vynil/domain-incoming
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Sébastien Huss
2023-10-19 18:06:03 +02:00
parent 0bedf5f777
commit 63329a599f
8 changed files with 586 additions and 566 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/dbgate/configs.tf
View File

@@ -7,8 +7,8 @@ locals {
join("_",["DATABASE_pg", pg.namespace, pg.name, pg.dbname]) = pg.dbname join("_",["DATABASE_pg", pg.namespace, pg.name, pg.dbname]) = pg.dbname
join("_",["USER_pg", pg.namespace, pg.name, pg.dbname]) = pg.username join("_",["USER_pg", pg.namespace, pg.name, pg.dbname]) = pg.username
}]...) }]...)
pg_secrets = merge([for index, pg in var.pg: { pg_secrets = merge([for pg in var.pg: {
join("_",["PASSWORD_pg", pg.namespace, pg.name, pg.dbname]) = data.kubernetes_secret_v1.pgs[index].data[var.pg[index].secret.key] join("_",["PASSWORD_pg", pg.namespace, pg.name, pg.dbname]) = data.kubernetes_secret_v1.pgs[index].data[pg.secret.key]
}]...) }]...)
pg_conns = [for pg in var.pg: join("_",["pg", pg.namespace, pg.name, pg.dbname])] pg_conns = [for pg in var.pg: join("_",["pg", pg.namespace, pg.name, pg.dbname])]
@@ -33,8 +33,8 @@ locals {
join("_",["DATABASE_mongo", m.namespace, m.name]) = m.dbname join("_",["DATABASE_mongo", m.namespace, m.name]) = m.dbname
join("_",["USER_mongo", m.namespace, m.name]) = m.username join("_",["USER_mongo", m.namespace, m.name]) = m.username
}]...) }]...)
mongo_secrets = merge([for index, m in var.mongo: { mongo_secrets = merge([for m in var.mongo: {
join("_",["PASSWORD_mongo", m.namespace, m.name]) = data.kubernetes_secret_v1.mongos[index].data[var.mongo[index].secret.key] join("_",["PASSWORD_mongo", m.namespace, m.name]) = data.kubernetes_secret_v1.mongos[index].data[m.secret.key]
}]...) }]...)
mongo_conns = [for m in var.mongo: join("_",["mongo", m.namespace, m.name])] mongo_conns = [for m in var.mongo: join("_",["mongo", m.namespace, m.name])]
oauth_config = { oauth_config = {

112
apps/dbgate/index.yaml
View File

@@ -6,26 +6,6 @@ metadata:
name: dbgate name: dbgate
description: null description: null
options: options:
sub-domain:
default: dbgate
examples:
- dbgate
type: string
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
domain:
default: your-company
examples:
- your-company
type: string
use-oauth:
default: false
examples:
- false
type: boolean
mongo: mongo:
default: [] default: []
examples: examples:
@@ -94,16 +74,53 @@ options:
type: string type: string
type: object type: object
type: object type: object
app-group:
default: dev
examples:
- dev
type: string
ingress-class: ingress-class:
default: traefik default: traefik
examples: examples:
- traefik - traefik
type: string type: string
storage:
default:
accessMode: ReadWriteOnce
size: 1Gi
type: Filesystem
examples:
- accessMode: ReadWriteOnce
size: 1Gi
type: Filesystem
properties:
accessMode:
default: ReadWriteOnce
enum:
- ReadWriteOnce
- ReadOnlyMany
- ReadWriteMany
type: string
size:
default: 1Gi
type: string
type:
default: Filesystem
enum:
- Filesystem
- Block
type: string
type: object
sub-domain:
default: dbgate
examples:
- dbgate
type: string
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
pg: pg:
default: [] default: []
examples: examples:
@@ -133,11 +150,6 @@ options:
type: string type: string
type: object type: object
type: array type: array
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
maria: maria:
default: [] default: []
examples: examples:
@@ -167,33 +179,21 @@ options:
type: string type: string
type: object type: object
type: array type: array
storage: domain:
default: default: your-company
accessMode: ReadWriteOnce
size: 1Gi
type: Filesystem
examples: examples:
- accessMode: ReadWriteOnce - your-company
size: 1Gi type: string
type: Filesystem app-group:
properties: default: dev
accessMode: examples:
default: ReadWriteOnce - dev
enum: type: string
- ReadWriteOnce use-oauth:
- ReadOnlyMany default: false
- ReadWriteMany examples:
type: string - false
size: type: boolean
default: 1Gi
type: string
type:
default: Filesystem
enum:
- Filesystem
- Block
type: string
type: object
dependencies: dependencies:
- dist: null - dist: null
category: share category: share

