JupyterHub: diff --git a/config/clusters/nasa-cryo/prod.values.yaml b/config/clusters/nasa-cryo/prod.values.yaml index 69e57ad842..c58a00fa94 100644 --- a/config/clusters/nasa-cryo/prod.values.yaml +++ b/config/clusters/nasa-cryo/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::574251165169:role/nasa-cryo-prod jupyterhub: + ingress: + hosts: [hub.cryointhecloud.com] + tls: + - hosts: [hub.cryointhecloud.com] + secretName: https-auto-tls + proxy: + https: + hosts: [hub.cryointhecloud.com] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/nasa-cryo/staging.values.yaml b/config/clusters/nasa-cryo/staging.values.yaml index 9d3179dd51..99369b4879 100644 --- a/config/clusters/nasa-cryo/staging.values.yaml +++ b/config/clusters/nasa-cryo/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::574251165169:role/nasa-cryo-staging jupyterhub: + ingress: + hosts: [staging.hub.cryointhecloud.com] + tls: + - hosts: [staging.hub.cryointhecloud.com] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.hub.cryointhecloud.com] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/nasa-veda/prod.values.yaml b/config/clusters/nasa-veda/prod.values.yaml index b085fb2149..d516040738 100644 --- a/config/clusters/nasa-veda/prod.values.yaml +++ b/config/clusters/nasa-veda/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::444055461661:role/nasa-veda-prod jupyterhub: + ingress: + hosts: [nasa-veda.2i2c.cloud] + tls: + - hosts: [nasa-veda.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [nasa-veda.2i2c.cloud] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/nasa-veda/staging.values.yaml b/config/clusters/nasa-veda/staging.values.yaml index d7a86bed27..654cfe546f 100644 --- a/config/clusters/nasa-veda/staging.values.yaml +++ b/config/clusters/nasa-veda/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: eks.amazonaws.com/role-arn: arn:aws:iam::444055461661:role/nasa-veda-staging jupyterhub: + ingress: + hosts: [staging.nasa-veda.2i2c.cloud] + tls: + - hosts: [staging.nasa-veda.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.nasa-veda.2i2c.cloud] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/openscapes/prod.values.yaml b/config/clusters/openscapes/prod.values.yaml index c7c357869f..f09d8a0560 100644 --- a/config/clusters/openscapes/prod.values.yaml +++ b/config/clusters/openscapes/prod.values.yaml @@ -1,5 +1,13 @@ basehub: jupyterhub: + ingress: + hosts: [openscapes.2i2c.cloud] + tls: + - hosts: [openscapes.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [openscapes.2i2c.cloud] hub: config: JupyterHub: diff --git a/config/clusters/openscapes/staging.values.yaml b/config/clusters/openscapes/staging.values.yaml index d43636264e..c01a02d14c 100644 --- a/config/clusters/openscapes/staging.values.yaml +++ b/config/clusters/openscapes/staging.values.yaml @@ -1,5 +1,13 @@ basehub: jupyterhub: + ingress: + hosts: [staging.openscapes.2i2c.cloud] + tls: + - hosts: [staging.openscapes.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.openscapes.2i2c.cloud] hub: config: JupyterHub: diff --git a/config/clusters/pangeo-hubs/prod.values.yaml b/config/clusters/pangeo-hubs/prod.values.yaml index 574c943269..5861e40fc8 100644 --- a/config/clusters/pangeo-hubs/prod.values.yaml +++ b/config/clusters/pangeo-hubs/prod.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: pangeo-hubs-prod@pangeo-integration-te-3eea.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [us-central1-b.gcp.pangeo.io] + tls: + - hosts: [us-central1-b.gcp.pangeo.io] + secretName: https-auto-tls + proxy: + https: + hosts: [us-central1-b.gcp.pangeo.io] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/pangeo-hubs/staging.values.yaml b/config/clusters/pangeo-hubs/staging.values.yaml index e628d4e930..903904b5d0 100644 --- a/config/clusters/pangeo-hubs/staging.values.yaml +++ b/config/clusters/pangeo-hubs/staging.values.yaml @@ -3,6 +3,14 @@ basehub: annotations: iam.gke.io/gcp-service-account: pangeo-hubs-staging@pangeo-integration-te-3eea.