diff --git a/apps/code-server/forward.tf b/apps/code-server/forward.tf index afd7d1d..258c57b 100644 --- a/apps/code-server/forward.tf +++ b/apps/code-server/forward.tf @@ -60,7 +60,7 @@ resource "authentik_provider_proxy" "prj_forward" { resource "authentik_application" "prj_application" { name = local.app-name - slug = local.app-name + slug = "${var.component}-${var.instance}" protocol_provider = authentik_provider_proxy.prj_forward.id meta_launch_url = local.external-url meta_icon = format("%s/%s", local.external-url, local.app-icon) diff --git a/apps/code-server/index.yaml b/apps/code-server/index.yaml index 0bad23c..af6110e 100644 --- a/apps/code-server/index.yaml +++ b/apps/code-server/index.yaml @@ -6,26 +6,68 @@ metadata: name: code-server description: null options: - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string ingress-class: default: traefik examples: - traefik type: string - domain: - default: your-company - examples: - - your-company - type: string domain-name: default: your_company.com examples: - your_company.com type: string + timezone: + default: Europe/Paris + examples: + - Europe/Paris + type: string + storage: + default: + accessMode: ReadWriteOnce + size: 20Gi + type: Filesystem + examples: + - accessMode: ReadWriteOnce + size: 20Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 20Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - block + type: string + type: object + domain: + default: your-company + examples: + - your-company + type: string + admin: + default: + cluster: false + namespace: false + examples: + - cluster: false + namespace: false + properties: + cluster: + default: false + type: boolean + namespace: + default: false + type: boolean + type: object images: default: codeserver: @@ -65,58 +107,16 @@ options: type: number type: object type: object - timezone: - default: Europe/Paris - examples: - - Europe/Paris - type: string - admin: - default: - cluster: false - namespace: false - examples: - - cluster: false - namespace: false - properties: - cluster: - default: false - type: boolean - namespace: - default: false - type: boolean - type: object - storage: - default: - accessMode: ReadWriteOnce - size: 20Gi - type: Filesystem - examples: - - accessMode: ReadWriteOnce - size: 20Gi - type: Filesystem - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 20Gi - type: string - type: - default: Filesystem - enum: - - Filesystem - - block - type: string - type: object no-editor: default: false examples: - false type: boolean + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string sub-domain: default: code examples: diff --git a/apps/dolibarr/application.tf b/apps/dolibarr/application.tf index e180cc5..a73f3b5 100644 --- a/apps/dolibarr/application.tf +++ b/apps/dolibarr/application.tf @@ -49,7 +49,7 @@ resource "authentik_policy_binding" "dolibarr_ldap_access_vynil" { } resource "authentik_application" "dolibarr_application_saml" { - name = var.component==var.instance?var.component:"${var.component}-${var.instance}" + name = "${var.instance}" slug = "${var.component}-${var.instance}" protocol_provider = authentik_provider_saml.dolibarr.id meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain-name) diff --git a/apps/dolibarr/index.yaml b/apps/dolibarr/index.yaml index ee88979..97498e4 100644 --- a/apps/dolibarr/index.yaml +++ b/apps/dolibarr/index.yaml @@ -6,37 +6,44 @@ metadata: name: dolibarr description: null options: - redis: + postgres: default: - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi + replicas: 1 + storage: 5Gi + version: '14' examples: - - exporter: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - image: quay.io/opstree/redis:v7.0.5 - storage: 2Gi + - replicas: 1 + storage: 5Gi + version: '14' properties: - exporter: - default: - enabled: true - image: quay.io/opstree/redis-exporter:v1.44.0 - properties: - enabled: - default: true - type: boolean - image: - default: quay.io/opstree/redis-exporter:v1.44.0 - type: string - type: object - image: - default: quay.io/opstree/redis:v7.0.5 - type: string + replicas: + default: 1 + type: integer storage: - default: 2Gi + default: 5Gi + type: string + version: + default: '14' + type: string + type: object + sub-domain: + default: erp + examples: + - erp + type: string + ingress-class: + default: traefik + examples: + - traefik + type: string + parameters: + default: + MAIN_LANG_DEFAULT: auto + examples: + - MAIN_LANG_DEFAULT: auto + properties: + MAIN_LANG_DEFAULT: + default: auto type: string type: object hpa: @@ -59,26 +66,19 @@ options: default: 1 type: integer type: object - postgres: + modules: default: - replicas: 1 - storage: 5Gi - version: '14' + - societe examples: - - replicas: 1 - storage: 5Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 5Gi - type: string - version: - default: '14' - type: string - type: object + - - societe + items: + type: string + type: array + domain-name: + default: your_company.com + examples: + - your_company.com + type: string resources: default: limits: @@ -120,62 +120,74 @@ options: type: string type: object type: object - sub-domain: - default: erp + storage: + default: + accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem examples: - - erp + - accessMode: ReadWriteOnce + size: 10Gi + type: Filesystem + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: + default: Filesystem + enum: + - Filesystem + - block + type: string + type: object + domain: + default: your-company + examples: + - your-company type: string issuer: default: letsencrypt-prod examples: - letsencrypt-prod type: string - log-level: - default: 5 - examples: - - 5 - type: integer - ingress-class: - default: traefik - examples: - - traefik - type: string - modules: + redis: default: - - societe + exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi examples: - - - societe - items: - type: string - type: array - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - user-groups: - default: - - admin: true - name: dolibarr-admin - examples: - - - admin: true - name: dolibarr-admin - items: - properties: - admin: - type: boolean - name: - type: string - type: object - type: array - parameters: - default: - MAIN_LANG_DEFAULT: auto - examples: - - MAIN_LANG_DEFAULT: auto + - exporter: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + image: quay.io/opstree/redis:v7.0.5 + storage: 2Gi properties: - MAIN_LANG_DEFAULT: - default: auto + exporter: + default: + enabled: true + image: quay.io/opstree/redis-exporter:v1.44.0 + properties: + enabled: + default: true + type: boolean + image: + default: quay.io/opstree/redis-exporter:v1.44.0 + type: string + type: object + image: + default: quay.io/opstree/redis:v7.0.5 + type: string + storage: + default: 2Gi type: string type: object images: @@ -243,38 +255,26 @@ options: type: string type: object type: object - domain: - default: your-company + log-level: + default: 5 examples: - - your-company - type: string - storage: + - 5 + type: integer + user-groups: default: - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem + - admin: true + name: dolibarr-admin examples: - - accessMode: ReadWriteOnce - size: 10Gi - type: Filesystem - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: - default: Filesystem - enum: - - Filesystem - - block - type: string - type: object + - - admin: true + name: dolibarr-admin + items: + properties: + admin: + type: boolean + name: + type: string + type: object + type: array dependencies: - dist: null category: share diff --git a/apps/dolibarr/postgresql.tf b/apps/dolibarr/postgresql.tf index 9b8aa4d..15c0425 100644 --- a/apps/dolibarr/postgresql.tf +++ b/apps/dolibarr/postgresql.tf @@ -66,7 +66,7 @@ spec: command: - /bin/bash - "-c" - - "echo -ne 'drop view if exists metric_helpers.pg_stat_statements;\ndrop function if exists metric_helpers.pg_stat_statements;\nDROP EXTENSION IF EXISTS pg_stat_statements;\nDROP EXTENSION IF EXISTS pg_stat_kcache;\nDROP EXTENSION IF EXISTS set_user;\n'| PGPASSWORD=\"$PASSWORD\" psql -U $USERNAME -d $DBNAME -h $DBURL" + - "echo -ne 'drop view if exists metric_helpers.pg_stat_statements;\ndrop function if exists metric_helpers.pg_stat_statements;\nDROP EXTENSION IF EXISTS pg_stat_kcache;\nDROP EXTENSION IF EXISTS pg_stat_statements;\nDROP EXTENSION IF EXISTS set_user;\n'| PGPASSWORD=\"$PASSWORD\" psql -U $USERNAME -d $DBNAME -h $DBURL" EOF } diff --git a/apps/gitea/index.yaml b/apps/gitea/index.yaml index b32e50a..8410ae7 100644 --- a/apps/gitea/index.yaml +++ b/apps/gitea/index.yaml @@ -9,46 +9,21 @@ metadata: A painless self-hosted Git service. Gitea is a community managed lightweight code hosting solution written in Go. It is published under the MIT license. options: - release: - default: 8.3.0 + issuer: + default: letsencrypt-prod examples: - - 8.3.0 + - letsencrypt-prod type: string - disable-registration: - default: true - examples: - - true - type: boolean - admin: - default: - email: git-admin@git.your_company.com - name: gitea_admin - examples: - - email: git-admin@git.your_company.com - name: gitea_admin - properties: - email: - default: git-admin@git.your_company.com - type: string - name: - default: gitea_admin - type: string - type: object - ingress-class: - default: traefik - examples: - - traefik - type: string - ssh-port: - default: 2222 - examples: - - 2222 - type: integer theme: default: gitea-modern examples: - gitea-modern type: string + default-branch: + default: main + examples: + - main + type: string volume: default: size: 10Gi @@ -59,11 +34,26 @@ options: default: 10Gi type: string type: object - domain: - default: your-company + ingress-class: + default: traefik examples: - - your-company + - traefik type: string + sub-domain: + default: git + examples: + - git + type: string + disable-registration: + default: true + examples: + - true + type: boolean + replicas: + default: 1 + examples: + - 1 + type: integer postgres: default: replicas: 1 @@ -84,16 +74,21 @@ options: default: '14' type: string type: object - timezone: - default: Europe/Paris + domain: + default: your-company examples: - - Europe/Paris + - your-company type: string - issuer: - default: letsencrypt-prod + release: + default: 8.3.0 examples: - - letsencrypt-prod + - 8.3.0 type: string + ssh-port: + default: 2222 + examples: + - 2222 + type: integer push-create: default: org: 'true' @@ -119,15 +114,20 @@ options: examples: - your_company.com type: string - replicas: - default: 1 + load-balancer: + default: + ip: '' examples: - - 1 - type: integer - default-branch: - default: main + - ip: '' + properties: + ip: + default: '' + type: string + type: object + timezone: + default: Europe/Paris examples: - - main + - Europe/Paris type: string images: default: @@ -192,11 +192,21 @@ options: type: string type: object type: object - sub-domain: - default: git + admin: + default: + email: git-admin@git.your_company.com + name: gitea_admin examples: - - git - type: string + - email: git-admin@git.your_company.com + name: gitea_admin + properties: + email: + default: git-admin@git.your_company.com + type: string + name: + default: gitea_admin + type: string + type: object webhook: default: allowed-hosts: private @@ -212,16 +222,6 @@ options: default: false type: boolean type: object - load-balancer: - default: - ip: '' - examples: - - ip: '' - properties: - ip: - default: '' - type: string - type: object dependencies: - dist: null category: share diff --git a/apps/gitea/ldap.tf b/apps/gitea/ldap.tf index 7036002..64f0d4f 100644 --- a/apps/gitea/ldap.tf +++ b/apps/gitea/ldap.tf @@ -79,8 +79,8 @@ resource "authentik_provider_ldap" "gitea_provider_ldap" { } resource "authentik_application" "gitea_application" { - name = "gitea" - slug = "gitea" + name = "${var.instance}" + slug = "${var.component}-${var.instance}-ldap" protocol_provider = authentik_provider_ldap.gitea_provider_ldap.id meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain-name) meta_icon = format("https://%s.