6
meta/domain-apps/apps.tf
View File

@@ -13,13 +13,13 @@ locals {
"ingress-class" = var.ingress-class "ingress-class" = var.ingress-class
"backups" = var.backups "backups" = var.backups
} }
nextcloud = { for k, v in var.nextcloud : k => v if contains(["enable","storage"],k) } nextcloud = { for k, v in var.nextcloud : k => v if contains(["enable"],k) }
nextcloud-storage = merge({ nextcloud-storage = {
"storage" = { "storage" = {
"size" = "10Gi" "size" = "10Gi"
"accessMode" = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce" "accessMode" = var.storage-classes.FilesystemReadWriteMany!=""?"ReadWriteMany":"ReadWriteOnce"
} }
}, { for k, v in var.nextcloud : k => v if k=="storage" }) }
} }
resource "kubernetes_namespace_v1" "files-ns" { resource "kubernetes_namespace_v1" "files-ns" {

93
meta/domain-apps/index.yaml
View File

@@ -6,11 +6,6 @@ metadata:
name: domain-apps name: domain-apps
description: null description: null
options: options:
domain:
default: your-company
examples:
- your-company
type: string
backups: backups:
default: default:
enable: false enable: false
@@ -41,46 +36,6 @@ options:
default: backup-settings default: backup-settings
type: string type: string
type: object type: object
distributions:
default:
core: core
domain: domain
examples:
- core: core
domain: domain
properties:
core:
default: core
type: string
domain:
default: domain
type: string
type: object
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
nextcloud:
default:
enable: false
examples:
- enable: false
properties:
enable:
default: false
type: boolean
type: object
ingress-class:
default: traefik
examples:
- traefik
type: string
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
storage-classes: storage-classes:
default: default:
BlockReadWriteMany: '' BlockReadWriteMany: ''
@@ -106,6 +61,51 @@ options:
default: '' default: ''
type: string type: string
type: object type: object
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
nextcloud:
default:
enable: false
examples:
- enable: false
properties:
enable:
default: false
type: boolean
type: object
domain:
default: your-company
examples:
- your-company
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
distributions:
default:
core: core
domain: domain
examples:
- core: core
domain: domain
properties:
core:
default: core
type: string
domain:
default: domain
type: string
type: object
ingress-class:
default: traefik
examples:
- traefik
type: string
dependencies: [] dependencies: []
providers: providers:
kubernetes: true kubernetes: true
@@ -114,4 +114,5 @@ providers:
postgresql: null postgresql: null
restapi: null restapi: null
http: null http: null
tfaddtype: null gitea: null
tfaddtype: false