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.us-central1-b.gcp.pangeo.io] + tls: + - hosts: [staging.us-central1-b.gcp.pangeo.io] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.us-central1-b.gcp.pangeo.io] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/qcl/prod.values.yaml b/config/clusters/qcl/prod.values.yaml index 85fdde1f29..c368848fa7 100644 --- a/config/clusters/qcl/prod.values.yaml +++ b/config/clusters/qcl/prod.values.yaml @@ -2,6 +2,14 @@ userServiceAccount: annotations: iam.gke.io/gcp-service-account: qcl-prod@qcl-hub.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [jupyter.quantifiedcarbon.com] + tls: + - hosts: [jupyter.quantifiedcarbon.com] + secretName: https-auto-tls + proxy: + https: + hosts: [jupyter.quantifiedcarbon.com] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/qcl/staging.values.yaml b/config/clusters/qcl/staging.values.yaml index ffb3f4302f..7257fb2569 100644 --- a/config/clusters/qcl/staging.values.yaml +++ b/config/clusters/qcl/staging.values.yaml @@ -2,6 +2,14 @@ userServiceAccount: annotations: iam.gke.io/gcp-service-account: qcl-staging@qcl-hub.iam.gserviceaccount.com jupyterhub: + ingress: + hosts: [staging.quantifiedcarbon.com] + tls: + - hosts: [staging.quantifiedcarbon.com] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.quantifiedcarbon.com] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/ubc-eoas/prod.values.yaml b/config/clusters/ubc-eoas/prod.values.yaml index e7e1606a83..69103d6ed5 100644 --- a/config/clusters/ubc-eoas/prod.values.yaml +++ b/config/clusters/ubc-eoas/prod.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [ubc-eoas.2i2c.cloud] + tls: + - hosts: [ubc-eoas.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [ubc-eoas.2i2c.cloud] hub: config: CILogonOAuthenticator: diff --git a/config/clusters/ubc-eoas/staging.values.yaml b/config/clusters/ubc-eoas/staging.values.yaml index 722882bdbb..5d4b33bf83 100644 --- a/config/clusters/ubc-eoas/staging.values.yaml +++ b/config/clusters/ubc-eoas/staging.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [staging.ubc-eoas.2i2c.cloud] + tls: + - hosts: [staging.ubc-eoas.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.ubc-eoas.2i2c.cloud] hub: config: CILogonOAuthenticator: diff --git a/config/clusters/utoronto/default-prod.values.yaml b/config/clusters/utoronto/default-prod.values.yaml index bd255b5b72..2b385b3b7c 100644 --- a/config/clusters/utoronto/default-prod.values.yaml +++ b/config/clusters/utoronto/default-prod.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [jupyter.utoronto.ca] + tls: + - hosts: [jupyter.utoronto.ca] + secretName: https-auto-tls + proxy: + https: + hosts: [jupyter.utoronto.ca] scheduling: userPlaceholder: # Keep at least one spare node around @@ -12,6 +20,9 @@ jupyterhub: # that pods in `kube-system` will still schedule. # So even though this is under `userPlaceholder`, it really is operating as a `nodePlaceholder` memory: 57350076Ki + custom: + homepage: + gitRepoBranch: "utoronto-prod" hub: db: pvc: diff --git a/config/clusters/utoronto/default-staging.values.yaml b/config/clusters/utoronto/default-staging.values.yaml index 4a11919c94..61e411880d 100644 --- a/config/clusters/utoronto/default-staging.values.yaml +++ b/config/clusters/utoronto/default-staging.values.yaml @@ -1,4 +1,15 @@ jupyterhub: + ingress: + hosts: [staging.utoronto.2i2c.cloud] + tls: + - hosts: [staging.utoronto.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.utoronto.2i2c.cloud] + custom: + homepage: + gitRepoBranch: "utoronto-staging" hub: config: AzureAdOAuthenticator: diff --git a/config/clusters/utoronto/r-prod.values.yaml b/config/clusters/utoronto/r-prod.values.yaml index 7c1d65b5d5..a3abca419b 100644 --- a/config/clusters/utoronto/r-prod.values.yaml +++ b/config/clusters/utoronto/r-prod.