first commit

meta/domain-auth/apps.tf

@@ -0,0 +1,81 @@
+locals {
+    annotations = {
+      "vynil.solidite.fr/meta" = "domain-auth"
+      "vynil.solidite.fr/name" = "${var.namespace}-auth"
+      "vynil.solidite.fr/domain" = var.domain-name
+      "vynil.solidite.fr/issuer" = var.issuer
+      "vynil.solidite.fr/ingress" = var.ingress-class
+    }
+    global = {
+        "domain" = var.namespace
+        "domain-name" = var.domain-name
+        "issuer" = var.issuer
+        "ingress-class" = var.ingress-class
+    }
+    authentik = { for k, v in var.authentik : k => v if k!="enable" }
+    authentik-ldap = { for k, v in var.authentik-ldap : k => v if k!="enable" }
+    authentik-forward = { for k, v in var.authentik-forward : k => v if k!="enable" }
+}
+
+resource "kubernetes_namespace_v1" "auth-ns" {
+  count = var.authentik.enable || var.authentik-ldap.enable || var.authentik-forward.enable ? 1 : 0
+  metadata {
+    annotations = local.annotations
+    labels = merge(local.common-labels, local.annotations)
+    name = "${var.namespace}-auth"
+  }
+}
+
+resource "kubectl_manifest" "authentik" {
+  count = var.authentik.enable || var.authentik-ldap.enable || var.authentik-forward.enable ? 1 : 0
+  depends_on = [kubernetes_namespace_v1.auth-ns]
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "authentik"
+      namespace: "${var.namespace}-auth"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "share"
+      component: "authentik"
+      options: ${jsonencode(merge(local.global, local.authentik))}
+  EOF
+}
+
+resource "kubectl_manifest" "authentik-ldap" {
+  count = var.authentik-ldap.enable ? 1 : 0
+  depends_on = [kubernetes_namespace_v1.auth-ns]
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "authentik-ldap"
+      namespace: "${var.namespace}-auth"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "share"
+      component: "authentik-ldap"
+      options: ${jsonencode(merge(local.global, local.authentik-ldap))}
+  EOF
+}
+
+resource "kubectl_manifest" "authentik-forward" {
+  count = var.authentik-forward.enable ? 1 : 0
+  depends_on = [kubernetes_namespace_v1.auth-ns]
+  yaml_body  = <<-EOF
+    apiVersion: "vynil.solidite.fr/v1"
+    kind: "Install"
+    metadata:
+      name: "authentik-forward"
+      namespace: "${var.namespace}-auth"
+      labels: ${jsonencode(local.common-labels)}
+    spec:
+      distrib: "core"
+      category: "share"
+      component: "authentik-forward"
+      options: ${jsonencode(merge(local.global, local.authentik-forward))}
+  EOF
+}

meta/domain-auth/index.yaml

@@ -0,0 +1,66 @@
+---
+apiVersion: vinyl.solidite.fr/v1beta1
+kind: Component
+category: meta
+metadata:
+  name: domain-auth
+  description: null
+options:
+  authentik-ldap:
+    default:
+      enable: false
+    examples:
+    - enable: false
+    properties:
+      enable:
+        default: false
+        type: boolean
+    type: object
+  issuer:
+    default: letsencrypt-prod
+    examples:
+    - letsencrypt-prod
+    type: string
+  domain-name:
+    default: your_company.com
+    examples:
+    - your_company.com
+    type: string
+  ingress-class:
+    default: traefik
+    examples:
+    - traefik
+    type: string
+  authentik:
+    default:
+      enable: true
+    examples:
+    - enable: true
+    properties:
+      enable:
+        default: true
+        type: boolean
+    type: object
+  authentik-forward:
+    default:
+      enable: false
+    examples:
+    - enable: false
+    properties:
+      enable:
+        default: false
+        type: boolean
+    type: object
+  domain:
+    default: your-company
+    examples:
+    - your-company
+    type: string
+dependencies: []
+providers:
+  kubernetes: true
+  authentik: null
+  kubectl: true
+  postgresql: null
+  restapi: null
+  http: null