12
meta/domain-devspaces/apps.tf
View File

@@ -29,6 +29,7 @@ locals {
) )
}, { for k, v in var.apps.okd : k => v if k!="enable" }) }, { for k, v in var.apps.okd : k => v if k!="enable" })
dbgate = merge({ dbgate = merge({
"use-oauth" = var.issuer == "letsencrypt-prod"
"pg" = concat( "pg" = concat(
flatten([for ds in local.sorted-datasets: [for db in lookup(ds, "databases", []): { flatten([for ds in local.sorted-datasets: [for db in lookup(ds, "databases", []): {
"name" = "${ds.name}-dataset-pg" "name" = "${ds.name}-dataset-pg"
@@ -98,17 +99,6 @@ locals {
} if ds.engine=="mongo"]])]), } if ds.engine=="mongo"]])]),
var.external-mongos var.external-mongos
) )
"redis" = concat(
flatten([for ds in local.sorted-datasets: {
"name" = "${ds.name}-dataset-redis"
"namespace" = ds.namespace
} if ds.engine=="redis"]),
flatten([for org in local.sorted-organisations: flatten([for stage in lookup(org, "stages", []): [for ds in org.datasets: {
"name" = "${ds.name}-dataset-redis"
"namespace" = "${var.domain}-${org.name}-${stage.name}"
} if ds.engine=="redis"]])]),
var.external-redis
)
}, { for k, v in var.apps.dbgate : k => v if k!="enable" }) }, { for k, v in var.apps.dbgate : k => v if k!="enable" })
} }

564
meta/domain-devspaces/index.yaml
View File

@@ -6,6 +6,281 @@ metadata:
name: domain-devspaces name: domain-devspaces
description: null description: null
options: options:
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
images:
default:
codeserver:
pullPolicy: IfNotPresent
registry: docker.io
repository: sebt3/code-server
tag: 4.15
examples:
- codeserver:
pullPolicy: IfNotPresent
registry: docker.io
repository: sebt3/code-server
tag: 4.15
properties:
codeserver:
default:
pullPolicy: IfNotPresent
registry: docker.io
repository: sebt3/code-server
tag: 4.15
properties:
pullPolicy:
default: IfNotPresent
enum:
- Always
- Never
- IfNotPresent
type: string
registry:
default: docker.io
type: string
repository:
default: sebt3/code-server
type: string
tag:
default: 4.15
type: number
type: object
type: object
distributions:
default:
core: core
domain: domain
examples:
- core: core
domain: domain
properties:
core:
default: core
type: string
domain:
default: domain
type: string
type: object
external-pgs:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
external-marias:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
organisations:
default: []
examples:
- []
items:
properties:
datasets:
default: []
items:
properties:
databases:
default: []
items:
properties:
name:
default: db
type: string
type: object
type: array
engine:
default: pg
type: string
name:
default: ''
type: string
type: object
type: array
name:
default: ''
type: string
stages:
default: []
items:
properties:
name:
default: prod
type: string
type: object
type: array
type: object
type: array
storage-classes:
default:
BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
examples:
- BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
properties:
BlockReadWriteMany:
default: ''
type: string
BlockReadWriteOnce:
default: ''
type: string
FilesystemReadWriteMany:
default: ''
type: string
FilesystemReadWriteOnce:
default: ''
type: string
type: object
domain:
default: your-company
examples:
- your-company
type: string
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
stations-sub-domain:
default: code
examples:
- code
type: string
backups:
default:
enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
examples:
- enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key-id-key:
default: s3-id
type: string
secret-key:
default: s3-secret
type: string
secret-name:
default: backup-settings
type: string
type: object
stations:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
organisations:
default: []
items:
type: string
type: array
type: object
type: array
external-mongos:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
ingress-class:
default: traefik
examples:
- traefik
type: string
apps: apps:
default: default:
dbgate: dbgate:
@@ -59,300 +334,11 @@ options:
type: boolean type: boolean
type: object type: object
type: object type: object
stations-sub-domain:
default: code
examples:
- code
type: string
storage-classes:
default:
BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
examples:
- BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
properties:
BlockReadWriteMany:
default: ''
type: string
BlockReadWriteOnce:
default: ''
type: string
FilesystemReadWriteMany:
default: ''
type: string
FilesystemReadWriteOnce:
default: ''
type: string
type: object
app-group: app-group:
default: dev default: dev
examples: examples:
- dev - dev
type: string type: string
domain-name:
default: your_company.com
examples:
- your_company.com
type: string
ingress-class:
default: traefik
examples:
- traefik
type: string
external-pgs:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
backups:
default:
enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
examples:
- enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key-id-key:
default: s3-id
type: string
secret-key:
default: s3-secret
type: string
secret-name:
default: backup-settings
type: string
type: object
external-marias:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
images:
default:
codeserver:
pullPolicy: IfNotPresent
registry: docker.io
repository: sebt3/code-server
tag: 4.15
examples:
- codeserver:
pullPolicy: IfNotPresent
registry: docker.io
repository: sebt3/code-server
tag: 4.15
properties:
codeserver:
default:
pullPolicy: IfNotPresent
registry: docker.io
repository: sebt3/code-server
tag: 4.15
properties:
pullPolicy:
default: IfNotPresent
enum:
- Always
- Never
- IfNotPresent
type: string
registry:
default: docker.io
type: string
repository:
default: sebt3/code-server
type: string
tag:
default: 4.15
type: number
type: object
type: object
external-mongos:
default: []
examples:
- []
items:
properties:
dbname:
default: ''
type: string
name:
default: ''
type: string
namespace:
default: ''
type: string
secret:
properties:
key:
default: ''
type: string
name:
default: ''
type: string
type: object
username:
default: ''
type: string
type: object
type: array
distributions:
default:
core: core
domain: domain
examples:
- core: core
domain: domain
properties:
core:
default: core
type: string
domain:
default: domain
type: string
type: object
stations:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
organisations:
default: []
items:
type: string
type: array
type: object
type: array
domain:
default: your-company
examples:
- your-company
type: string
external-redis:
default: []
examples:
- []
items:
properties:
name:
default: ''
type: string
namespace:
default: ''
type: string
type: object
type: array
organisations:
default: []
examples:
- []
items:
properties:
datasets:
default: []
items:
properties:
databases:
default: []
items:
properties:
name:
default: db
type: string
type: object
type: array
engine:
default: pg
type: string
name:
default: ''
type: string
type: object
type: array
name:
default: ''
type: string
stages:
default: []
items:
properties:
name:
default: prod
type: string
type: object
type: array
type: object
type: array
dependencies: [] dependencies: []
providers: providers:
kubernetes: true kubernetes: true