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [r.datatools.utoronto.ca] + tls: + - hosts: [r.datatools.utoronto.ca] + secretName: https-auto-tls + proxy: + https: + hosts: [r.datatools.utoronto.ca] hub: db: pvc: diff --git a/config/clusters/utoronto/r-staging.values.yaml b/config/clusters/utoronto/r-staging.values.yaml index e1a33e721c..293a393fef 100644 --- a/config/clusters/utoronto/r-staging.values.yaml +++ b/config/clusters/utoronto/r-staging.values.yaml @@ -1,4 +1,12 @@ jupyterhub: + ingress: + hosts: [r-staging.datatools.utoronto.ca] + tls: + - hosts: [r-staging.datatools.utoronto.ca] + secretName: https-auto-tls + proxy: + https: + hosts: [r-staging.datatools.utoronto.ca] hub: config: AzureAdOAuthenticator: diff --git a/config/clusters/victor/prod.values.yaml b/config/clusters/victor/prod.values.yaml index d900057417..8f2acc2573 100644 --- a/config/clusters/victor/prod.values.yaml +++ b/config/clusters/victor/prod.values.yaml @@ -4,6 +4,14 @@ basehub: eks.amazonaws.com/role-arn: arn:aws:iam::129856558350:role/victor-prod jupyterhub: + ingress: + hosts: [victor.2i2c.cloud] + tls: + - hosts: [victor.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [victor.2i2c.cloud] hub: config: GitHubOAuthenticator: diff --git a/config/clusters/victor/staging.values.yaml b/config/clusters/victor/staging.values.yaml index 62764b4c08..570eaf8577 100644 --- a/config/clusters/victor/staging.values.yaml +++ b/config/clusters/victor/staging.values.yaml @@ -4,6 +4,14 @@ basehub: eks.amazonaws.com/role-arn: arn:aws:iam::129856558350:role/victor-staging jupyterhub: + ingress: + hosts: [staging.victor.2i2c.cloud] + tls: + - hosts: [staging.victor.2i2c.cloud] + secretName: https-auto-tls + proxy: + https: + hosts: [staging.victor.2i2c.cloud] hub: config: GitHubOAuthenticator: diff --git a/deployer/hub.py b/deployer/hub.py index 6034c7db34..5798dff002 100644 --- a/deployer/hub.py +++ b/deployer/hub.py @@ -1,8 +1,5 @@ -import json import subprocess -import tempfile from pathlib import Path -from textwrap import dedent from ruamel.yaml import YAML @@ -23,125 +20,6 @@ def __init__(self, cluster, spec): self.cluster = cluster self.spec = spec - def get_generated_config(self): - """ - Generate config automatically for each hub - """ - generated_config = { - "jupyterhub": { - "proxy": {"https": {"hosts": [self.spec["domain"]]}}, - "ingress": { - "hosts": [self.spec["domain"]], - "tls": [ - { - "secretName": "https-auto-tls", - "hosts": [self.spec["domain"]], - } - ], - }, - "hub": { - "config": {}, - "initContainers": [ - { - "name": "templates-clone", - "image": "alpine/git", - "args": [ - "clone", - "--", - "https://github.com/2i2c-org/default-hub-homepage", - "/srv/repo", - ], - "securityContext": { - "runAsUser": 1000, - "runAsGroup": 1000, - "allowPrivilegeEscalation": False, - "readOnlyRootFilesystem": True, - }, - "volumeMounts": [ - { - "name": "custom-templates", - "mountPath": "/srv/repo", - } - ], - }, - { - "name": "templates-ownership-fix", - "image": "alpine/git", - "command": ["/bin/sh"], - "args": [ - "-c", - "ls -lhd /srv/repo && chown 1000:1000 /srv/repo && ls -lhd /srv/repo", - ], - "securityContext": {"runAsUser": 0}, - "volumeMounts": [ - { - "name": "custom-templates", - "mountPath": "/srv/repo", - } - ], - }, - ], - "extraContainers": [ - { - "name": "templates-sync", - "image": "alpine/git", - "workingDir": "/srv/repo", - "command": ["/bin/sh"], - "args": [ - "-c", - dedent( - f"""\ - ls -lhd /srv/repo; - while true; do git fetch origin; - if [[ $(git ls-remote --heads origin {self.cluster.spec["name"]}-{self.spec["name"]} | wc -c) -ne 0 ]]; then - git reset --hard