first commit

2023-07-14 11:51:07 +02:00
commit 284dc650c4
101 changed files with 8629 additions and 0 deletions
--- a/meta/domain/index.yaml
+++ b/meta/domain/index.yaml
@@ -0,0 +1,107 @@
+---
+apiVersion: vinyl.solidite.fr/v1beta1
+kind: Component
+category: meta
+metadata:
+  name: domain
+  description: null
+options:
+  auth:
+    default:
+      enable: true
+    examples:
+    - enable: true
+    properties:
+      enable:
+        default: true
+        type: boolean
+    type: object
+  ci:
+    default:
+      enable: false
+      gitea:
+        enable: true
+    examples:
+    - enable: false
+      gitea:
+        enable: true
+    properties:
+      enable:
+        default: false
+        type: boolean
+      gitea:
+        default:
+          enable: true
+        properties:
+          enable:
+            default: true
+            type: boolean
+        type: object
+    type: object
+  erp:
+    default:
+      dolibarr:
+        enable: true
+      enable: false
+    examples:
+    - dolibarr:
+        enable: true
+      enable: false
+    properties:
+      dolibarr:
+        default:
+          enable: true
+        properties:
+          enable:
+            default: true
+            type: boolean
+        type: object
+      enable:
+        default: false
+        type: boolean
+    type: object
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  infra:
+    default:
+      enable: false
+      traefik:
+        enable: false
+    examples:
+    - enable: false
+      traefik:
+        enable: false
+    properties:
+      enable:
+        default: false
+        type: boolean
+      traefik:
+        default:
+          enable: false
+        properties:
+          enable:
+            default: false
+            type: boolean
+        type: object
+    type: object
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+dependencies: []
+providers:
+  kubernetes: null
+  authentik: null
+  kubectl: true
+  postgresql: null
+  restapi: null
+  http: null
--- a/meta/domain/installs.tf
+++ b/meta/domain/installs.tf
@@ -0,0 +1,98 @@
+locals {
+    global = {
+        "domain"         = var.namespace
+        "domain-name"    = var.domain-name
+        "issuer"         = var.issuer
+        "ingress-class"  = var.ingress-class
+    }
+    annotations = {
+      "vynil.solidite.fr/meta" = "domain"
+      "vynil.solidite.fr/name" = var.namespace
+      "vynil.solidite.fr/domain" = var.domain-name
+      "vynil.solidite.fr/issuer" = var.issuer
+      "vynil.solidite.fr/ingress" = var.ingress-class
+    }
+    auth = { for k, v in var.auth : k => v if k!="enable" }
+    infra = { for k, v in var.infra : k => v if k!="enable" }
+    ci = { for k, v in var.ci : k => v if k!="enable" }
+    erp = { for k, v in var.erp : k => v if k!="enable" }
+
+    # Force install authentik and it's modules when any are needed
+    use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable)
+    use-forward = var.infra.enable && var.infra.traefik.enable
+    use-other-auth = false
+    added-auth-ldap = local.use-ldap?{
+      "authentik-ldap" = {"enable"= true}
+    }:{}
+    added-auth-forward = local.use-forward?{
+      "authentik-forward" = {"enable"= true}
+    }:{}
+    added-auth = local.use-ldap||local.use-forward||local.use-other-auth?merge({
+      "authentik" = {"enable" = true}
+    },local.added-auth-ldap,local.added-auth-forward):{}
+}
+
+resource "kubectl_manifest" "auth" {
+  count = var.auth.enable ? 1 : 0
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "auth"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "meta"
+      component: "domain-auth"
+      options: ${jsonencode(merge(merge(local.global, local.auth), local.added-auth))}
+  EOF
+}
+resource "kubectl_manifest" "infra" {
+  count = var.infra.enable ? 1 : 0
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "infra"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "meta"
+      component: "domain-infra"
+      options: ${jsonencode(merge(local.global, local.infra))}
+  EOF
+}
+resource "kubectl_manifest" "ci" {
+  count = var.ci.enable ? 1 : 0
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "ci"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "meta"
+      component: "domain-ci"
+      options: ${jsonencode(merge(local.global, local.ci))}
+  EOF
+}
+resource "kubectl_manifest" "erp" {
+  count = var.erp.enable ? 1 : 0
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "erp"
+      namespace: "${var.namespace}"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "meta"
+      component: "domain-erp"
+      options: ${jsonencode(merge(local.global, local.erp))}
+  EOF
+}