%s/%s", var.sub-domain, var.domain-name, "assets/img/logo.svg") diff --git a/apps/gitea/postgresql.tf b/apps/gitea/postgresql.tf index 0fc0c0d..a8cb049 100644 --- a/apps/gitea/postgresql.tf +++ b/apps/gitea/postgresql.tf @@ -66,7 +66,7 @@ spec: command: - /bin/bash - "-c" - - "echo -ne 'drop view if exists metric_helpers.pg_stat_statements;\ndrop function if exists metric_helpers.pg_stat_statements;\nDROP EXTENSION IF EXISTS pg_stat_statements;\nDROP EXTENSION IF EXISTS pg_stat_kcache;\nDROP EXTENSION IF EXISTS set_user;\n'| PGPASSWORD=\"$PASSWORD\" psql -U $USERNAME -d $DBNAME -h $DBURL" + - "echo -ne 'drop view if exists metric_helpers.pg_stat_statements;\ndrop function if exists metric_helpers.pg_stat_statements;\nDROP EXTENSION IF EXISTS pg_stat_kcache;\nDROP EXTENSION IF EXISTS pg_stat_statements;\nDROP EXTENSION IF EXISTS set_user;\n'| PGPASSWORD=\"$PASSWORD\" psql -U $USERNAME -d $DBNAME -h $DBURL" EOF } diff --git a/apps/nextcloud/application.tf b/apps/nextcloud/application.tf index 2976308..d01878d 100644 --- a/apps/nextcloud/application.tf +++ b/apps/nextcloud/application.tf @@ -10,7 +10,7 @@ data "authentik_group" "readed_groups" { } resource "authentik_application" "prj_app" { - name = "${var.component}" + name = "${var.instance}" slug = "${var.component}-${var.instance}" protocol_provider = authentik_provider_oauth2.oauth2.id meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain-name) diff --git a/apps/nextcloud/index.yaml b/apps/nextcloud/index.yaml index 3e112fc..9248934 100644 --- a/apps/nextcloud/index.yaml +++ b/apps/nextcloud/index.yaml @@ -6,10 +6,110 @@ metadata: name: nextcloud description: null options: - issuer: - default: letsencrypt-prod + apps: + default: + audioplayer: false + bookmarks: false + bpm: false + calendar: false + collabora: false + contacts: false + deck: false + groupfolders: true + mindmap: false + music: false + notes: false + onlyoffice: false + passman: false + spreed: false + tables: false + tasks: false + texteditor: true examples: - - letsencrypt-prod + - audioplayer: false + bookmarks: false + bpm: false + calendar: false + collabora: false + contacts: false + deck: false + groupfolders: true + mindmap: false + music: false + notes: false + onlyoffice: false + passman: false + spreed: false + tables: false + tasks: false + texteditor: true + properties: + audioplayer: + default: false + type: boolean + bookmarks: + default: false + type: boolean + bpm: + default: false + type: boolean + calendar: + default: false + type: boolean + collabora: + default: false + type: boolean + contacts: + default: false + type: boolean + deck: + default: false + type: boolean + groupfolders: + default: true + type: boolean + mindmap: + default: false + type: boolean + music: + default: false + type: boolean + notes: + default: false + type: boolean + onlyoffice: + default: false + type: boolean + passman: + default: false + type: boolean + spreed: + default: false + type: boolean + tables: + default: false + type: boolean + tasks: + default: false + type: boolean + texteditor: + default: true + type: boolean + type: object + admin: + default: + name: nextcloud_admin + examples: + - name: nextcloud_admin + properties: + name: + default: nextcloud_admin + type: string + type: object + domain-name: + default: your_company.com + examples: + - your_company.com type: string images: default: @@ -174,190 +274,11 @@ options: type: string type: object type: object - domain: - default: your-company - examples: - - your-company - type: string - storage: - default: - accessMode: ReadWriteOnce - size: 10Gi - examples: - - accessMode: ReadWriteOnce - size: 10Gi - properties: - accessMode: - default: ReadWriteOnce - enum: - - ReadWriteOnce - - ReadOnlyMany - - ReadWriteMany - type: string - size: - default: 10Gi - type: string - type: object - hpa: - default: - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - examples: - - avg-cpu: 50 - max-replicas: 5 - min-replicas: 1 - properties: - avg-cpu: - default: 50 - type: integer - max-replicas: - default: 5 - type: integer - min-replicas: - default: 1 - type: integer - type: object - admin: - default: - name: nextcloud_admin - examples: - - name: nextcloud_admin - properties: - name: - default: nextcloud_admin - type: string - type: object ingress-class: default: traefik examples: - traefik type: string - openid-name: - default: vynil - examples: - - vynil - type: string - sub-domain: - default: files - examples: - - files - type: string - domain-name: - default: your_company.com - examples: - - your_company.com - type: string - postgres: - default: - replicas: 1 - storage: 5Gi - version: '14' - examples: - - replicas: 1 - storage: 5Gi - version: '14' - properties: - replicas: - default: 1 - type: integer - storage: - default: 5Gi - type: string - version: - default: '14' - type: string - type: object - apps: - default: - audioplayer: false - bookmarks: false - bpm: false - calendar: false - collabora: false - contacts: false - deck: false - groupfolders: true - mindmap: false - music: false - notes: false - onlyoffice: false - passman: false - spreed: false - tables: false - tasks: false - texteditor: true - examples: - - audioplayer: false - bookmarks: false - bpm: false - calendar: false - collabora: false - contacts: false - deck: false - groupfolders: true - mindmap: false - music: false - notes: false - onlyoffice: false - passman: false - spreed: false - tables: false - tasks: false - texteditor: true - properties: - audioplayer: - default: false - type: boolean - bookmarks: - default: false - type: boolean - bpm: - default: false - type: boolean - calendar: - default: false - type: boolean - collabora: - default: false - type: boolean - contacts: - default: false - type: boolean - deck: - default: false - type: boolean - groupfolders: - default: true - type: boolean - mindmap: - default: false - type: boolean - music: - default: false - type: boolean - notes: - default: false - type: boolean - onlyoffice: - default: false - type: boolean - passman: - default: false - type: boolean - spreed: - default: false - type: boolean - tables: - default: false - type: boolean - tasks: - default: false - type: boolean - texteditor: - default: true - type: boolean - type: object redis: default: exporter: @@ -391,6 +312,85 @@ options: default: 2Gi type: string type: object + sub-domain: + default: files + examples: + - files + type: string + domain: + default: your-company + examples: + - your-company + type: string + postgres: + default: + replicas: 1 + storage: 5Gi + version: '14' + examples: + - replicas: 1 + storage: 5Gi + version: '14' + properties: + replicas: + default: 1 + type: integer + storage: + default: 5Gi + type: string + version: + default: '14' + type: string + type: object + storage: + default: + accessMode: ReadWriteOnce + size: 10Gi + examples: + - accessMode: ReadWriteOnce + size: 10Gi + properties: + accessMode: + default: ReadWriteOnce + enum: + - ReadWriteOnce + - ReadOnlyMany + - ReadWriteMany + type: string + size: + default: 10Gi + type: string + type: object + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string + openid-name: + default: vynil + examples: + - vynil + type: string + hpa: + default: + avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + examples: + - avg-cpu: 50 + max-replicas: 5 + min-replicas: 1 + properties: + avg-cpu: + default: 50 + type: integer + max-replicas: + default: 5 + type: integer + min-replicas: + default: 1 + type: integer + type: object dependencies: - dist: null category: share diff --git a/apps/traefik-ui/forward.tf b/apps/traefik-ui/forward.tf index ad4a139..9a6f876 100644 --- a/apps/traefik-ui/forward.tf +++ b/apps/traefik-ui/forward.tf @@ -58,8 +58,8 @@ resource "authentik_provider_proxy" "prj_forward" { resource "authentik_application" "prj_application" { - name = local.app-name - slug = local.app-name + name = "${var.component}" + slug = "${var.component}-${var.instance}" protocol_provider = authentik_provider_proxy.prj_forward.id meta_launch_url = format("https://%s.%s", var.sub-domain, var.domain-name) meta_icon = format("https://%s.%s/%s", var.sub-domain, var.domain-name, local.app-icon) diff --git a/apps/traefik-ui/index.yaml b/apps/traefik-ui/index.yaml index ce0443e..2e14d50 100644 --- a/apps/traefik-ui/index.yaml +++ b/apps/traefik-ui/index.yaml @@ -6,10 +6,10 @@ metadata: name: traefik-ui description: Access to the Traefik UI options: - issuer: - default: letsencrypt-prod + ingress-class: + default: traefik examples: - - letsencrypt-prod + - traefik type: string sub-domain: default: traefik @@ -21,10 +21,10 @@ options: examples: - your_company.com type: string - ingress-class: - default: traefik + issuer: + default: letsencrypt-prod examples: - - traefik + - letsencrypt-prod type: string domain: default: your-company