From 5c7bcb4bf0924c0f2302b36f1623cc564efaa43e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Mon, 23 Oct 2023 18:19:11 +0200 Subject: [PATCH] fix --- share/dataset-pg/directus.tf | 15 ++- share/dataset-pg/index.yaml | 190 +++++++++++++++++------------------ 2 files changed, 107 insertions(+), 98 deletions(-) diff --git a/share/dataset-pg/directus.tf b/share/dataset-pg/directus.tf index 499782e..6e932c5 100644 --- a/share/dataset-pg/directus.tf +++ b/share/dataset-pg/directus.tf @@ -44,11 +44,13 @@ resource "kubectl_manifest" "directus_config" { STORAGE_LOCATIONS: "local" STORAGE_LOCAL_ROOT: "/var/store" ADMIN_EMAIL: "admin@${var.domain-name}" + NODE_EXTRA_CA_CERTS: "/etc/local-ca/ca.crt" TELEMETRY: "false" - AUTH_PROVIDERS: "vynil" - AUTH_VYNIL_DRIVER: "oauth2" + AUTH_PROVIDERS: "VYNIL" + AUTH_VYNIL_DRIVER: "openid" + AUTH_VYNIL_ALLOW_PUBLIC_REGISTRATION: "true" AUTH_VYNIL_ISSUER_URL: "https://${data.kubernetes_ingress_v1.authentik.spec[0].rule[0].host}/application/o/directus-${replace(var.sub-domain, ".", "-")}-${var.instance}/.well-known/openid-configuration" - AUTH_VYNIL_IDENTIFIER_KEY: "nickname" + AUTH_VYNIL_IDENTIFIER_KEY: "email" PUBLIC_URL: "https://${local.directus-dns-name}" EOF } @@ -177,7 +179,14 @@ resource "kubectl_manifest" "directus_deploy" { volumeMounts: - name: store mountPath: /var/store + - name: certs + mountPath: /etc/local-ca + readOnly: true volumes: + - name: certs + secret: + secretName: "${var.instance}-directus-cert" + defaultMode: 0444 - name: store persistentVolumeClaim: claimName: "${var.component}-${var.instance}-directus" diff --git a/share/dataset-pg/index.yaml b/share/dataset-pg/index.yaml index 6ff0b7b..7ee4911 100644 --- a/share/dataset-pg/index.yaml +++ b/share/dataset-pg/index.yaml @@ -6,70 +6,39 @@ metadata: name: dataset-pg description: null options: - backups: - default: - enable: false - endpoint: '' - key-id-key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret-key: s3-secret - secret-name: backup-settings - examples: - - enable: false - endpoint: '' - key-id-key: s3-id - retention: - db: 30d - schedule: - db: 0 3 * * * - secret-key: s3-secret - secret-name: backup-settings - properties: - enable: - default: false - type: boolean - endpoint: - default: '' - type: string - key-id-key: - default: s3-id - type: string - retention: - default: - db: 30d - properties: - db: - default: 30d - type: string - type: object - schedule: - default: - db: 0 3 * * * - properties: - db: - default: 0 3 * * * - type: string - type: object - secret-key: - default: s3-secret - type: string - secret-name: - default: backup-settings - type: string - type: object - domain-name: - default: your_company.com - examples: - - your_company.com - type: string storage: default: 8Gi examples: - 8Gi type: string + databases: + default: [] + items: + properties: + name: + default: db + type: string + type: object + type: array + roles: + default: [] + items: + properties: + name: + default: alt-account + type: string + type: object + type: array + replicas: + default: 1 + examples: + - 1 + type: integer + issuer: + default: letsencrypt-prod + examples: + - letsencrypt-prod + type: string extentions: default: directus: @@ -251,54 +220,85 @@ options: type: object type: object type: object - databases: - default: [] - items: - properties: - name: - default: db - type: string - type: object - type: array - domain: - default: your-company + domain-name: + default: your_company.com examples: - - your-company + - your_company.com type: string sub-domain: default: dataset-pg examples: - dataset-pg type: string - app-group: - default: api - examples: - - api - type: string - replicas: - default: 1 - examples: - - 1 - type: integer - issuer: - default: letsencrypt-prod - examples: - - letsencrypt-prod - type: string - roles: - default: [] - items: - properties: - name: - default: alt-account - type: string - type: object - type: array ingress-class: default: traefik examples: - traefik type: string + domain: + default: your-company + examples: + - your-company + type: string + app-group: + default: api + examples: + - api + type: string + backups: + default: + enable: false + endpoint: '' + key-id-key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret-key: s3-secret + secret-name: backup-settings + examples: + - enable: false + endpoint: '' + key-id-key: s3-id + retention: + db: 30d + schedule: + db: 0 3 * * * + secret-key: s3-secret + secret-name: backup-settings + properties: + enable: + default: false + type: boolean + endpoint: + default: '' + type: string + key-id-key: + default: s3-id + type: string + retention: + default: + db: 30d + properties: + db: + default: 30d + type: string + type: object + schedule: + default: + db: 0 3 * * * + properties: + db: + default: 0 3 * * * + type: string + type: object + secret-key: + default: s3-secret + type: string + secret-name: + default: backup-settings + type: string + type: object dependencies: - dist: null category: dbo