221
meta/domain/index.yaml
View File

@@ -6,6 +6,46 @@ metadata:
name: domain name: domain
description: null description: null
options: options:
backups:
default:
enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
examples:
- enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key-id-key:
default: s3-id
type: string
secret-key:
default: s3-secret
type: string
secret-name:
default: backup-settings
type: string
type: object
devspaces:
default:
enable: false
examples:
- enable: false
properties:
enable:
default: false
type: boolean
type: object
apps: apps:
default: default:
enable: false enable: false
@@ -28,26 +68,83 @@ options:
type: boolean type: boolean
type: object type: object
type: object type: object
mail:
default:
enable: false
examples:
- enable: false
properties:
enable:
default: false
type: boolean
type: object
ingress-class:
default: traefik
examples:
- traefik
type: string
domain-name: domain-name:
default: your_company.com default: your_company.com
examples: examples:
- your_company.com - your_company.com
type: string type: string
distributions:
default:
core: core
domain: domain
examples:
- core: core
domain: domain
properties:
core:
default: core
type: string
domain:
default: domain
type: string
type: object
ci:
default:
enable: false
gitea:
enable: true
examples:
- enable: false
gitea:
enable: true
properties:
enable:
default: false
type: boolean
gitea:
default:
enable: true
properties:
enable:
default: true
type: boolean
type: object
type: object
storage-classes:
default:
BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
examples:
- BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
properties:
BlockReadWriteMany:
default: ''
type: string
BlockReadWriteOnce:
default: ''
type: string
FilesystemReadWriteMany:
default: ''
type: string
FilesystemReadWriteOnce:
default: ''
type: string
type: object
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
ingress-class:
default: traefik
examples:
- traefik
type: string
infra: infra:
default: default:
enable: false enable: false
@@ -92,41 +189,6 @@ options:
default: false default: false
type: boolean type: boolean
type: object type: object
backups:
default:
enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
examples:
- enable: false
endpoint: ''
key-id-key: s3-id
secret-key: s3-secret
secret-name: backup-settings
properties:
enable:
default: false
type: boolean
endpoint:
default: ''
type: string
key-id-key:
default: s3-id
type: string
secret-key:
default: s3-secret
type: string
secret-name:
default: backup-settings
type: string
type: object
issuer:
default: letsencrypt-prod
examples:
- letsencrypt-prod
type: string
auth: auth:
default: default:
enable: true enable: true
@@ -137,35 +199,20 @@ options:
default: true default: true
type: boolean type: boolean
type: object type: object
distributions: mail:
default:
core: core
domain: domain
examples:
- core: core
domain: domain
properties:
core:
default: core
type: string
domain:
default: domain
type: string
type: object
ci:
default: default:
enable: false enable: false
gitea: wildduck:
enable: true enable: true
examples: examples:
- enable: false - enable: false
gitea: wildduck:
enable: true enable: true
properties: properties:
enable: enable:
default: false default: false
type: boolean type: boolean
gitea: wildduck:
default: default:
enable: true enable: true
properties: properties:
@@ -174,41 +221,6 @@ options:
type: boolean type: boolean
type: object type: object
type: object type: object
devspaces:
default:
enable: false
examples:
- enable: false
properties:
enable:
default: false
type: boolean
type: object
storage-classes:
default:
BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
examples:
- BlockReadWriteMany: ''
BlockReadWriteOnce: ''
FilesystemReadWriteMany: ''
FilesystemReadWriteOnce: ''
properties:
BlockReadWriteMany:
default: ''
type: string
BlockReadWriteOnce:
default: ''
type: string
FilesystemReadWriteMany:
default: ''
type: string
FilesystemReadWriteOnce:
default: ''
type: string
type: object
dependencies: [] dependencies: []
providers: providers:
kubernetes: null kubernetes: null
@@ -217,4 +229,5 @@ providers:
postgresql: null postgresql: null
restapi: null restapi: null
http: null http: null
gitea: null
tfaddtype: null tfaddtype: null