origin/{self.cluster.spec["name"]}-{self.spec["name"]}; - else - git reset --hard origin/master; - fi - sleep 5m; done - """ - ), - ], - "securityContext": { - "runAsUser": 1000, - "runAsGroup": 1000, - "allowPrivilegeEscalation": False, - "readOnlyRootFilesystem": True, - }, - "volumeMounts": [ - { - "name": "custom-templates", - "mountPath": "/srv/repo", - } - ], - } - ], - "extraVolumes": [{"name": "custom-templates", "emptyDir": {}}], - "extraVolumeMounts": [ - { - "mountPath": "/usr/local/share/jupyterhub/custom_templates", - "name": "custom-templates", - "subPath": "templates", - }, - { - "mountPath": "/usr/local/share/jupyterhub/static/extra-assets", - "name": "custom-templates", - "subPath": "extra-assets", - }, - ], - }, - }, - } - - # Due to nesting of charts on top of the basehub, our generated basehub - # config may need to be nested as well. - if self.spec["helm_chart"] == "daskhub": - generated_config = {"basehub": generated_config} - elif self.spec["helm_chart"] == "binderhub": - generated_config = {} - - return generated_config - def deploy(self, dask_gateway_version, debug, dry_run): """ Deploy this hub @@ -168,8 +46,6 @@ def deploy(self, dask_gateway_version, debug, dry_run): self.spec["domain"] = domain_override_config["domain"] - generated_values = self.get_generated_config() - if self.spec["helm_chart"] == "daskhub": # Install CRDs for daskhub before deployment manifest_urls = [ @@ -180,15 +56,10 @@ def deploy(self, dask_gateway_version, debug, dry_run): for manifest_url in manifest_urls: subprocess.check_call(["kubectl", "apply", "-f", manifest_url]) - with tempfile.NamedTemporaryFile( - mode="w" - ) as generated_values_file, get_decrypted_files( + with get_decrypted_files( self.cluster.config_path.joinpath(p) for p in self.spec["helm_chart_values_files"] ) as values_files: - json.dump(generated_values, generated_values_file) - generated_values_file.flush() - cmd = [ "helm", "upgrade", @@ -198,10 +69,6 @@ def deploy(self, dask_gateway_version, debug, dry_run): f"--namespace={self.spec['name']}", self.spec["name"], helm_charts_dir.joinpath(self.spec["helm_chart"]), - # Ordering matters here - config explicitly mentioned in cli should take - # priority over our generated values. Based on how helm does overrides, this means - # we should put the config from cluster.yaml last. - f"--values={generated_values_file.name}", ] if dry_run: diff --git a/helm-charts/basehub/templates/configmap-hub-templates.yaml b/helm-charts/basehub/templates/configmap-hub-templates.yaml new file mode 100644 index 0000000000..db035ac00d --- /dev/null +++ b/helm-charts/basehub/templates/configmap-hub-templates.yaml @@ -0,0 +1,11 @@ +kind: ConfigMap +apiVersion: v1 +metadata: + name: hub-custom-templates-config + labels: + app: jupyterhub +data: + {{- with .Values.jupyterhub.custom.homepage }} + GIT_REPO_URL: {{ .gitRepoUrl | quote }} + GIT_REPO_BRANCH: {{ .gitRepoBranch | quote }} + {{- end }} diff --git a/helm-charts/basehub/values.schema.yaml b/helm-charts/basehub/values.schema.yaml index 71e708bc09..7fe57faff9 100644 --- a/helm-charts/basehub/values.schema.yaml +++ b/helm-charts/basehub/values.schema.yaml @@ -216,12 +216,15 @@ properties: global: type: object additionalProperties: true - # jupyterhub is a dependent helm chart, we rely _mostly_ on its schema - # validation for values passed to it and are not imposing restrictions on them - # in this helm chart. But, we do we provide custom configuration (`custom`) - # that is read by custom jupyterhub configuration (`hub.config`). - # - # Due to that, we provide a strict schema for the `jupyterhub.custom` values + # jupyterhub is a dependent helm chart and we rely _mostly_ on its schema + # validation for values passed to it and are not imposing restrictions on + # most of them in this helm chart. + # But in this helm