vynil/domain-incoming
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
Sébastien Huss
2023-07-14 11:51:07 +02:00
commit 284dc650c4
101 changed files with 8629 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

136
apps/gitea/datas.tf Normal file
View File

@@ -0,0 +1,136 @@
locals {
common-labels = {
"vynil.solidite.fr/owner-name" = var.instance
"vynil.solidite.fr/owner-namespace" = var.namespace
"vynil.solidite.fr/owner-category" = var.category
"vynil.solidite.fr/owner-component" = var.component
"app.kubernetes.io/managed-by" = "vynil"
"app.kubernetes.io/instance" = var.instance
}
removePatch = <<-EOF
- op: remove
path: /spec/loadBalancerIP
EOF
modifyPatch = <<-EOF
- op: replace
path: /spec/loadBalancerIP
value: "${var.load-balancer.ip}"
EOF
}
data "kubernetes_secret_v1" "postgresql_password" {
depends_on = [kubectl_manifest.gitea_postgresql]
metadata {
name = "${var.component}.${var.instance}-${var.component}.credentials.postgresql.acid.zalan.do"
namespace = var.namespace
}
}
data "kubernetes_secret_v1" "authentik" {
metadata {
name = "authentik"
namespace = "${var.domain}-auth"
}
}
data "kustomization_overlay" "data" {
common_labels = local.common-labels
namespace = var.namespace
resources = [for file in fileset(path.module, "*.yaml"): file if ! contains(["index.yaml", "v1_ConfigMap_gitea-themes.yaml"], file)]
images {
name = "docker.io/bitnami/memcached"
new_name = "${var.images.memcached.registry}/${var.images.memcached.repository}"
new_tag = "${var.images.memcached.tag}"
}
patches {
target {
kind = "StatefulSet"
name = "gitea"
}
patch = <<-EOF
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: gitea
spec:
replicas: ${var.replicas}
template:
spec:
initContainers:
- name: init-directories
image: "${var.images.gitea.registry}/${var.images.gitea.repository}:${var.images.gitea.tag}"
imagePullPolicy: "${var.images.gitea.pullPolicy}"
- name: init-app-ini
image: "${var.images.gitea.registry}/${var.images.gitea.repository}:${var.images.gitea.tag}"
imagePullPolicy: IfNotPresent
- name: configure-gitea
image: "${var.images.gitea.registry}/${var.images.gitea.repository}:${var.images.gitea.tag}"
imagePullPolicy: IfNotPresent
env:
- name: LDAP_USER_SEARCH_BASE
valueFrom:
secretKeyRef:
key: user-search-base
name: gitea-ldap
- name: LDAP_USER_FILTER
valueFrom:
secretKeyRef:
key: user-filter
name: gitea-ldap
- name: LDAP_ADMIN_FILTER
valueFrom:
secretKeyRef:
key: admin-filter
name: gitea-ldap
- name: LDAP_HOST
valueFrom:
secretKeyRef:
key: endpoint
name: gitea-ldap
- name: TZ
value: ${var.timezone}
containers:
- name: gitea
image: "${var.images.gitea.registry}/${var.images.gitea.repository}:${var.images.gitea.tag}"
imagePullPolicy: IfNotPresent
env:
- name: SSH_LISTEN_PORT
value: "2222"
- name: SSH_PORT
value: "${var.ssh-port}"
- name: SSH_LOG_LEVEL
value: "INFO"
- name: TZ
value: ${var.timezone}
volumeClaimTemplates:
- metadata:
name: data
annotations:
k8up.io/backup: "true"
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: "${var.volume.size}"
EOF
}
patches {
target {
kind = "Service"
name = "gitea-ssh"
}
patch = <<-EOF
- op: replace
path: /spec/ports/0/port
value: ${var.ssh-port}
EOF
}
patches {
target {
kind = "Service"
name = "gitea-ssh"
}
patch = var.load-balancer.ip==""?local.removePatch:local.modifyPatch
}
}