136
meta/domain/installs.tf
View File

@@ -1,58 +1,88 @@
locals { locals {
global = { global = {
"domain" = var.namespace "domain" = var.namespace
"domain-name" = var.domain-name "domain-name" = var.domain-name
"issuer" = var.issuer "issuer" = var.issuer
"ingress-class" = var.ingress-class "ingress-class" = var.ingress-class
"distributions" = var.distributions "distributions" = var.distributions
"backups" = var.backups "backups" = var.backups
"storage-classes"= var.storage-classes "storage-classes"= var.storage-classes
} }
annotations = { annotations = {
"vynil.solidite.fr/meta" = var.component "vynil.solidite.fr/meta" = var.component
"vynil.solidite.fr/name" = var.namespace "vynil.solidite.fr/name" = var.namespace
"vynil.solidite.fr/domain" = var.domain-name "vynil.solidite.fr/domain" = var.domain-name
"vynil.solidite.fr/issuer" = var.issuer "vynil.solidite.fr/issuer" = var.issuer
"vynil.solidite.fr/ingress" = var.ingress-class "vynil.solidite.fr/ingress" = var.ingress-class
} }
auth = { for k, v in var.auth : k => v if k!="enable" } auth = { for k, v in var.auth : k => v if k!="enable" }
infra = { for k, v in var.infra : k => v if k!="enable" } infra = { for k, v in var.infra : k => v if k!="enable" }
ci = { for k, v in var.ci : k => v if k!="enable" } ci = { for k, v in var.ci : k => v if k!="enable" }
erp = { for k, v in var.erp : k => v if k!="enable" } erp = { for k, v in var.erp : k => v if k!="enable" }
apps = { for k, v in var.apps : k => v if k!="enable" } apps = { for k, v in var.apps : k => v if k!="enable" }
mail = { for k, v in var.mail : k => v if k!="enable" } mail = { for k, v in var.mail : k => v if k!="enable" }
devspaces = { for k, v in var.devspaces : k => v if k!="enable" } devspaces = { for k, v in var.devspaces : k => v if k!="enable" }
# Force install authentik and it's modules when any are needed # Force install authentik and it's modules when any are needed
use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable) use-ldap = (var.ci.enable && var.ci.gitea.enable) || (var.erp.enable && var.erp.dolibarr.enable)
use-forward = var.infra.enable && var.infra.traefik.enable use-forward = var.infra.enable && var.infra.traefik.enable
use-other-auth = false use-other-auth = false
added-auth-ldap = local.use-ldap?{ added-auth-ldap = local.use-ldap?{
"authentik-ldap" = {"enable"= true} "authentik-ldap" = {"enable"= true}
}:{} }:{}
added-auth-forward = local.use-forward?{ added-auth-forward = local.use-forward?{
"authentik-forward" = {"enable"= true} "authentik-forward" = {"enable"= true}
}:{} }:{}
added-auth = local.use-ldap||local.use-forward||local.use-other-auth?merge({ added-auth = local.use-ldap||local.use-forward||local.use-other-auth?merge({
"authentik" = {"enable" = true} "authentik" = {"enable" = true}
},local.added-auth-ldap,local.added-auth-forward):{} },local.added-auth-ldap,local.added-auth-forward):{}
divisions = { divisions = {
"clients" = { "clients" = {
"enable" = false "enable" = false
"apps" = [] "apps" = []
"divisions" = [] "divisions" = []
}
"employes" = {
"enable" = true
"apps" = []
"divisions" = []
}
"fournisseurs" = {
"enable" = false
"apps" = []
"divisions" = []
}
} }
"employes" = {
"enable" = true
"apps" = []
"divisions" = []
}
"fournisseurs" = {
"enable" = false
"apps" = []
"divisions" = []
}
}
devspaces-custom = {
external-pgs = concat(var.erp.enable&&var.erp.dolibarr.enable?[{
"name" = "dolibarr-dolibarr-pg"
"dbname" = "dolibarr"
"username" = "dolibarr"
"namespace" = "${var.domain}-erp"
"secret" = {
"name" = "dolibarr-dolibarr-pg-app"
"key" = "password"
}
}]:[], var.apps.enable&&var.apps.nextcloud.enable?[{
"name" = "nextcloud-nextcloud-pg"
"dbname" = "nextcloud"
"username" = "nextcloud"
"namespace" = "${var.domain}-files"
"secret" = {
"name" = "nextcloud-nextcloud-pg-app"
"key" = "password"
}
}]:[], var.ci.enable&&var.ci.gitea.enable?[{
"name" = "gitea-gitea-pg"
"dbname" = "gitea"
"username" = "gitea"
"namespace" = "${var.domain}-ci"
"secret" = {
"name" = "gitea-gitea-pg-app"
"key" = "password"
}
}]:[])
}
} }
resource "kubectl_manifest" "auth" { resource "kubectl_manifest" "auth" {
@@ -164,6 +194,6 @@ resource "kubectl_manifest" "devspaces" {
distrib: "${var.distributions.domain}" distrib: "${var.distributions.domain}"
category: "meta" category: "meta"
component: "domain-devspaces" component: "domain-devspaces"
options: ${jsonencode(merge(local.global, local.devspaces))} options: ${jsonencode(merge(local.global, local.devspaces-custom, local.devspaces))}
EOF EOF
} }