chart, we do tighten some of the validations done in + # the jupyterhub helm chart (like item types and not allowing empty fields) + # to ensure a functional setup. + # Also, because we provide custom configuration (`custom`) + # that is read by custom jupyterhub configuration (`hub.config`), + # we provide a strict schema for the `jupyterhub.custom` values # passed to this helm chart. # jupyterhub: @@ -229,7 +232,37 @@ properties: additionalProperties: true required: - custom + - proxy + - ingress properties: + proxy: + type: object + additionalProperties: true + required: + - https + properties: + hosts: + type: array + minItems: 1 + items: + type: string + ingress: + type: object + additionalProperties: true + required: + - hosts + - tls + properties: + hosts: + type: array + minItems: 1 + items: + type: string + tls: + type: array + minItems: 1 + items: + type: object custom: type: object additionalProperties: true @@ -282,7 +315,24 @@ properties: additionalProperties: false required: - templateVars + - gitRepoUrl + - gitRepoBranch properties: + gitRepoUrl: + type: string + description: | + The URL of the repository hosting custom hub templates + that should override the hub homepage default ones. + + Example: https://github.com/2i2c-org/default-hub-homepage + gitRepoBranch: + type: string + description: | + The name of the branch of the repository at `hubTemplateRepoDetails.repo_url` + to pull the custom templates from. + Should be used to customize the homepage of a hub. + + The convention for the name of this branch is `-`. templateVars: type: object additionalProperties: false diff --git a/helm-charts/basehub/values.yaml b/helm-charts/basehub/values.yaml index 2ce6f72dff..2357d9b13a 100644 --- a/helm-charts/basehub/values.yaml +++ b/helm-charts/basehub/values.yaml @@ -101,6 +101,10 @@ jupyterhub: - pnasrat@2i2c.org - sgibson@2i2c.org - yuvipanda@2i2c.org + homepage: + gitRepoUrl: "https://github.com/2i2c-org/default-hub-homepage" + # TODO: make main the default branch in the repo above + gitRepoBranch: "master" ingress: enabled: true annotations: @@ -400,7 +404,77 @@ jupyterhub: - value: "/rstudio" title: RStudio description: An IDE For R, created by the RStudio company - + initContainers: + - name: templates-clone + image: alpine/git + args: + - clone + - -- + - $(GIT_REPO_URL) + - /srv/repo + env: + - name: GIT_REPO_URL + valueFrom: + configMapKeyRef: + name: hub-custom-templates-config + key: GIT_REPO_URL + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + allowPrivilegeEscalation: False + readOnlyRootFilesystem: True + volumeMounts: + - name: custom-templates + mountPath: /srv/repo + - name: templates-ownership-fix + image: alpine/git + command: + - /bin/sh + args: + - -c + - ls -lhd /srv/repo && chown 1000:1000 /srv/repo && ls -lhd /srv/repo + securityContext: + runAsUser: 0 + volumeMounts: + - name: custom-templates + mountPath: /srv/repo + extraContainers: + - name: templates-sync + image: alpine/git + workingDir: /srv/repo + command: + - /bin/sh + args: + - -c + - | + ls -lhd /srv/repo; + while true; do git fetch origin; + git reset --hard origin/$(GIT_REPO_BRANCH); + sleep 5m; done + env: + - name: GIT_REPO_BRANCH + valueFrom: + configMapKeyRef: + name: hub-custom-templates-config + key: GIT_REPO_BRANCH + securityContext: + runAsUser: 1000 + runAsGroup: 1000 + allowPrivilegeEscalation: False + readOnlyRootFilesystem: True + volumeMounts: + - name: custom-templates + mountPath: /srv/repo + extraVolumes: + - name: custom-templates + emptyDir: {} + extraVolumeMounts: + - mountPath: /usr/local/share/jupyterhub/custom_templates + name: custom-templates + subPath: templates + - mountPath: /usr/local/share/jupyterhub/static/extra-assets + name: custom-templates + subPath: extra-assets services: configurator: url: http://configurator:10101